Netsyms
/
Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Pull 3.3.0 from upstream

Browse Source
master
Skylar Ittner 6 years ago
parent 100c22eb78 d7ae1f0101
commit 1017b64913
375 changed files with 13759 additions and 6989 deletions
Show Stats Download Patch File Download Diff File

93
.gitignore vendored
Unescape Escape View File

@ -8,7 +8,6 @@ admin/archive.php
admin/custom_statuses.php
admin/email_templates.php
admin/generate_spam_question.php
admin/priority.php
admin/test_connection.php
attachments/index.htm
cache/
@ -198,52 +197,52 @@ inc/tabs/tabber-minimized.js
inc/tabs/tabber.css
inc/timer/hesk_timer.js
inc/timer/index.htm
inc/tiny_mce/3.5.11/langs/en.js
inc/tiny_mce/3.5.11/license.txt
inc/tiny_mce/3.5.11/themes/advanced/about.htm
inc/tiny_mce/3.5.11/themes/advanced/anchor.htm
inc/tiny_mce/3.5.11/themes/advanced/charmap.htm
inc/tiny_mce/3.5.11/themes/advanced/color_picker.htm
inc/tiny_mce/3.5.11/themes/advanced/editor_template.js
inc/tiny_mce/3.5.11/themes/advanced/image.htm
inc/tiny_mce/3.5.11/themes/advanced/img/colorpicker.jpg
inc/tiny_mce/3.5.11/themes/advanced/img/flash.gif
inc/tiny_mce/3.5.11/themes/advanced/img/icons.gif
inc/tiny_mce/3.5.11/themes/advanced/img/iframe.gif
inc/tiny_mce/3.5.11/themes/advanced/img/pagebreak.gif
inc/tiny_mce/3.5.11/themes/advanced/img/quicktime.gif
inc/tiny_mce/3.5.11/themes/advanced/img/realmedia.gif
inc/tiny_mce/3.5.11/themes/advanced/img/shockwave.gif
inc/tiny_mce/3.5.11/themes/advanced/img/trans.gif
inc/tiny_mce/3.5.11/themes/advanced/img/video.gif
inc/tiny_mce/3.5.11/themes/advanced/img/windowsmedia.gif
inc/tiny_mce/3.5.11/themes/advanced/js/about.js
inc/tiny_mce/3.5.11/themes/advanced/js/anchor.js
inc/tiny_mce/3.5.11/themes/advanced/js/charmap.js
inc/tiny_mce/3.5.11/themes/advanced/js/color_picker.js
inc/tiny_mce/3.5.11/themes/advanced/js/image.js
inc/tiny_mce/3.5.11/themes/advanced/js/link.js
inc/tiny_mce/3.5.11/themes/advanced/js/source_editor.js
inc/tiny_mce/3.5.11/themes/advanced/langs/en.js
inc/tiny_mce/3.5.11/themes/advanced/langs/en_dlg.js
inc/tiny_mce/3.5.11/themes/advanced/link.htm
inc/tiny_mce/3.5.11/themes/advanced/shortcuts.htm
inc/tiny_mce/3.5.11/themes/advanced/skins/default/content.css
inc/tiny_mce/3.5.11/themes/advanced/skins/default/dialog.css
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/buttons.png
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/items.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_arrow.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_check.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/progress.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/tabs.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/ui.css
inc/tiny_mce/3.5.11/themes/advanced/source_editor.htm
inc/tiny_mce/3.5.11/tiny_mce.js
inc/tiny_mce/3.5.11/tiny_mce_popup.js
inc/tiny_mce/3.5.11/utils/editable_selects.js
inc/tiny_mce/3.5.11/utils/form_utils.js
inc/tiny_mce/3.5.11/utils/mctabs.js
inc/tiny_mce/3.5.11/utils/validate.js
inc/tiny_mce/3.5.12/langs/en.js
inc/tiny_mce/3.5.12/license.txt
inc/tiny_mce/3.5.12/themes/advanced/about.htm
inc/tiny_mce/3.5.12/themes/advanced/anchor.htm
inc/tiny_mce/3.5.12/themes/advanced/charmap.htm
inc/tiny_mce/3.5.12/themes/advanced/color_picker.htm
inc/tiny_mce/3.5.12/themes/advanced/editor_template.js
inc/tiny_mce/3.5.12/themes/advanced/image.htm
inc/tiny_mce/3.5.12/themes/advanced/img/colorpicker.jpg
inc/tiny_mce/3.5.12/themes/advanced/img/flash.gif
inc/tiny_mce/3.5.12/themes/advanced/img/icons.gif
inc/tiny_mce/3.5.12/themes/advanced/img/iframe.gif
inc/tiny_mce/3.5.12/themes/advanced/img/pagebreak.gif
inc/tiny_mce/3.5.12/themes/advanced/img/quicktime.gif
inc/tiny_mce/3.5.12/themes/advanced/img/realmedia.gif
inc/tiny_mce/3.5.12/themes/advanced/img/shockwave.gif
inc/tiny_mce/3.5.12/themes/advanced/img/trans.gif
inc/tiny_mce/3.5.12/themes/advanced/img/video.gif
inc/tiny_mce/3.5.12/themes/advanced/img/windowsmedia.gif
inc/tiny_mce/3.5.12/themes/advanced/js/about.js
inc/tiny_mce/3.5.12/themes/advanced/js/anchor.js
inc/tiny_mce/3.5.12/themes/advanced/js/charmap.js
inc/tiny_mce/3.5.12/themes/advanced/js/color_picker.js
inc/tiny_mce/3.5.12/themes/advanced/js/image.js
inc/tiny_mce/3.5.12/themes/advanced/js/link.js
inc/tiny_mce/3.5.12/themes/advanced/js/source_editor.js
inc/tiny_mce/3.5.12/themes/advanced/langs/en.js
inc/tiny_mce/3.5.12/themes/advanced/langs/en_dlg.js
inc/tiny_mce/3.5.12/themes/advanced/link.htm
inc/tiny_mce/3.5.12/themes/advanced/shortcuts.htm
inc/tiny_mce/3.5.12/themes/advanced/skins/default/content.css
inc/tiny_mce/3.5.12/themes/advanced/skins/default/dialog.css
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/buttons.png
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/items.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_arrow.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_check.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/progress.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/tabs.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/ui.css
inc/tiny_mce/3.5.12/themes/advanced/source_editor.htm
inc/tiny_mce/3.5.12/tiny_mce.js
inc/tiny_mce/3.5.12/tiny_mce_popup.js
inc/tiny_mce/3.5.12/utils/editable_selects.js
inc/tiny_mce/3.5.12/utils/form_utils.js
inc/tiny_mce/3.5.12/utils/mctabs.js
inc/tiny_mce/3.5.12/utils/validate.js
inc/treemenu/TreeMenu.php
inc/treemenu/index.htm
inc/zip/Zip.php

90
.gitlab-ci.yml
Unescape Escape View File

@ -1,32 +1,90 @@
image: tetraweb/php
stages:
- validate
- test
- deploy
- package
before_script:
- apt-get update
- apt-get install zip unzip
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
test:
- bash ci/docker_install.sh > /dev/null
validate:7.2:
image: php:7.2
stage: validate
script:
- bash ci/php_lint.sh ./
validate:7.1:
image: php:7.1
stage: validate
script:
- bash ci/php_lint.sh ./
validate:7.0:
image: php:7.0
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.6:
image: php:5.6
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.5:
image: php:5.5
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.4:
image: php:5.4
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.3:
image: php:5.3
stage: validate
script:
- bash ci/php_lint.sh ./
test:7.1:
image: php:7.1
stage: test
script:
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
- php composer.phar install
- cd Tests
- phpunit
test:7.2:
image: php:7.2
stage: test
script:
- composer install
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
- php composer.phar install
- cd Tests
- phpunit
deploy:
package:
image: tetraweb/php
when: manual
stage: deploy
stage: package
script:
- apt-get update
- apt-get install zip unzip
- cd api
- composer install --no-dev
- cd ../ci
- bash build_zip.sh
artifacts:
paths:
- release.zip
- release.zip

10
admin/admin_main.php
Unescape Escape View File

@ -54,7 +54,15 @@ else {
?>
<div class="content-wrapper">
<section class="content">
<?php hesk_handle_messages(); ?>
<?php
// Service messages
$service_messages = mfh_get_service_messages('STAFF_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
hesk_handle_messages();
?>
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">

76
admin/admin_reply_ticket.php
Unescape Escape View File

@ -189,15 +189,20 @@ if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
// Add reply
$html = $modsForHesk_settings['rich_text_for_tickets'];
if ($submit_as_customer) {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($ticket['name'])) . "','" . hesk_dbEscape($message . "<br /><br /><i>{$hesklang['creb']} {$_SESSION['name']}</i>") . "',NOW(),'" . hesk_dbEscape($myattachments) . "', '" . $html . "')");
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($ticket['name'])) . "','" . hesk_dbEscape($message . "<br /><br /><i>{$hesklang['creb']} {$_SESSION['name']}</i>") . "', NOW(),'" . hesk_dbEscape($myattachments) . "', '" . $html . "')");
} else {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "',NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "', '" . $html . "')");
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "', NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "', '" . $html . "')");
}
/* Track ticket status changes for history */
$revision = '';
/* Change the status of priority? */
$audit_priority = null;
$audit_closed = null;
$audit_status = null;
$audit_customer_status = null;
$audit_assigned_self = null;
if (!empty($_POST['set_priority'])) {
$priority = intval(hesk_POST('priority'));
if ($priority < 0 || $priority > 3) {
@ -211,9 +216,17 @@ if (!empty($_POST['set_priority'])) {
3 => $hesklang['low']
);
$revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$plain_options = array(
0 => 'critical',
1 => 'high',
2 => 'medium',
3 => 'low'
);
$priority_sql = ",`priority`='$priority' ";
$priority_sql = ",`priority`='$priority', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
$audit_priority = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $plain_options[$priority]);
} else {
$priority_sql = "";
}
@ -238,8 +251,11 @@ if ($ticket['locked']) {
$newStatus = hesk_dbFetchAssoc($newStatusRs);
if ($newStatus['IsClosed'] && hesk_checkPermission('can_resolve', 0)) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
$audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status)
);
$sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " ";
// Lock the ticket if customers are not allowed to reopen tickets
if ($hesk_settings['custopen'] != 1) {
@ -247,8 +263,8 @@ if ($ticket['locked']) {
}
} else {
// Ticket isn't being closed, just add the history to the sql query (or tried to close but doesn't have permission)
$revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang[$newStatus['Key']], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status));
}
}
} // -> Submit as Customer reply
@ -259,8 +275,8 @@ elseif ($submit_as_customer) {
$new_status = $customerReplyStatus['ID'];
if ($ticket['status'] != $new_status) {
$revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang['wait_reply'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
$audit_customer_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status));
}
} // -> Default: submit as "Replied by staff"
else {
@ -278,12 +294,21 @@ $sql .= $submit_as_customer ? "`lastreplier`='0', `replierid`='0' " : "`lastrepl
if ($time_worked == '00:00:00') {
$sql .= ", `lastchange` = NOW() ";
} else {
$parts = explode(':', $ticket['time_worked']);
$seconds = ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
$parts = explode(':', $time_worked);
$seconds += ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
require(HESK_PATH . 'inc/reporting_functions.inc.php');
$ticket['time_worked'] = hesk_SecondsToHHMMSS($seconds);
$sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
}
if (!empty($_POST['assign_self']) && (hesk_checkPermission('can_assign_self', 0) || (isset($_REQUEST['isManager']) && $_REQUEST['isManager']))) {
$revision = sprintf($hesklang['thist2'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
$audit_assigned_self = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . " ";
}
$sql .= " $priority_sql ";
@ -306,6 +331,29 @@ unset($sql);
/* Update number of replies in the users table */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "'");
//-- Insert necessary audit trail records
if ($audit_priority != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_priority', hesk_date(), $audit_priority);
}
if ($audit_closed != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_closed', hesk_date(), $audit_closed);
}
if ($audit_status != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), $audit_status);
}
if ($audit_customer_status != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(),
$audit_customer_status);
}
if ($audit_assigned_self != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_assigned_self', hesk_date(), $audit_assigned_self);
}
// --> Prepare reply message
// 1. Generate the array with ticket info that can be used in emails
@ -324,7 +372,9 @@ $info = array(
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'language' => $ticket['language']
'language' => $ticket['language'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => ($submit_as_customer ? $ticket['name'] : $_SESSION['name']),
);
// 2. Add custom fields to the array

442
admin/admin_settings.php
Unescape Escape View File

@ -93,19 +93,20 @@ if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
$tmp = @ini_get('upload_max_filesize');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
$number = substr($tmp, 0, -1);
switch ($last) {
case 'K':
$tmp = $tmp * 1024;
$tmp = $number * 1024;
break;
case 'M':
$tmp = $tmp * 1048576;
$tmp = $number * 1048576;
break;
case 'G':
$tmp = $tmp * 1073741824;
$tmp = $number * 1073741824;
break;
default:
$tmp = $tmp;
$tmp = $number;
}
if ($tmp < $hesk_settings['attachments']['max_size']) {
@ -117,19 +118,20 @@ if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
$tmp = @ini_get('post_max_size');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
$number = substr($tmp, 0, -1);
switch ($last) {
case 'K':
$tmp = $tmp * 1024;
$tmp = $number * 1024;
break;
case 'M':
$tmp = $tmp * 1048576;
$tmp = $number * 1048576;
break;
case 'G':
$tmp = $tmp * 1073741824;
$tmp = $number * 1073741824;
break;
default:
$tmp = $tmp;
$tmp = $number;
}
if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) {
@ -355,86 +357,121 @@ $modsForHesk_settings = mfh_getSettings();
<td class="text-right">
<?php echo $hesklang['v']; ?>:
</td>
<?php
$cellClass = '';
if ($hesk_settings['check_updates']) {
$latest = hesk_checkVersion();
if ($latest === true) {
$cellClass = 'success';
} elseif ($latest != -1) {
$cellClass = 'warning';
}
}
?>
<td class="pad-right-10 <?php echo $cellClass; ?>">
<td class="pad-right-10" id="hesk-version-status">
<?php echo $hesk_settings['hesk_version']; ?>
<?php
if ($hesk_settings['check_updates']) {
if ($latest === true) {
echo ' - <span class="green">' . $hesklang['hud'] . '</span> ';
} elseif ($latest != -1) {
// Is this a beta/dev version?
if (strpos($hesk_settings['hesk_version'], 'beta') || strpos($hesk_settings['hesk_version'], 'dev') || strpos($hesk_settings['hesk_version'], 'RC')) {
echo ' <span class="dark-orange">' . $hesklang['beta'] . '</span> '; ?> <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
} else {
echo ' - <span class="dark-orange bold">' . $hesklang['hnw'] . '</span> '; ?> <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['getup']; ?></a><?php
}
} else {
?> - <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
}
} else {
?> - <a
<?php if ($hesk_settings['check_updates']) : ?>
-
<i class="spinner fa fa-spin fa-spinner"></i>
<span class="up-to-date green" style="display: none">
<?php echo $hesklang['hud']; ?>
</span>
<span class="beta-version orange" style="display: none">
<?php echo $hesklang['beta']; ?>
<a href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
</span>
<span class="update-available orange" style="display: none">
<?php echo $hesklang['hnw']; ?>
<a href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank">
<?php echo $hesklang['getup']; ?>
</a>
</span>
<a class="response-error" href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank" style="display: none"><?php echo $hesklang['check4updates']; ?></a>
<script>
var heskUrl = $('p#hesk-path').text();
var $versionStatus = $('#hesk-version-status');
$.ajax({
url: heskUrl + 'api/index.php/v1-public/hesk-version',
method: 'GET',
success: function(data) {
if ('<?php echo $hesk_settings['hesk_version']; ?>' === data.version) {
$versionStatus.addClass('success');
$versionStatus.find('.up-to-date').show();
} else if (<?php echo strpos($hesk_settings['hesk_version'], 'beta') ||
strpos($hesk_settings['hesk_version'], 'dev') ||
strpos($hesk_settings['hesk_version'], 'RC') ? 'true' : 'false'; ?>) {
$versionStatus.addClass('warning');
$versionStatus.find('.beta-version').show();
} else {
$versionStatus.addClass('warning');
$versionStatus.find('.update-available').show();
}
},
error: function() {
$versionStatus.find('.response-error').show();
},
complete: function(data) {
$versionStatus.find('.spinner').hide();
}
});
</script>
<?php else: ?>
- <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
}
?>
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
<?php endif; ?>
</td>
</tr>
<tr>
<td class="text-right pad-up-5">
<?php echo $hesklang['mods_for_hesk_version']; ?>:
</td>
<?php
$cellClass = '';
if ($hesk_settings['check_updates']) {
$latest = hesk_checkMfhVersion($modsForHeskVersion);
if ($latest === true) {
$cellClass = 'success';
} elseif ($latest != -1) {
$cellClass = 'warning';
}
}
?>
<td class="pad-right-10 pad-up-5 <?php echo $cellClass; ?>">
<td class="pad-right-10 pad-up-5" id="mfh-version-status">
<?php echo $modsForHeskVersion; ?>
<?php
if ($hesk_settings['check_updates']) {
if (strpos($modsForHeskVersion, 'beta') || strpos($modsForHeskVersion, 'dev') || strpos($modsForHeskVersion, 'RC')) {
echo ' <span class="dark-orange">' . $hesklang['beta'] . '</span> '; ?> <a
href="https://mods-for-hesk.mkochcs.com/versioncheck.php?v=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
} elseif ($latest === true) {
echo ' - <span class="green">' . $hesklang['mfh_up_to_date'] . '</span>';
} else {
?> - <a href="https://mods-for-hesk.mkochcs.com" target="_blank"
class="orange bold"><?php echo $hesklang['hnw']; ?></a>
<?php
}
} else {
?> - <a
href="https://mods-for-hesk.mkochcs.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
<?php if ($hesk_settings['check_updates']) : ?>
-
<i class="spinner fa fa-spin fa-spinner"></i>
<span class="up-to-date green" style="display: none">
<?php echo $hesklang['mfh_up_to_date']; ?>
</span>
<span class="beta-version orange" style="display: none">
<?php echo $hesklang['beta']; ?>
<a href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
</span>
<span class="update-available" style="display: none">
<a class="orange" href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank">
<?php echo $hesklang['hnw']; ?>
</a>
</span>
<a class="response-error" href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank" style="display: none"><?php echo $hesklang['check4updates']; ?></a>
<?php else: ?>
- <a
href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
<?php
}
?>
<?php endif; ?>
<script>
var heskUrl = $('p#hesk-path').text();
var $mfhVersionStatus = $('#mfh-version-status');
$.ajax({
url: heskUrl + 'api/index.php/v1-public/mods-for-hesk-version',
method: 'GET',
success: function(data) {
if ('<?php echo $modsForHeskVersion; ?>' === data.version) {
$mfhVersionStatus.addClass('success');
$mfhVersionStatus.find('.up-to-date').show();
} else if (<?php echo strpos($modsForHeskVersion, 'beta') ||
strpos($modsForHeskVersion, 'dev') ||
strpos($modsForHeskVersion, 'RC') ? 'true' : 'false'; ?>) {
$mfhVersionStatus.addClass('warning');
$mfhVersionStatus.find('.beta-version').show();
} else {
$mfhVersionStatus.addClass('warning');
$mfhVersionStatus.find('.update-available').show();
}
},
error: function() {
$mfhVersionStatus.find('.response-error').show();
},
complete: function(data) {
$mfhVersionStatus.find('.spinner').hide();
}
});
</script>
</td>
</tr>
<tr>
@ -2195,6 +2232,106 @@ $modsForHesk_settings = mfh_getSettings();
</select>
</div>
</div>
<div class="form-group">
<label for="show-start-time" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['show_event_start_time']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['show_event_start_time']; ?>"
data-content="<?php echo $hesklang['show_event_start_time_help']; ?>"></i>
</label>
<div class="col-sm-8 form-inline">
<?php
$on = $modsForHesk_settings['calendar_show_start_time'] == 'true' ? 'checked="checked"' : '';
$off = $modsForHesk_settings['calendar_show_start_time'] == 'false' ? 'checked="checked"' : '';
echo '
<div class="radio"><label><input type="radio" name="calendar-show-start-time" value="true" ' . $on . ' /> ' . $hesklang['yes'] . '</label></div><br>
<div class="radio"><label><input type="radio" name="calendar-show-start-time" value="false" ' . $off . ' /> ' . $hesklang['no'] . '</label></div><br>'; ?>
</div>
</div>
<h4 class="bold">
<?php echo $hesklang['business_hours']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['business_hours']; ?>"
data-content="<?php echo $hesklang['business_hours_help']; ?>"></i>
</h4>
<?php
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
$business_hours = array();
while ($row = hesk_dbFetchAssoc($rs)) {
$business_hours[intval($row['day_of_week'])]['start'] = $row['start_time'];
$business_hours[intval($row['day_of_week'])]['end'] = $row['end_time'];
}
?>
<div class="form-group">
<label for="business-hours-sunday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d0']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[0]" value="<?php echo $business_hours[0]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[1]" value="<?php echo $business_hours[0]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-monday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d1']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[0]" value="<?php echo $business_hours[1]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[1]" value="<?php echo $business_hours[1]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-tuesday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d2']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[0]" value="<?php echo $business_hours[2]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[1]" value="<?php echo $business_hours[2]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-wednesday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d3']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[0]" value="<?php echo $business_hours[3]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[1]" value="<?php echo $business_hours[3]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-thursday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d4']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[0]" value="<?php echo $business_hours[4]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[1]" value="<?php echo $business_hours[4]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-friday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d5']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[0]" value="<?php echo $business_hours[5]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[1]" value="<?php echo $business_hours[5]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-saturday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d6']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[0]" value="<?php echo $business_hours[6]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[1]" value="<?php echo $business_hours[6]['end']; ?>">
</div>
</div>
</div>
</div>
@ -3247,6 +3384,27 @@ $modsForHesk_settings = mfh_getSettings();
</div>
</div>
</div>
<div class="form-group">
<label for="show_number_merged" class="col-sm-4 control-label">
<span class="label label-primary"
data-toggle="tooltip"
title="<?php echo $hesklang['added_in_mods_for_hesk'] ?>"><?php echo $hesklang['mods_for_hesk_acronym']; ?></span>
<?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>"
data-content="<?php echo $hesklang['highlight_ticket_rows_based_on_priority_help']; ?>"></i>
</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input type="checkbox"
name="highlight_ticket_rows_based_on_priority" <?php if ($modsForHesk_settings['highlight_ticket_rows_based_on_priority']) {
echo 'checked';
} ?>> <?php echo $hesklang['highlight_ticket_rows_based_on_priority_descr']; ?>
</label>
</div>
</div>
</div>
<div class="form-group">
<label for="s_submittedformat" class="col-sm-4 control-label"><?php echo $hesklang['sdf']; ?> <a
href="Javascript:void(0)"
@ -3362,13 +3520,13 @@ $modsForHesk_settings = mfh_getSettings();
<h4 class="bold"><?php echo $hesklang['other']; ?></h4>
<div class="form-group">
<label for="s_ip_whois" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
<label for="s_ip_whois_url" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#61','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></label>
<div class="col-sm-8">
<input type="text" class="form-control" name="s_ip_whois" size="40" maxlength="255"
<input type="text" class="form-control" name="s_ip_whois_url" size="40" maxlength="255"
value="<?php echo $hesk_settings['ip_whois']; ?>"/>
</div>
</div>
@ -3971,130 +4129,6 @@ $modsForHesk_settings = mfh_getSettings();
}
function hesk_checkVersion()
{
global $hesk_settings;
if ($latest = hesk_getLatestVersion()) {
if (strlen($latest) > 12) {
return -1;
} elseif ($latest == $hesk_settings['hesk_version']) {
return true;
} else {
return $latest;
}
} else {
return -1;
}
} // END hesk_checkVersion()
function hesk_getLatestVersion()
{
global $hesk_settings;
// Do we have a cached version file?
if (file_exists(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt')) {
if (preg_match('/^(\d+)\|([\d.]+)+$/', @file_get_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt'), $matches) && (time() - intval($matches[1])) < 3600) {
return $matches[2];
}
}
// No cached file or older than 3600 seconds, try to get an update
$hesk_version_url = 'https://hesk.com/version';
// Try using cURL
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $hesk_version_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 6);
$latest = curl_exec($ch);
curl_close($ch);
return hesk_cacheLatestVersion($latest);
}
// Try using a simple PHP function instead
if ($latest = @file_get_contents($hesk_version_url)) {
return hesk_cacheLatestVersion($latest);
}
// Can't check automatically, will need a manual check
return false;
} // END hesk_getLatestVersion()
function hesk_cacheLatestVersion($latest)
{
global $hesk_settings;
@file_put_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt', time() . '|' . $latest);
return $latest;
} // END hesk_cacheLatestVersion()
function hesk_checkMfhVersion($currentVersion)
{
if ($latest = hesk_getMfhLatestVersion()) {
if (strlen($latest) > 12) {
return -1;
} elseif ($latest == $currentVersion) {
return true;
} else {
return $latest;
}
} else {
return -1;
}
}
function hesk_getMfhLatestVersion()
{
global $hesk_settings;
// Do we have a cached version file?
if (file_exists(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt')) {
if (preg_match('/^(\d+)\|([\d.]+)+$/', @file_get_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt'), $matches) && (time() - intval($matches[1])) < 3600) {
return $matches[2];
}
}
// No cached file or older than 3600 seconds, try to get an update
$hesk_version_url = 'http://mods-for-hesk.mkochcs.com/latestversion.php';
// Try using cURL
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $hesk_version_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 6);
$latest = curl_exec($ch);
curl_close($ch);
return hesk_cacheMfhLatestVersion($latest);
}
// Try using a simple PHP function instead
if ($latest = file_get_contents($hesk_version_url)) {
return hesk_cacheMfhLatestVersion($latest);
}
// Can't check automatically, will need a manual check
return false;
}
function hesk_cacheMfhLatestVersion($latest)
{
global $hesk_settings;
@file_put_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt', time() . '|' . $latest);
return $latest;
}
function hesk_testLanguage($return_options = 0)
{
global $hesk_settings, $hesklang, $modsForHesk_settings;

37
admin/admin_settings_save.php
Unescape Escape View File

@ -62,6 +62,7 @@ $set['noreply_mail'] = hesk_validateEmail(hesk_POST('s_noreply_mail'), $hesklang
$set['noreply_name'] = hesk_input(hesk_POST('s_noreply_name'));
$set['noreply_name'] = str_replace(array('\\&quot;', '&lt;', '&gt;'), '', $set['noreply_name']);
$set['noreply_name'] = trim(preg_replace('/\s{2,}/', ' ', $set['noreply_name']));
$set['noreply_name'] = preg_replace("/\n|\r|\t|%0A|%0D|%08|%09/", '', $set['noreply_name']);
/* --> Language settings */
$set['can_sel_lang'] = empty($_POST['s_can_sel_lang']) ? 0 : 1;
@ -424,7 +425,7 @@ $set['daylight'] = empty($_POST['s_daylight']) ? 0 : 1;
$set['timeformat'] = hesk_input(hesk_POST('s_timeformat')) or $set['timeformat'] = 'Y-m-d H:i:s';
/* --> Other */
$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois', 'http://whois.domaintools.com/{IP}'));
$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois_url', 'http://whois.domaintools.com/{IP}'));
// If no {IP} tag append it to the end
if (strlen($set['ip_whois']) == 0) {
@ -457,6 +458,7 @@ $set['use_bootstrap_theme'] = empty($_POST['use_bootstrap_theme']) ? 0 : 1;
$set['new_kb_article_visibility'] = hesk_checkMinMax(intval(hesk_POST('new_kb_article_visibility')), 0, 2, 2);
$set['mfh_attachments'] = empty($_POST['email_attachments']) ? 0 : 1;
$set['show_number_merged'] = empty($_POST['show_number_merged']) ? 0 : 1;
$set['highlight_ticket_rows_based_on_priority'] = empty($_POST['highlight_ticket_rows_based_on_priority']) ? 0 : 1;
$set['request_location'] = empty($_POST['request_location']) ? 0 : 1;
$set['category_order_column'] = empty($_POST['category_order_column']) ? 'cat_order' : 'name';
@ -479,6 +481,7 @@ $set['navbar_title_url'] = hesk_POST('navbar_title_url');
$set['enable_calendar'] = hesk_checkMinMax(intval(hesk_POST('enable_calendar')), 0, 2, 2);
$set['first_day_of_week'] = hesk_POST('first-day-of-week', 0);
$set['default_view'] = hesk_POST('default-view', 'month');
$set['calendar_show_start_time'] = hesk_POST('calendar-show-start-time', 'true');
if ($set['customer-email-verification-required']) {
//-- Don't allow multiple emails if verification is required
@ -516,6 +519,13 @@ $set['admin_sidebar_text_hover'] = hesk_input(hesk_POST('admin-sidebar-text-hove
$set['login_background_type'] = hesk_input(hesk_POST('login-background'));
$set['login_box_header'] = hesk_input(hesk_POST('login-box-header'));
$set['business_hours_sunday'] = hesk_POST_array('business-hours-sunday');
$set['business_hours_monday'] = hesk_POST_array('business-hours-monday');
$set['business_hours_tuesday'] = hesk_POST_array('business-hours-tuesday');
$set['business_hours_wednesday'] = hesk_POST_array('business-hours-wednesday');
$set['business_hours_thursday'] = hesk_POST_array('business-hours-thursday');
$set['business_hours_friday'] = hesk_POST_array('business-hours-friday');
$set['business_hours_saturday'] = hesk_POST_array('business-hours-saturday');
$changedBackground = false;
$loadedAttachmentFuncs = false;
@ -615,6 +625,7 @@ mfh_updateSetting('use_bootstrap_theme', $set['use_bootstrap_theme']);
mfh_updateSetting('new_kb_article_visibility', $set['new_kb_article_visibility']);
mfh_updateSetting('attachments', $set['mfh_attachments']);
mfh_updateSetting('show_number_merged', $set['show_number_merged']);
mfh_updateSetting('highlight_ticket_rows_based_on_priority', $set['highlight_ticket_rows_based_on_priority']);
mfh_updateSetting('request_location', $set['request_location']);
mfh_updateSetting('category_order_column', $set['category_order_column'], true);
mfh_updateSetting('rich_text_for_tickets', $set['rich_text_for_tickets']);
@ -657,6 +668,7 @@ mfh_updateSetting('use_mailgun', $set['use_mailgun'], false);
mfh_updateSetting('enable_calendar', $set['enable_calendar'], false);
mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false);
mfh_updateSetting('default_calendar_view', $set['default_view'], true);
mfh_updateSetting('calendar_show_start_time', $set['calendar_show_start_time'], true);
mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true);
mfh_updateSetting('login_background_type', $set['login_background_type'], true);
@ -671,6 +683,29 @@ if ($changedLoginImage) {
mfh_updateSetting('bootswatch_theme', $set['bootswatch_theme'], true);
// Update business hours
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_sunday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_sunday'][1]) . "' WHERE `day_of_week` = " . intval(0));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_monday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_monday'][1]) . "' WHERE `day_of_week` = " . intval(1));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][1]) . "' WHERE `day_of_week` = " . intval(2));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][1]) . "' WHERE `day_of_week` = " . intval(3));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_thursday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_thursday'][1]) . "' WHERE `day_of_week` = " . intval(4));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_friday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_friday'][1]) . "' WHERE `day_of_week` = " . intval(5));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_saturday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_saturday'][1]) . "' WHERE `day_of_week` = " . intval(6));
// Prepare settings file and save it
$settings_file_content = '<?php
// Settings file for HESK ' . $set['hesk_version'] . '

11
admin/admin_submit_ticket.php
Unescape Escape View File

@ -176,11 +176,11 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) {
$tmpvar['trackid'] = hesk_createID();
// Log who submitted ticket
$tmpvar['history'] = sprintf($hesklang['thist7'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$tmpvar['openedby'] = $_SESSION['id'];
// Owner
$tmpvar['owner'] = 0;
$autoassign_owner = null;
if (hesk_checkPermission('can_assign_others', 0)) {
$tmpvar['owner'] = intval(hesk_POST('owner'));
@ -192,7 +192,6 @@ if (hesk_checkPermission('can_assign_others', 0)) {
$autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
if ($autoassign_owner) {
$tmpvar['owner'] = intval($autoassign_owner['id']);
$tmpvar['history'] .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')');
} else {
$tmpvar['owner'] = 0;
}
@ -315,6 +314,14 @@ $tmpvar['screen_resolution_width'] = "NULL";
// Insert ticket to database
$ticket = hesk_newTicket($tmpvar);
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_created', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
if ($autoassign_owner) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(),
array(0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'));
}
// Notify the customer about the ticket?
if ($notify && $email_available) {
hesk_notifyCustomer($modsForHesk_settings);

413
admin/admin_ticket.php
Unescape Escape View File

@ -97,6 +97,37 @@ if (!$ticket['owner'] && !$can_view_unassigned) {
hesk_error($hesklang['ycovtay']);
}
// Get audit information
$audit_sort = $hesk_settings['new_top'] ? "ASC" : "DESC";
$auditRes = hesk_dbQuery("SELECT `audit`.`id`, `audit`.`language_key`, `audit`.`date`,
`values`.`replacement_index`, `values`.`replacement_value`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail` AS `audit`
LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail_to_replacement_values` AS `values`
ON `audit`.`id` = `values`.`audit_trail_id`
WHERE `entity_type` = 'TICKET' AND `entity_id` = " . intval($ticket['id']) . "
ORDER BY `audit`.`date` {$audit_sort}");
$audit_records = array();
$current_audit_record = null;
while ($row = hesk_dbFetchAssoc($auditRes)) {
if ($current_audit_record == null || $current_audit_record['id'] != $row['id']) {
if ($current_audit_record != null) {
$audit_records[] = $current_audit_record;
}
$current_audit_record['id'] = $row['id'];
$current_audit_record['language_key'] = $row['language_key'];
$current_audit_record['date'] = $row['date'];
$current_audit_record['replacement_values'] = array();
}
if ($row['replacement_index'] != null) {
$current_audit_record['replacement_values'][intval($row['replacement_index'])] = $row['replacement_value'];
}
}
if ($current_audit_record != null) {
$audit_records[] = $current_audit_record;
}
/* Set last replier name */
if ($ticket['lastreplier']) {
if (empty($ticket['repliername'])) {
@ -120,19 +151,19 @@ $managerRow = hesk_dbFetchAssoc($managerRS);
$isManager = $managerRow['id'] == $category['manager'];
if ($isManager) {
$can_del_notes =
$can_reply =
$can_delete =
$can_edit =
$can_archive =
$can_assign_self =
$can_view_unassigned =
$can_change_own_cat =
$can_change_cat =
$can_ban_emails =
$can_unban_emails =
$can_ban_ips =
$can_unban_ips =
$can_resolve = true;
$can_reply =
$can_delete =
$can_edit =
$can_archive =
$can_assign_self =
$can_view_unassigned =
$can_change_own_cat =
$can_change_cat =
$can_ban_emails =
$can_unban_emails =
$can_ban_ips =
$can_unban_ips =
$can_resolve = true;
}
/* Is this user allowed to view tickets inside this category? */
@ -392,13 +423,14 @@ if (isset($_POST['notemsg']) && hesk_token_check('POST')) {
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $_SESSION['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => stripslashes($msg),
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'attachments' => $myattachments,
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => $ticket['repliername'],
);
// 2. Add custom fields to the array
@ -439,8 +471,10 @@ if ($hesk_settings['time_worked'] && ($can_reply || $can_edit) && isset($_POST['
$time_worked = hesk_getTime($h . ':' . $m . ':' . $s);
/* Update database */
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_time_worked', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $time_worked));
/* Show ticket */
hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
@ -476,13 +510,26 @@ if (($can_reply || $can_edit) && isset($_POST['childTrackingId'])) {
}
hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` SET `parent` = ' . intval($ticket['id']) . ' WHERE `trackid` = \'' . hesk_dbEscape(hesk_POST('childTrackingId')) . '\'');
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_linked_ticket', hesk_date(),
array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => hesk_POST('childTrackingId')
));
hesk_process_messages(sprintf($hesklang['link_added'], $_POST['childTrackingId']), 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete child action */
if (($can_reply || $can_edit) && isset($_GET['deleteChild'])) {
//-- Delete the relationship
$innerTrackingRs = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id` = " . hesk_dbEscape($_GET['deleteChild']));
$innerTrackingId = hesk_dbFetchAssoc($innerTrackingRs);
hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` SET `parent` = NULL WHERE `ID` = ' . hesk_dbEscape($_GET['deleteChild']));
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlinked_ticket', hesk_date(),
array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $innerTrackingId['trackid']
));
hesk_process_messages($hesklang['ticket_no_longer_linked'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
} elseif (($can_reply || $can_edit) && isset($_GET['deleteParent'])) {
@ -528,7 +575,6 @@ if (isset($_GET['delatt']) && hesk_token_check()) {
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "'");
/* Update ticket or reply in the database */
$revision = sprintf($hesklang['thist12'], hesk_date(), $att['real_name'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
if ($reply) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($reply) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'");
@ -539,6 +585,9 @@ if (isset($_GET['delatt']) && hesk_token_check()) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($ticket['id']) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name']) . ",',''), `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'");
}
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_attachment_deleted', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $att['real_name']));
hesk_process_messages($hesklang['kb_att_rem'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
@ -890,6 +939,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
/* This will handle error, success and notice messages */
hesk_handle_messages();
$service_messages = mfh_get_service_messages('STAFF_VIEW_TICKET');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
// Prepare special custom fields
foreach ($hesk_settings['custom_fields'] as $k=>$v) {
if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) {
@ -948,25 +1002,42 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
);
$options = array();
for ($i = 0; $i < 4; $i++) {
if ($ticket['priority'] == $i) {
if ($i === 0) {
$cssClass = 'critical-priority';
} elseif ($i === 1) {
$cssClass = 'high-priority';
} elseif ($i === 2) {
$cssClass = 'medium-priority';
} else {
$cssClass = 'low-priority';
}
}
$selected = $ticket['priority'] == $i ? 'selected' : '';
array_push($options, '<option value="' . $i . '" ' . $selected . '>' . $priorityLanguages[$i] . '</option>');
}
$content = "<i class='fa fa-fw fa-%s %s' style='font-size: 1em'></i> {$priorityLanguages[$i]}";
if ($i === 0) {
$content = sprintf($content, 'long-arrow-up', 'critical');
} elseif ($i === 1) {
$content = sprintf($content, 'angle-double-up', 'orange');
} elseif ($i === 2) {
$content = sprintf($content, 'angle-double-down', 'green');
} else {
$content = sprintf($content, 'long-arrow-down', 'blue');
}
echo '<div class="ticket-cell-admin col-md-3 col-sm-12 ';
if ($ticket['priority'] == 0) {
echo 'critical-priority">';
} elseif ($ticket['priority'] == 1) {
echo 'high-priority">';
} else {
echo 'med-low-priority">';
array_push($options, '<option data-content="' . $content . '" value="' . $i . '" ' . $selected . '>' . $priorityLanguages[$i] . '</option>');
}
echo '<div class="ticket-cell-admin col-md-3 col-sm-12 ' . $cssClass . '">';
echo '<p class="ticket-property-title">' . $hesklang['priority'] . '</p>';
echo '<form style="margin-bottom:0;" id="changePriorityForm" action="priority.php" method="post">
<span style="white-space:nowrap;">
<select class="form-control" name="priority" onchange="document.getElementById(\'changePriorityForm\').submit();">';
<select class="selectpicker form-control" name="priority" onchange="document.getElementById(\'changePriorityForm\').submit();">';
echo implode('', $options);
echo '
</select>
@ -987,13 +1058,13 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$results = mfh_getAllStatuses();
foreach ($results as $row) {
$selected = $ticket['status'] == $row['ID'] ? 'selected' : '';
$status_options[$row['ID']] = '<option value="' . $row['ID'] . '" ' . $selected . '>' . mfh_getDisplayTextForStatusId($row['ID']) . '</option>';
$status_options[$row['ID']] = '<option style="color: ' . $row['TextColor'] . '" value="' . $row['ID'] . '" ' . $selected . '>' . mfh_getDisplayTextForStatusId($row['ID']) . '</option>';
}
echo '
<form role="form" id="changeStatusForm" style="margin-bottom:0;" action="change_status.php" method="post">
<span style="white-space:nowrap;">
<select class="form-control" onchange="document.getElementById(\'changeStatusForm\').submit();" name="s">
<select class="selectpicker form-control" onchange="document.getElementById(\'changeStatusForm\').submit();" name="s">
' . implode('', $status_options) . '
</select>
@ -1011,7 +1082,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '
<form style="margin-bottom:0;" id="changeOwnerForm" action="assign_owner.php" method="post">
<span style="white-space:nowrap;">
<select class="form-control" name="owner" onchange="document.getElementById(\'changeOwnerForm\').submit();">';
<select class="selectpicker form-control" name="owner" onchange="document.getElementById(\'changeOwnerForm\').submit();">';
$selectedForUnassign = 'selected';
foreach ($admins as $k => $v) {
$selected = '';
@ -1046,7 +1117,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<form style="margin-bottom:0;" id="changeCategory" action="move_category.php" method="post">
<span style="white-space:nowrap;">
<select name="category" class="form-control" onchange="document.getElementById(\'changeCategory\').submit();">
<select name="category" class="selectpicker form-control" onchange="document.getElementById(\'changeCategory\').submit();">
' . $categories_options . '
</select>
@ -1122,9 +1193,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">
<i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . ' ' . $att_name . '"></i>
<i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . '"></i>
</a>
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . '</a><br />
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . ' (' . mfh_getAttachmentFileSize($att_id) . ')' . '</a><br />
';
}
}
@ -1496,7 +1567,7 @@ function hesk_getAdminButtons($category_id)
function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
{
global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $isManager;
global $hesk_settings, $hesklang, $ticket, $trackingID, $can_edit, $can_archive, $can_delete, $isManager;
$options = $reply ? '' : '<div class="pull-right">';
@ -1588,7 +1659,7 @@ function print_form()
} // End print_form()
function mfh_print_message() {
global $ticket, $hesklang, $hesk_settings, $can_ban_emails, $can_ban_ips, $trackingID, $modsForHesk_settings;
global $ticket, $hesklang, $hesk_settings, $can_ban_emails, $can_ban_ips, $can_unban_emails, $can_unban_ips, $trackingID, $modsForHesk_settings;
?>
<li><i class="fa fa-comment bg-red" data-toggle="tooltip" title="<?php echo $hesklang['original_message']; ?>"></i>
<div class="timeline-item">
@ -1749,7 +1820,46 @@ function mfh_print_message() {
function hesk_printTicketReplies()
{
global $hesklang, $hesk_settings, $result, $reply;
global $hesklang, $hesk_settings, $result, $reply, $audit_records;
// Sort replies and audit messages. They'll be in the proper order already
$combined_records = array();
foreach ($audit_records as $audit_record) {
$audit_record['SORT_TYPE'] = 'AUDIT_RECORD';
$combined_records[] = $audit_record;
}
while ($reply = hesk_dbFetchAssoc($result)) {
$reply['SORT_TYPE'] = 'REPLY';
$combined_records[] = $reply;
}
// Re-sort them so they're in order by date
usort($combined_records, function ($a, $b) use (&$hesk_settings) {
$a_date = null;
$b_date = null;
if ($a['SORT_TYPE'] == 'REPLY') {
$a_date = strtotime($a['dt']);
} else {
$a_date = strtotime($a['date']);
}
if ($b['SORT_TYPE'] == 'REPLY') {
$b_date = strtotime($b['dt']);
} else {
$b_date = strtotime($b['date']);
}
if ($a_date === $b_date && $a['SORT_TYPE'] != $b['SORT_TYPE']) {
if ($hesk_settings['new_top']) {
return $a['SORT_TYPE'] == 'REPLY' ? 1 : -1;
}
return $a['SORT_TYPE'] == 'REPLY' ? -1 : 1;
}
return $hesk_settings['new_top'] ? $b_date - $a_date : $a_date - $b_date;
});
echo '<ul class="timeline">';
if (!$hesk_settings['new_top']) {
@ -1758,83 +1868,194 @@ function hesk_printTicketReplies()
echo '<li class="today-top"><i class="fa fa-clock-o bg-gray" data-toggle="tooltip" title="' . $hesklang['timeline_today'] . '"></i></li>';
}
while ($reply = hesk_dbFetchAssoc($result)) {
$reply['dt'] = hesk_date($reply['dt'], true);
?>
<li>
<?php if ($reply['staffid']): ?>
<i class="fa fa-reply bg-orange" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_staff']; ?>"></i>
<?php else: ?>
<i class="fa fa-share bg-blue" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_customer']; ?>"></i>
<?php endif; ?>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $reply['dt']; ?></span>
<h3 class="timeline-header"><?php echo $reply['name']; ?></h3>
<div class="timeline-body">
<div class="row">
<div class="col-md-3 text-right">
<strong><?php echo $hesklang['message_colon']; ?></strong>
</div>
<div class="col-md-9">
<?php
if ($reply['html']) {
echo hesk_html_entity_decode($reply['message']);
} else {
echo $reply['message'];
} ?>
</div>
foreach ($combined_records as $record) {
if ($record['SORT_TYPE'] == 'REPLY') {
mfh_print_reply($record);
} else {
mfh_print_audit_record($record);
}
}
if ($hesk_settings['new_top']) {
mfh_print_message();
} else {
echo '<li><i class="fa fa-clock-o bg-gray" data-toggle="tooltip" title="' . $hesklang['timeline_today'] . '"></i></li>';
}
echo '</ul>';
return;
} // End hesk_printTicketReplies()
function mfh_print_reply($reply) {
global $hesklang, $hesk_settings;
$reply['dt'] = hesk_date($reply['dt'], true);
?>
<li>
<?php if ($reply['staffid']): ?>
<i class="fa fa-reply bg-orange" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_staff']; ?>"></i>
<?php else: ?>
<i class="fa fa-share bg-blue" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_customer']; ?>"></i>
<?php endif; ?>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $reply['dt']; ?></span>
<h3 class="timeline-header"><?php echo $reply['name']; ?></h3>
<div class="timeline-body">
<div class="row">
<div class="col-md-3 text-right">
<strong><?php echo $hesklang['message_colon']; ?></strong>
</div>
<div class="col-md-9">
<?php
if ($reply['html']) {
echo hesk_html_entity_decode($reply['message']);
} else {
echo $reply['message'];
} ?>
</div>
</div>
<?php
if ($hesk_settings['attachments']['use'] && strlen($reply['attachments'])):
</div>
<?php
if ($hesk_settings['attachments']['use'] && strlen($reply['attachments'])):
?>
<div class="timeline-footer">
<?php mfh_listAttachments($reply['attachments'], $reply['id'], true); ?>
</div>
<?php endif; ?>
<div class="timeline-footer">
<div class="row">
<div class="col-md-6">
<?php
/* Staff rating */
if ($hesk_settings['rating'] && $reply['staffid']) {
if ($reply['rating'] == 1) {
echo '<p class="rate">' . $hesklang['rnh'] . '</p>';
} elseif ($reply['rating'] == 5) {
echo '<p class="rate">' . $hesklang['rh'] . '</p>';
}
}
/* Show "unread reply" message? */
if ($reply['staffid'] && !$reply['read']) {
echo '<p class="rate">' . $hesklang['unread'] . '</p>';
<?php endif; ?>
<div class="timeline-footer">
<div class="row">
<div class="col-md-6">
<?php
/* Staff rating */
if ($hesk_settings['rating'] && $reply['staffid']) {
if ($reply['rating'] == 1) {
echo '<p class="rate">' . $hesklang['rnh'] . '</p>';
} elseif ($reply['rating'] == 5) {
echo '<p class="rate">' . $hesklang['rh'] . '</p>';
}
?>
</div>
<div class="col-md-6 text-right">
<?php echo hesk_getAdminButtonsInTicket(); ?>
</div>
}
/* Show "unread reply" message? */
if ($reply['staffid'] && !$reply['read']) {
echo '<p class="rate">' . $hesklang['unread'] . '</p>';
}
?>
</div>
<div class="col-md-6 text-right">
<?php echo hesk_getAdminButtonsInTicket($reply); ?>
</div>
</div>
</div>
</li>
<?php
}
</div>
</li>
<?php
}
if ($hesk_settings['new_top']) {
mfh_print_message();
} else {
echo '<li><i class="fa fa-clock-o bg-gray" data-toggle="tooltip" title="' . $hesklang['timeline_today'] . '"></i></li>';
}
echo '</ul>';
function mfh_print_audit_record($record) {
global $hesklang;
return;
$record['date'] = hesk_date($record['date'], true);
$font_icon = null;
switch ($record['language_key']) {
case 'audit_moved_category':
$font_icon = 'fa-pie-chart';
break;
case 'audit_assigned':
case 'audit_assigned_self':
$font_icon = 'fa-user-plus';
break;
case 'audit_unassigned':
$font_icon = 'fa-user-times';
break;
case 'audit_autoassigned':
$font_icon = 'fa-bolt';
break;
case 'audit_closed':
case 'audit_automatically_closed':
$font_icon = 'fa-check-circle';
break;
case 'audit_opened':
$font_icon = 'fa-circle-o';
break;
case 'audit_locked':
case 'audit_automatically_locked':
$font_icon = 'fa-lock';
break;
case 'audit_unlocked':
$font_icon = 'fa-unlock-alt';
break;
case 'audit_created':
case 'audit_submitted_by':
$font_icon = 'fa-user';
break;
case 'audit_priority':
// The new priority is in arg[1]
$priority = $record['replacement_values'][1];
if ($priority === 'critical') {
$font_icon = 'fa-long-arrow-up';
} elseif ($priority === 'high') {
$font_icon = 'fa-angle-double-up';
} elseif ($priority === 'medium') {
$font_icon = 'fa-angle-double-down';
} else {
$font_icon = 'fa-long-arrow-down';
}
} // End hesk_printTicketReplies()
// Now localize the text for display
$record['replacement_values'][1] = $hesklang[$priority];
break;
case 'audit_status':
$font_icon = 'fa-exchange';
break;
case 'audit_submitted_via_piping':
case 'audit_submitted_via_pop':
$font_icon = 'fa-envelope-o';
break;
case 'audit_attachment_deleted':
$font_icon = 'fa-paperclip';
break;
case 'audit_merged':
$font_icon = 'fa-code-fork';
break;
case 'audit_time_worked':
$font_icon = 'fa fa-clock-o';
break;
case 'audit_due_date_removed':
$font_icon = 'fa fa-calendar-minus-o';
break;
case 'audit_due_date_changed':
$font_icon = 'fa fa-calendar';
//-- Format the date
$record['replacement_values'][1] = date('Y-m-d', strtotime($record['replacement_values'][1]));
break;
case 'audit_linked_ticket':
$font_icon = 'fa fa-link';
break;
case 'audit_unlinked_ticket':
$font_icon = 'fa fa-chain-broken';
break;
default:
$font_icon = 'fa-question-circle';
break;
}
?>
<li>
<i class="fa <?php echo $font_icon; ?> bg-gray"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $record['date']; ?></span>
<h3 class="timeline-header audit-record">
<?php echo vsprintf($hesklang[$record['language_key']], $record['replacement_values']); ?>
</h3>
</div>
</li>
<?php
}
function hesk_printReplyForm()
{
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $isManager, $modsForHesk_settings;
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $modsForHesk_settings, $isManager;
// Force assigning a ticket before allowing to reply?
if ($hesk_settings['require_owner'] && ! $ticket['owner'])

21
admin/assign_owner.php
Unescape Escape View File

@ -52,8 +52,9 @@ $owner = intval(hesk_REQUEST('owner'));
/* If ID is -1 the ticket will be unassigned */
if ($owner == -1) {
$revision = sprintf($hesklang['thist2'], hesk_date(), '<i>' . $hesklang['unas'] . '</i>', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unassigned', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
hesk_process_messages($hesklang['tunasi2'], $_SERVER['PHP_SELF'], 'SUCCESS');
} elseif ($owner < 1) {
@ -96,8 +97,17 @@ if ($ticket['owner'] && $ticket['owner'] != $owner && hesk_REQUEST('unassigned')
/* Assigning to self? */
if ($can_assign_others || ($owner == $_SESSION['id'] && $can_assign_self)) {
$revision = sprintf($hesklang['thist2'], hesk_date(), $row['name'] . ' (' . $row['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($owner == $_SESSION['id'] && $can_assign_self) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned_self', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
} else {
// current user -> assigned user
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $row['name'] . ' (' . $row['user'] . ')'));
}
if ($owner != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) {
$_SERVER['PHP_SELF'] = 'admin_main.php';
@ -119,13 +129,14 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array

331
admin/calendar.php
Unescape Escape View File

@ -282,10 +282,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
<option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
</div>
</div>
@ -334,147 +334,168 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<form id="edit-form" class="form-horizontal" data-toggle="validator">
<div class="modal-body">
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="name" class="col-sm-3 control-label">
<?php echo $hesklang['event_title']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
<div class="col-sm-9">
<input type="text" name="name" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="location" class="col-sm-3 control-label">
<?php echo $hesklang['event_location']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<input type="text" name="location" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="category" class="col-sm-3 control-label">
<?php echo $hesklang['category']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<select name="category" class="form-control"
pattern="[0-9]+"
data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
<?php
if ($hesk_settings['select_cat']) {
echo '<option value="">'.$hesklang['select'].'</option>';
}
foreach ($categories as $category): ?>
<option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
<?php echo $category['name']; ?>
</option>
<?php endforeach; ?>
</select>
<div class="help-block with-errors"></div>
<ul class="nav nav-tabs" role="tablist" id="edit-modal-tabs">
<li role="presentation" class="active"><a href="#edit-contents" aria-controls="home" role="tab" data-toggle="tab"><?php echo $hesklang['information']; ?></a></li>
<li role="presentation"><a href="#edit-history" aria-controls="profile" role="tab" data-toggle="tab"><?php echo $hesklang['thist']; ?></a></li>
</ul>
<div class="tab-content" id="information-tab">
<div role="tabpanel" class="tab-pane active" id="edit-contents">
<br>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="name" class="col-sm-3 control-label">
<?php echo $hesklang['event_title']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
<div class="col-sm-9">
<input type="text" name="name" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="location" class="col-sm-3 control-label">
<?php echo $hesklang['event_location']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<input type="text" name="location" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="category" class="col-sm-3 control-label">
<?php echo $hesklang['category']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<select name="category" class="form-control"
pattern="[0-9]+"
data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
<?php
if ($hesk_settings['select_cat']) {
echo '<option value="">'.$hesklang['select'].'</option>';
}
foreach ($categories as $category): ?>
<option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
<?php echo $category['name']; ?>
</option>
<?php endforeach; ?>
</select>
<div class="help-block with-errors"></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="start-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_start']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="start-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="start-time" class="form-control clockpicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
data-placement="left" data-align="top" data-autoclose="true">
<div class="help-block with-errors"></div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="start-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_start']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="start-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="start-time" class="form-control clockpicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
data-placement="left" data-align="top" data-autoclose="true">
<div class="help-block with-errors"></div>
<div class="checkbox">
<label>
<input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
<div class="checkbox">
<label>
<input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
</label>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="end-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_end']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="end-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="end-time" class="form-control clockpicker"
data-placement="left" data-align="top" data-autoclose="true"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="end-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_end']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="end-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="end-time" class="form-control clockpicker"
data-placement="left" data-align="top" data-autoclose="true"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
<div class="help-block with-errors"></div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="reminder" class="col-sm-3 control-label">
<?php echo $hesklang['event_reminder']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
</label>
<div class="col-sm-2">
<input type="text" name="reminder-value" class="form-control" placeholder="#">
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="reminder" class="col-sm-3 control-label">
<?php echo $hesklang['event_reminder']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
</label>
<div class="col-sm-2">
<input type="text" name="reminder-value" class="form-control" placeholder="#">
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="comments" class="col-sm-3 control-label">
<?php echo $hesklang['event_comments']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="comments" class="col-sm-3 control-label">
<?php echo $hesklang['event_comments']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
</div>
</div>
<div role="tabpanel" class="tab-pane" id="edit-history">
<br>
<table class="table table-striped">
<thead>
<tr>
<th><?php echo $hesklang['date']; ?></th>
<th><?php echo $hesklang['description']; ?></th>
</tr>
</thead>
<tbody id="history-table"></tbody>
</table>
</div>
</div>
</div>
@ -545,22 +566,34 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<strong><?php echo $hesklang['category']; ?></strong>
<span></span>
</div>
<div class="popover-status">
<strong><?php echo $hesklang['status']; ?></strong>
<span></span>
</div>
<div class="popover-priority">
<strong><?php echo $hesklang['priority']; ?></strong>
<span></span>
</div>
</div>
</div>
<?php
echo mfh_get_hidden_fields_for_language(array('error_loading_events',
'error_deleting_event',
'event_deleted',
'event_created',
'error_creating_event',
'event_updated',
'error_updating_event',
'ticket_due_date_updated',
'error_updating_ticket_due_date',
'critical',
'high',
'medium',
'low',
'audit_event_created',
'audit_event_updated'));
?>
<div style="display: none">
<p id="lang_error_loading_events"><?php echo $hesklang['error_loading_events']; ?></p>
<p id="lang_error_deleting_event"><?php echo $hesklang['error_deleting_event']; ?></p>
<p id="lang_event_deleted"><?php echo $hesklang['event_deleted']; ?></p>
<p id="lang_event_created"><?php echo $hesklang['event_created']; ?></p>
<p id="lang_error_creating_event"><?php echo $hesklang['error_creating_event']; ?></p>
<p id="lang_event_updated"><?php echo $hesklang['event_updated']; ?></p>
<p id="lang_error_updating_event"><?php echo $hesklang['error_updating_event']; ?></p>
<p id="lang_ticket_due_date_updated"><?php echo $hesklang['ticket_due_date_updated']; ?></p>
<p id="lang_error_updating_ticket_due_date"><?php echo $hesklang['error_updating_ticket_due_date']; ?></p>
<p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
<p id="setting_default_view">
<?php
@ -572,7 +605,21 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo $view_array[$_SESSION['default_calendar_view']];
?>
</p>
<p id="setting_show_start_time"><?php echo $modsForHesk_settings['calendar_show_start_time']; ?></p>
<?php
$businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
while ($row = hesk_dbFetchAssoc($businessHoursRs)):
?>
<p id="business_hours_<?php echo $row['day_of_week']; ?>_start"><?php echo $row['start_time']; ?></p>
<p id="business_hours_<?php echo $row['day_of_week']; ?>_end"><?php echo $row['end_time']; ?></p>
<?php endwhile; ?>
</div>
<script type="text/html" id="audit-trail-template">
<tr>
<td data-property="date"></td>
<td data-property="description"></td>
</tr>
</script>
<?php
require_once(HESK_PATH . 'inc/footer.inc.php');

43
admin/change_status.php
Unescape Escape View File

@ -37,6 +37,10 @@ hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
$ticket_id_rs = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($trackingID) . "'");
$ticket_id_row = hesk_dbFetchAssoc($ticket_id_rs);
$ticket_id = $ticket_id_row['id'];
/* Valid statuses */
$statusSql = "SELECT `ID` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses`";
$status_options = array();
@ -54,6 +58,11 @@ if (!isset($status_options[$status])) {
$locked = 0;
$audit_closed = null;
$audit_locked = null;
$audit_status = null;
$audit_opened = null;
$statusRow = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE ID = " . $status));
if ($statusRow['IsClosed']) // Closed
{
@ -62,10 +71,14 @@ if ($statusRow['IsClosed']) // Closed
}
$action = $hesklang['ticket_been'] . ' ' . $hesklang['close'];
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $status_options[$status]);
if ($hesk_settings['custopen'] != 1) {
$locked = 1;
$audit_locked = array();
}
// Notify customer of closed ticket?
@ -91,21 +104,43 @@ if ($statusRow['IsClosed']) // Closed
} elseif ($statusRow['IsNewTicketStatus'] == 0) //Ticket is still open, but not new
{
$action = sprintf($hesklang['tsst'], $status_options[$status]);
$revision = sprintf($hesklang['thist9'], hesk_date(), $status_options[$status], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $status_options[$status]);
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else // Ticket is marked as "NEW"
{
$action = $hesklang['ticket_been'] . ' ' . $hesklang['opened'];
$revision = sprintf($hesklang['thist4'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_opened = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($audit_status !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_status', hesk_date(),
$audit_status);
}
if ($audit_closed !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_closed', hesk_date(),
$audit_closed);
}
if ($audit_locked !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_automatically_locked', hesk_date(),
array());
}
if ($audit_opened !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_opened', hesk_date(),
$audit_opened);
}
if (hesk_dbAffectedRows() != 1) {
hesk_error("$hesklang[int_error]: $hesklang[trackID_not_found].");

73
admin/custom_fields.php
Unescape Escape View File

@ -166,7 +166,31 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<?php
}
?>
$descriptions = hesk_SESSION(array('new_cf','descriptions')); ?>
</div>
<div class="form-group">
<label for="description[]" class="col-sm-3 control-label">
<?php echo $hesklang['description']; ?>
</label>
<?php if ($hesk_settings['can_sel_lang'] && count($hesk_settings['languages']) > 1): ?>
<table border="0">
<?php foreach ($hesk_settings['languages'] as $lang => $info): ?>
<tr>
<td><?php echo $lang; ?></td>
<td>
<textarea class="form-control"
name="description[<?php echo $lang; ?>]"><?php echo (isset($descriptions[$lang]) ? $descriptions[$lang] : ''); ?></textarea>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php else: ?>
<div class="col-sm-9">
<textarea class="form-control"
name="description[<?php echo $hesk_settings['language']; ?>]"><?php echo (isset($descriptions[$hesk_settings['language']]) ? $descriptions[$hesk_settings['language']] : ''); ?></textarea>
</div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="name[]" class="col-sm-3 control-label">
@ -495,7 +519,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<?php echo $hesklang['email_custom_field_label']; ?>
</label>
<div class="col-sm-8">
<?php $address_type = empty($value['email_type']) ? 'none' : $value['email_type']; ?>
<?php
$address_type = empty($value['email_type']) ? 'none' : $value['email_type'];
?>
<div class="radio">
<label>
<input type="radio" name="email_type" value="none"
@ -772,7 +798,16 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<tr>
<td><?php echo $tmp_id; ?></td>
<td><?php echo $cf['name']; ?></td>
<td>
<?php
echo $cf['name'];
if ($cf['mfh_description'] !== null && trim($cf['mfh_description']) !== '') {
echo ' <i class="fa fa-info-circle" data-toggle="popover"
data-title="' . htmlspecialchars($hesklang['description']) . '"
data-content="' . htmlspecialchars($cf['mfh_description']) . '"></i>';
}
?>
</td>
<td><?php echo $cf['type']; ?></td>
<td><?php echo $cf['use']; ?></td>
<td><?php echo $cf['req']; ?></td>
@ -885,6 +920,7 @@ function save_cf()
`req` = '{$cf['req']}',
`category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').",
`name` = '".hesk_dbEscape($cf['names'])."',
`mfh_description` = '".hesk_dbEscape($cf['descriptions'])."',
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL')."
WHERE `id`={$id}");
@ -916,6 +952,9 @@ function edit_cf()
$cf['names'] = json_decode($cf['name'], true);
unset($cf['name']);
$cf['descriptions'] = json_decode($cf['mfh_description'], true);
unset($cf['mfh_description']);
if (strlen($cf['category']))
{
$cf['categories'] = json_decode($cf['category'], true);
@ -994,7 +1033,7 @@ function remove_cf()
$id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']);
// Reset the custom field
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `value`=NULL, `order`=1000 WHERE `id`={$id}");
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `mfh_description`=NULL, `value`=NULL, `order`=1000 WHERE `id`={$id}");
// Were we successful?
if ( hesk_dbAffectedRows() == 1 )
@ -1057,6 +1096,27 @@ function cf_validate()
$hesk_error_buffer[] = $hesklang['err_custname'];
}
// Descriptions
$cf['descriptions'] = hesk_POST_array('description');
// Make sure only non-empty descriptions pass
foreach ($cf['descriptions'] as $key => $description) {
if (!isset($hesk_settings['languages'][$key])) {
unset($cf['descriptions'][$key]);
} else {
$description = is_array($description) ? '' : hesk_input($description, 0, 0, HESK_SLASH);
if (strlen($description) < 1)
{
unset($cf['descriptions'][$key]);
}
else
{
$cf['descriptions'][$key] = stripslashes($description);
}
}
}
// Get type and values
$cf['type'] = hesk_POST('type');
switch ($cf['type'])
@ -1264,8 +1324,10 @@ function cf_validate()
}
$cf['names'] = addslashes(json_encode($cf['names']));
$cf['descriptions'] = addslashes(json_encode($cf['descriptions']));
$cf['value'] = $cf['type'] == 'date' ? json_encode($cf['value']) : addslashes(json_encode($cf['value']));
return $cf;
} // END cf_validate()
@ -1305,7 +1367,8 @@ function new_cf()
`req` = '{$cf['req']}',
`category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').",
`name` = '".hesk_dbEscape($cf['names'])."',
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').",
`mfh_description` = '".hesk_dbEscape($cf['descriptions'])."',
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').",
`order` = 990
WHERE `id`={$_SESSION['cford']}");

32
admin/delete_tickets.php
Unescape Escape View File

@ -81,10 +81,10 @@ $i = 0;
// Possible priorities
$priorities = array(
'critical' => array('value' => 0, 'text' => $hesklang['critical'], 'formatted' => '<font class="critical">' . $hesklang['critical'] . '</font>'),
'high' => array('value' => 1, 'text' => $hesklang['high'], 'formatted' => '<font class="important">' . $hesklang['high'] . '</font>'),
'medium' => array('value' => 2, 'text' => $hesklang['medium'], 'formatted' => '<font class="medium">' . $hesklang['medium'] . '</font>'),
'low' => array('value' => 3, 'text' => $hesklang['low'], 'formatted' => $hesklang['low']),
'critical' => array('value' => 0, 'lang' => 'critical', 'text' => $hesklang['critical'], 'formatted' => '<font class="critical">' . $hesklang['critical'] . '</font>'),
'high' => array('value' => 1, 'lang' => 'high', 'text' => $hesklang['high'], 'formatted' => '<font class="important">' . $hesklang['high'] . '</font>'),
'medium' => array('value' => 2, 'lang' => 'medium', 'text' => $hesklang['medium'], 'formatted' => '<font class="medium">' . $hesklang['medium'] . '</font>'),
'low' => array('value' => 3, 'lang' => 'low', 'text' => $hesklang['low'], 'formatted' => $hesklang['low']),
);
// Change priority
@ -113,8 +113,10 @@ if (array_key_exists($_POST['a'], $priorities)) {
hesk_okCategory($ticket['category']);
$revision = sprintf($hesklang['thist8'], hesk_date(), $priority['formatted'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`={$this_id}");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}' WHERE `id`={$this_id}");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_priority', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $priority['lang']));
$i++;
}
@ -133,8 +135,6 @@ elseif ($_POST['a'] == 'delete') {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
@ -222,8 +222,6 @@ else {
hesk_token_check('POST');
require(HESK_PATH . 'inc/email_functions.inc.php');
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
@ -239,7 +237,11 @@ else {
$closedStatusRS = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsStaffClosedOption` = 1");
$closedStatus = hesk_dbFetchAssoc($closedStatusRS);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='" . $closedStatus['ID'] . "', `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($this_id) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='" . $closedStatus['ID'] . "', `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " WHERE `id`='" . intval($this_id) . "'");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_closed', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
$i++;
// Notify customer of closed ticket?
@ -284,6 +286,14 @@ function hesk_fullyDeleteTicket()
/* Delete ticket notes */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `ticket`='" . intval($ticket['id']) . "'");
/* Delete audit trail records */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail_to_replacement_values`
WHERE `audit_trail_id` IN (
SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail`
WHERE `entity_type` = 'TICKET' AND `entity_id` = " . intval($ticket['id']) . ")");
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail` WHERE `entity_type`='TICKET'
AND `entity_id` = " . intval($ticket['id']));
/* Delete ticket reply drafts */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `ticket`=" . intval($ticket['id']));

76
admin/edit_post.php
Unescape Escape View File

@ -36,6 +36,7 @@ if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_edit_tickets');
}
$modsForHesk_settings = mfh_getSettings();
/* Ticket ID */
@ -65,6 +66,7 @@ if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_okCategory($ticket['category']);
}
if (hesk_isREQUEST('reply')) {
$tmpvar['id'] = intval(hesk_REQUEST('reply')) or die($hesklang['id_not_valid']);
@ -366,7 +368,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['subject'] . $required; ?></label>
<div class="col-sm-9">
<input class="form-control" type="text" name="subject" size="40" maxlength="40"
<input class="form-control" type="text" name="subject" size="40" maxlength="70"
value="<?php echo $ticket['subject']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"/>
</div>
@ -378,7 +380,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</label>
<div class="col-sm-9">
<input class="form-control" type="text" name="name" size="40" maxlength="30"
<input class="form-control" type="text" name="name" size="40" maxlength="50"
value="<?php echo $ticket['name']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['name']); ?>"
data-error="<?php echo $hesklang['this_field_is_required']; ?>"
@ -443,6 +445,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div>
</div>';
@ -473,9 +478,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select>
<div class="help-block with-errors"></div>
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '</select>';
echo '<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -496,6 +503,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<div class="checkbox"><label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
@ -510,8 +520,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div>
<textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -530,8 +543,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
<input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -546,8 +562,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>
<div class="help-block with-errors"></div>
<input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
<div id="' . $k . '_suggestions"></div>
</div>
@ -558,9 +577,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
case 'hidden':
case 'readonly':
default:
if (strlen($k_value) != 0) {
$v['value']['default_value'] = $k_value;
}
$k_value = hesk_msgToPlain($k_value,0,0);
$cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
@ -568,8 +585,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
<input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>
';
@ -624,16 +644,20 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
}
?>
</div>
<div class="form-group" style="text-align: center">
<?php
$html = $ticket['html'] ? 1 : 0;
?>
<input type="hidden" name="html" value="<?php echo $html; ?>">
<input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-default">
<?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
<a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<?php
$html = $ticket['html'] ? 1 : 0;
?>
<input type="hidden" name="html" value="<?php echo $html; ?>">
<div class="btn-group">
<input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-primary">
<a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
</div>
<?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
</div>
</div>
</form>
</div>

4
admin/export.php
Unescape Escape View File

@ -291,7 +291,7 @@ $orderBy = $modsForHesk_settings['category_order_column'];
$res2 = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE " . hesk_myCategories('id') . " ORDER BY `" . $orderBy . "` ASC");
while ($row = hesk_dbFetchAssoc($res2)) {
$my_cat[$row['id']] = hesk_msgToPlain($row['name'], 1);
$row['name'] = (strlen($row['name']) > 50) ? substr($row['name'], 0, 50) . '...' : $row['name'];
$row['name'] = (hesk_mb_strlen($row['name']) > 50) ? hesk_mb_substr($row['name'],0,50) . '...' : $row['name'];
$cat_selected = ($row['id'] == $category) ? 'selected="selected"' : '';
$category_options .= '<option value="' . $row['id'] . '" ' . $cat_selected . '>' . $row['name'] . '</option>';
}
@ -697,7 +697,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
)
</option>
<option value="5" <?php echo $selected['time'][5]; ?>><?php echo $hesklang['r5']; ?></option>

13
admin/find_tickets.php
Unescape Escape View File

@ -145,21 +145,21 @@ LEFT(`message`, 400) AS `message`,
$sql .= " ( `trackid` = '" . hesk_dbEscape($q) . "' OR `merged` LIKE '%#" . hesk_dbEscape($q) . "#%' ) ";
break;
case 'name':
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`name` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'email':
$sql .= "`email` LIKE '%" . hesk_dbEscape($q) . "%' ";
break;
case 'subject':
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`subject` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'message':
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "'
$sql .= " ( `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "'
OR
`id` IN (
SELECT DISTINCT `replyto`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
)
";
break;
@ -170,7 +170,7 @@ LEFT(`message`, 400) AS `message`,
$sql .= "`id` IN (
SELECT DISTINCT `ticket`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
";
break;
default:
@ -220,6 +220,9 @@ LEFT(`message`, 400) AS `message`,
$sql_count .= $sql;
$sql = $sql_final . $sql;
// Strip extra slashes
$q = stripslashes($q);
/* Prepare variables used in search and forms */
require_once(HESK_PATH . 'inc/prepare_ticket_search.inc.php');
?>

49
admin/index.php
Unescape Escape View File

@ -158,7 +158,7 @@ function do_login()
exit();
}
$pass_enc = hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass']);
$pass_enc = hesk_Pass2Hash($_SESSION['pass'].hesk_mb_strtolower($user).$_SESSION['pass']);
/* Check if default password */
if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') {
@ -202,7 +202,6 @@ function do_login()
/* Close any old tickets here so Cron jobs aren't necessary */
if ($hesk_settings['autoclose']) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']);
$dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400);
@ -210,22 +209,25 @@ function do_login()
$closedStatus = hesk_dbFetchAssoc($closedStatusRs);
// Are we allowed to close tickets in this status?
if ($closedStatus['Closable'] == 'yes' || $closedStatus['Closable'] == 'sonly') {
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get list of tickets
$result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
if (hesk_dbNumRows($result) > 0) {
global $ticket;
// Load required functions?
if (!function_exists('hesk_notifyCustomer')) {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
$result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
if (hesk_dbNumRows($result) > 0) {
global $ticket;
// Load required functions?
if (!function_exists('hesk_notifyCustomer')) {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_automatically_closed', hesk_date(), array());
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get list of tickets
hesk_notifyCustomer($modsForHesk_settings, 'ticket_closed');
}
}
@ -234,7 +236,7 @@ function do_login()
// Update ticket statuses and history in database if we're allowed to do so
$defaultCloseRs = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsAutocloseOption` = 1');
$defaultCloseStatus = hesk_dbFetchAssoc($defaultCloseRs);
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`=" . intval($defaultCloseStatus['ID']) . ", `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '" . $closedStatus['ID'] . "' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`=" . intval($defaultCloseStatus['ID']) . ", `closedat`=NOW(), `closedby`='-1' WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
}
}
@ -276,6 +278,12 @@ function print_login()
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
// Service messages
$service_messages = mfh_get_service_messages('STAFF_LOGIN');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
?>
</div>
<div class="login-logo">
@ -328,7 +336,7 @@ function print_login()
<select class="form-control" name="user">
<?php
while ($row = hesk_dbFetchAssoc($res)):
$sel = (strtolower($savedUser) == strtolower($row['user'])) ? 'selected' : '';
$sel = (hesk_mb_strtolower($savedUser) == hesk_mb_strtolower($row['user'])) ? 'selected="selected"' : '';
?>
<option value="<?php echo $row['user']; ?>" <?php echo $sel; ?>>
<?php echo $row['user']; ?>
@ -467,6 +475,9 @@ function print_login()
</div>
</div>
</form>
<a class="btn btn-default" href="<?php echo $hesk_settings['hesk_url']; ?>">
<i class="fa fa-chevron-left"></i> <?php echo $hesklang['back']; ?>
</a>
</div>
</div>
</div>

19
admin/knowledgebase_private.php
Unescape Escape View File

@ -121,7 +121,9 @@ function hesk_kb_header($kb_link, $catid=1)
</ol>
<?php
show_subnav('view', $catid);
echo '<div style="margin-left:40px;margin-right:40px">';
hesk_kbSearchLarge(1);
echo '</div>';
} // END hesk_kb_header()
@ -214,7 +216,15 @@ function hesk_show_kb_article($artid)
?>
<div class="content-wrapper">
<?php hesk_kb_header($hesk_settings['kb_link'], $article['catid']); ?>
<?php
hesk_kb_header($hesk_settings['kb_link'], $article['catid']);
echo '<div style="margin-left:40px;margin-right:40px">';
$service_messages = mfh_get_service_messages('STAFF_VIEW_KB_ARTICLE');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
echo '</div>';
?>
<section class="content">
<div class="box">
<div class="box-header with-border">
@ -397,6 +407,13 @@ function hesk_show_kb_category($catid, $is_search = 0) {
{
/* Print header */
hesk_kb_header($hesk_settings['kb_link'], $catid);
echo '<div style="margin-left:40px;margin-right:40px">';
$service_messages = mfh_get_service_messages('STAFF_KB_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
echo '</div>';
} ?>
<section class="content">
<?php if ($thiscat['parent']): ?>

34
admin/lock.php
Unescape Escape View File

@ -37,27 +37,31 @@ hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
// Get ticket info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
$audit_unlocked = null;
$audit_locked = null;
/* New locked status */
if (empty($_GET['locked'])) {
$status = 0;
$tmp = $hesklang['tunlock'];
$revision = sprintf($hesklang['thist6'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_unlocked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else {
$status = 1;
$tmp = $hesklang['tlock'];
$revision = sprintf($hesklang['thist5'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_locked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval($_SESSION['id']) . ' ';
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get ticket info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
$closedStatusRS = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsClosed` = 1');
$ticketIsOpen = true;
while ($row = hesk_dbFetchAssoc($closedStatusRS)) {
@ -82,7 +86,17 @@ $statusRs = hesk_dbQuery($statusSql);
$statusRow = hesk_dbFetchAssoc($statusRs);
$statusId = $statusRow['ID'];
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($audit_unlocked) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlocked', hesk_date(),
$audit_unlocked);
}
if ($audit_locked) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_locked', hesk_date(),
$audit_locked);
}
/* Back to ticket page and show a success message */
hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');

2
admin/mail.php
Unescape Escape View File

@ -32,7 +32,7 @@ $modsForHesk_settings = mfh_getSettings();
/* List of staff */
$admins = array();
$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `name` ASC");
$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1' ORDER BY `name` ASC");
while ($row = hesk_dbFetchAssoc($res)) {
$admins[$row['id']] = $row['name'];
}

1035
admin/manage_categories.php
View File

File diff suppressed because it is too large Load Diff

2
admin/manage_email_templates.php
Unescape Escape View File

@ -324,6 +324,8 @@ function getSpecialTagMap()
$map['%%OWNER%%'] = $hesklang['ticket_owner'];
$map['%%PRIORITY%%'] = $hesklang['ticket_priority'];
$map['%%STATUS%%'] = $hesklang['ticket_status'];
$map['%%LAST_REPLY_BY%%'] = $hesklang['last_reply_by'];
$map['%%TIME_WORKED%%'] = $hesklang['ts'];
$i = 1;
foreach ($hesk_settings['custom_fields'] as $key => $value) {

39
admin/manage_knowledgebase.php
Unescape Escape View File

@ -212,7 +212,8 @@ while (count($kb_cat) > 0)
if (isset($node[$up]))
{
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
}
else
{
@ -242,8 +243,11 @@ while (count($kb_cat) > 0)
$menu->addItem($node[1]);
// Create the presentation class
$treeMenu = & ref_new(new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true)));
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
$HTML_TreeMenu_DHTML = new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true));
$treeMenu = & ref_new($HTML_TreeMenu_DHTML);
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
/* Hide new article and new category forms by default */
if (!isset($_SESSION['hide']))
@ -270,6 +274,12 @@ if (!isset($_SESSION['hide']['treemenu']))
<?php
show_subnav();
// Service messages
$service_messages = mfh_get_service_messages('STAFF_KB_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
// Show a notice if total public articles is less than 5
if ($total_articles < 5)
{
@ -895,7 +905,7 @@ function import_article()
$_SESSION['new_article'] = array(
'html' => 0,
'subject' => $ticket['subject'],
'content' => hesk_msgToPlain($ticket['message']),
'content' => hesk_msgToPlain($ticket['message'], 0, 0),
);
}
@ -910,10 +920,14 @@ function import_article()
}
else
{
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message']);
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message'], 0, 0);
}
}
// Make sure everything is extra slashed as stripslashes will be called later
$_SESSION['new_article']['subject'] = addslashes($_SESSION['new_article']['subject']);
$_SESSION['new_article']['content'] = addslashes($_SESSION['new_article']['content']);
hesk_process_messages($hesklang['import'],'NOREDIRECT','NOTICE');
} // END add_article()
@ -1338,7 +1352,8 @@ function edit_article()
if (isset($node[$up]))
{
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
}
else
{
@ -1368,7 +1383,8 @@ function edit_article()
$menu->addItem($node[1]);
// Create the presentation class
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@ -1595,6 +1611,9 @@ function manage_category() {
foreach ($kb_cat as $k=>$cat)
{
if ($cat['id'] == $catid) {
continue;
}
if (in_array($cat['parent'],$thislevel))
{
@ -1607,7 +1626,8 @@ function manage_category() {
if (isset($node[$up]))
{
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
}
else
{
@ -1637,7 +1657,8 @@ function manage_category() {
$menu->addItem($node[1]);
// Create the presentation class
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');

299
admin/manage_permission_templates.php → admin/manage_permission_groups.php
Unescape Escape View File

@ -39,10 +39,6 @@ if ($action = hesk_REQUEST('a')) {
create();
} elseif ($action == 'delete') {
deleteTemplate();
} elseif ($action == 'addadmin') {
toggleAdmin(true);
} elseif ($action == 'deladmin') {
toggleAdmin(false);
}
}
@ -51,34 +47,20 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
/* Print main manage users page */
require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<script language="Javascript" type="text/javascript"><!--
function confirm_delete() {
if (confirm('<?php echo hesk_makeJsString($hesklang['confirm_del_cat']); ?>')) {
return true;
}
else {
return false;
}
}
//-->
</script>
<?php
$modsForHesk_settings = mfh_getSettings();
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` ORDER BY `name` ASC");
$templates = array();
while ($row = hesk_dbFetchAssoc($res)) {
array_push($templates, $row);
$templates[] = $row;
}
$featureArray = hesk_getFeatureArray();
$orderBy = $modsForHesk_settings['category_order_column'];
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `" . $orderBy . "` ASC");
$categories = array();
while ($row = hesk_dbFetchAssoc($res)) {
array_push($categories, $row);
$categories[] = $row;
}
?>
<div class="content-wrapper">
@ -87,9 +69,9 @@ while ($row = hesk_dbFetchAssoc($res)) {
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">
<?php echo $hesklang['manage_permission_templates']; ?>
<?php echo $hesklang['manage_permission_groups']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="tooltip" data-placement="right"
title="<?php echo $hesklang['manage_permission_templates_help']; ?>"></i>
title="<?php echo $hesklang['manage_permission_groups_help']; ?>"></i>
</h1>
<div class="box-tools pull-right">
<button type="button" class="btn btn-box-tool" data-widget="collapse">
@ -98,14 +80,19 @@ while ($row = hesk_dbFetchAssoc($res)) {
</div>
</div>
<div class="box-body">
<a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new_template']; ?>
</a>
<div class="text-right">
<a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new']; ?>
</a>
</div>
<table class="table table-striped">
<thead>
<th><?php echo $hesklang['name']; ?></th>
<th><?php echo $hesklang['number_of_users']; ?></th>
<th><?php echo $hesklang['actions']; ?></th>
<tr>
<th><?php echo $hesklang['name']; ?></th>
<th><?php echo $hesklang['number_of_users']; ?></th>
<th><?php echo $hesklang['actions']; ?></th>
</tr>
</thead>
<tbody>
<?php foreach ($templates as $row): ?>
@ -114,30 +101,13 @@ while ($row = hesk_dbFetchAssoc($res)) {
<td><?php echo getNumberOfUsersWithPermissionGroup($row['id']); ?></td>
<td>
<a href="#" data-toggle="modal" data-target="#modal-template-<?php echo $row['id'] ?>">
<i class="fa fa-pencil icon-link" data-toggle="tooltip"
title="<?php echo $hesklang['view_permissions_for_this_template'] ?>"></i></a>
<?php if ($row['id'] == 1) { ?>
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['admin_cannot_be_staff']; ?>"></i></a>
<?php } elseif ($row['heskprivileges'] == 'ALL' && $row['categories'] == 'ALL'){ ?>
<a href="manage_permission_templates.php?a=deladmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_admin_privileges']; ?>"></i></a>
<?php } elseif ($row['id'] != 2) { ?>
<a href="manage_permission_templates.php?a=addadmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_no_admin_privileges']; ?>"></i></a>
<?php
} else {
?>
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['staff_cannot_be_admin']; ?>"></i>
<?php
}
<i class="fa fa-fw fa-pencil icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['view_permissions_for_this_group'] ?>"></i></a>
<?php
if ($row['id'] != 1 && $row['id'] != 2):
?>
<a href="manage_permission_templates.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-times icon-link red" data-toggle="tooltip"
<a href="manage_permission_groups.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-fw fa-times icon-link red" data-toggle="tooltip"
title="<?php echo $hesklang['delete']; ?>"></i></a>
<?php endif; ?>
</td>
@ -172,13 +142,9 @@ function createEditModal($template, $features, $categories)
{
global $hesklang;
$showNotice = true;
$disabled = 'checked="checked" disabled';
$enabledFeatures = array();
$enabledCategories = array();
if ($template['heskprivileges'] != 'ALL') {
$showNotice = false;
$disabled = '';
if ($template['heskprivileges'] !== 'ALL') {
$enabledFeatures = explode(',', $template['heskprivileges']);
$enabledCategories = explode(',', $template['categories']);
}
@ -187,30 +153,29 @@ function createEditModal($template, $features, $categories)
aria-labelledby="myLargeModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_templates.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<form action="manage_permission_groups.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_template'], $template['name']); ?></h4>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_group'], $template['name']); ?></h4>
</div>
<div class="modal-body">
<?php if ($template['id'] == 1): ?>
<div class="alert alert-info">
<i class="fa fa-info-circle"></i>
<?php echo $hesklang['protected_group']; ?>
</div>
<?php endif; ?>
<div class="row">
<?php if ($showNotice): ?>
<div class="col-sm-12">
<div class="alert alert-info">
<i class="fa fa-info-circle"></i> <?php echo $hesklang['template_is_admin_cannot_change']; ?>
</div>
</div>
<?php endif; ?>
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['template_name']; ?></label>
class="control-label"><?php echo $hesklang['group_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
value="<?php echo htmlspecialchars($template['name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['template_name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['group_name']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
@ -223,20 +188,32 @@ function createEditModal($template, $features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php foreach ($categories as $category): ?>
<?php
foreach ($categories as $category): ?>
<?php
$checked = '';
$disabled = '';
if (in_array($category['id'], $enabledCategories) ||
$template['categories'] == 'ALL') {
$checked = 'checked ';
}
if ((!hesk_SESSION('isadmin') &&
!in_array($category['id'], $_SESSION['categories'])) ||
$template['categories'] === 'ALL') {
$disabled = ' disabled';
}?>
<?php if ($_SESSION['isadmin'] || in_array($category['id'], $_SESSION['categories']) || $checked): ?>
<div class="checkbox">
<label>
<?php
$checked = '';
if (in_array($category['id'], $enabledCategories) && !$showNotice) {
$checked = 'checked';
} ?>
<input type="checkbox" name="categories[]"
value="<?php echo $category['id']; ?>" <?php echo $checked . $disabled; ?>>
value="<?php echo $category['id']; ?>" <?php echo $checked . ' ' . $disabled; ?>>
<?php echo $category['name']; ?>
</label>
</div>
<?php endforeach; ?>
<?php
endif;
endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -245,19 +222,30 @@ function createEditModal($template, $features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php foreach ($features as $feature): ?>
<?php
foreach ($features as $feature): ?>
<?php
$checked = '';
$disabled = '';
if (in_array($feature, $enabledFeatures) ||
$template['heskprivileges'] === 'ALL') {
$checked = 'checked ';
}
if ((!hesk_SESSION('isadmin') &&
strpos($_SESSION['heskprivileges'], $feature) === false) ||
$template['heskprivileges'] === 'ALL') {
$disabled = ' disabled';
}
if ($_SESSION['isadmin'] || strpos($_SESSION['heskprivileges'], $feature) !== false || $checked): ?>
<div class="checkbox">
<label><?php
$checked = '';
if (in_array($feature, $enabledFeatures) && !$showNotice) {
$checked = 'checked';
} ?>
<label>
<input type="checkbox" name="features[]"
value="<?php echo $feature; ?>" <?php echo $checked . $disabled; ?>>
<?php echo $hesklang[$feature]; ?>
</label>
</div>
<?php endforeach; ?>
<?php endif;
endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -266,9 +254,6 @@ function createEditModal($template, $features, $categories)
<div class="modal-footer">
<input type="hidden" name="a" value="save">
<input type="hidden" name="template_id" value="<?php echo $template['id']; ?>">
<?php if ($showNotice): ?>
<input type="hidden" name="name_only" value="1">
<?php endif; ?>
<div class="btn-group">
<input type="submit" class="btn btn-success"
value="<?php echo $hesklang['save_changes']; ?>">
@ -291,22 +276,22 @@ function buildCreateModal($features, $categories)
aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_templates.php" role="form" method="post" id="createForm">
<form action="manage_permission_groups.php" role="form" method="post" id="createForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo $hesklang['create_new_template_title']; ?></h4>
<h4 class="modal-title"><?php echo $hesklang['create_new_group_title']; ?></h4>
</div>
<div class="modal-body">
<div class="row">
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['template_name']; ?></label>
class="control-label"><?php echo $hesklang['group_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
placeholder="<?php echo $hesklang['template_name']; ?>" required>
placeholder="<?php echo $hesklang['group_name']; ?>" required>
<div class="help-block with-errors"></div>
</div>
</div>
@ -317,7 +302,9 @@ function buildCreateModal($features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php foreach ($categories as $category): ?>
<?php
foreach ($categories as $category):
if (hesk_SESSION('isadmin') || in_array($category['id'], $_SESSION['categories'])): ?>
<div class="checkbox">
<label>
<input type="checkbox" name="categories[]"
@ -327,7 +314,7 @@ function buildCreateModal($features, $categories)
<?php echo $category['name']; ?>
</label>
</div>
<?php endforeach; ?>
<?php endif; endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -336,7 +323,9 @@ function buildCreateModal($features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php foreach ($features as $feature): ?>
<?php foreach ($features as $feature):
if (strpos($_SESSION['heskprivileges'], $feature) !== false || hesk_SESSION('isadmin')):
?>
<div class="checkbox">
<label>
<input type="checkbox" name="features[]"
@ -346,7 +335,7 @@ function buildCreateModal($features, $categories)
<?php echo $hesklang[$feature]; ?>
</label>
</div>
<?php endforeach; ?>
<?php endif; endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -381,40 +370,68 @@ function save()
WHERE `id` = " . intval($templateId));
$row = hesk_dbFetchAssoc($res);
if (hesk_POST('name_only', 0)) {
// We are only able to update the name
$name = hesk_POST('name');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `name` = '" . hesk_dbEscape($name) . "' WHERE `id` = " . intval($templateId));
} else {
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
// Only allow users to add what they are allowed to add
// Admins can handle anything
if (!$_SESSION['isadmin']) {
// Update categories based on user visibility
$originalCategories = explode(',', $row['categories']);
$newCategories = array();
foreach ($originalCategories as $innerCategory) {
if (in_array($innerCategory, $catArray) && in_array($innerCategory, $_SESSION['categories'])) {
$newCategories[] = $innerCategory;
} elseif (!in_array($innerCategory, $catArray) && !in_array($innerCategory, $_SESSION['categories'])) {
// The user can't modify this, so keep it in
$newCategories[] = $innerCategory;
}
// If neither, the user removed it.
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should be switched to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($templateId));
// Update features based on user visibility
$originalFeatures = explode(',', $row['heskprivileges']);
$newFeatures = array();
foreach ($originalFeatures as $innerFeature) {
if (in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) !== false) {
$newFeatures[] = $innerFeature;
} elseif (!in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) === false) {
// The user can't modify this, so keep it in
$newFeatures[] = $innerFeature;
}
// If neither, the user removed it.
}
$categories = implode(',', $newCategories);
$features = implode(',', $newFeatures);
}
hesk_process_messages($hesklang['permission_template_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should have their permissions updated
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `heskprivileges` = '" . hesk_dbEscape($features) . "',
`categories` = '" . hesk_dbEscape($categories) . "'
WHERE `permission_template` = " . intval($templateId));
}
hesk_process_messages($hesklang['permission_group_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function create()
@ -439,7 +456,7 @@ function create()
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` (`name`, `heskprivileges`, `categories`)
VALUES ('" . hesk_dbEscape($name) . "', '" . hesk_dbEscape($features) . "', '" . hesk_dbEscape($categories) . "')");
hesk_process_messages($hesklang['template_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_process_messages($hesklang['group_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function validate($features, $categories, $create = false, $name = '')
@ -449,7 +466,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup = '<ul>';
$isValid = true;
if ($create && $name == '') {
$errorMarkup .= '<li>' . $hesklang['template_name_required'] . '</li>';
$errorMarkup .= '<li>' . $hesklang['group_name_required'] . '</li>';
$isValid = false;
}
if (count($features) == 0) {
@ -463,7 +480,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup .= '</ul>';
if (!$isValid) {
$error = sprintf($hesklang['permission_template_error'], $errorMarkup);
$error = sprintf($hesklang['permission_group_error'], $errorMarkup);
hesk_process_messages($error, $_SERVER['PHP_SELF']);
}
return true;
@ -483,36 +500,14 @@ function deleteTemplate()
// Otherwise delete the template
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` WHERE `id` = " . intval($id));
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['no_templates_were_deleted'], $_SERVER['PHP_SELF']);
hesk_process_messages($hesklang['no_group_were_deleted'], $_SERVER['PHP_SELF']);
}
hesk_process_messages($hesklang['permission_template_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function toggleAdmin($admin)
{
global $hesk_settings, $hesklang;
// Move all users who used to be in this group to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($id));
$id = hesk_GET('id');
if ($id == 1 || $id == 2) {
hesk_process_messages($hesklang['cannot_change_admin_staff'], $_SERVER['PHP_SELF']);
}
if ($admin) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` SET `heskprivileges` = 'ALL',
`categories` = 'ALL' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_now_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
} else {
// Get default privileges
$res = hesk_dbQuery("SELECT `heskprivileges`, `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
WHERE `id` = 2");
$row = hesk_dbFetchAssoc($res);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `heskprivileges` = '" . hesk_dbEscape($row['heskprivileges']) . "',
`categories` = '" . hesk_dbEscape($row['categories']) . "' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_no_longer_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
hesk_process_messages($hesklang['permission_group_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
?>

6
admin/manage_users.php
Unescape Escape View File

@ -214,7 +214,7 @@ if ($action = hesk_REQUEST('a')) {
<th><b><i><?php echo $hesklang['name']; ?></i></b></th>
<th><b><i><?php echo $hesklang['email']; ?></i></b></th>
<th><b><i><?php echo $hesklang['username']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_template']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_group']; ?></i></b></th>
<?php
/* Is user rating enabled? */
if ($hesk_settings['rating']) {
@ -591,6 +591,7 @@ function update_user()
$myuser['notify_overdue_unassigned'] = 0;
}
/* Check for duplicate usernames */
$res = hesk_dbQuery("SELECT `id`,`isadmin`,`categories`,`heskprivileges` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user` = '" . hesk_dbEscape($myuser['user']) . "' LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
@ -735,7 +736,7 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user
}
}
if (strlen($myuser['signature']) > 1000) {
if (hesk_mb_strlen($myuser['signature']) > 1000) {
$hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
}
@ -847,6 +848,7 @@ function remove()
// Revoke manager rights
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser));
/* Un-assign all tickets for this user */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `owner`='" . intval($myuser) . "'");

24
admin/move_category.php
Unescape Escape View File

@ -59,7 +59,7 @@ if (!$row['autoassign']) {
$category_ok = hesk_okCategory($category, 0);
// Is user allowed to move tickets to this category?
if (!$category_ok && !hesk_checkPermission('can_submit_any_cat', 0)) {
if ( ! $category_ok && ! hesk_checkPermission('can_change_cat', 0) ) {
hesk_process_messages($hesklang['noauth_move'],'admin_main.php');
}
@ -70,8 +70,6 @@ if (hesk_dbNumRows($res) != 1) {
}
$ticket = hesk_dbFetchAssoc($res);
/* Log that ticket is being moved */
$history = sprintf($hesklang['thist1'], hesk_date(), $row['name'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
/* Is the ticket assigned to someone? If yes, check that the user has access to category or change to unassigned */
$need_to_reassign = 0;
@ -92,18 +90,30 @@ if ($ticket['owner']) {
}
/* Reassign automatically if possible */
$autoassign_owner = null;
if ($need_to_reassign || !$ticket['owner']) {
$need_to_reassign = 1;
$autoassign_owner = hesk_autoAssignTicket($category);
if ($autoassign_owner) {
$ticket['owner'] = $autoassign_owner['id'];
$history .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')');
} else {
$ticket['owner'] = 0;
}
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
/* Log that ticket is being moved */
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_moved_category', hesk_date(), array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $row['name']
));
if ($autoassign_owner) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(), array(
0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'
));
}
$ticket['category'] = $category;
@ -118,13 +128,13 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'id' => $ticket['id'],'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array

155
admin/new_ticket.php
Unescape Escape View File

@ -113,13 +113,13 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$hesk_settings['categories'] = array();
if (hesk_checkPermission('can_submit_any_cat', 0)) {
$res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC");
$res = hesk_dbQuery("SELECT `id`, `name`, `mfh_description` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC");
} else {
$res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC");
$res = hesk_dbQuery("SELECT `id`, `name`, `mfh_description` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC");
}
while ($row = hesk_dbFetchAssoc($res)) {
$hesk_settings['categories'][$row['id']] = $row['name'];
$hesk_settings['categories'][$row['id']] = $row;
}
$number_of_categories = count($hesk_settings['categories']);
@ -147,7 +147,7 @@ $show_quick_help = $show['show'];
<li><a href="admin_main.php"><?php echo $hesk_settings['hesk_title']; ?></a></li>
<?php if ($number_of_categories > 1): ?>
<li><a href="new_ticket.php"><?php echo $hesklang['nti2']; ?></a></li>
<li class="active"><?php echo $hesk_settings['categories'][$category]; ?></li>
<li class="active"><?php echo $hesk_settings['categories'][$category]['name']; ?></li>
<?php else: ?>
<li class="active"><?php echo $hesklang['nti2']; ?></li>
<?php endif; ?>
@ -157,6 +157,11 @@ $show_quick_help = $show['show'];
/* This will handle error, success and notice messages */
hesk_handle_messages();
$service_messages = mfh_get_service_messages('STAFF_SUBMIT_TICKET');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
if ($show_quick_help): ?>
<div class="box">
<div class="box-header with-border">
@ -237,7 +242,7 @@ $show_quick_help = $show['show'];
class="important">*</span></label>
<div class="col-sm-9">
<input type="text" class="form-control" name="name" size="40" maxlength="30"
<input type="text" class="form-control" name="name" size="40" maxlength="50"
value="<?php if (isset($_SESSION['as_name'])) {
echo stripslashes(hesk_input($_SESSION['as_name']));
} else if (isset($_GET['name'])) {
@ -374,6 +379,10 @@ $show_quick_help = $show['show'];
</div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '
<div class="help-block with-errors"></div>
</div>
@ -403,8 +412,14 @@ $show_quick_help = $show['show'];
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select>
<div class="help-block with-errors"></div></div></div>';
echo '</select>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
/* Checkbox */
@ -425,6 +440,11 @@ $show_quick_help = $show['show'];
echo '<div class="checkbox"><label><input ' . $validator . ' type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '
<div class="help-block with-errors"></div></div></div>';
break;
@ -435,8 +455,13 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div></div></div>';
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
case 'date':
@ -451,8 +476,13 @@ $show_quick_help = $show['show'];
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="datepicker form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40"
value="' . $k_value . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -464,8 +494,13 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.$required_attribute.'>
<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.$required_attribute.'>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div><div id="'.$k.'_suggestions"></div>';
@ -484,8 +519,13 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $cls . $required_attribute . '>
<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $cls . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
}
@ -657,7 +697,7 @@ $show_quick_help = $show['show'];
?>
</label>
<div class="col-sm-9">
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="40"
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="70"
value="<?php if (isset($_SESSION['as_subject']) || isset($_GET['subject'])) {
echo stripslashes(hesk_input($_SESSION['as_subject']));
} ?>" placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"
@ -745,7 +785,9 @@ $show_quick_help = $show['show'];
echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
@ -772,7 +814,11 @@ $show_quick_help = $show['show'];
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select><div class="help-block with-errors"></div></div></div>';
echo '</select>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
/* Checkbox */
@ -793,6 +839,9 @@ $show_quick_help = $show['show'];
echo '<div class="checkbox"><label><input ' . $validator . ' type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . $required_attribute .'> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
@ -802,8 +851,11 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div></div>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div>
</div>';
break;
@ -819,8 +871,11 @@ $show_quick_help = $show['show'];
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="datepicker form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40"
value="' . $k_value . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -832,8 +887,11 @@ $show_quick_help = $show['show'];
echo '<div class="form-group">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.' ' . $required_attribute . '>
<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.' ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div><div id="'.$k.'_suggestions"></div>';
@ -851,8 +909,11 @@ $show_quick_help = $show['show'];
echo '<div class="form-group">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
}
@ -1030,9 +1091,10 @@ function print_select_category($number_of_categories) {
// Print a select box if number of categories is large
if ($number_of_categories > $hesk_settings['cat_show_select'])
{
$firstDescription = null;
?>
<form action="new_ticket.php" method="get">
<select name="category" id="select_category" class="form-control">
<select name="category" id="select_category" class="form-control" onchange="showDescription()">
<?php
if ($hesk_settings['select_cat'])
{
@ -1040,23 +1102,45 @@ function print_select_category($number_of_categories) {
}
foreach ($hesk_settings['categories'] as $k=>$v)
{
echo '<option value="'.$k.'">'.$v.'</option>';
if ($firstDescription === null) {
$firstDescription = $v['mfh_description'];
}
echo '<option value="'.$k.'" data-description="'.$v['mfh_description'].'">'.$v['name'].'</option>';
}
?>
</select>
<?php
$display = ' style="display: none"';
&nbsp;<br />
if (!$hesk_settings['select_cat'] && $firstDescription !== null && trim($firstDescription) !== '') {
$display = '';
}
?>
<span id="category-description"<?php echo $display; ?>>
<b><?php echo $hesklang['description_colon']; ?></b>
<span><?php echo $firstDescription; ?></span>
</span>
<br>
<div style="text-align:center">
<input type="submit" value="<?php echo $hesklang['c2c']; ?>" class="btn btn-default">
</div>
</form>
<script>
function showDescription() {
var $value = $('#select_category').find(':selected');
if ($value.data('description') !== '') {
$('#category-description').show().find('span').text($value.data('description'));
} else {
$('#category-description').hide();
}
}
</script>
<?php
}
// Otherwise print quick links
else
{
// echo '<li><a href="new_ticket.php?a=add&amp;category='.$k.'">&raquo; '.$v.'</a></li>';
$new_row = 1;
foreach ($hesk_settings['categories'] as $k=>$v):
@ -1071,7 +1155,14 @@ function print_select_category($number_of_categories) {
<div class="panel-body">
<div class="row">
<div class="col-xs-12">
<?php echo $v; ?>
<?php
echo $v['name'];
if ($v['mfh_description'] !== null && trim($v['mfh_description']) !== '') {
echo '&nbsp;<i class="fa fa-info-circle" data-toggle="popover"
title="'. $hesklang['description'] .'" data-content="' . $v['mfh_description'] . '"></i>';
}
?>
</div>
</div>
</div>

73
admin/priority.php
Unescape Escape View File

@ -0,0 +1,73 @@
<?php
/**
*
* This file is part of HESK - PHP Help Desk Software.
*
* (c) Copyright Klemen Stirn. All rights reserved.
* https://www.hesk.com
*
* For the full copyright and license agreement information visit
* https://www.hesk.com/eula.php
*
*/
define('IN_SCRIPT',1);
define('HESK_PATH','../');
/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php');
require(HESK_PATH . 'inc/admin_functions.inc.php');
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
/* A security check */
hesk_token_check('POST');
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'].': '.$hesklang['no_trackID']);
$priority = intval( hesk_POST('priority') );
if ($priority < 0 || $priority > 3)
{
hesk_process_messages($hesklang['inpr'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'NOTICE');
}
$options = array(
0 => '<font class="critical">'.$hesklang['critical'].'</font>',
1 => '<font class="important">'.$hesklang['high'].'</font>',
2 => '<font class="medium">'.$hesklang['medium'].'</font>',
3 => $hesklang['low']
);
$plain_options = array(
0 => 'critical',
1 => 'high',
2 => 'medium',
3 => 'low'
);
$ticketRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($trackingID) . "'");
$ticket = hesk_dbFetchAssoc($ticketRs);
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `priority`='{$priority}' WHERE `trackid`='".hesk_dbEscape($trackingID)."'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_priority', hesk_date(), array(
0 => $_SESSION['name'].' ('.$_SESSION['user'].')',
1 => $plain_options[$priority]
));
if (hesk_dbAffectedRows() != 1)
{
hesk_process_messages($hesklang['inpr'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'NOTICE');
}
hesk_process_messages(sprintf($hesklang['chpri2'],$options[$priority]),'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS');
?>

4
admin/profile.php
Unescape Escape View File

@ -166,11 +166,11 @@ function update_profile()
$hesk_error_buffer = '';
$_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
/* Signature */
if (strlen($_SESSION['new']['signature']) > 1000) {
if (hesk_mb_strlen($_SESSION['new']['signature']) > 1000) {
$hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
}

2
admin/reports.php
Unescape Escape View File

@ -249,7 +249,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
)
</option>
<option

834
admin/service_messages.php
Unescape Escape View File

@ -15,6 +15,7 @@ define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
define('PAGE_TITLE', 'ADMIN_SERVICE_MESSAGES');
define('MFH_PAGE_LAYOUT', 'TOP_ONLY');
define('EXTRA_JS', '<script src="'.HESK_PATH.'internal-api/js/service-messages.js"></script>');
/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
@ -31,26 +32,8 @@ hesk_isLoggedIn();
hesk_checkPermission('can_service_msg');
// Define required constants
define('LOAD_TABS', 1);
define('WYSIWYG', 1);
// What should we do?
if ($action = hesk_REQUEST('a')) {
if ($action == 'edit_sm') {
edit_sm();
} elseif (defined('HESK_DEMO')) {
hesk_process_messages($hesklang['ddemo'], 'service_messages.php', 'NOTICE');
} elseif ($action == 'new_sm') {
new_sm();
} elseif ($action == 'save_sm') {
save_sm();
} elseif ($action == 'order_sm') {
order_sm();
} elseif ($action == 'remove_sm') {
remove_sm();
}
}
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@ -60,9 +43,23 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="content-wrapper">
<section class="content">
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">
<?php echo $hesklang['manage_service_messages']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="tooltip"
title="<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>"
data-placement="bottom"></i>
</h1>
</div>
<div class="box-body">
<div class="nav-tabs-custom">
<ul class="nav nav-tabs" role="tablist">
<div class="row">
<div class="col-md-12 text-right">
<button id="create-button" class="btn btn-success">
<i class="fa fa-plus-circle"></i>&nbsp;
<?php echo $hesklang['create_new']; ?>
</button>
</div>
<div class="col-sm-12">
<?php
// Show a link to banned_emails.php if user has permission to do so
if (hesk_checkPermission('can_ban_emails', 0)) {
@ -149,558 +146,297 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="panel-body">
<?php
// Get service messages from database
$res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'service_messages` ORDER BY `order` ASC');
$num = hesk_dbNumRows($res);
if ($num < 1) {
echo '<p>' . $hesklang['no_sm'] . '</p>';
} else {
// List of staff
if (!isset($admins)) {
$admins = array();
$res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`");
while ($row = hesk_dbFetchAssoc($res2)) {
$admins[$row['id']] = $row['name'];
}
}
?>
<table class="table table-hover">
<thead>
<tr>
<th><?php echo $hesklang['sm_mtitle']; ?></th>
<th><?php echo $hesklang['sm_author']; ?></th>
<th><?php echo $hesklang['sm_type']; ?></th>
<th>&nbsp;<?php echo $hesklang['opt']; ?>&nbsp;</th>
</tr>
</thead>
<tbody>
<?php
$j = 1;
$k = 1;
while ($sm = hesk_dbFetchAssoc($res)) {
$faIcon = $sm['icon'];
switch ($sm['style']) {
case 1:
$sm_style = "alert alert-success";
break;
case 2:
$sm_style = "alert alert-info";
break;
case 3:
$sm_style = "alert alert-warning";
break;
case 4:
$sm_style = "alert alert-danger";
break;
default:
$sm_style = "none";
}
$type = $sm['type'] ? $hesklang['sm_draft'] : $hesklang['sm_published'];
?>
<tr>
<td>
<div class="<?php echo $sm_style; ?>">
<i class="<?php echo $faIcon; ?>"></i>
<b><?php echo $sm['title']; ?></b>
</div>
</td>
<td><?php echo(isset($admins[$sm['author']]) ? $admins[$sm['author']] : $hesklang['e_udel']); ?></td>
<td><?php echo $type; ?></td>
<td>
<?php
if ($num > 1) {
if ($k == 1) {
?>
<img src="../img/blank.gif" width="16" height="16" alt=""
style="padding:3px;border:none;"/>
<a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-down font-size-16p green"
data-toggle="tooltip" data-placement="top"
data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
<?php
} elseif ($k == $num) {
?>
<a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-up font-size-16p green" data-toggle="tooltip"
data-placement="top"
data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
<img src="../img/blank.gif" width="16" height="16" alt=""
style="padding:3px;border:none;"/>
<?php
} else {
?>
<a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-up font-size-16p green" data-toggle="tooltip"
data-placement="top"
data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
<a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-down font-size-16p green"
data-toggle="tooltip" data-placement="top"
data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
<?php
}
}
?>
<a href="service_messages.php?a=edit_sm&amp;id=<?php echo $sm['id']; ?>">
<i class="fa fa-pencil font-size-16p orange" data-toggle="tooltip"
data-placement="top"
data-original-title="<?php echo $hesklang['edit']; ?>"></i></a>
<a href="service_messages.php?a=remove_sm&amp;id=<?php echo $sm['id']; ?>&amp;token=<?php hesk_token_echo(); ?>"
onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_sm']); ?>');">
<i class="fa fa-times font-size-16p red" data-toggle="tooltip"
data-placement="top"
data-original-title="<?php echo $hesklang['delete']; ?>"></i></a>&nbsp;
</td>
</tr>
<?php
$j++;
$k++;
} // End while
?>
</tbody>
</table>
<?php
}
?>
<div class="col-md-10">
<textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
class="form-control" name="message" id="content"></textarea>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">
<h4><a name="new_article"></a><?php echo hesk_SESSION('edit_sm') ? $hesklang['edit_sm'] : $hesklang['new_sm']; ?></h4>
</div>
<div role="tabpanel" class="tab-pane" id="properties">
<div class="form-group">
<label for="language" class="col-md-2 control-label">
<?php echo $hesklang['lgs']; ?>
</label>
<div class="col-md-10">
<select name="language" class="form-control">
<option value="ALL"><?php echo $hesklang['all']; ?></option>
<?php foreach($hesk_settings['languages'] as $name => $info): ?>
<option value="<?php echo $info['folder']; ?>">
<?php echo $name; ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="panel-body">
<form action="service_messages.php" method="post" name="form1" role="form" class="form-horizontal" data-toggle="validator">
<div class="form-group">
<label for="style"
class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
<div class="col-md-2">
<div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
<label>
<input type="radio" name="style" value="0" onclick="setIcon('')"
<?php if (!isset($_SESSION['new_sm']['style']) || (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 0)) {
echo 'checked';
} ?>>
<?php echo $hesklang['sm_none']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio alert alert-success pad-5">
<label style="margin-top: -5px">
<input type="radio" name="style" value="1"
onclick="setIcon('fa fa-check-circle')"
<?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 1) {
echo 'checked';
} ?>>
<?php echo $hesklang['sm_success']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
<label style="margin-top: -5px">
<input type="radio" name="style" value="2"
<?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 2) {
echo 'checked';
} ?>>
<?php echo $hesklang['sm_info']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio alert alert-warning pad-5"
onclick="setIcon('fa fa-exclamation-triangle')">
<label style="margin-top: -5px">
<input type="radio" name="style" value="3"
<?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 3) {
echo 'checked';
} ?>>
<?php echo $hesklang['sm_notice']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio alert alert-danger pad-5" onclick="setIcon('fa fa-times-circle')">
<label style="margin-top: -5px">
<input type="radio" name="style" value="4"
<?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 4) {
echo 'checked';
} ?> >
<?php echo $hesklang['sm_error']; ?>
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="row" style="padding-bottom: 10px;">
<label for="style"
class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
<div class="col-md-3">
<div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
<label>
<input type="radio" name="style" value="0" onclick="setIcon('')">
<?php echo $hesklang['sm_none']; ?>
</label>
</div>
<div class="form-group">
<label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
<?php
$icon = '';
if (isset($_SESSION['new_sm']['icon'])) {
$icon = $_SESSION['new_sm']['icon'];
}
?>
<div class="col-md-10">
<p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
<p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
</div>
<div class="col-md-3">
<div class="radio alert alert-success pad-5">
<label style="margin-top: -5px">
<input type="radio" name="style" value="1" onclick="setIcon('fa fa-check-circle')">
<?php echo $hesklang['sm_success']; ?>
</label>
</div>
</div>
<div class="col-md-3">
<div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
<label style="margin-top: -5px">
<input type="radio" name="style" value="2">
<?php echo $hesklang['sm_info']; ?>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-3 col-md-offset-2">
<div class="radio alert alert-warning pad-5">
<label style="margin-top: -5px">
<input type="radio" name="style" value="3"
onclick="setIcon('fa fa-exclamation-triangle')">
<?php echo $hesklang['sm_notice']; ?>
</label>
</div>
</div>
<div class="col-md-3">
<div class="radio alert alert-danger pad-5">
<label style="margin-top: -5px">
<input type="radio" name="style" value="4" onclick="setIcon('fa fa-times-circle')">
<?php echo $hesklang['sm_error']; ?>
</label>
</div>
</div>
</div>
</div>
<div class="form-group">
<label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
<div class="col-md-10">
<p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
<p style="display:none"
id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
<p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
<div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
data-icon="<?php echo $icon; ?>"></div>
</div>
</div>
<div class="form-group">
<label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
<p style="display:none"
id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
<div class="col-md-2">
<div class="radio pad-5">
<label>
<input type="radio" name="type" value="0"
<?php if (!isset($_SESSION['new_sm']['type']) || (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 0)) {
echo 'checked';
} ?> >
<?php echo $hesklang['sm_published']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio pad-5">
<label>
<input type="radio" name="type" value="1"
<?php if (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 1) {
echo 'checked';
} ?> >
<?php echo $hesklang['sm_draft']; ?>
</label>
</div>
</div>
<div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
data-search="false" data-icon=""></div>
</div>
</div>
<div class="form-group">
<label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
<div class="col-md-2">
<div class="radio pad-5">
<label>
<input type="radio" name="type" value="0">
<?php echo $hesklang['sm_published']; ?>
</label>
</div>
</div>
<div class="col-md-2">
<div class="radio pad-5">
<label>
<input type="radio" name="type" value="1">
<?php echo $hesklang['sm_draft']; ?>
</label>
</div>
</div>
</div>
<div class="form-group">
<label for="location" class="col-md-2 control-label"><?php echo $hesklang['sm_location']; ?></label>
<div class="col-sm-4" style="margin-left:20px">
<h5 style="text-decoration: underline;"><?php echo $hesklang['sm_customer_pages']; ?></h5>
<div class="btn-group btn-group-sm">
<div data-select-all="customer-location" class="btn btn-default">
<?php echo $hesklang['select_all_title_case']; ?>
</div>
<div class="form-group">
<label for="title"
class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
<div class="col-md-10">
<input class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
type="text" name="title" size="70" maxlength="255"
<?php if (isset($_SESSION['new_sm']['title'])) {
echo 'value="' . $_SESSION['new_sm']['title'] . '"';
} ?> data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
<div class="help-block with-errors"></div>
</div>
<div data-deselect-all="customer-location" class="btn btn-default">
<?php echo $hesklang['deselect_all_title_case']; ?>
</div>
<div class="form-group">
<label for="message"
class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
<div class="col-md-10">
<textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
class="form-control" name="message" rows="25" cols="70" id="content">
<?php if (isset($_SESSION['new_sm']['message'])) {
echo $_SESSION['new_sm']['message'];
} ?>
</textarea>
</div>
</div>
<div class="checkbox">
<input data-select-target="customer-location" type="checkbox"
name="location[]" value="CUSTOMER_HOME"> <?php echo $hesklang['sm_homepage']; ?>
</div>
<?php if ($hesk_settings['kb_enable'] > 0): ?>
<div class="checkbox">
<input data-select-target="customer-location" type="checkbox"
name="location[]" value="CUSTOMER_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
</div>
<div class="checkbox">
<input data-select-target="customer-location" type="checkbox"
name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
</div>
<?php endif; if ($hesk_settings['kb_enable'] != 2): ?>
<div class="checkbox">
<input data-select-target="customer-location" type="checkbox"
name="location[]" value="CUSTOMER_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
</div>
<div class="checkbox">
<input data-select-target="customer-location" type="checkbox"
name="location[]" value="CUSTOMER_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
</div>
<?php endif; ?>
</div>
<div class="col-sm-4" style="margin-left:20px">
<h5 style="text-decoration: underline;"><?php echo $hesklang['sm_staff_pages']; ?></h5>
<div class="btn-group btn-group-sm">
<div data-select-all="staff-location" class="btn btn-default">
<?php echo $hesklang['select_all_title_case']; ?>
</div>
<div class="form-group">
<?php echo isset($_SESSION['edit_sm']) ? '<input type="hidden" name="a" value="save_sm" /><input type="hidden" name="id" value="' . intval($_SESSION['new_sm']['id']) . '" />' : '<input type="hidden" name="a" value="new_sm" />'; ?>
<input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
<div class="col-md-10 col-md-offset-2">
<div class="btn-group" role="group">
<input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
class="btn btn-primary">
<input type="submit" name="sm_preview"
value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
</div>
</div>
<div data-deselect-all="staff-location" class="btn btn-default">
<?php echo $hesklang['deselect_all_title_case']; ?>
</div>
</form>
</div>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_LOGIN"> <?php echo $hesklang['sm_login_page']; ?>
</div>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_HOME"> <?php echo $hesklang['sm_homepage']; ?>
</div>
<?php if ($hesk_settings['kb_enable'] > 0): ?>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
</div>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
</div>
<?php endif; if ($hesk_settings['kb_enable'] != 2): ?>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
</div>
<div class="checkbox">
<input data-select-target="staff-location" type="checkbox"
name="location[]" value="STAFF_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
<div id="preview-pane"></div>
</div>
<div class="modal-footer">
<input type="hidden" name="id">
<input type="hidden" name="order">
<div id="action-buttons" class="btn-group">
<button type="button" class="btn btn-default cancel-button cancel-callback" data-dismiss="modal">
<i class="fa fa-times-circle"></i>
<span><?php echo $hesklang['cancel']; ?></span>
</button>
<button type="button" class="btn btn-primary preview-button">
<i class="fa fa-search"></i>
<span><?php echo $hesklang['sm_preview']; ?></span>
</button>
<button type="submit" class="btn btn-success save-button">
<i class="fa fa-check-circle"></i>
<span><?php echo $hesklang['save']; ?></span>
</button>
</div>
</div>
</div>
</form>
</div>
</div>
</section>
</div>
<?php
echo mfh_get_hidden_fields_for_language(array(
'sm_published',
'sm_draft',
'no_sm',
'sm_added',
'sm_mdf',
'error_saving_updating_sm',
'sm_deleted',
'error_deleting_sm',
'error_sorting_categories',
'error_retrieving_sm',
'all',
));
echo '<script>var users = [];';
$usersRs = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1'");
$users = array();
while ($row = hesk_dbFetchAssoc($usersRs)) {
$users[] = $row;
echo "users[" . $row['id'] . "] = {
id: ".$row['id'].",
name: '".$row['name']."'
}\n";
}
echo "
var languages = [];\n";
foreach ($hesk_settings['languages'] as $key => $value) {
echo "languages[" . json_encode($value['folder']) . "] = " . json_encode($key) . ";\n";
}
echo '</script>';
?>
<script type="text/html" id="service-message-title-template">
<div class="{{CLASS}}">
<i data-property="icon"></i>
<b data-property="title"></b>
</div>
</script>
<script type="text/html" id="service-message-preview-template">
<?php
$sm = array(
'icon' => 'fa',
'style' => 0,
'title' => '{{TITLE}}',
'message' => '{{MESSAGE}}'
);
hesk_service_message($sm);
?>
</script>
<script type="text/html" id="service-message-template">
<tr>
<td style="display: none"><span data-property="id" data-value="x"></span></td>
<td><span data-property="title"></span></td>
<td><span data-property="author"></span></td>
<td><span data-property="language"></span></td>
<td><span data-property="type"></span></td>
<td>
<span class="sort-arrows">
<a href="#" data-action="sort"
data-direction="up">
<i class="fa fa-fw fa-arrow-up icon-link green"
data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
</a>
<a href="#" data-action="sort"
data-direction="down">
<i class="fa fa-fw fa-arrow-down icon-link green"
data-toggle="tooltip" title="<?php echo $hesklang['move_dn'] ?>"></i>
</a>
</span>
<a href="#" data-action="edit">
<i class="fa fa-fw fa-pencil icon-link orange"
data-toggle="tooltip" title="<?php echo $hesklang['edit']; ?>"></i>
</a>
<a href="#" data-action="delete">
<i class="fa fa-fw fa-times icon-link red"
data-toggle="tooltip" title="<?php echo $hesklang['delete']; ?>"></i>
</a>
</td>
</tr>
</script>
hesk_cleanSessionVars(array('new_sm', 'preview_sm', 'edit_sm'));
<?php
require_once(HESK_PATH . 'inc/footer.inc.php');
exit();
/*** START FUNCTIONS ***/
function save_sm()
{
global $hesk_settings, $hesklang, $listBox;
global $hesk_error_buffer;
// A security check
# hesk_token_check('POST');
$hesk_error_buffer = array();
// Get service messageID
$id = intval(hesk_POST('id')) or hesk_error($hesklang['sm_e_id']);
$style = intval(hesk_POST('style', 0));
if ($style > 4 || $style < 0) {
$style = 0;
}
$type = empty($_POST['type']) ? 0 : 1;
$icon = hesk_POST('icon');
$title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
$message = hesk_getHTML(hesk_POST('message'));
// Clean the HTML code
require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
$message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer)) {
$_SESSION['edit_sm'] = true;
$_SESSION['new_sm'] = array(
'id' => $id,
'style' => $style,
'type' => $type,
'title' => $title,
'icon' => $icon,
'message' => hesk_input(hesk_POST('message')),
);
$tmp = '';
foreach ($hesk_error_buffer as $error) {
$tmp .= "<li>$error</li>\n";
}
$hesk_error_buffer = $tmp;
$hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
hesk_process_messages($hesk_error_buffer, 'service_messages.php');
}
// Just preview the message?
if (isset($_POST['sm_preview'])) {
$_SESSION['preview_sm'] = true;
$_SESSION['edit_sm'] = true;
$_SESSION['new_sm'] = array(
'id' => $id,
'style' => $style,
'type' => $type,
'title' => $title,
'message' => $message,
'icon' => $icon,
);
header('Location: service_messages.php');
exit;
}
// Update the service message in the database
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET
`author` = '" . intval($_SESSION['id']) . "',
`title` = '" . hesk_dbEscape($title) . "',
`message` = '" . hesk_dbEscape($message) . "',
`style` = '{$style}',
`type` = '{$type}',
`icon` = '{$icon}'
WHERE `id`={$id}");
$_SESSION['smord'] = $id;
hesk_process_messages($hesklang['sm_mdf'], 'service_messages.php', 'SUCCESS');
} // End save_sm()
function edit_sm()
{
global $hesk_settings, $hesklang;
// Get service messageID
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
// Get details from the database
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_error($hesklang['sm_not_found']);
}
$sm = hesk_dbFetchAssoc($res);
$_SESSION['new_sm'] = $sm;
$_SESSION['edit_sm'] = true;
} // End edit_sm()
function order_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID and move parameters
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
$move = intval(hesk_GET('move'));
$_SESSION['smord'] = $id;
// Update article details
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id}");
// Update order of all service messages
update_sm_order();
// Finish
header('Location: service_messages.php');
exit();
} // End order_sm()
function update_sm_order()
{
global $hesk_settings, $hesklang;
// Get list of current service messages
$res = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` ASC");
// Update database
$i = 10;
while ($sm = hesk_dbFetchAssoc($res)) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "'");
$i += 10;
}
return true;
} // END update_sm_order()
function remove_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
// Delete the service message
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id}");
// Were we successful?
if (hesk_dbAffectedRows() == 1) {
hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS');
} else {
hesk_process_messages($hesklang['sm_not_found'], './service_messages.php');
}
} // End remove_sm()
function new_sm()
{
global $hesk_settings, $hesklang, $listBox;
global $hesk_error_buffer;
// A security check
# hesk_token_check('POST');
$hesk_error_buffer = array();
$style = intval(hesk_POST('style', 0));
if ($style > 4 || $style < 0) {
$style = 0;
}
$type = empty($_POST['type']) ? 0 : 1;
$icon = hesk_POST('icon');
$title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
$message = hesk_getHTML(hesk_POST('message'));
// Clean the HTML code
require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
$message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer)) {
$_SESSION['new_sm'] = array(
'style' => $style,
'type' => $type,
'title' => $title,
'icon' => $icon,
'message' => hesk_input(hesk_POST('message')),
);
$tmp = '';
foreach ($hesk_error_buffer as $error) {
$tmp .= "<li>$error</li>\n";
}
$hesk_error_buffer = $tmp;
$hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
hesk_process_messages($hesk_error_buffer, 'service_messages.php');
}
// Just preview the message?
if (isset($_POST['sm_preview'])) {
$_SESSION['preview_sm'] = true;
$_SESSION['new_sm'] = array(
'style' => $style,
'type' => $type,
'title' => $title,
'icon' => $icon,
'message' => $message,
);
header('Location: service_messages.php');
exit;
}
// Get the latest service message order
$res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1");
$row = hesk_dbFetchRow($res);
$my_order = intval($row[0]) + 10;
// Insert service message into database
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`, `icon`) VALUES (
'" . intval($_SESSION['id']) . "',
'" . hesk_dbEscape($title) . "',
'" . hesk_dbEscape($message) . "',
'{$style}',
'{$type}',
'{$my_order}',
'{$icon}'
)");
$_SESSION['smord'] = hesk_dbInsertID();
hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS');
} // End new_sm()
?>

142
api/ApplicationContext.php
Unescape Escape View File

@ -1,142 +0,0 @@
<?php
// Responsible for loading in all necessary classes. AKA a poor man's DI solution.
use BusinessLogic\Attachments\AttachmentHandler;
use BusinessLogic\Attachments\AttachmentRetriever;
use BusinessLogic\Categories\CategoryRetriever;
use BusinessLogic\Emails\BasicEmailSender;
use BusinessLogic\Emails\EmailSenderHelper;
use BusinessLogic\Emails\EmailTemplateParser;
use BusinessLogic\Emails\EmailTemplateRetriever;
use BusinessLogic\Emails\MailgunEmailSender;
use BusinessLogic\Navigation\CustomNavElementHandler;
use BusinessLogic\Security\BanRetriever;
use BusinessLogic\Security\UserContextBuilder;
use BusinessLogic\Security\UserToTicketChecker;
use BusinessLogic\Settings\ApiChecker;
use BusinessLogic\Settings\SettingsRetriever;
use BusinessLogic\Statuses\StatusRetriever;
use BusinessLogic\Tickets\Autoassigner;
use BusinessLogic\Tickets\TicketDeleter;
use BusinessLogic\Tickets\TicketEditor;
use BusinessLogic\Tickets\TicketRetriever;
use BusinessLogic\Tickets\TicketCreator;
use BusinessLogic\Tickets\NewTicketValidator;
use BusinessLogic\Tickets\TicketValidators;
use BusinessLogic\Tickets\TrackingIdGenerator;
use BusinessLogic\Tickets\VerifiedEmailChecker;
use DataAccess\Attachments\AttachmentGateway;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Files\FileDeleter;
use DataAccess\Files\FileReader;
use DataAccess\Files\FileWriter;
use DataAccess\Logging\LoggingGateway;
use DataAccess\Navigation\CustomNavElementGateway;
use DataAccess\Security\BanGateway;
use DataAccess\Security\UserGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
use DataAccess\Statuses\StatusGateway;
use DataAccess\Tickets\TicketGateway;
use DataAccess\Tickets\VerifiedEmailGateway;
class ApplicationContext {
public $get;
/**
* ApplicationContext constructor.
*/
function __construct() {
$this->get = array();
// Settings
$this->get[ModsForHeskSettingsGateway::class] = new ModsForHeskSettingsGateway();
// API Checker
$this->get[ApiChecker::class] = new ApiChecker($this->get[ModsForHeskSettingsGateway::class]);
// Custom Navigation
$this->get[CustomNavElementGateway::class] = new CustomNavElementGateway();
$this->get[CustomNavElementHandler::class] = new CustomNavElementHandler($this->get[CustomNavElementGateway::class]);
// Logging
$this->get[LoggingGateway::class] = new LoggingGateway();
// Verified Email Checker
$this->get[VerifiedEmailGateway::class] = new VerifiedEmailGateway();
$this->get[VerifiedEmailChecker::class] = new VerifiedEmailChecker($this->get[VerifiedEmailGateway::class]);
// Users
$this->get[UserGateway::class] = new UserGateway();
$this->get[UserContextBuilder::class] = new UserContextBuilder($this->get[UserGateway::class]);
// Categories
$this->get[CategoryGateway::class] = new CategoryGateway();
$this->get[CategoryRetriever::class] = new CategoryRetriever($this->get[CategoryGateway::class]);
// Bans
$this->get[BanGateway::class] = new BanGateway();
$this->get[BanRetriever::class] = new BanRetriever($this->get[BanGateway::class]);
// Statuses
$this->get[StatusGateway::class] = new StatusGateway();
// Email Sender
$this->get[EmailTemplateRetriever::class] = new EmailTemplateRetriever();
$this->get[EmailTemplateParser::class] = new EmailTemplateParser($this->get[StatusGateway::class],
$this->get[CategoryGateway::class],
$this->get[UserGateway::class],
$this->get[EmailTemplateRetriever::class]);
$this->get[BasicEmailSender::class] = new BasicEmailSender();
$this->get[MailgunEmailSender::class] = new MailgunEmailSender();
$this->get[EmailSenderHelper::class] = new EmailSenderHelper($this->get[EmailTemplateParser::class],
$this->get[BasicEmailSender::class],
$this->get[MailgunEmailSender::class]);
// Tickets
$this->get[UserToTicketChecker::class] = new UserToTicketChecker($this->get[UserGateway::class]);
$this->get[TicketGateway::class] = new TicketGateway();
$this->get[TicketRetriever::class] = new TicketRetriever($this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class]);
$this->get[TicketValidators::class] = new TicketValidators($this->get[TicketGateway::class]);
$this->get[TrackingIdGenerator::class] = new TrackingIdGenerator($this->get[TicketGateway::class]);
$this->get[Autoassigner::class] = new Autoassigner($this->get[CategoryGateway::class], $this->get[UserGateway::class]);
$this->get[NewTicketValidator::class] = new NewTicketValidator($this->get[CategoryRetriever::class],
$this->get[BanRetriever::class],
$this->get[TicketValidators::class]);
$this->get[TicketCreator::class] = new TicketCreator($this->get[NewTicketValidator::class],
$this->get[TrackingIdGenerator::class],
$this->get[Autoassigner::class],
$this->get[StatusGateway::class],
$this->get[TicketGateway::class],
$this->get[VerifiedEmailChecker::class],
$this->get[EmailSenderHelper::class],
$this->get[UserGateway::class],
$this->get[ModsForHeskSettingsGateway::class]);
$this->get[FileWriter::class] = new FileWriter();
$this->get[FileReader::class] = new FileReader();
$this->get[FileDeleter::class] = new FileDeleter();
$this->get[AttachmentGateway::class] = new AttachmentGateway();
$this->get[AttachmentHandler::class] = new AttachmentHandler($this->get[TicketGateway::class],
$this->get[AttachmentGateway::class],
$this->get[FileWriter::class],
$this->get[UserToTicketChecker::class],
$this->get[FileDeleter::class]);
$this->get[AttachmentRetriever::class] = new AttachmentRetriever($this->get[AttachmentGateway::class],
$this->get[FileReader::class],
$this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class]);
$this->get[TicketDeleter::class] =
new TicketDeleter($this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class],
$this->get[AttachmentHandler::class]);
$this->get[TicketEditor::class] =
new TicketEditor($this->get[TicketGateway::class], $this->get[UserToTicketChecker::class]);
// Statuses
$this->get[StatusRetriever::class] = new StatusRetriever($this->get[StatusGateway::class]);
// Settings
$this->get[SettingsRetriever::class] = new SettingsRetriever($this->get[ModsForHeskSettingsGateway::class]);
}
}

7
api/BaseClass.php
Unescape Escape View File

@ -0,0 +1,7 @@
<?php
class BaseClass {
static function clazz() {
return get_called_class();
}
}

7
api/BaseException.php
Unescape Escape View File

@ -0,0 +1,7 @@
<?php
class BaseException extends Exception {
static function clazz() {
return get_called_class();
}
}

2
api/BusinessLogic/Attachments/Attachment.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class Attachment {
class Attachment extends \BaseClass {
/* @var $id int */
public $id;

8
api/BusinessLogic/Attachments/AttachmentHandler.php
Unescape Escape View File

@ -17,7 +17,7 @@ use DataAccess\Files\FileDeleter;
use DataAccess\Files\FileWriter;
use DataAccess\Tickets\TicketGateway;
class AttachmentHandler {
class AttachmentHandler extends \BaseClass {
/* @var $ticketGateway TicketGateway */
private $ticketGateway;
@ -33,7 +33,11 @@ class AttachmentHandler {
/* @var $userToTicketChecker UserToTicketChecker */
private $userToTicketChecker;
function __construct($ticketGateway, $attachmentGateway, $fileWriter, $userToTicketChecker, $fileDeleter) {
function __construct(TicketGateway $ticketGateway,
AttachmentGateway $attachmentGateway,
FileWriter $fileWriter,
UserToTicketChecker $userToTicketChecker,
FileDeleter $fileDeleter) {
$this->ticketGateway = $ticketGateway;
$this->attachmentGateway = $attachmentGateway;
$this->fileWriter = $fileWriter;

2
api/BusinessLogic/Attachments/AttachmentRetriever.php
Unescape Escape View File

@ -10,7 +10,7 @@ use DataAccess\Attachments\AttachmentGateway;
use DataAccess\Files\FileReader;
use DataAccess\Tickets\TicketGateway;
class AttachmentRetriever {
class AttachmentRetriever extends \BaseClass {
/* @var $attachmentGateway AttachmentGateway */
private $attachmentGateway;

2
api/BusinessLogic/Attachments/AttachmentType.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class AttachmentType {
class AttachmentType extends \BaseClass {
const MESSAGE = 0;
const REPLY = 1;
}

2
api/BusinessLogic/Attachments/CreateAttachmentModel.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class CreateAttachmentModel {
class CreateAttachmentModel extends \BaseClass {
/* @var $savedName string */
public $savedName;

22
api/BusinessLogic/Calendar/AbstractEvent.php
Unescape Escape View File

@ -0,0 +1,22 @@
<?php
namespace BusinessLogic\Calendar;
class AbstractEvent {
public $id;
public $startTime;
public $title;
public $categoryId;
public $categoryName;
public $backgroundColor;
public $foregroundColor;
public $displayBorder;
}

15
api/BusinessLogic/Calendar/BusinessHours.php
Unescape Escape View File

@ -0,0 +1,15 @@
<?php
namespace BusinessLogic\Calendar;
class BusinessHours {
/* @var $dayOfWeek int */
public $dayOfWeek;
/* @var $startTime string */
public $startTime;
/* @var $endTime string */
public $endTime;
}

26
api/BusinessLogic/Calendar/CalendarEvent.php
Unescape Escape View File

@ -0,0 +1,26 @@
<?php
namespace BusinessLogic\Calendar;
use BusinessLogic\Tickets\AuditTrail;
class CalendarEvent extends AbstractEvent {
public $type = 'CALENDAR';
public $endTime;
/* @var $allDay bool */
public $allDay;
public $location;
public $comments;
public $reminderValue;
public $reminderUnits;
/* @var $auditTrail AuditTrail[] */
public $auditTrail = array();
}

96
api/BusinessLogic/Calendar/CalendarHandler.php
Unescape Escape View File

@ -0,0 +1,96 @@
<?php
namespace BusinessLogic\Calendar;
use BusinessLogic\DateTimeHelpers;
use BusinessLogic\Security\UserContext;
use BusinessLogic\Tickets\AuditTrailEntityType;
use DataAccess\AuditTrail\AuditTrailGateway;
use DataAccess\Calendar\CalendarGateway;
class CalendarHandler extends \BaseClass {
private $calendarGateway;
private $auditTrailGateway;
public function __construct(CalendarGateway $calendarGateway,
AuditTrailGateway $auditTrailGateway) {
$this->calendarGateway = $calendarGateway;
$this->auditTrailGateway = $auditTrailGateway;
}
public function getEventsForStaff($searchEventsFilter, $heskSettings) {
return $this->calendarGateway->getEventsForStaff($searchEventsFilter, $heskSettings);
}
/**
* @param $calendarEvent CalendarEvent
* @param $userContext UserContext
* @param $heskSettings array
* @return CalendarEvent
* @throws \Exception If more than one event is returned for the given ID
*/
public function updateEvent($calendarEvent, $userContext, $heskSettings) {
$this->calendarGateway->updateEvent($calendarEvent, $userContext, $heskSettings);
$this->auditTrailGateway->insertAuditTrailRecord($calendarEvent->id,
AuditTrailEntityType::CALENDAR_EVENT,
'audit_event_updated',
DateTimeHelpers::heskDate($heskSettings),
array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
$eventFilter = new SearchEventsFilter();
$eventFilter->eventId = $calendarEvent->id;
$eventFilter->reminderUserId = $userContext->id;
$events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
if (count($events) !== 1) {
throw new \Exception("Expected exactly 1 event, found: " . count($events));
}
$event = $events[0];
return $event;
}
/**
* @param $calendarEvent CalendarEvent
* @param $userContext UserContext
* @param $heskSettings array
* @return AbstractEvent
* @throws \Exception
*/
public function createEvent($calendarEvent, $userContext, $heskSettings) {
$this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
$eventFilter = new SearchEventsFilter();
$eventFilter->eventId = $calendarEvent->id;
$eventFilter->reminderUserId = $userContext->id;
$events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
if (count($events) !== 1) {
throw new \Exception("Expected exactly 1 event, found: " . count($events));
}
$event = $events[0];
$this->auditTrailGateway->insertAuditTrailRecord($event->id,
AuditTrailEntityType::CALENDAR_EVENT,
'audit_event_created',
DateTimeHelpers::heskDate($heskSettings),
array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
return $event;
}
public function deleteEvent($id, $userContext, $heskSettings) {
$this->calendarGateway->deleteEvent($id, $userContext, $heskSettings);
}
public function getBusinessHours($heskSettings) {
return $this->calendarGateway->getBusinessHours($heskSettings);
}
}

41
api/BusinessLogic/Calendar/ReminderUnit.php
Unescape Escape View File

@ -0,0 +1,41 @@
<?php
namespace BusinessLogic\Calendar;
class ReminderUnit {
const MINUTE = 0;
const HOUR = 1;
const DAY = 2;
const WEEK = 3;
static function getByValue($value) {
switch ($value) {
case 0:
return 'MINUTE';
case 1:
return 'HOUR';
case 2:
return 'DAY';
case 3:
return 'WEEK';
default:
return 'UNKNOWN';
}
}
static function getByName($name) {
switch ($name) {
case 'MINUTE':
return self::MINUTE;
case 'HOUR':
return self::HOUR;
case 'DAY':
return self::DAY;
case 'WEEK':
return self::WEEK;
default:
return null;
}
}
}

30
api/BusinessLogic/Calendar/SearchEventsFilter.php
Unescape Escape View File

@ -0,0 +1,30 @@
<?php
namespace BusinessLogic\Calendar;
class SearchEventsFilter {
/* @var $startTime int|null */
public $startTime;
/* @var $endTime int|null */
public $endTime;
/* @var $id int|null */
public $eventId;
/* @var $categories int[]|null */
public $categories;
/* @var $reminderUserId int|null */
public $reminderUserId;
/* @var $includeTickets bool */
public $includeTickets;
/* @var $includeUnassignedTickets bool */
public $includeUnassignedTickets;
/* @var $includeTicketsAssignedToOthers bool */
public $includeTicketsAssignedToOthers;
}

20
api/BusinessLogic/Calendar/TicketEvent.php
Unescape Escape View File

@ -0,0 +1,20 @@
<?php
namespace BusinessLogic\Calendar;
class TicketEvent extends AbstractEvent {
public $type = 'TICKET';
public $trackingId;
public $subject;
public $url;
public $owner;
public $priority;
public $status;
}

14
api/BusinessLogic/Categories/Category.php
Unescape Escape View File

@ -2,7 +2,7 @@
namespace BusinessLogic\Categories;
class Category {
class Category extends \BaseClass {
/**
* @var int The Categories ID
*/
@ -22,7 +22,7 @@ class Category {
public $autoAssign;
/**
* @var int The type of Categories (1 = Private, 2 = Public)
* @var int The type of Categories (1 = Private, 0 = Public)
*/
public $type;
@ -60,4 +60,14 @@ class Category {
* @var bool Indication if the user has access to the Categories
*/
public $accessible;
/**
* @var string
*/
public $description;
/**
* @var int
*/
public $numberOfTickets;
}

203
api/BusinessLogic/Categories/CategoryHandler.php
Unescape Escape View File

@ -0,0 +1,203 @@
<?php
namespace BusinessLogic\Categories;
use BusinessLogic\Exceptions\AccessViolationException;
use BusinessLogic\Exceptions\ValidationException;
use BusinessLogic\Navigation\Direction;
use BusinessLogic\Security\PermissionChecker;
use BusinessLogic\Security\UserPrivilege;
use BusinessLogic\ValidationModel;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
use DataAccess\Tickets\TicketGateway;
class CategoryHandler extends \BaseClass {
/* @var $categoryGateway CategoryGateway */
private $categoryGateway;
/* @var $ticketGateway TicketGateway */
private $ticketGateway;
/* @var $permissionChecker PermissionChecker */
private $permissionChecker;
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct(CategoryGateway $categoryGateway,
TicketGateway $ticketGateway,
PermissionChecker $permissionChecker,
ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
$this->categoryGateway = $categoryGateway;
$this->ticketGateway = $ticketGateway;
$this->permissionChecker = $permissionChecker;
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}
/**
* @param $category Category
* @param $userContext
* @param $heskSettings array
* @return Category The newly created category with ID
* @throws ValidationException When validation fails
* @throws \Exception When the newly created category was not retrieved
*/
//TODO Test
function createCategory($category, $userContext, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$validationModel = $this->validate($category, $userContext);
if (count($validationModel->errorKeys) > 0) {
throw new ValidationException($validationModel);
}
$id = $this->categoryGateway->createCategory($category, $heskSettings);
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
foreach ($allCategories as $innerCategory) {
if ($innerCategory->id === $id) {
return $innerCategory;
}
}
throw new \BaseException("Newly created category {$id} lost! :O");
}
/**
* @param $category Category
* @param $userContext
* @param $creating bool
* @return ValidationModel
* @throws AccessViolationException
*/
//TODO Test
private function validate($category, $userContext, $creating = true) {
$validationModel = new ValidationModel();
if (!$this->permissionChecker->doesUserHavePermission($userContext, UserPrivilege::CAN_MANAGE_CATEGORIES)) {
throw new AccessViolationException('User cannot manage categories!');
}
if (!$creating && $category->id < 1) {
$validationModel->errorKeys[] = 'ID_MISSING';
}
if ($category->backgroundColor === null || trim($category->backgroundColor) === '') {
$validationModel->errorKeys[] = 'BACKGROUND_COLOR_MISSING';
}
if ($category->foregroundColor === null || trim($category->foregroundColor) === '') {
$validationModel->errorKeys[] = 'FOREGROUND_COLOR_MISSING';
}
if ($category->name === null || trim($category->name) === '') {
$validationModel->errorKeys[] = 'NAME_MISSING';
}
if ($category->priority === null || intval($category->priority) < 0 || intval($category->priority) > 3) {
$validationModel->errorKeys[] = 'INVALID_PRIORITY';
}
if ($category->autoAssign === null || !is_bool($category->autoAssign)) {
$validationModel->errorKeys[] = 'INVALID_AUTOASSIGN';
}
if ($category->displayBorder === null || !is_bool($category->displayBorder)) {
$validationModel->errorKeys[] = 'INVALID_DISPLAY_BORDER';
}
if ($category->type === null || (intval($category->type) !== 0 && intval($category->type) !== 1)) {
$validationModel->errorKeys[] = 'INVALID_TYPE';
}
return $validationModel;
}
/**
* @param $category Category
* @param $userContext
* @param $heskSettings array
* @return Category
* @throws ValidationException
* @throws \Exception When the category is missing
*/
function editCategory($category, $userContext, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$validationModel = $this->validate($category, $userContext, false);
if (count($validationModel->errorKeys) > 0) {
throw new ValidationException($validationModel);
}
$this->categoryGateway->updateCategory($category, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
foreach ($allCategories as $innerCategory) {
if ($innerCategory->id === $category->id) {
return $innerCategory;
}
}
throw new \BaseException("Category {$category->id} vanished! :O");
}
function deleteCategory($id, $userContext, $heskSettings) {
if (!$this->permissionChecker->doesUserHavePermission($userContext, UserPrivilege::CAN_MANAGE_CATEGORIES)) {
throw new AccessViolationException('User cannot manage categories!');
}
if ($id === 1) {
throw new \BaseException("Category 1 cannot be deleted!");
}
$this->ticketGateway->moveTicketsToDefaultCategory($id, $heskSettings);
$this->categoryGateway->deleteCategory($id, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
}
function sortCategory($id, $direction, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === intval($id)) {
$category = $innerCategory;
break;
}
}
if ($category === null) {
throw new \BaseException("Could not find category with ID {$id}!");
}
if ($direction === Direction::UP) {
$category->catOrder -= 15;
} else {
$category->catOrder += 15;
}
$this->categoryGateway->updateCategory($category, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
}
function getPublicCategories($heskSettings) {
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $this->modsForHeskSettingsGateway->getAllSettings($heskSettings));
$publicCategories = array();
foreach ($allCategories as $category) {
if ($category->type === 0) {
$publicCategories[] = $category;
}
}
return $publicCategories;
}
}

16
api/BusinessLogic/Categories/CategoryRetriever.php
Unescape Escape View File

@ -4,15 +4,23 @@ namespace BusinessLogic\Categories;
use BusinessLogic\Security\UserContext;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
class CategoryRetriever {
class CategoryRetriever extends \BaseClass {
/**
* @var CategoryGateway
*/
private $categoryGateway;
function __construct($categoryGateway) {
/**
* @var ModsForHeskSettingsGateway
*/
private $modsForHeskSettingsGateway;
function __construct(CategoryGateway $categoryGateway,
ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
$this->categoryGateway = $categoryGateway;
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}
/**
@ -21,7 +29,9 @@ class CategoryRetriever {
* @return array
*/
function getAllCategories($heskSettings, $userContext) {
$categories = $this->categoryGateway->getAllCategories($heskSettings);
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
foreach ($categories as $category) {
$category->accessible = $userContext->admin ||

19
api/BusinessLogic/DateTimeHelpers.php
Unescape Escape View File

@ -0,0 +1,19 @@
<?php
namespace BusinessLogic;
class DateTimeHelpers {
static function heskDate($heskSettings, $dt = '', $isStr = true, $return_str = true) {
if (!$dt) {
$dt = time();
} elseif ($isStr) {
$dt = strtotime($dt);
}
// Return formatted date
return $return_str ? date($heskSettings['timeformat'], $dt) : $dt;
}
}

6
api/BusinessLogic/Emails/Addressees.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class Addressees {
class Addressees extends \BaseClass {
/**
* @var $to string[]
*/
@ -12,10 +12,10 @@ class Addressees {
/**
* @var $cc string[]|null
*/
public $cc;
public $cc = array();
/**
* @var $bcc string[]|null
*/
public $bcc;
public $bcc = array();
}

11
api/BusinessLogic/Emails/BasicEmailSender.php
Unescape Escape View File

@ -7,14 +7,23 @@ use BusinessLogic\Tickets\Attachment;
use BusinessLogic\Tickets\Ticket;
use PHPMailer;
class BasicEmailSender implements EmailSender {
class BasicEmailSender extends \BaseClass implements EmailSender {
function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
$toEmails = implode(',', $emailBuilder->to);
if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $toEmails . $emailBuilder->subject)) {
return false;
}
$mailer = new PHPMailer();
if ($heskSettings['smtp']) {
$mailer->isSMTP();
$mailer->SMTPAuth = true;
//-- We'll set this explicitly below if the user has it enabled.
$mailer->SMTPAutoTLS = false;
if ($heskSettings['smtp_ssl']) {
$mailer->SMTPSecure = "ssl";
} elseif ($heskSettings['smtp_tls']) {

2
api/BusinessLogic/Emails/EmailBuilder.php
Unescape Escape View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Emails;
use BusinessLogic\Tickets\Attachment;
class EmailBuilder {
class EmailBuilder extends \BaseClass {
/**
* @var $to string[]
*/

6
api/BusinessLogic/Emails/EmailSenderHelper.php
Unescape Escape View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Emails;
use BusinessLogic\Tickets\Ticket;
class EmailSenderHelper {
class EmailSenderHelper extends \BaseClass {
/**
* @var $emailTemplateParser EmailTemplateParser
*/
@ -21,7 +21,9 @@ class EmailSenderHelper {
*/
private $mailgunEmailSender;
function __construct($emailTemplateParser, $basicEmailSender, $mailgunEmailSender) {
function __construct(EmailTemplateParser $emailTemplateParser,
BasicEmailSender $basicEmailSender,
MailgunEmailSender $mailgunEmailSender) {
$this->emailTemplateParser = $emailTemplateParser;
$this->basicEmailSender = $basicEmailSender;
$this->mailgunEmailSender = $mailgunEmailSender;

2
api/BusinessLogic/Emails/EmailTemplate.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class EmailTemplate {
class EmailTemplate extends \BaseClass {
/**
* @var $languageKey string
*/

80
api/BusinessLogic/Emails/EmailTemplateParser.php
Unescape Escape View File

@ -3,17 +3,18 @@
namespace BusinessLogic\Emails;
use BusinessLogic\Exceptions\ApiFriendlyException;
use BusinessLogic\Exceptions\EmailTemplateNotFoundException;
use BusinessLogic\Exceptions\InvalidEmailTemplateException;
use BusinessLogic\Security\UserContext;
use BusinessLogic\Statuses\DefaultStatusForAction;
use BusinessLogic\Tickets\Ticket;
use Core\Constants\Priority;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Logging\LoggingGateway;
use DataAccess\Security\UserGateway;
use DataAccess\Statuses\StatusGateway;
class EmailTemplateParser {
class EmailTemplateParser extends \BaseClass {
/**
* @var $statusGateway StatusGateway
@ -35,11 +36,21 @@ class EmailTemplateParser {
*/
private $emailTemplateRetriever;
function __construct($statusGateway, $categoryGateway, $userGateway, $emailTemplateRetriever) {
/**
* @var $logger LoggingGateway
*/
private $logger;
function __construct(StatusGateway $statusGateway,
CategoryGateway $categoryGateway,
UserGateway $userGateway,
EmailTemplateRetriever $emailTemplateRetriever,
LoggingGateway $loggingGateway) {
$this->statusGateway = $statusGateway;
$this->categoryGateway = $categoryGateway;
$this->userGateway = $userGateway;
$this->emailTemplateRetriever = $emailTemplateRetriever;
$this->logger = $loggingGateway;
}
/**
@ -50,6 +61,7 @@ class EmailTemplateParser {
* @param $modsForHeskSettings array
* @return ParsedEmailProperties
* @throws InvalidEmailTemplateException
* @throws \Exception
*/
function getFormattedEmailForLanguage($templateId, $languageCode, $ticket, $heskSettings, $modsForHeskSettings) {
global $hesklang;
@ -73,10 +85,10 @@ class EmailTemplateParser {
}
if ($fullLanguageName === null) {
throw new \Exception("Language code {$languageCode} did not return any valid HESK languages!");
throw new \BaseException("Language code {$languageCode} did not return any valid HESK languages!");
}
$subject = $this->parseSubject($subject, $ticket, $fullLanguageName, $heskSettings);
$subject = $this->parseSubject($subject, $ticket, $fullLanguageName, $heskSettings, $modsForHeskSettings);
$message = $this->parseMessage($template, $ticket, $fullLanguageName, $emailTemplate->forStaff, $heskSettings, $modsForHeskSettings, false);
$htmlMessage = $this->parseMessage($htmlTemplate, $ticket, $fullLanguageName, $emailTemplate->forStaff, $heskSettings, $modsForHeskSettings, true);
@ -113,11 +125,11 @@ class EmailTemplateParser {
* @return string
* @throws \Exception if common.inc.php isn't loaded
*/
private function parseSubject($subjectTemplate, $ticket, $language, $heskSettings) {
private function parseSubject($subjectTemplate, $ticket, $language, $heskSettings, $modsForHeskSettings) {
global $hesklang;
if (!function_exists('hesk_msgToPlain')) {
throw new \Exception("common.inc.php not loaded!");
throw new \BaseException("common.inc.php not loaded!");
}
if ($ticket === null) {
@ -126,8 +138,25 @@ class EmailTemplateParser {
// Status name and category name
$defaultStatus = $this->statusGateway->getStatusForDefaultAction(DefaultStatusForAction::NEW_TICKET, $heskSettings);
$statusName = $defaultStatus->localizedNames[$language];
$category = $this->categoryGateway->getAllCategories($heskSettings)[$ticket->categoryId];
if (key_exists($language, $defaultStatus->localizedNames)) {
$statusName = $defaultStatus->localizedNames[$language];
} elseif (key_exists('English', $defaultStatus->localizedNames)) {
$statusName = $defaultStatus->localizedNames['English'];
$this->logger->logWarning('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}' and language '{$language}'. Defaulted to English.", "", new UserContext(), $heskSettings);
} else {
$statusName = "[ERROR: No localized status found for status '{$defaultStatus->id}']";
$this->logger->logError('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}'", "", new UserContext(), $heskSettings);
}
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === $ticket->categoryId) {
$category = $innerCategory;
break;
}
}
switch ($ticket->priorityId) {
case Priority::CRITICAL:
@ -169,7 +198,7 @@ class EmailTemplateParser {
global $hesklang;
if (!function_exists('hesk_msgToPlain')) {
throw new \Exception("common.inc.php not loaded!");
throw new \BaseException("common.inc.php not loaded!");
}
if ($ticket === null) {
@ -189,8 +218,20 @@ class EmailTemplateParser {
// Status name and category name
$defaultStatus = $this->statusGateway->getStatusForDefaultAction(DefaultStatusForAction::NEW_TICKET, $heskSettings);
$statusName = hesk_msgToPlain($defaultStatus->localizedNames[$language]);
$category = hesk_msgToPlain($this->categoryGateway->getAllCategories($heskSettings)[$ticket->categoryId]->name);
$owner = hesk_msgToPlain($this->userGateway->getUserById($ticket->ownerId, $heskSettings)->name);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === $ticket->categoryId) {
$category = $innerCategory;
break;
}
}
$category = hesk_msgToPlain($category->name);
$owner = $this->userGateway->getUserById($ticket->ownerId, $heskSettings);
$ownerName = $owner === null ? $hesklang['unas'] : hesk_msgToPlain($owner->name);
switch ($ticket->priorityId) {
case Priority::CRITICAL:
@ -219,12 +260,23 @@ class EmailTemplateParser {
$msg = str_replace('%%SITE_URL%%', $heskSettings['site_url'], $msg);
$msg = str_replace('%%CATEGORY%%', $category, $msg);
$msg = str_replace('%%PRIORITY%%', $priority, $msg);
$msg = str_replace('%%OWNER%%', $owner, $msg);
$msg = str_replace('%%OWNER%%', $ownerName, $msg);
$msg = str_replace('%%STATUS%%', $statusName, $msg);
$msg = str_replace('%%EMAIL%%', implode(';',$ticket->email), $msg);
$msg = str_replace('%%EMAIL%%', implode(';', $ticket->email), $msg);
$msg = str_replace('%%CREATED%%', $ticket->dateCreated, $msg);
$msg = str_replace('%%UPDATED%%', $ticket->lastChanged, $msg);
$msg = str_replace('%%ID%%', $ticket->id, $msg);
$msg = str_replace('%%TIME_WORKED%%', $ticket->timeWorked, $msg);
$lastReplyBy = '';
// Get the last reply by
if (!empty($ticket->lastReplier)) {
$lastReplyBy = $ticket->lastReplier;
} else {
$lastReplyBy = $ticket->name;
}
$msg = str_replace('%%LAST_REPLY_BY%%', $lastReplyBy, $msg);
/* All custom fields */
for ($i=1; $i<=50; $i++) {

2
api/BusinessLogic/Emails/EmailTemplateRetriever.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class EmailTemplateRetriever {
class EmailTemplateRetriever extends \BaseClass {
/**
* @var $validTemplates EmailTemplate[]
*/

2
api/BusinessLogic/Emails/MailgunEmailSender.php
Unescape Escape View File

@ -7,7 +7,7 @@ use BusinessLogic\Tickets\Attachment;
use BusinessLogic\Tickets\Ticket;
use Mailgun\Mailgun;
class MailgunEmailSender implements EmailSender {
class MailgunEmailSender extends \BaseClass implements EmailSender {
function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
$mailgunArray = array();

8
api/BusinessLogic/Emails/ParsedEmailProperties.php
Unescape Escape View File

@ -1,15 +1,9 @@
<?php
/**
* Created by PhpStorm.
* User: mkoch
* Date: 2/28/2017
* Time: 9:36 PM
*/
namespace BusinessLogic\Emails;
class ParsedEmailProperties {
class ParsedEmailProperties extends \BaseClass {
function __construct($subject, $message, $htmlMessage) {
$this->subject = $subject;
$this->message = $message;

2
api/BusinessLogic/Exceptions/ApiFriendlyException.php
Unescape Escape View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Exceptions;
use Exception;
class ApiFriendlyException extends Exception {
class ApiFriendlyException extends \BaseException {
public $title;
public $httpResponseCode;

4
api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php
Unescape Escape View File

@ -4,8 +4,8 @@ namespace BusinessLogic\Exceptions;
class MissingAuthenticationTokenException extends ApiFriendlyException {
function __construct() {
parent::__construct("An 'X-Auth-Token' is required for all requests",
parent::__construct("An 'X-Auth-Token' is required for this request",
'Security Exception',
400);
401);
}
}

10
api/BusinessLogic/Helpers.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic;
class Helpers {
class Helpers extends \BaseClass {
static function getHeader($key) {
$headers = getallheaders();
@ -26,4 +26,12 @@ class Helpers {
? $array[$key]
: null;
}
static function boolval($val) {
return $val == true;
}
static function heskHtmlSpecialCharsDecode($in) {
return str_replace(array('&amp;', '&lt;', '&gt;', '&quot;'), array('&', '<', '>', '"'), $in);
}
}

2
api/BusinessLogic/Navigation/CustomNavElement.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class CustomNavElement {
class CustomNavElement extends \BaseClass {
/* @var $id int*/
public $id;

4
api/BusinessLogic/Navigation/CustomNavElementHandler.php
Unescape Escape View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Navigation;
use BusinessLogic\Exceptions\ApiFriendlyException;
use DataAccess\Navigation\CustomNavElementGateway;
class CustomNavElementHandler {
class CustomNavElementHandler extends \BaseClass {
/* @var $customNavElementGateway CustomNavElementGateway */
private $customNavElementGateway;
function __construct($customNavElementGateway) {
function __construct(CustomNavElementGateway $customNavElementGateway) {
$this->customNavElementGateway = $customNavElementGateway;
}

2
api/BusinessLogic/Navigation/CustomNavElementPlace.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class CustomNavElementPlace {
class CustomNavElementPlace extends \BaseClass {
const HOMEPAGE_BLOCK = 1;
const CUSTOMER_NAVIGATION = 2;
const ADMIN_NAVIGATION = 3;

2
api/BusinessLogic/Navigation/Direction.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class Direction {
class Direction extends \BaseClass {
const UP = 'up';
const DOWN = 'down';
}

4
api/BusinessLogic/Security/BanRetriever.php
Unescape Escape View File

@ -5,13 +5,13 @@ namespace BusinessLogic\Security;
use DataAccess\Security\BanGateway;
class BanRetriever {
class BanRetriever extends \BaseClass {
/**
* @var BanGateway
*/
private $banGateway;
function __construct($banGateway) {
function __construct(BanGateway $banGateway) {
$this->banGateway = $banGateway;
}

2
api/BusinessLogic/Security/BannedEmail.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class BannedEmail {
class BannedEmail extends \BaseClass {
/**
* @var int
*/

2
api/BusinessLogic/Security/BannedIp.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class BannedIp {
class BannedIp extends \BaseClass {
/**
* @var int
*/

23
api/BusinessLogic/Security/PermissionChecker.php
Unescape Escape View File

@ -0,0 +1,23 @@
<?php
namespace BusinessLogic\Security;
class PermissionChecker extends \BaseClass {
/**
* @param $userContext UserContext
* @param $permission string
* @return bool
*/
function doesUserHavePermission($userContext, $permission) {
if ($userContext->admin) {
return true;
}
if (in_array($permission, $userContext->permissions)) {
return true;
}
return false;
}
}

55
api/BusinessLogic/Security/UserContext.php
Unescape Escape View File

@ -3,7 +3,9 @@
namespace BusinessLogic\Security;
class UserContext {
use BusinessLogic\Helpers;
class UserContext extends \BaseClass {
/* @var $id int */
public $id;
@ -55,6 +57,25 @@ class UserContext {
/* @var $active bool */
public $active;
function isAnonymousUser() {
return $this->id === -1;
}
static function buildAnonymousUser() {
$userContext = new UserContext();
$userContext->id = -1;
$userContext->username = "API - ANONYMOUS USER"; // Usernames can't have spaces, so no one will take this username
$userContext->admin = false;
$userContext->name = "ANONYMOUS USER";
$userContext->email = "anonymous-user@example.com";
$userContext->categories = array();
$userContext->permissions = array();
$userContext->autoAssign = false;
$userContext->active = true;
return $userContext;
}
/**
* Builds a user context based on the current session. **The session must be active!**
* @param $dataRow array the $_SESSION superglobal or the hesk_users result set
@ -64,7 +85,7 @@ class UserContext {
$userContext = new UserContext();
$userContext->id = intval($dataRow['id']);
$userContext->username = $dataRow['user'];
$userContext->admin = boolval($dataRow['isadmin']);
$userContext->admin = Helpers::boolval($dataRow['isadmin']);
$userContext->name = $dataRow['name'];
$userContext->email = $dataRow['email'];
$userContext->signature = $dataRow['signature'];
@ -75,34 +96,34 @@ class UserContext {
$userContext->categories = explode(',', $dataRow['categories']);
}
$userContext->permissions = explode(',', $dataRow['heskprivileges']);
$userContext->autoAssign = boolval($dataRow['autoassign']);
$userContext->autoAssign = Helpers::boolval($dataRow['autoassign']);
$userContext->ratingNegative = intval($dataRow['ratingneg']);
$userContext->ratingPositive = intval($dataRow['ratingpos']);
$userContext->rating = floatval($dataRow['rating']);
$userContext->totalNumberOfReplies = intval($dataRow['replies']);
$userContext->active = boolval($dataRow['active']);
$userContext->active = Helpers::boolval($dataRow['active']);
$preferences = new UserContextPreferences();
$preferences->afterReply = intval($dataRow['afterreply']);
$preferences->autoStartTimeWorked = boolval($dataRow['autostart']);
$preferences->autoStartTimeWorked = Helpers::boolval($dataRow['autostart']);
$preferences->autoreload = intval($dataRow['autoreload']);
$preferences->defaultNotifyCustomerNewTicket = boolval($dataRow['notify_customer_new']);
$preferences->defaultNotifyCustomerReply = boolval($dataRow['notify_customer_reply']);
$preferences->showSuggestedKnowledgebaseArticles = boolval($dataRow['show_suggested']);
$preferences->defaultNotifyCustomerNewTicket = Helpers::boolval($dataRow['notify_customer_new']);
$preferences->defaultNotifyCustomerReply = Helpers::boolval($dataRow['notify_customer_reply']);
$preferences->showSuggestedKnowledgebaseArticles = Helpers::boolval($dataRow['show_suggested']);
$preferences->defaultCalendarView = intval($dataRow['default_calendar_view']);
$preferences->defaultTicketView = $dataRow['default_list'];
$userContext->preferences = $preferences;
$notifications = new UserContextNotifications();
$notifications->newUnassigned = boolval($dataRow['notify_new_unassigned']);
$notifications->newAssignedToMe = boolval($dataRow['notify_new_my']);
$notifications->replyUnassigned = boolval($dataRow['notify_reply_unassigned']);
$notifications->replyToMe = boolval($dataRow['notify_reply_my']);
$notifications->ticketAssignedToMe = boolval($dataRow['notify_assigned']);
$notifications->privateMessage = boolval($dataRow['notify_pm']);
$notifications->noteOnTicketAssignedToMe = boolval($dataRow['notify_note']);
$notifications->noteOnTicketNotAssignedToMe = boolval($dataRow['notify_note_unassigned']);
$notifications->overdueTicketUnassigned = boolval($dataRow['notify_overdue_unassigned']);
$notifications->newUnassigned = Helpers::boolval($dataRow['notify_new_unassigned']);
$notifications->newAssignedToMe = Helpers::boolval($dataRow['notify_new_my']);
$notifications->replyUnassigned = Helpers::boolval($dataRow['notify_reply_unassigned']);
$notifications->replyToMe = Helpers::boolval($dataRow['notify_reply_my']);
$notifications->ticketAssignedToMe = Helpers::boolval($dataRow['notify_assigned']);
$notifications->privateMessage = Helpers::boolval($dataRow['notify_pm']);
$notifications->noteOnTicketAssignedToMe = Helpers::boolval($dataRow['notify_note']);
$notifications->noteOnTicketNotAssignedToMe = Helpers::boolval($dataRow['notify_note_unassigned']);
$notifications->overdueTicketUnassigned = Helpers::boolval($dataRow['notify_overdue_unassigned']);
$userContext->notificationSettings = $notifications;
return $userContext;

4
api/BusinessLogic/Security/UserContextBuilder.php
Unescape Escape View File

@ -8,13 +8,13 @@ use BusinessLogic\Exceptions\MissingAuthenticationTokenException;
use BusinessLogic\Helpers;
use DataAccess\Security\UserGateway;
class UserContextBuilder {
class UserContextBuilder extends \BaseClass {
/**
* @var UserGateway
*/
private $userGateway;
function __construct($userGateway) {
function __construct(UserGateway $userGateway) {
$this->userGateway = $userGateway;
}

2
api/BusinessLogic/Security/UserContextNotifications.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class UserContextNotifications {
class UserContextNotifications extends \BaseClass {
public $newUnassigned;
public $newAssignedToMe;
public $replyUnassigned;

2
api/BusinessLogic/Security/UserContextPreferences.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class UserContextPreferences {
class UserContextPreferences extends \BaseClass {
public $afterReply;
public $autoStartTimeWorked;
public $autoreload;

6
api/BusinessLogic/Security/UserPrivilege.php
Unescape Escape View File

@ -9,9 +9,13 @@
namespace BusinessLogic\Security;
class UserPrivilege {
class UserPrivilege extends \BaseClass {
const CAN_VIEW_TICKETS = 'can_view_tickets';
const CAN_REPLY_TO_TICKETS = 'can_reply_tickets';
const CAN_EDIT_TICKETS = 'can_edit_tickets';
const CAN_DELETE_TICKETS = 'can_del_tickets';
const CAN_MANAGE_CATEGORIES = 'can_man_cat';
const CAN_VIEW_ASSIGNED_TO_OTHER = 'can_view_ass_others';
const CAN_VIEW_UNASSIGNED = 'can_view_unassigned';
const CAN_MANAGE_SERVICE_MESSAGES = 'can_service_msg';
}

6
api/BusinessLogic/Security/UserToTicketChecker.php
Unescape Escape View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Security;
use BusinessLogic\Tickets\Ticket;
use DataAccess\Security\UserGateway;
class UserToTicketChecker {
class UserToTicketChecker extends \BaseClass {
/* @var $userGateway UserGateway */
private $userGateway;
function __construct($userGateway) {
function __construct(UserGateway $userGateway) {
$this->userGateway = $userGateway;
}
@ -32,7 +32,7 @@ class UserToTicketChecker {
}
$categoryManagerId = $this->userGateway->getManagerForCategory($ticket->categoryId, $heskSettings);
if ($user->id === $categoryManagerId) {
return true;
}

12
api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php
Unescape Escape View File

@ -0,0 +1,12 @@
<?php
namespace BusinessLogic\ServiceMessages;
class GetServiceMessagesFilter {
/* @var $includeStaffServiceMessages bool */
public $includeStaffServiceMessages = true;
/* @var $includeDrafts bool */
public $includeDrafts = true;
}

39
api/BusinessLogic/ServiceMessages/ServiceMessage.php
Unescape Escape View File

@ -0,0 +1,39 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessage extends \BaseClass {
/* @var $id int */
public $id;
/* @var $dateCreated string */
public $dateCreated;
/* @var $createdBy int */
public $createdBy;
/* @var $title string */
public $title;
/* @var $message string */
public $message;
/* @var $style string */
public $style;
/* @var $published bool */
public $published;
/* @var $order int */
public $order;
/* @var $icon string */
public $icon;
/* @var $locations string[] */
public $locations;
/* @var $language string */
public $language;
}

164
api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
Unescape Escape View File

@ -0,0 +1,164 @@
<?php
namespace BusinessLogic\ServiceMessages;
// TODO Test
use BusinessLogic\Exceptions\ValidationException;
use BusinessLogic\Navigation\Direction;
use BusinessLogic\ValidationModel;
use DataAccess\ServiceMessages\ServiceMessagesGateway;
class ServiceMessageHandler extends \BaseClass {
/* @var $serviceMessageGateway ServiceMessagesGateway */
private $serviceMessageGateway;
function __construct(ServiceMessagesGateway $serviceMessagesGateway) {
$this->serviceMessageGateway = $serviceMessagesGateway;
}
function createServiceMessage($serviceMessage, $heskSettings) {
$this->validate($serviceMessage, $heskSettings);
if ($serviceMessage->icon === null) {
switch ($serviceMessage->style) {
case ServiceMessageStyle::NONE:
$serviceMessage->icon = '';
break;
case ServiceMessageStyle::INFO:
$serviceMessage->icon = 'fa fa-comment';
break;
case ServiceMessageStyle::NOTICE:
$serviceMessage->icon = 'fa fa-exclamation-triangle';
break;
case ServiceMessageStyle::ERROR:
$serviceMessage->icon = 'fa fa-times-circle';
break;
case ServiceMessageStyle::SUCCESS:
$serviceMessage->icon = 'fa fa-check-circle';
break;
}
}
return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
}
function getServiceMessages($heskSettings, $searchFilter) {
return $this->serviceMessageGateway->getServiceMessages($heskSettings, $searchFilter);
}
function editServiceMessage($serviceMessage, $heskSettings) {
$this->validate($serviceMessage, $heskSettings, false);
if ($serviceMessage->icon === null) {
switch ($serviceMessage->style) {
case ServiceMessageStyle::NONE:
$serviceMessage->icon = '';
break;
case ServiceMessageStyle::INFO:
$serviceMessage->icon = 'fa fa-comment';
break;
case ServiceMessageStyle::NOTICE:
$serviceMessage->icon = 'fa fa-exclamation-triangle';
break;
case ServiceMessageStyle::ERROR:
$serviceMessage->icon = 'fa fa-times-circle';
break;
case ServiceMessageStyle::SUCCESS:
$serviceMessage->icon = 'fa fa-check-circle';
break;
}
}
return $this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
}
function deleteServiceMessage($id, $heskSettings) {
$this->serviceMessageGateway->deleteServiceMessage($id, $heskSettings);
}
function sortServiceMessage($id, $direction, $heskSettings) {
$serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings, new GetServiceMessagesFilter());
$serviceMessage = null;
foreach ($serviceMessages as $innerServiceMessage) {
if (intval($innerServiceMessage->id) === intval($id)) {
$serviceMessage = $innerServiceMessage;
break;
}
}
if ($serviceMessage === null) {
throw new \BaseException("Could not find service message with ID {$id}!");
}
if ($direction === Direction::UP) {
$serviceMessage->order -= 15;
} else {
$serviceMessage->order += 15;
}
$this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
$this->serviceMessageGateway->resortAllServiceMessages($heskSettings);
}
/**
* @param $serviceMessage ServiceMessage
* @param bool $isNew
* @throws ValidationException
*/
private function validate($serviceMessage, $heskSettings, $isNew = true) {
$validationModel = new ValidationModel();
if ($isNew && $serviceMessage->createdBy < 1) {
$validationModel->errorKeys[] = 'MISSING_CREATOR';
}
if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
$validationModel->errorKeys[] = 'MISSING_MESSAGE';
} else {
$htmlPurifier = new \HeskHTMLPurifier($heskSettings['cache_dir']);
$serviceMessage->message = $htmlPurifier->heskPurify($serviceMessage->message);
}
if ($serviceMessage->language === null || trim($serviceMessage->language) === '') {
$validationModel->errorKeys[] = 'MISSING_LANGUAGE';
}
$languageFound = false;
foreach ($heskSettings['languages'] as $key => $value) {
if ($value['folder'] === $serviceMessage->language || $serviceMessage->language === 'ALL') {
$languageFound = true;
break;
}
}
if (!$languageFound && !in_array('MISSING_LANGUAGE', $validationModel->errorKeys)) {
$validationModel->errorKeys[] = 'LANGUAGE_NOT_INSTALLED';
}
if ($serviceMessage->title === null || trim($serviceMessage->title) === '') {
$validationModel->errorKeys[] = 'MISSING_TITLE';
}
if ($serviceMessage->style === null || trim($serviceMessage->style) === '') {
$validationModel->errorKeys[] = 'MISSING_STYLE';
}
try {
ServiceMessageStyle::getIdForStyle($serviceMessage->style);
} catch (\Exception $e) {
$validationModel->errorKeys[] = 'INVALID_STYLE';
}
if ($serviceMessage->locations === null || count($serviceMessage->locations) === 0) {
$validationModel->errorKeys[] = 'MISSING_LOCATIONS';
} else {
$locations = ServiceMessageLocation::getAll();
foreach ($serviceMessage->locations as $location) {
if (!in_array($location, $locations)) {
$validationModel->errorKeys[] = 'INVALID_LOCATION';
break;
}
}
}
if (count($validationModel->errorKeys) > 0) {
// Validation failed
throw new ValidationException($validationModel);
}
}
}

34
api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php
Unescape Escape View File

@ -0,0 +1,34 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessageLocation {
const CUSTOMER_HOME = 'CUSTOMER_HOME';
const CUSTOMER_KB_HOME = 'CUSTOMER_KB_HOME';
const CUSTOMER_VIEW_KB_ARTICLE = 'CUSTOMER_VIEW_KB_ARTICLE';
const CUSTOMER_SUBMIT_TICKET = 'CUSTOMER_SUBMIT_TICKET';
const CUSTOMER_VIEW_TICKET = 'CUSTOMER_VIEW_TICKET';
const STAFF_LOGIN = 'STAFF_LOGIN';
const STAFF_HOME = 'STAFF_HOME';
const STAFF_KB_HOME = 'STAFF_KB_HOME';
const STAFF_VIEW_KB_ARTICLE = 'STAFF_VIEW_KB_ARTICLE';
const STAFF_SUBMIT_TICKET = 'STAFF_SUBMIT_TICKET';
const STAFF_VIEW_TICKET = 'STAFF_VIEW_TICKET';
static function getAll() {
return array(
self::CUSTOMER_HOME,
self::CUSTOMER_KB_HOME,
self::CUSTOMER_VIEW_KB_ARTICLE,
self::CUSTOMER_SUBMIT_TICKET,
self::CUSTOMER_VIEW_TICKET,
self::STAFF_LOGIN,
self::STAFF_HOME,
self::STAFF_KB_HOME,
self::STAFF_VIEW_KB_ARTICLE,
self::STAFF_SUBMIT_TICKET,
self::STAFF_VIEW_TICKET,
);
}
}

44
api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php
Unescape Escape View File

@ -0,0 +1,44 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessageStyle {
const NONE = 'NONE'; // 0
const SUCCESS = 'SUCCESS'; // 1
const INFO = 'INFO'; // 2
const NOTICE = 'NOTICE'; // 3
const ERROR = 'ERROR'; // 4
static function getStyleById($id) {
$styles = array(
0 => self::NONE,
1 => self::SUCCESS,
2 => self::INFO,
3 => self::NOTICE,
4 => self::ERROR
);
if (!isset($styles[$id])) {
throw new \Exception("Style {$id} is not a valid service message style.");
}
return $styles[$id];
}
static function getIdForStyle($style) {
$styles = array(
self::NONE => 0,
self::SUCCESS => 1,
self::INFO => 2,
self::NOTICE => 3,
self::ERROR => 4
);
if (!isset($styles[$style])) {
throw new \Exception("Style {$style} is not a valid service message style.");
}
return $styles[$style];
}
}

4
api/BusinessLogic/Settings/ApiChecker.php
Unescape Escape View File

@ -5,11 +5,11 @@ namespace BusinessLogic\Settings;
use DataAccess\Settings\ModsForHeskSettingsGateway;
class ApiChecker {
class ApiChecker extends \BaseClass {
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct($modsForHeskSettingsGateway) {
function __construct(ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}

4
api/BusinessLogic/Settings/SettingsRetriever.php
Unescape Escape View File

@ -5,11 +5,11 @@ namespace BusinessLogic\Settings;
// TODO Test!
use DataAccess\Settings\ModsForHeskSettingsGateway;
class SettingsRetriever {
class SettingsRetriever extends \BaseClass {
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct($modsForHeskSettingsGateway) {
function __construct(ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}

2
api/BusinessLogic/Statuses/Closable.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class Closable {
class Closable extends \BaseClass {
const YES = "yes";
const STAFF_ONLY = "sonly";
const CUSTOMERS_ONLY = "conly";

2
api/BusinessLogic/Statuses/DefaultStatusForAction.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class DefaultStatusForAction {
class DefaultStatusForAction extends \BaseClass {
const NEW_TICKET = "IsNewTicketStatus";
const CLOSED_STATUS = "IsClosed";
const CLOSED_BY_CLIENT = "IsClosedByClient";

2
api/BusinessLogic/Statuses/Status.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class Status {
class Status extends \BaseClass {
static function fromDatabase($row, $languageRs) {
$status = new Status();
$status->id = intval($row['ID']);

4
api/BusinessLogic/Statuses/StatusRetriever.php
Unescape Escape View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Statuses;
use DataAccess\Statuses\StatusGateway;
// TODO Test!
class StatusRetriever {
class StatusRetriever extends \BaseClass {
/* @var $statusGateway StatusGateway */
private $statusGateway;
function __construct($statusGateway) {
function __construct(StatusGateway $statusGateway) {
$this->statusGateway = $statusGateway;
}

2
api/BusinessLogic/Tickets/Attachment.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Tickets;
class Attachment {
class Attachment extends \BaseClass {
/**
* @var int
*/

24
api/BusinessLogic/Tickets/AuditTrail.php
Unescape Escape View File

@ -0,0 +1,24 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrail extends \BaseClass {
/* @var $id int */
public $id;
/* @var $entityId int */
public $entityId;
/* @var $entityType string */
public $entityType;
/* @var $languageKey string */
public $languageKey;
/* @var $date string */
public $date;
/* @var $replacementValues string[] */
public $replacementValues;
}

9
api/BusinessLogic/Tickets/AuditTrailEntityType.php
Unescape Escape View File

@ -0,0 +1,9 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrailEntityType extends \BaseClass {
const TICKET = 'TICKET';
const CALENDAR_EVENT = 'CALENDAR_EVENT';
}

9
api/BusinessLogic/Tickets/AuditTrailEvent.php
Unescape Escape View File

@ -0,0 +1,9 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrailEvent extends \BaseClass {
const DUE_DATE_REMOVED = 'audit_due_date_removed';
const DUE_DATE_CHANGED = 'audit_due_date_changed';
}

5
api/BusinessLogic/Tickets/Autoassigner.php
Unescape Escape View File

@ -8,14 +8,15 @@ use BusinessLogic\Security\UserPrivilege;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Security\UserGateway;
class Autoassigner {
class Autoassigner extends \BaseClass {
/* @var $categoryGateway CategoryGateway */
private $categoryGateway;
/* @var $userGateway UserGateway */
private $userGateway;
function __construct($categoryGateway, $userGateway) {
function __construct(CategoryGateway $categoryGateway,
UserGateway $userGateway) {
$this->categoryGateway = $categoryGateway;
$this->userGateway = $userGateway;
}

2
api/BusinessLogic/Tickets/CreateTicketByCustomerModel.php
Unescape Escape View File

@ -2,7 +2,7 @@
namespace BusinessLogic\Tickets;
class CreateTicketByCustomerModel {
class CreateTicketByCustomerModel extends \BaseClass {
/**
* @var string
*/

2
api/BusinessLogic/Tickets/CreatedTicketModel.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Tickets;
class CreatedTicketModel {
class CreatedTicketModel extends \BaseClass {
/* @var $ticket Ticket */
public $ticket;

17
api/BusinessLogic/Tickets/CustomFields/CustomField.php
Unescape Escape View File

@ -0,0 +1,17 @@
<?php
namespace BusinessLogic\Tickets\CustomFields;
class CustomField {
/* @var $id int */
public $id;
/* @var $name string */
public $name;
/* @var $type string */
public $type;
/* @var $properties array */
public $properties;
}

2
api/BusinessLogic/Tickets/CustomFields/CustomFieldValidator.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Tickets\CustomFields;
class CustomFieldValidator {
class CustomFieldValidator extends \BaseClass {
static function isCustomFieldInCategory($customFieldId, $categoryId, $staff, $heskSettings) {
$customField = $heskSettings['custom_fields']["custom{$customFieldId}"];

2
api/BusinessLogic/Tickets/EditTicketModel.php
Unescape Escape View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Tickets;
class EditTicketModel {
class EditTicketModel extends \BaseClass {
/* @var $id int */
public $id;

4
api/BusinessLogic/Tickets/Exceptions/UnableToGenerateTrackingIdException.php
Unescape Escape View File

@ -3,9 +3,7 @@
namespace BusinessLogic\Tickets\Exceptions;
use Exception;
class UnableToGenerateTrackingIdException extends Exception {
class UnableToGenerateTrackingIdException extends \BaseException {
public function __construct() {
parent::__construct("Error generating a unique ticket ID.");
}

6
api/BusinessLogic/Tickets/NewTicketValidator.php
Unescape Escape View File

@ -10,7 +10,7 @@ use BusinessLogic\ValidationModel;
use BusinessLogic\Validators;
use Core\Constants\CustomField;
class NewTicketValidator {
class NewTicketValidator extends \BaseClass {
/**
* @var $categoryRetriever CategoryRetriever
*/
@ -24,7 +24,9 @@ class NewTicketValidator {
*/
private $ticketValidators;
function __construct($categoryRetriever, $banRetriever, $ticketValidators) {
function __construct(CategoryRetriever $categoryRetriever,
BanRetriever $banRetriever,
TicketValidators $ticketValidators) {
$this->categoryRetriever = $categoryRetriever;
$this->banRetriever = $banRetriever;
$this->ticketValidators = $ticketValidators;

2
api/BusinessLogic/Tickets/Reply.php
Unescape Escape View File

@ -9,7 +9,7 @@
namespace BusinessLogic\Tickets;
class Reply {
class Reply extends \BaseClass {
/**
* @var $id int
*/

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save