diff --git a/.gitignore b/.gitignore index 3317dca5..866d200a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,14 +1,13 @@ admin/admin_suggest_articles.php admin/archive.php +admin/custom_statuses.php +admin/email_templates.php admin/generate_spam_question.php admin/priority.php admin/test_connection.php attachments/index.htm -docs/changelog.html -docs/docs_style.css -docs/index.html -docs/quick-guide.html -docs/step-by-step-guide.html +cache/ +docs/ file_limits.php footer.txt header.txt @@ -27,6 +26,7 @@ img/clip.png img/code.png img/code_off.png img/delete.png +img/delete_off.png img/delete_ticket.png img/edit.png img/error.png @@ -114,6 +114,7 @@ img/print.png img/private.png img/public.png img/reload.png +img/refresh.png img/roundcornersb.jpg img/roundcornerslb.jpg img/roundcornerslm.jpg @@ -156,10 +157,11 @@ inc/calendar/tcal.js inc/calendar/tcal.php inc/database.inc.php inc/database_mysqli.inc.php -inc/footer.inc.php inc/htmlpurifier inc/index.htm +inc/jscolor/ inc/mail/email_parser.php +inc/mail/hesk_imap.php inc/mail/hesk_pipe.php inc/mail/hesk_pop3.php inc/mail/index.htm @@ -184,6 +186,7 @@ inc/recaptcha/recaptchalib.php inc/reporting_functions.inc.php inc/secimg.inc.php inc/setup_functions.inc.php +inc/statuses.inc.php inc/tabs/index.htm inc/tabs/tabber-minimized.js inc/tabs/tabber.css diff --git a/admin/admin_main.php b/admin/admin_main.php index 48126683..58775298 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -1,32 +1,15 @@ -
-
- -
-

' . $hesklang['open_tickets'] . ' ' . $hesklang['nti'] . '

-
'; // The rest of the panel will be printed by print_tickets.inc.php - } +/* Reset default settings? */ +if (isset($_GET['reset']) && hesk_token_check()) { + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "'"); + $_SESSION['default_list'] = ''; +} /* Get default settings */ +else { + parse_str($_SESSION['default_list'], $defaults); + $_GET = isset($_GET) && is_array($_GET) ? array_merge($_GET, $defaults) : $defaults; +} - /* Reset default settings? */ - if (isset($_GET['reset']) && hesk_token_check()) { - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1"); - $_SESSION['default_list'] = ''; - } /* Get default settings */ - else { - parse_str($_SESSION['default_list'], $defaults); - $_GET = isset($_GET) && is_array($_GET) ? array_merge($_GET, $defaults) : $defaults; +?> +
+ +
+
+

+ +

+
+ +
+
+
+
+ +
+
+ '; + /* Print forms for listing and searching tickets */ + require(HESK_PATH . 'inc/show_search_form.inc.php'); + } else { + echo '

' . $hesklang['na_view_tickets'] . '

'; } - - /* Print the list of tickets */ - require(HESK_PATH . 'inc/print_tickets.inc.php'); - - echo " 
"; - - /* Print forms for listing and searching tickets */ - require(HESK_PATH . 'inc/show_search_form.inc.php'); - } else { - echo '

' . $hesklang['na_view_tickets'] . '

'; - } - - $hesk_settings['hesk_license']('HMgPSAxOw0KaWYgKGZpbGVfZXhpc3RzKEhFU0tfUEFUSCAuI + ?> +
+
+  
'; - - /* Clean unneeded session variables */ - hesk_cleanSessionVars('hide'); - ?> -
-
+ /* Clean unneeded session variables */ + hesk_cleanSessionVars('hide'); + ?> + If locked, keep it resolved if ($ticket['locked']) { $new_status = $lockedTicketStatus['ID']; @@ -248,7 +237,7 @@ if ($ticket['locked']) { $newStatusRs = hesk_dbQuery('SELECT `IsClosed`, `Key` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `ID` = ' . hesk_dbEscape($new_status)); $newStatus = hesk_dbFetchAssoc($newStatusRs); - if ($newStatus['IsClosed']) { + if ($newStatus['IsClosed'] && hesk_checkPermission('can_resolve', 0)) { $revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') "; @@ -257,7 +246,7 @@ if ($ticket['locked']) { $sql_status .= " , `locked`='1' "; } } else { - // Ticket isn't being closed, just add the history to the sql query + // Ticket isn't being closed, just add the history to the sql query (or tried to close but doesn't have permission) $revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang[$newStatus['Key']], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') "; } @@ -310,12 +299,12 @@ $sql .= " , `replies`=`replies`+1 "; $sql .= $submit_as_customer ? '' : " , `staffreplies`=`staffreplies`+1 "; // End and execute the query -$sql .= " WHERE `id`='{$replyto}' LIMIT 1"; +$sql .= " WHERE `id`='{$replyto}'"; hesk_dbQuery($sql); unset($sql); /* Update number of replies in the users table */ -hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"); +hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "'"); // --> Prepare reply message @@ -357,7 +346,7 @@ elseif (!isset($_POST['no_notify']) || intval(hesk_POST('no_notify')) != 1) { } // Delete any existing drafts from this owner for this ticket -hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `owner`=" . intval($_SESSION['id']) . " AND `ticket`=" . intval($ticket['id']) . " LIMIT 1"); +hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `owner`=" . intval($_SESSION['id']) . " AND `ticket`=" . intval($ticket['id'])); /* Set reply submitted message */ $_SESSION['HESK_SUCCESS'] = TRUE; diff --git a/admin/admin_settings.php b/admin/admin_settings.php index b19f7018..f29d028d 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -1,32 +1,15 @@ =') && @ini_get('max_file_uploads') && @ini_get('max_file_uploads') < $hesk_settings['attachments']['max_number']) { + hesk_show_notice($hesklang['fatte1']); + } + + // Check max attachment size + $tmp = @ini_get('upload_max_filesize'); + if ($tmp) { + $last = strtoupper(substr($tmp, -1)); + + switch ($last) { + case 'K': + $tmp = $tmp * 1024; + break; + case 'M': + $tmp = $tmp * 1048576; + break; + case 'G': + $tmp = $tmp * 1073741824; + break; + default: + $tmp = $tmp; + } + + if ($tmp < $hesk_settings['attachments']['max_size']) { + hesk_show_notice($hesklang['fatte2']); + } + } + + // Check max post size + $tmp = @ini_get('post_max_size'); + if ($tmp) { + $last = strtoupper(substr($tmp, -1)); + + switch ($last) { + case 'K': + $tmp = $tmp * 1024; + break; + case 'M': + $tmp = $tmp * 1048576; + break; + case 'G': + $tmp = $tmp * 1073741824; + break; + default: + $tmp = $tmp; + } + + if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) { + hesk_show_notice($hesklang['fatte3']); + } + } } + +$hesklang['err_custname'] = addslashes($hesklang['err_custname']); + +$modsForHesk_settings = mfh_getSettings(); ?> + +
+ +
+
+

+ +

+
+ +
+
+
+ + + + +
@@ -163,7 +372,11 @@ if (defined('HESK_DEMO')) { ' . $hesklang['beta'] . ' '; ?> ' . $hesklang['mfh_up_to_date'] . ''; } else { ?> -
+ / + + ' . $hesklang['exists'] . ', '; + if ($attachmentsWritable) { + $enable_use_attachments = 1; + echo '' . $hesklang['writable'] . ''; + } else { + echo '' . $hesklang['not_writable'] . '
' . $hesklang['e_cdir']; + } + } else { + echo '' . $hesklang['no_exists'] . ', ' . $hesklang['not_writable'] . '
' . $hesklang['e_cdir']; + } + ?> +
-
- =') && @ini_get('max_file_uploads') && @ini_get('max_file_uploads') < $hesk_settings['attachments']['max_number']) { - hesk_show_notice($hesklang['fatte1']); - } - - // Check max attachment size - $tmp = @ini_get('upload_max_filesize'); - if ($tmp) { - $last = strtoupper(substr($tmp, -1)); - - switch ($last) { - case 'K': - $tmp = $tmp * 1024; - break; - case 'M': - $tmp = $tmp * 1048576; - break; - case 'G': - $tmp = $tmp * 1073741824; - break; - default: - $tmp = $tmp; - } - - if ($tmp < $hesk_settings['attachments']['max_size']) { - hesk_show_notice($hesklang['fatte2']); - } - } - - // Check max post size - $tmp = @ini_get('post_max_size'); - if ($tmp) { - $last = strtoupper(substr($tmp, -1)); - - switch ($last) { - case 'K': - $tmp = $tmp * 1024; - break; - case 'M': - $tmp = $tmp * 1048576; - break; - case 'G': - $tmp = $tmp * 1073741824; - break; - default: - $tmp = $tmp; - } - - if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) { - hesk_show_notice($hesklang['fatte3']); - } - } - } - - - $hesklang['err_custname'] = addslashes($hesklang['err_custname']); - - $modsForHesk_settings = mfh_getSettings(); - ?> - - -

- -
- -
- - - - -
- -
-
- -
+

+ + +

+ + + +
+
+

+ +

+
+ +
+
+
+

-
- +
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
-
+
+ + + + -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
+
-
- -
-
- +

-
- -   - -
+
+
+ + +
+ +   +
-
- +
+
+ -
- +
'; - ?> -
+ ?>
+
-
- -
- -
- +

-
- -
+
+ + +
+
-
- - -
- -
+
+
+ + +
+
-
- - -
- -
+
+
+ + +
+
-
- - -
- -
+
+
+ + +
+
-
- - -
- -
+
+
+ + +
+
-
-
- - - +
+
+
+ + + - - -
-
-
- -
-
- -
+ xmlHttp.open('POST', 'test_connection.php', true); + xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); + xmlHttp.setRequestHeader("Content-length", params.length); + xmlHttp.setRequestHeader("Connection", "close"); -
- + xmlHttp.onreadystatechange = function () { + if (xmlHttp.readyState == 4 && xmlHttp.status == 200) { + element.innerHTML = xmlHttp.responseText; + } + } -
- -
+ xmlHttp.send(params); + } + +
-
- +
+
+
-
- -
-
-
- + +
+
+

+ +

+
+ +
+
+
+

+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- - -
- -
+
+
+ + +
+
-
- +
+
+ + +
+ +
+
+
+ + +
+ +
+
+
+ + +
+ +
+
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- +
'; - ?> -
+ ?>
-
- +
+
+ -
- +
'; - ?> -
+ ?>
+
-
- -
-
-
-
- +

+
+
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
    +
'; + ?> +
+
+
+ + +
+
    +
'; + ?> +
+
+
+ + +
+
    +
    +
'; + ?> +
+
+
+ + +
+
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
-
+
+ + + + -
- +
'; - ?> -
+ ?>
-
-
+
+ + + + -
- +
   
   
'; - ?> -
+ ?>
-
-
+
+ + + + -
- +
'; - ?> -
+ ?>
-
-
+
+ + + + -
- +
'; - ?> -
+ ?>
- -
-
- +
+ +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
    +
    +
'; + ?> +
+
+
+ + +
+
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
-
+
+ + + + -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
-
- -
-
- -
+
+
+ +
+
+
-
-
+
+ + + + -
+
+ +
+ +
-
- -
- -
+ endwhile; + ?>
-
- -
+
+ -
+
+ + +
+
+
+
-
- +

+
+ -
- +
   
   
'; - ?> -
+ ?> +
-  
+  
- :
+ :
- + if ($hesk_settings['recaptcha_use'] == 1) { + $on = 'checked="checked"'; + } elseif ($hesk_settings['recaptcha_use'] == 2) { + $on2 = 'checked="checked"'; + } else { + $off = 'checked="checked"'; + $div = 'none'; + } + ?> + +
+
-
-
+
+
-
-
+
+
-
-
+
-
+  
-  
+ +
+  
- -
-  
- - -
-  
-
+ +
+  
-
- +
+
+ -
- +
   
'; - ?> + ?> -
-  
-
+
+  
+
-
+

-  
+  
-
-
-  
+
+
+  
-
-
-
+
+

+
+ -
+
+ +
+
+
+ -
- +
+ +
+
+
+ -
- +
+
+
-
- +
+
+ -
- +
+
+
-
- +
+
+ -
-
- -
+
+
+
-
- - -
-
- -
+
+
+ + +
+
+ + + +
-
-
+
+ - -
-
- -
+ + + + +
+
+
-
-
+
-
+

+
+ -
- +
+ +
    +
-
-
    -
- +   () -   () - - + + -
+ } else { + $onload_status = ' disabled="disabled" '; + echo '' . $hesklang['e_attach'] . ''; + } + ?>
-
- +
+
+ -
- /> -
+
+ />
-
- $hesklang['B'] . ' (' . $hesklang['bytes'] . ')', - 'kB' => $hesklang['kB'] . ' (' . $hesklang['kilobytes'] . ')', - 'MB' => $hesklang['MB'] . ' (' . $hesklang['megabytes'] . ')', - 'GB' => $hesklang['GB'] . ' (' . $hesklang['gigabytes'] . ')', - ); - $tmp = hesk_formatBytes($hesk_settings['attachments']['max_size'], 0); - list($size, $unit) = explode(' ', $tmp); - ?> - - -
- /> -
-
- /> +
+
+ -
+ } + ?> +
-
- - -
- /> -
+
+
+ + +
+ />
-
+
+
-
-
- -
-
- + +
+
+

+ +

+
+ +
+
+
+
+ -
- +


'; - ?> -
+ ?>
+
-
-
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
   
'; - ?> -
+ ?>
-
- - -
- -
+
+
+ + +
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
+
+
-
- +
+
+ -
- -
-
-

-
+
+
-
-
- -
-
-

-
+
+

-
- +
+
+
+ +
+
+

+
+
+
+ -
- -
-
-

-
+
+
-
-
- -
-
-

-
+
+

-
- +
+
+
+ +
+
+

+
+
+
+ -
- -
-
-

-
+
+ +
+
+

+
+
- -
-
-
-
- -
- +
+
+

+ + + + +

+
+ +
+
+
+

+
+ +
+


'; - ?> -
-
-
- -
- -
-
-
- -
- -
+ ?>
- - -
-
- -
- - -
- - -
-
- -
-
+
+ +
+
- - - - - - - - - - - - - - - - - - - - '; - } // End FOR - ?> -
- -
- + + + -
-

-
- 		- - - ' . $hesklang['opt'] . ' -
+
+
+
+ +
+
+

+ +

+
+ +
+
+
+

- -
-
- -
- -
- - -
- + - if ($hesk_settings['smtp']) { - $on = 'checked="checked"'; - $onload_div = 'block'; - } elseif ($modsForHesk_settings['use_mailgun']) { - $mailgunOn = 'checked="checked"'; - $onload_mailgun = 'block'; - } else { - $off = 'checked="checked"'; - $onload_status = ' disabled="disabled" '; - } +
+
'; - ?> - - - - - - - + ?> + + + + + + + -
-
-
-
+
+
+ + + + + -
- -
+
+
-
-
+
+ + + + -
- -
+
+
-
-
- +
+
+
+ -
- /> -
+
+ />
-
- +
+
+ -
- /> -
+
+ />
-
- - -
- /> -
+
+
+ + +
+ />
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- - autocomplete="off"/> -
+
+ + autocomplete="off"/>
-
- +
+
+ -
- - autocomplete="off"/> -
+
+ + autocomplete="off"/>
-
-
- -
+
+
+
+
+
- - + + - - + xmlHttp.send(params); + } + //--> + + + +
+ + +

+
+ + +
+
    +
'; + ?>
- +
-
+

+
+ -
+
+
    +
'; + ?> + + + + + + +
+
+
-
- -
- -
-
- -
-
    -
'; - ?> - - - - - - -
-
-
-
- - -
- /> -
-
-
- - -
- /> -
+
+ />
-
- +
+
+ -
- /> -
+
+ />
-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- +
'; - ?> -
+ ?>
-
- +
+
+ -
- - autocomplete="off"/> -
+
+ + autocomplete="off"/>
-
- +
+
+ -
- - autocomplete="off"/> -
+
+ + autocomplete="off"/>
-
-
- -
+
+
+
+
- - - - - - - - - -
 
+
+ + + + + + + + + +
 
- - + + - + +
+ + + +

+ +
+ + +
+
    +
'; + ?> + + + + + + +
+
+
+
+ - xmlHttp.send(params); - } - //--> - - +
+ > +
+
+
+ +
+ > +
- +
+ -
+
+ > +
+
+
+ -
+
+
    +
    +
+ '; + ?> +
+
+
+ +
+
    +
+ '; + ?> +
+
- -
+
+ placeholder="" id="i5" + name="s_imap_user" size="40" maxlength="255" + value="" autocomplete="off">
- -
- +
+ autocomplete="off">
-
-

+
+
+
+
-
+ + -
+ + + +
+ +

+
+ + +
+ +
+
+
+ + +
+ +
+
+

+
+
+ +

+
+ + +
+
   
'; - ?> -
+ ?>
-
-
- +
+
+
+ -
+
-
- - - - - -
+ + + + + +
+
-
+

+
+ -
+
+
+ +
+
+
+
- - -
+
- + } ?>/>
-
-
-
-
-
-
- -
-
-
- +
+
+ -
-
- -
+
+
+
+
-
- -
- -
- +

+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
+
+
+ + + - - - - - -
+ +
-
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
+
+
+
-
-
+
+ - -
-
- -
+ + + + +
+
+
-
-
+
+ + + + -
-
- -
-
- -
+
+
+ +
+
+
+
+
- -
-
- + +
+
+

+ +

+
+ +
+
+
+
+ -
- $title) { - echo ' +
+ $title) { + echo '
'; - } - ?> -
-
-
- - -
-
- -
+ } + ?> +
+
+
+ + +
+
+
-
-
- +
+
+ -
- +


'; - ?> -
+ ?>
-
- +
+
+ -
- +


'; - ?> -
+ ?>
+
+
- -
-
- -
- -
- - -
-

' . $server_time . ''; ?>

- + +
+
+

+ +

+
+ +
+
+
+

+
+ + +
+

' . $server_time . ''; ?>

+ +
+
+
+
+
+ +
+
+

-
-
-
- -
-
-

-
+
+
+
-
-
- -
-
-

-
+
+

-
- +
+
+ -
- +
   
'; - ?> -
+ ?>
-
- +
+
+ -
- -
+
+
+
-
- -
- -
- +

+
+ -
- -
+
+
-
- -
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
+
+
+
-
- +
+
+ -
-
- -
-
-
- +
+
+
-
-
+
+ - -
-
- -
+ + + + +
+
+
-
-
+
+ - -
-
- -
+ + + + +
+
+
-
-
+
+ - -
-
- -
+ + + + +
+
+
-
- +
+
+ -
-
- -
+
+
+
- -
-
+
+
-
-
-
-
- + +
+
+

+ + + + +

+
+ +
+
+
+

Common Properties

+
+
+
+ -
- -
+
+
-
-
- +
+
-
- -
+

Customer View

+
+
+
+ + +
+
-
-
-
- +
+
+ -
- -
+
+
-
-
- +
+
+
+
+
+ -
- -
+
+
-
-
-
- +
+
+ -
- -
+
+
-
-
- +
+
+
+
+
+ -
- -
+
+
-
-
-
- +
+
+ -
- -
+
+
-
-
- +
+
+
+
+
+ -
- -
+
+
-
-
-
- +
+
+ -
- -
+
+
-
-
- +
+
+
+
+
+ -
- -
+
+
-
-
-
- +
+
+
+
+ -
- -
+
+
-
-
-
- - '; - } else { - echo '
' . $hesklang['e_save_settings'] . ''; - } - ?> +

Admin Panel

+
+
+
+ + +
+ +
+ +
- -
+
+
+ + '; + } else { + echo '
' . $hesklang['e_save_settings'] . ''; + } + ?> +
+ +
WRONG VERSION (not " . $hesk_settings['hesk_version'] . ")\n"; } diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index 4b9cb092..be46d35a 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -1,32 +1,15 @@ Database settings */ -hesk_dbClose(); - if (hesk_testMySQL()) { // Database connection OK } elseif ($mysql_log) { @@ -125,6 +105,7 @@ if ( ! is_writable(HESK_PATH . $set['attach_dir']) ) } */ +$set['cache_dir'] = isset($_POST['s_cache_dir']) && ! is_array($_POST['s_cache_dir']) ? preg_replace('/[^a-zA-Z0-9_-]/', '', $_POST['s_cache_dir']) : 'cache'; $set['max_listings'] = hesk_checkMinMax(intval(hesk_POST('s_max_listings')), 1, 999, 10); $set['print_font_size'] = hesk_checkMinMax(intval(hesk_POST('s_print_font_size')), 1, 99, 12); $set['autoclose'] = hesk_checkMinMax(intval(hesk_POST('s_autoclose')), 0, 999, 7); @@ -135,6 +116,10 @@ $set['reply_top'] = empty($_POST['s_reply_top']) ? 0 : 1; /* --> Features */ $set['autologin'] = empty($_POST['s_autologin']) ? 0 : 1; $set['autoassign'] = empty($_POST['s_autoassign']) ? 0 : 1; +$set['require_email'] = empty($_POST['s_require_email']) ? 0 : 1; +$set['require_owner'] = empty($_POST['s_require_owner']) ? 0 : 1; +$set['require_subject'] = hesk_checkMinMax( intval( hesk_POST('s_require_subject') ) , -1, 1, 1); +$set['require_message'] = hesk_checkMinMax( intval( hesk_POST('s_require_message') ) , -1, 1, 1); $set['custclose'] = empty($_POST['s_custclose']) ? 0 : 1; $set['custopen'] = empty($_POST['s_custopen']) ? 0 : 1; $set['rating'] = empty($_POST['s_rating']) ? 0 : 1; @@ -147,6 +132,7 @@ $set['debug_mode'] = empty($_POST['s_debug_mode']) ? 0 : 1; $set['short_link'] = empty($_POST['s_short_link']) ? 0 : 1; $set['select_cat'] = empty($_POST['s_select_cat']) ? 0 : 1; $set['select_pri'] = empty($_POST['s_select_pri']) ? 0 : 1; +$set['cat_show_select'] = hesk_checkMinMax( intval( hesk_POST('s_cat_show_select') ) , 0, 999, 10); /* --> SPAM prevention */ $set['secimg_use'] = empty($_POST['s_secimg_use']) ? 0 : (hesk_POST('s_secimg_use') == 2 ? 2 : 1); @@ -168,7 +154,14 @@ if ($set['attempt_limit'] > 0) { } $set['attempt_banmin'] = hesk_checkMinMax(intval(hesk_POST('s_attempt_banmin')), 5, 99999, 60); $set['reset_pass'] = empty($_POST['s_reset_pass']) ? 0 : 1; -$set['email_view_ticket'] = empty($_POST['s_email_view_ticket']) ? 0 : 1; +$set['email_view_ticket'] = ($set['require_email'] == 0) ? 0 : (empty($_POST['s_email_view_ticket']) ? 0 : 1); +$set['x_frame_opt'] = empty($_POST['s_x_frame_opt']) ? 0 : 1; +$set['force_ssl'] = HESK_SSL && isset($_POST['s_force_ssl']) && $_POST['s_force_ssl'] == 1 ? 1 : 0; + +// Make sure help desk URL starts with https if forcing SSL +if ($set['force_ssl']) { + $set['hesk_url'] = preg_replace('/^http:/i', 'https:', $set['hesk_url']); +} /* --> Attachments */ $set['attachments']['use'] = empty($_POST['s_attach_use']) ? 0 : 1; @@ -246,7 +239,7 @@ if ($set['smtp']) { $set['smtp'] = 0; } } else { - $set['smtp_host_name'] = hesk_input(hesk_POST('tmp_smtp_host_name', 'mail.domain.com')); + $set['smtp_host_name'] = hesk_input(hesk_POST('tmp_smtp_host_name', 'mail.example.com')); $set['smtp_host_port'] = intval(hesk_POST('tmp_smtp_host_port', 25)); $set['smtp_timeout'] = intval(hesk_POST('tmp_smtp_timeout', 10)); $set['smtp_ssl'] = empty($_POST['tmp_smtp_ssl']) ? 0 : 1; @@ -279,7 +272,7 @@ if ($set['pop3']) { } } else { $set['pop3_job_wait'] = intval(hesk_POST('s_pop3_job_wait', 15)); - $set['pop3_host_name'] = hesk_input(hesk_POST('tmp_pop3_host_name', 'mail.domain.com')); + $set['pop3_host_name'] = hesk_input(hesk_POST('tmp_pop3_host_name', 'mail.example.com')); $set['pop3_host_port'] = intval(hesk_POST('tmp_pop3_host_port', 110)); $set['pop3_tls'] = empty($_POST['tmp_pop3_tls']) ? 0 : 1; $set['pop3_keep'] = empty($_POST['tmp_pop3_keep']) ? 0 : 1; @@ -287,6 +280,32 @@ if ($set['pop3']) { $set['pop3_password'] = hesk_input(hesk_POST('tmp_pop3_password')); } +/* --> IMAP fetching */ +$imap_OK = true; +$set['imap'] = empty($_POST['s_imap']) ? 0 : 1; + +if ($set['imap']) { + // Get IMAP fetching timeout + $set['imap_job_wait'] = hesk_checkMinMax( intval( hesk_POST('s_imap_job_wait') ) , 0, 1440, 15); + + // Test IMAP connection + $imap_OK = hesk_testIMAP(true); + + // If IMAP not working, disable it + if ( ! $imap_OK) { + $set['imap'] = 0; + } +} else { + $set['imap_job_wait'] = intval( hesk_POST('s_imap_job_wait', 15) ); + $set['imap_host_name'] = hesk_input( hesk_POST('tmp_imap_host_name', 'mail.example.com') ); + $set['imap_host_port'] = intval( hesk_POST('tmp_imap_host_port', 110) ); + $set['imap_enc'] = hesk_POST('tmp_imap_enc'); + $set['imap_enc'] = ($set['imap_enc'] == 'ssl' || $set['imap_enc'] == 'tls') ? $set['imap_enc'] : ''; + $set['imap_keep'] = empty($_POST['tmp_imap_keep']) ? 0 : 1; + $set['imap_user'] = hesk_input( hesk_POST('tmp_imap_user') ); + $set['imap_password'] = hesk_input( hesk_POST('tmp_imap_password') ); +} + /* --> Email loops */ $set['loop_hits'] = hesk_checkMinMax(intval(hesk_POST('s_loop_hits')), 0, 999, 5); $set['loop_time'] = hesk_checkMinMax(intval(hesk_POST('s_loop_time')), 1, 86400, 300); @@ -323,10 +342,10 @@ if (!empty($_POST['s_email_providers']) && !is_array($_POST['s_email_providers'] if (!$set['detect_typos'] || count($set['email_providers']) < 1) { $set['detect_typos'] = 0; - $set['email_providers'] = array('gmail.com', 'hotmail.com', 'hotmail.co.uk', 'yahoo.com', 'yahoo.co.uk', 'aol.com', 'aol.co.uk', 'msn.com', 'live.com', 'live.co.uk', 'mail.com', 'googlemail.com', 'btinternet.com', 'btopenworld.com'); + $set['email_providers']=array('aim.com','aol.co.uk','aol.com','att.net','bellsouth.net','blueyonder.co.uk','bt.com','btinternet.com','btopenworld.com','charter.net','comcast.net','cox.net','earthlink.net','email.com','facebook.com','fastmail.fm','free.fr','freeserve.co.uk','gmail.com','gmx.at','gmx.ch','gmx.com','gmx.de','gmx.fr','gmx.net','gmx.us','googlemail.com','hotmail.be','hotmail.co.uk','hotmail.com','hotmail.com.ar','hotmail.com.mx','hotmail.de','hotmail.es','hotmail.fr','hushmail.com','icloud.com','inbox.com','laposte.net','lavabit.com','list.ru','live.be','live.co.uk','live.com','live.com.ar','live.com.mx','live.de','live.fr','love.com','lycos.com','mac.com','mail.com','mail.ru','me.com','msn.com','nate.com','naver.com','neuf.fr','ntlworld.com','o2.co.uk','online.de','orange.fr','orange.net','outlook.com','pobox.com','prodigy.net.mx','qq.com','rambler.ru','rocketmail.com','safe-mail.net','sbcglobal.net','t-online.de','talktalk.co.uk','tiscali.co.uk','verizon.net','virgin.net','virginmedia.com','wanadoo.co.uk','wanadoo.fr','yahoo.co.id','yahoo.co.in','yahoo.co.jp','yahoo.co.kr','yahoo.co.uk','yahoo.com','yahoo.com.ar','yahoo.com.mx','yahoo.com.ph','yahoo.com.sg','yahoo.de','yahoo.fr','yandex.com','yandex.ru','ymail.com'); } -$set['email_providers'] = count($set['email_providers']) ? "'" . implode("','", $set['email_providers']) . "'" : ''; +$set['email_providers'] = count($set['email_providers']) ? "'" . implode("','", array_unique($set['email_providers'])) . "'" : ''; /* --> Notify customer when */ @@ -386,7 +405,8 @@ foreach ($hesk_settings['possible_ticket_list'] as $key => $title) { // We need at least one of these: id, trackid, subject if (!in_array('id', $set['ticket_list']) && !in_array('trackid', $set['ticket_list']) && !in_array('subject', $set['ticket_list'])) { - $set['ticket_list'][] = 'trackid'; + // None of the required fields are there, add "trackid" as the first one + array_unshift($set['ticket_list'], 'trackid'); } $set['ticket_list'] = count($set['ticket_list']) ? "'" . implode("','", $set['ticket_list']) . "'" : 'trackid'; @@ -419,49 +439,9 @@ $set['submit_notice'] = empty($_POST['s_submit_notice']) ? 0 : 1; $set['online'] = empty($_POST['s_online']) ? 0 : 1; $set['online_min'] = hesk_checkMinMax(intval(hesk_POST('s_online_min')), 1, 999, 10); $set['check_updates'] = empty($_POST['s_check_updates']) ? 0 : 1; - -/*** CUSTOM FIELDS ***/ - -for ($i = 1; $i <= 20; $i++) { - $this_field = 'custom' . $i; - $set['custom_fields'][$this_field]['use'] = !empty($_POST['s_custom' . $i . '_use']) ? 1 : 0; - - if ($set['custom_fields'][$this_field]['use']) { - $set['custom_fields'][$this_field]['place'] = empty($_POST['s_custom' . $i . '_place']) ? 0 : 1; - $set['custom_fields'][$this_field]['type'] = hesk_htmlspecialchars(hesk_POST('s_custom' . $i . '_type', 'text')); - $set['custom_fields'][$this_field]['req'] = !empty($_POST['s_custom' . $i . '_req']) ? 1 : 0; - $set['custom_fields'][$this_field]['name'] = hesk_input(hesk_POST('s_custom' . $i . '_name'), $hesklang['err_custname']); - $set['custom_fields'][$this_field]['maxlen'] = intval(hesk_POST('s_custom' . $i . '_maxlen', 255)); - $set['custom_fields'][$this_field]['value'] = hesk_input(hesk_POST('s_custom' . $i . '_val')); - - if ($set['custom_fields'][$this_field]['type'] == 'email' && $set['custom_fields'][$this_field]['value'] == '') { - // New custom field without any options set. Default to Cc - $set['custom_fields'][$this_field]['value'] = 'cc'; - } - - if (!in_array($set['custom_fields'][$this_field]['type'], array('text', 'textarea', 'select', 'radio', 'checkbox', 'date', 'multiselect', 'email', 'hidden', 'readonly'))) { - $set['custom_fields'][$this_field]['type'] = 'text'; - } - - // Try to detect if field type changed to anything except "select" - if ($set['custom_fields'][$this_field]['type'] != 'select') { - // If type is "radio" or "checkbox" remove "please select", keep other options - $set['custom_fields'][$this_field]['value'] = str_replace('{HESK_SELECT}', '', $set['custom_fields'][$this_field]['value']); - - // Field type changed to "text" or "textarea", clear default value if it contains "#HESK#" separator - if (in_array($set['custom_fields'][$this_field]['type'], array('text', 'textarea')) && !in_array($hesk_settings['custom_fields'][$this_field]['type'], array('text', 'textarea')) && strpos($set['custom_fields'][$this_field]['value'], '#HESK#') !== false) { - $set['custom_fields'][$this_field]['value'] = ''; - } - } - } else { - $set['custom_fields'][$this_field] = array('use' => 0, 'place' => 0, 'type' => 'text', 'req' => 0, 'name' => 'Custom field ' . $i, 'maxlen' => 255, 'value' => ''); - } -} - $set['hesk_version'] = $hesk_settings['hesk_version']; // Process quick help sections -hesk_dbConnect(); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "quick_help_sections` SET `show` = '0'"); $postArray = hesk_POST_array('quick_help_sections'); foreach ($postArray as $value) { @@ -516,6 +496,7 @@ $set['dropdownItemTextColor'] = hesk_input(hesk_POST('dropdownItemTextColor')); $set['dropdownItemTextHoverColor'] = hesk_input(hesk_POST('dropdownItemTextHoverColor')); $set['questionMarkColor'] = hesk_input(hesk_POST('questionMarkColor')); $set['dropdownItemTextHoverBackgroundColor'] = hesk_input(hesk_POST('dropdownItemTextHoverBackgroundColor')); +$set['admin_color_scheme'] = hesk_input(hesk_POST('admin-color-scheme')); mfh_updateSetting('rtl', $set['rtl']); mfh_updateSetting('show_icons', $set['show-icons']); mfh_updateSetting('custom_field_setting', $set['custom-field-setting']); @@ -552,6 +533,7 @@ mfh_updateSetting('use_mailgun', $set['use_mailgun'], false); mfh_updateSetting('enable_calendar', $set['enable_calendar'], false); mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false); mfh_updateSetting('default_calendar_view', $set['default_view'], true); +mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true); // Prepare settings file and save it $settings_file_content = ' Features $hesk_settings[\'autologin\']=' . $set['autologin'] . '; $hesk_settings[\'autoassign\']=' . $set['autoassign'] . '; +$hesk_settings[\'require_email\']=' . $set['require_email'] . '; +$hesk_settings[\'require_owner\']=' . $set['require_owner'] . '; +$hesk_settings[\'require_subject\']=' . $set['require_subject'] . '; +$hesk_settings[\'require_message\']=' . $set['require_message'] . '; $hesk_settings[\'custclose\']=' . $set['custclose'] . '; $hesk_settings[\'custopen\']=' . $set['custopen'] . '; $hesk_settings[\'rating\']=' . $set['rating'] . '; @@ -610,6 +597,7 @@ $hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . '; $hesk_settings[\'short_link\']=' . $set['short_link'] . '; $hesk_settings[\'select_cat\']=' . $set['select_cat'] . '; $hesk_settings[\'select_pri\']=' . $set['select_pri'] . '; +$hesk_settings[\'cat_show_select\']=' . $set['cat_show_select'] . '; // --> SPAM Prevention $hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . '; @@ -626,6 +614,8 @@ $hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . '; $hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . '; $hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . '; $hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . '; +$hesk_settings[\'x_frame_opt\']=' . $set['x_frame_opt'] . '; +$hesk_settings[\'force_ssl\']=' . $set['force_ssl'] . '; // --> Attachments $hesk_settings[\'attachments\']=array ( @@ -635,6 +625,15 @@ $hesk_settings[\'attachments\']=array ( \'allowed_types\' => array(\'' . implode('\',\'', $set['attachments']['allowed_types']) . '\') ); +// --> IMAP Fetching +$hesk_settings[\'imap\']=' . $set['imap'] . '; +$hesk_settings[\'imap_job_wait\']=' . $set['imap_job_wait'] . '; +$hesk_settings[\'imap_host_name\']=\'' . $set['imap_host_name'] . '\'; +$hesk_settings[\'imap_host_port\']=' . $set['imap_host_port'] . '; +$hesk_settings[\'imap_enc\']=\'' . $set['imap_enc'] . '\'; +$hesk_settings[\'imap_keep\']=' . $set['imap_keep'] . '; +$hesk_settings[\'imap_user\']=\'' . $set['imap_user'] . '\'; +$hesk_settings[\'imap_password\']=\'' . $set['imap_password'] . '\'; // ==> KNOWLEDGEBASE @@ -731,22 +730,6 @@ $hesk_settings[\'online_min\']=' . $set['online_min'] . '; $hesk_settings[\'check_updates\']=' . $set['check_updates'] . '; -// ==> CUSTOM FIELDS - -$hesk_settings[\'custom_fields\']=array ( -'; - -for ($i = 1; $i <= 20; $i++) { - $settings_file_content .= '\'custom' . $i . '\'=>array(\'use\'=>' . $set['custom_fields']['custom' . $i]['use'] . ',\'place\'=>' . $set['custom_fields']['custom' . $i]['place'] . ',\'type\'=>\'' . $set['custom_fields']['custom' . $i]['type'] . '\',\'req\'=>' . $set['custom_fields']['custom' . $i]['req'] . ',\'name\'=>\'' . $set['custom_fields']['custom' . $i]['name'] . '\',\'maxlen\'=>' . $set['custom_fields']['custom' . $i]['maxlen'] . ',\'value\'=>\'' . $set['custom_fields']['custom' . $i]['value'] . '\')'; - if ($i != 20) { - $settings_file_content .= ', -'; - } -} - -$settings_file_content .= ' -); - ############################# # DO NOT EDIT BELOW # ############################# @@ -796,14 +779,6 @@ function mfh_updateSetting($key, $value, $isString = false) hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` SET `Value` = " . $formattedValue . " WHERE `Key` = '" . $key . "'"); } -function hesk_checkMinMax($myint, $min, $max, $defval) -{ - if ($myint > $max || $myint < $min) { - return $defval; - } - return $myint; -} // END hesk_checkMinMax() - function hesk_getLanguagesArray($returnArray = 0) { @@ -847,7 +822,7 @@ function hesk_getLanguagesArray($returnArray = 0) $add = 0; } elseif (!preg_match('/\$hesklang\[\'EMAIL_HR\'\]\=\'(.*)\'\;/', $tmp, $hr)) { $add = 0; - } elseif (!preg_match('/\$hesklang\[\'ms01\'\]/', $tmp)) { + } elseif (!preg_match('/\$hesklang\[\'refresh_page\'\]/', $tmp)) { $add = 0; } } else { diff --git a/admin/admin_submit_ticket.php b/admin/admin_submit_ticket.php index d6241840..f918dc6e 100644 --- a/admin/admin_submit_ticket.php +++ b/admin/admin_submit_ticket.php @@ -1,32 +1,15 @@ 3) { } } -$tmpvar['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer['subject'] = $hesklang['enter_ticket_subject']; -$tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer['message'] = $hesklang['enter_message']; +$tmpvar['subject'] = hesk_input( hesk_POST('subject') ); +if ($hesk_settings['require_subject'] == 1 && $tmpvar['subject'] == '') { + $hesk_error_buffer['subject'] = $hesklang['enter_ticket_subject']; +} + +$tmpvar['message'] = hesk_input( hesk_POST('message') ); +if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') { + $hesk_error_buffer['message'] = $hesklang['enter_message']; +} // Is category a valid choice? if ($tmpvar['category']) { + if ( ! hesk_checkPermission('can_submit_any_cat', 0) && ! hesk_okCategory($tmpvar['category'], 0) ) { + hesk_process_messages($hesklang['noauth_submit'],'new_ticket.php'); + } + hesk_verifyCategory(1); // Is auto-assign of tickets disabled in this category? @@ -94,19 +103,69 @@ if ($tmpvar['category']) { } // Custom fields -foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use'] && isset($_POST[$k])) { - // Date will be handled by the jQuery datepicker - if ($v['type'] == 'date' && $_POST[$k] != '') { - $tmpvar[$k] = strtotime($_POST[$k]); - } else if (is_array($_POST[$k])) { - $tmpvar[$k] = ''; - foreach ($_POST[$k] as $myCB) { - $tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '
'; +foreach ($hesk_settings['custom_fields'] as $k=>$v) { + if ($v['use'] && hesk_is_custom_field_in_category($k, $tmpvar['category'])) { + if ($v['type'] == 'checkbox') { + $tmpvar[$k]=''; + + if (isset($_POST[$k]) && is_array($_POST[$k])) { + foreach ($_POST[$k] as $myCB) { + $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '
';; + } + $tmpvar[$k]=substr($tmpvar[$k],0,-6); + } else { + if ($v['req'] == 2) { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; + } + $_POST[$k] = ''; + } + } elseif ($v['type'] == 'date') { + $tmpvar[$k] = hesk_POST($k); + $_SESSION["as_$k"] = ''; + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) { + $date = strtotime($tmpvar[$k] . ' t00:00:00'); + $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false; + $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false; + + $_SESSION["as_$k"] = $tmpvar[$k]; + + if ($dmin && $dmin > $date) { + $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format'])); + } elseif ($dmax && $dmax < $date) { + $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format'])); + } else { + $tmpvar[$k] = $date; + } + } else { + $tmpvar[$k] = ''; + + if ($v['req'] == 2) { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; + } + } + } elseif ($v['type'] == 'email') + { + $tmp = $hesk_settings['multi_eml']; + $hesk_settings['multi_eml'] = $v['value']['multiple']; + $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0); + $hesk_settings['multi_eml'] = $tmp; + + if ($tmpvar[$k] != '') { + $_SESSION["as_$k"] = hesk_input($tmpvar[$k]); + } else { + $_SESSION["as_$k"] = ''; + + if ($v['req'] == 2) { + $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']); + } + } + } elseif ($v['req'] == 2) { + $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) ))); + if ($tmpvar[$k] == '') { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; } - $tmpvar[$k] = substr($tmpvar[$k], 0, -6); } else { - $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k]))); + $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input(hesk_POST($k)))); } } else { $tmpvar[$k] = ''; @@ -202,7 +261,6 @@ if (count($hesk_error_buffer) != 0) { $_SESSION['as_name'] = hesk_POST('name'); $_SESSION['as_email'] = hesk_POST('email'); - $_SESSION['as_category'] = hesk_POST('category'); $_SESSION['as_priority'] = $tmpvar['priority']; $_SESSION['as_subject'] = hesk_POST('subject'); $_SESSION['as_message'] = hesk_POST('message'); @@ -211,7 +269,7 @@ if (count($hesk_error_buffer) != 0) { $_SESSION['as_show'] = $show; foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use']) { + if ($v['use'] && ! in_array($v['type'], array('date', 'email'))) { $_SESSION["as_$k"] = ($v['type'] == 'checkbox') ? hesk_POST_array($k) : hesk_POST($k); } } @@ -228,7 +286,7 @@ if (count($hesk_error_buffer) != 0) { } $hesk_error_buffer = $hesklang['pcer'] . '

    ' . $hesk_error_buffer . '
'; - hesk_process_messages($hesk_error_buffer, 'new_ticket.php'); + hesk_process_messages($hesk_error_buffer,'new_ticket.php?category='.$tmpvar['category']); } if ($hesk_settings['attachments']['use'] && !empty($attachments)) { @@ -258,7 +316,7 @@ $tmpvar['screen_resolution_width'] = "NULL"; $ticket = hesk_newTicket($tmpvar); // Notify the customer about the ticket? -if ($notify) { +if ($notify && $email_available) { hesk_notifyCustomer($modsForHesk_settings); } @@ -288,9 +346,7 @@ hesk_cleanSessionVars('as_owner'); hesk_cleanSessionVars('as_notify'); hesk_cleanSessionVars('as_show'); foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use']) { - hesk_cleanSessionVars("as_$k"); - } + hesk_cleanSessionVars("as_$k"); } // If ticket has been assigned to the person submitting it lets show a message saying so @@ -304,5 +360,4 @@ if ($show) { hesk_process_messages($hesklang['new_ticket_submitted'], 'admin_ticket.php?track=' . $ticket['trackid'] . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); } else { hesk_process_messages($hesklang['new_ticket_submitted'] . '. ' . $hesklang['view_ticket'] . '', 'new_ticket.php', 'SUCCESS'); -} -?> +} \ No newline at end of file diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index 7f79447d..cd295a38 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -1,32 +1,15 @@ 2 ORDER BY `" . $orderBy . "` ASC"); +if ($can_change_cat) { + $result = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `usage` <> 2 ORDER BY `cat_order` ASC"); +} else { + $result = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `usage` <> 2 AND ".hesk_myCategories('id')." ORDER BY `cat_order` ASC"); +} $categories_options = ''; while ($row = hesk_dbFetchAssoc($result)) { $selected = ''; @@ -624,523 +632,381 @@ if ($ticket['email'] != '') { } } +// TODO Here we go! /* Print admin navigation */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?> -
-
-
-
-
    -
  • -
    - + $v) { + if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) { + switch ($v['type']) { + case 'date': + $ticket[$k] = hesk_custom_date_display_format($ticket[$k], $v['value']['date_format']); + break; + } + } + } + ?> +

    +

    + ' . $tmp; ?> -

    • -
  • -
    - -
    • -
  • -
    - -
    • -
  • -
    - ' . $hesklang['asss'] . '' : $hesklang['unas']); - ?> -
    • -
  • -
    - -
    • -
  • -
    - -
    • -
  • -
    -
    - - -
    - + $tmp = ''; + if ($hesk_settings['sequential']) { + $tmp = ' (' . $hesklang['seqid'] . ': ' . $ticket['id'] . ')'; + } + + echo $trackingID . $tmp; ?> + +
    +
    +

    + + ' . $hesklang['archived'] . ''; + } + if ($ticket['locked']) { + echo ' ' . $hesklang['loc'] . ''; + } + ?> +

    +
    + +
    +
    +
    +
    +
    +
    + +
    -
    • -
  • -
    - -
    • - -
  • -
    - - - - - - +
+
+
+ + + + + + + + + + + + + + + - - - -
  • - - -

    " /> + + + + + +

    • + + + + + + +
    + + + + '; + } else { + echo ''; + } + } else { + echo ' + + '; + } + } + ?> +
    + ' . $ticket['ip'] . ''; -
    -
    - -
    - -
    -
    -
    -
    -
    -
    - -
    - -
    -
    -
    + if ($can_ban_ips) { + if ($ip_id = hesk_isBannedIP($ticket['ip'])) { + if ($can_unban_ips) { + echo ' + + '; + } else { + echo ''; + } + } else { + echo ' + + '; + } + } + } + ?> +
    + + + + + + -
    - -
    - +
    + +
    + +
    +
    +
    +
    -
    -
    +
    + +
    + +
    +
    +
    +
    -
    -
    -
    - - +
    +
    + + +
    -
    - - - -
    - -
    + + $parent = hesk_dbFetchAssoc($parentRs); + echo ' '; - echo ' ' . $parent['trackid'] . ''; - } - //-- Check if any tickets have a parent set to this tracking ID - $hasRows = false; - $childrenRS = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` + echo ' ' . $parent['trackid'] . ''; + } + //-- Check if any tickets have a parent set to this tracking ID + $hasRows = false; + $childrenRS = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` WHERE `parent` = ' . hesk_dbEscape($ticket['id'])); - while ($row = hesk_dbFetchAssoc($childrenRS)) { - $hasRows = true; - echo ' + while ($row = hesk_dbFetchAssoc($childrenRS)) { + $hasRows = true; + echo ' '; - echo ' ' . $row['trackid'] . ''; - echo '
    '; - } - if (!$hasRows && $ticket['parent'] == null) { - echo $hesklang['none']; - } - ?>

    - -
    -

    ' . $hesklang['add_ticket'] . ''; ?>

    -
    - - - - -
  • - - -

    - - ' . $recentTicket['trackid'] . ''; ?> -

    - -
    • - - - - -
    - ' . $row['trackid'] . ''; + echo '
    '; + } + if (!$hasRows && $ticket['parent'] == null) { + echo $hesklang['none']; + } - echo hesk_getAdminButtons(); - ?> -
    - -
    -
    -
    -

    -  '; - } - if ($ticket['locked']) { - echo ' '; - } - if ($modsForHesk_settings['display_user_agent_information'] - && $ticket['user_agent'] !== NULL - && $ticket['screen_resolution_height'] !== NULL - && $ticket['screen_resolution_height'] != 0 - && $ticket['screen_resolution_width'] !== NULL - && $ticket['screen_resolution_width'] != 0 - ): - ?> - - - -

    +
    +
    + + + + + + + + + + + + + + + +
    +
    + +
    - - - - - - -
    -
    -

    -
    -
    -

    -
    -
    - '; - $mgr = $isManager ? '&isManager=1' : ''; - if ($isTicketClosed == 0 && $isClosable) // Ticket is still open - { - echo ' - ' . $hesklang['close_action'] . ''; - } elseif ($isTicketClosed == 1) { - echo ' - ' . $hesklang['open_action'] . ''; - } - - $strippedName = strip_tags($ticket['name']); - $strippedEmail = strip_tags($ticket['email']); - $linkText = 'new_ticket.php?name=' . $strippedName . '&email=' . $strippedEmail . '&catid=' . $category['id'] . '&priority=' . $ticket['priority']; - foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use'] == 1) { - - if ($v['type'] == 'checkbox') { - $value = str_replace('
    ', '-CHECKBOX-', $ticket[$k]); - } else { - $value = $ticket[$k]; - } - $strippedCustomField = strip_tags($value); - $linkText .= '&c_' . $k . '=' . $strippedCustomField; - } - } - - echo ' - ' . $hesklang['create_based_on_contact'] . ' - '; - echo '
    '; - ?> +
    + +

    + +

    + + ' . $recentTicket['trackid'] . ''; ?> +

    + +
    -
    - +
    +
    +
    + $hesklang['critical'], - 1 => $hesklang['high'], - 2 => $hesklang['medium'], - 3 => $hesklang['low'] - ); - $options = array(); - for ($i = 0; $i < 4; $i++) { - $selected = $ticket['priority'] == $i ? 'selected' : ''; - array_push($options, ''); - } + $priorityLanguages = array( + 0 => $hesklang['critical'], + 1 => $hesklang['high'], + 2 => $hesklang['medium'], + 3 => $hesklang['low'] + ); + $options = array(); + for ($i = 0; $i < 4; $i++) { + $selected = $ticket['priority'] == $i ? 'selected' : ''; + array_push($options, ''); + } - echo '
    '; - } elseif ($ticket['priority'] == 1) { - echo 'highPriority">'; - } else { - echo 'medLowPriority">'; - } + echo '
    '; + } elseif ($ticket['priority'] == 1) { + echo 'high-priority">'; + } else { + echo 'med-low-priority">'; + } - echo '

    ' . $hesklang['priority'] . '

    '; + echo '

    ' . $hesklang['priority'] . '

    '; - echo '
    + echo ' '; - if ($isManager) { - echo ''; - } - echo ' + if ($isManager) { + echo ''; + } + echo '
    '; - echo '

    ' . $hesklang['status'] . '

    '; - $status_options = array(); - $results = mfh_getAllStatuses(); - foreach ($results as $row) { - $selected = $ticket['status'] == $row['ID'] ? 'selected' : ''; - $status_options[$row['ID']] = ''; - } + echo '

    ' . $hesklang['status'] . '

    '; + $status_options = array(); + $results = mfh_getAllStatuses(); + foreach ($results as $row) { + $selected = $ticket['status'] == $row['ID'] ? 'selected' : ''; + $status_options[$row['ID']] = ''; + } - echo ' + echo '
    '; - if ($isManager) { - echo ''; - } - echo ' + if ($isManager) { + echo ''; + } + echo '
    '; - echo '

    ' . $hesklang['owner'] . '

    '; + echo '

    ' . $hesklang['owner'] . '

    '; - if (hesk_checkPermission('can_assign_others', 0) || $isManager) { - echo ' + if (hesk_checkPermission('can_assign_others', 0) || $isManager) { + echo '
    - - - + echo ''; + } + echo ''; + echo ' + + + '; - } else { - echo '

    '; - echo isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : - ($can_assign_self ? $hesklang['unas'] . ' [' . $hesklang['asss'] . ']' : $hesklang['unas']); - echo '

    '; + if ( ! $ticket['owner']) + { + echo ''; } echo '
    '; - echo '

    ' . $hesklang['category'] . '

    '; - if ($can_change_cat) { - echo ' + } else { + echo '

    '; + echo isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : + ($can_assign_self ? $hesklang['unas'] . ' [' . $hesklang['asss'] . ']' : $hesklang['unas']); + echo '

    '; + } + echo '

    ' . $hesklang['category'] . '

    '; + if (strlen($categories_options) && ($can_change_cat || $can_change_own_cat)) { + echo '
    @@ -1195,317 +1065,197 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ' . $categories_options . ' - - + + +
    '; - } else { - echo '

    ' . $category['name'] . '

    '; - } - echo '
    '; - ?> + } else { + echo '

    ' . $category['name'] . '

    '; + } + echo '
    '; + ?> +
    +
    +
    +
    +

    + +

    +
    +
    - + 0): + $first = true; + while ($note = hesk_dbFetchAssoc($res)): + if (!$first) { + echo '
    '; + } else { + $first = false; + } ?>
    -
    -
    -
    -

    - - -

    -
    ' : ''; - - $att = explode(',', substr($note['attachments'], 0, -1)); - $num = count($att); - foreach ($att as $myatt) { - list($att_id, $att_name) = explode('#', $myatt); - - // Can edit and delete note (attachments)? - if ($can_del_notes || $note['who'] == $_SESSION['id']) { - // If this is the last attachment and no message, show "delete ticket" link - if ($num == 1 && strlen($note['message']) == 0) { - echo ' - - '; - } // Show "delete attachment" link - else { - echo ' - - '; - } - } - - echo ' - - - - ' . $att_name . '
    - '; +
    +

    + + -

    +
    ' : ''; + + $att = explode(',', substr($note['attachments'], 0, -1)); + $num = count($att); + foreach ($att as $myatt) { + list($att_id, $att_name) = explode('#', $myatt); + + // Can edit and delete note (attachments)? + if ($can_del_notes || $note['who'] == $_SESSION['id']) { + // If this is the last attachment and no message, show "delete ticket" link + if ($num == 1 && strlen($note['message']) == 0) { + echo ' + + '; + } // Show "delete attachment" link + else { + echo ' + + '; } } - ?> -
    -
    - -
    - -   - - -   + + echo ' + + -
    - -
    -
    + ' . $att_name . '
    + '; + } + } + ?> +
    +
    + + + +   + + + +
    -
    -
    - : - -   - - -
    -
    -
    -
    -
    - + + +
    + +
    + +
    + +
    + + + +
    +

    +

    +

    +
    +'; - - /* Style and mousover/mousout */ - $tmp = $white ? 'White' : 'Blue'; - $style = 'class="option' . $tmp . 'OFF" onmouseover="this.className=\'option' . $tmp . 'ON\'" onmouseout="this.className=\'option' . $tmp . 'OFF\'"'; - - /* Lock ticket button */ - if ( /* ! $reply && */ - $can_edit - ) { - if ($ticket['locked']) { - $des = $hesklang['tul'] . ' - ' . $hesklang['isloc']; - $options .= ' ' . $hesklang['tul'] . ' '; - } else { - $des = $hesklang['tlo'] . ' - ' . $hesklang['isloc']; - $options .= ' ' . $hesklang['tlo'] . ' '; - } - } - - /* Tag ticket button */ - if ( /* ! $reply && */ - $can_archive - ) { - if ($ticket['archive']) { - $options .= '' . $hesklang['remove_archive'] . ' '; - } else { - $options .= ' ' . $hesklang['add_archive'] . ' '; - } - } - - /* Import to knowledgebase button */ - if ($hesk_settings['kb_enable'] && hesk_checkPermission('can_man_kb', 0)) { - $options .= ' ' . $hesklang['import_kb'] . ' '; - } - - /* Print ticket button */ - $options .= ' ' . $hesklang['printer_friendly'] . ' '; + $options = ''; /* Edit post */ if ($can_edit) { $tmp = $reply ? '&reply=' . $reply['id'] : ''; $mgr = $isManager ? '&isManager=true' : ''; - $options .= ' ' . $hesklang['edtt'] . ' '; + $options .= ' ' . $hesklang['edit'] . ' '; } + /* Print ticket button */ + $options .= ' ' . $hesklang['printer_friendly'] . ' '; + /* Delete ticket */ if ($can_delete) { if ($reply) { $url = 'admin_ticket.php'; $tmp = 'delete_post=' . $reply['id']; - $img = 'delete.png'; $txt = $hesklang['delt']; } else { $url = 'delete_tickets.php'; $tmp = 'delete_ticket=1'; - $img = 'delete_ticket.png'; $txt = $hesklang['dele']; } - $options .= ' ' . $txt . ' '; + $options .= ' ' . $txt . ' '; + } + + $dropdown = ' +
    + +
      '; + + // Location and UA + $has_location_or_user_agent = false; + + if ($modsForHesk_settings['display_user_agent_information'] + && $ticket['user_agent'] !== NULL + && $ticket['screen_resolution_height'] !== NULL + && $ticket['screen_resolution_height'] != 0 + && $ticket['screen_resolution_width'] !== NULL + && $ticket['screen_resolution_width'] != 0 + ) { + $has_location_or_user_agent = true; + $dropdown .= + '
    • ' . $hesklang['device_information'] . '
      • '; + buildUserAgentModal($ticket['user_agent'], $ticket['screen_resolution_width'], $ticket['screen_resolution_height']); + } else if ($modsForHesk_settings['display_user_agent_information']) { + $has_location_or_user_agent = true; + $dropdown .= + '
    • ' . $hesklang['no_device_information'] . '
      • '; + } + ?> + ' . $locationText . ' '; + ?> + + + + + '; + } + + /* Close/Reopen ticket link */ + $random = rand(10000, 99999); + + $statusSql = 'SELECT `ID`, `IsStaffClosedOption`, `IsStaffReopenedStatus` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsStaffClosedOption` = 1 OR `IsStaffReopenedStatus` = 1'; + $statusRs = hesk_dbQuery($statusSql); + $staffClosedOptionStatus = array(); + $staffReopenedStatus = array(); + while ($statusRow = hesk_dbFetchAssoc($statusRs)) { + if ($statusRow['IsStaffReopenedStatus'] == 1) { + $staffReopenedStatus['ID'] = $statusRow['ID']; + } else { + $staffClosedOptionStatus['ID'] = $statusRow['ID']; + } + } + + $isTicketClosedSql = 'SELECT `IsClosed`, `Closable` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `ID` = ' . $ticket['status']; + $isTicketClosedRs = hesk_dbQuery($isTicketClosedSql); + $isTicketClosedRow = hesk_dbFetchAssoc($isTicketClosedRs); + $isTicketClosed = $isTicketClosedRow['IsClosed']; + $isClosable = $isTicketClosedRow['Closable'] == 'yes' || $isTicketClosedRow['Closable'] == 'sonly'; + + $mgr = $isManager ? '&isManager=1' : ''; + if ($isTicketClosed == 0 && $isClosable && $can_resolve) // Ticket is still open + { + $dropdown .= '
    • + ' . $hesklang['close_action'] . '
      • '; + } elseif ($isTicketClosed == 1) { + $dropdown .= '
    • + ' . $hesklang['open_action'] . '
      • '; + } + + /* Lock ticket button */ + if ($can_resolve) { + $template = '
    • %s
      • '; + $dropdown .= $ticket['locked'] + ? sprintf($template, 0, 'unlock', $hesklang['tul']) + : sprintf($template, 1, 'lock', $hesklang['tlo']); } + /* Tag ticket button */ + if ($can_archive) { + $template = '
    • %s
      • '; + + $dropdown .= $ticket['archive'] + ? sprintf($template, 0, $hesklang['remove_archive']) + : sprintf($template, 1, $hesklang['add_archive']); + } + + /* Import to knowledgebase button */ + if ($hesk_settings['kb_enable'] && hesk_checkPermission('can_man_kb', 0)) { + $dropdown .= '
    • ' . $hesklang['import_kb'] . '
      • '; + } + + /* Create ticket for same contact button */ + $strippedName = strip_tags($ticket['name']); + $strippedEmail = strip_tags($ticket['email']); + $linkText = 'new_ticket.php?name=' . $strippedName . '&email=' . $strippedEmail . '&catid=' . $category_id . '&priority=' . $ticket['priority']; + foreach ($hesk_settings['custom_fields'] as $k => $v) { + if ($v['use'] == 1) { + + if ($v['type'] == 'checkbox') { + $value = str_replace('
      ', '-CHECKBOX-', $ticket[$k]); + } else { + $value = $ticket[$k]; + } + $strippedCustomField = strip_tags($value); + $linkText .= '&c_' . $k . '=' . $strippedCustomField; + } + } + + $dropdown .= '
    • ' . $hesklang['create_based_on_contact'] . '
      • '; + $dropdown .= '
    '; + $options .= $dropdown; + /* Return generated HTML */ - $options .= '
    '; return $options; } // END hesk_getAdminButtons() @@ -1594,17 +1502,13 @@ function hesk_getAdminButtonsInTicket($reply = 0, $white = 1) { global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $isManager; - $options = '
    '; - - /* Style and mousover/mousout */ - $tmp = $white ? 'White' : 'Blue'; - $style = 'class="option' . $tmp . 'OFF" onmouseover="this.className=\'option' . $tmp . 'ON\'" onmouseout="this.className=\'option' . $tmp . 'OFF\'"'; + $options = $reply ? '' : '
    '; /* Edit post */ if ($can_edit) { $tmp = $reply ? '&reply=' . $reply['id'] : ''; $mgr = $isManager ? '&isManager=true' : ''; - $options .= ' ' . $hesklang['edtt'] . ' '; + $options .= ' ' . $hesklang['edtt'] . ' '; } @@ -1613,19 +1517,17 @@ function hesk_getAdminButtonsInTicket($reply = 0, $white = 1) if ($reply) { $url = 'admin_ticket.php'; $tmp = 'delete_post=' . $reply['id']; - $img = 'delete.png'; $txt = $hesklang['delt']; } else { $url = 'delete_tickets.php'; $tmp = 'delete_ticket=1'; - $img = 'delete_ticket.png'; $txt = $hesklang['dele']; } - $options .= ' ' . $txt . ' '; + $options .= ' ' . $txt . ' '; } /* Return generated HTML */ - $options .= '
    '; + $options .= $reply ? '' : '
    '; return $options; } // END hesk_getAdminButtonsInTicket() @@ -1673,64 +1575,192 @@ function print_form() exit(); } // End print_form() +function mfh_print_message() { + global $ticket, $hesklang, $hesk_settings, $modsForHesk_settings; + ?> +
  • +
    + +

    +
    +
    +
    + +
    +
    + +
    +
    + $v) { + if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $ticket['category'])) { + echo '
    '; + echo '
    ' . $v['name'] . ':
    '; + if ($v['type'] == 'email') { + echo '
    '.$ticket[$k].'
    '; + } else { + echo '
    ' . $ticket[$k] . '
    '; + } + echo '
    '; + } + } + ?> +
    +
    + +
    + $v) { + if ($v['use'] && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + if ($first) { + echo '
    '; + $first = false; + } + echo '
    '; + echo '
    ' . $v['name'] . ':
    '; + if ($v['type'] == 'email') { + echo '
    '.$ticket[$k].'
    '; + } else { + echo '
    ' . $ticket[$k] . '
    '; + } + echo '
    '; + } + } + if (!$first) { + echo '
    '; + } + ?> + +
    + ' . $article['subject'] . '
    '; + } + + // Loop through the IDs to preserve the order they were suggested in + $articles = explode(',', $ticket['articles']); + foreach ($articles as $article) { + if (isset($suggested[$article])) { + $suggested_list .= $suggested[$article]; + } + } + + // Finally print suggested articles + if (strlen($suggested_list)) { + $suggested_list = '
    ' . $hesklang['taws'] . '
    ' . $suggested_list . ' '; + echo $_SESSION['show_suggested'] ? $suggested_list : '' . $hesklang['sska'] . ''; + } + } + ?> +
    + +
    +
    +
    + +
    +
    +
    +
    +
    • +'; + if (!$hesk_settings['new_top']) { + mfh_print_message(); + } else { + echo '
    • '; } while ($reply = hesk_dbFetchAssoc($result)) { - $color = 'class="ticketMessageContainer"'; - $reply['dt'] = hesk_date($reply['dt'], true); ?> -
    -
    -
    -
    -
    -
    - -
    -

    :

    +
  • + + + + + +
    + +

    +
    +
    -
    -

    :

    - -

    + +
    +
    -
    - ' . $hesklang['rnh'] . '

    '; - } elseif ($reply['rating'] == 5) { - echo '

    ' . $hesklang['rh'] . '

    '; - } - } - - /* Show "unread reply" message? */ - if ($reply['staffid'] && !$reply['read']) { - echo '

    ' . $hesklang['unread'] . '

    '; - } - ?> + +
    +
    +
    + ' . $hesklang['rnh'] . '

    '; + } elseif ($reply['rating'] == 5) { + echo '

    ' . $hesklang['rh'] . '

    '; + } + } + /* Show "unread reply" message? */ + if ($reply['staffid'] && !$reply['read']) { + echo '

    ' . $hesklang['unread'] . '

    '; + } + ?> +
    +
    + +
    +
    -
    +
    • '; + } + echo ''; + + return; } // End hesk_printTicketReplies() @@ -1738,6 +1768,13 @@ function hesk_printTicketReplies() function hesk_printReplyForm() { global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $options, $can_assign_self, $isManager, $modsForHesk_settings; + + // Force assigning a ticket before allowing to reply? + if ($hesk_settings['require_owner'] && ! $ticket['owner']) + { + hesk_show_notice($hesklang['atbr'].($can_assign_self ? '

    '.$hesklang['attm'].'' : ''), $hesklang['owneed']); + return ''; + } ?> @@ -1761,78 +1798,86 @@ function hesk_printReplyForm() }); /* ]]> */ - - -

    -
    -
    - - -
    > + + +
    +
    +

    + +

    +
    + +
    +
    +
    + > + + /* Ticket locked? */ + if ($ticket['locked']) { + hesk_show_notice($hesklang['tislock']); + } -
    - + // Track time worked? + if ($hesk_settings['time_worked']) { + ?> + +
    + -
    - +
    + +
    +
    +
    + + +
    +
    -
    -
    - - + +
    + +
    +
    + +
    -
    - -
    - -
    -
    - - -
    -
    - -
    - +
    + -
    +
    -
    -
    - -
    - - -
    -
    -
    - + /* attachments */ + if ($hesk_settings['attachments']['use']) { + ?> +
    + -
    +
    + +
    +
    ' . $hesklang['asss2'] . '
    '; - } else { - echo '
    '; + display_dropzone_field($hesk_settings['hesk_url'] . '/internal-api/ticket/upload-attachment.php'); + } + ?> +
    + + +
    + ' . $hesklang['asss2'] . '
    '; + } else { + echo '
    '; + } } - } - ?> -
    + ?> +
    + + +
    +
    - -
    -
    - - () -
    -

    - '; - } ?> - - - -
    - - - +
    + + + +
    - - - -
    -
    - - + +
    +
    '); myMsg = myMsg.replace(/%%HESK_EMAIL%%/g, ''); myMsg = myMsg.replace(/%%HESK_OWNER%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom1%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom2%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom3%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom4%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom5%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom6%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom7%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom8%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom9%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom10%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom11%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom12%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom13%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom14%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom15%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom16%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom17%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom18%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom19%%/g, ''); - myMsg = myMsg.replace(/%%HESK_custom20%%/g, ''); + + if (document.getElementById) { if (document.getElementById('moderep').checked) { @@ -2071,4 +2107,52 @@ function hesk_printCanned() return $can_options; } // End hesk_printCanned() + +function buildUserAgentModal($user_agent, $width, $height) { + global $hesklang; + + echo ' + '; +} ?> diff --git a/admin/api_settings.php b/admin/api_settings.php index 61a14abc..2bdc36b7 100644 --- a/admin/api_settings.php +++ b/admin/api_settings.php @@ -41,6 +41,7 @@ if (is_dir(HESK_PATH . 'install')) { require(HESK_PATH . 'hesk_settings.inc.php'); require(HESK_PATH . 'inc/common.inc.php'); require(HESK_PATH . 'inc/admin_functions.inc.php'); +require(HESK_PATH . 'inc/mail_functions.inc.php'); hesk_load_database_functions(); hesk_session_start(); @@ -60,86 +61,103 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); // Print main manage users page require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?> - -
    -
    -
    -
    - API Information +
    +
    +
    +

    + +

    +
    +
    +
    +
    - -
    - API Version + +
    - External API + + - Disabled - Enabled + + + + + +
    -
    -

    API Settings

    -
    - -
    -
    -
    -
    - -
    +
    +
    +

    + +

    +
    + +
    +
    +
    +
      +
      • +
      • +
      • +
    +
    +
    + +
    + +
    + data-toggle="tooltip" title=""> + data-toggle="tooltip" title=""> + data-toggle="tooltip" title=""> +
    -
    - -
    -
    -
    -
    - User Security -
    + +
    +
    - Username - Name - Number of Tokens - Actions + + + + - - - - - + ?> + + + + + + data-toggle="tooltip" title=""> + data-toggle="tooltip" title=""> + data-toggle="tooltip" title=""> - - - - - Generated Token: -

    NOTE: Please record this token, as this is the only time you will be able to view it!

    - - - - -

    All tokens for this user have been removed!

    - - - + + + + +

    + + + + +

    + + + @@ -208,7 +228,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    +
    - ' . $hesklang['unas'] . '', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); hesk_process_messages($hesklang['tunasi2'], $_SERVER['PHP_SELF'], 'SUCCESS'); } elseif ($owner < 1) { @@ -89,10 +89,31 @@ if (!$row['isadmin']) { } } +// Make sure two people don't assign a ticket to a different user at the same time +if ($ticket['owner'] && $ticket['owner'] != $owner && hesk_REQUEST('unassigned') && hesk_GET('confirm') != 'Y') { + $new_owner = ($owner == $_SESSION['id']) ? $hesklang['scoy'] : sprintf($hesklang['scot'], $row['name']); + + $res = hesk_dbQuery("SELECT `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='{$ticket['owner']}' LIMIT 1"); + + if (hesk_dbNumRows($res) == 1) { + $row = hesk_dbFetchAssoc($res); + + hesk_process_messages( + sprintf($hesklang['taat'], $row['name']) . + '

    ' . + $new_owner . + '

    ' . + ''.$hesklang['ycto'].' | ' . + ''.$hesklang['ncto'].'', + $_SERVER['PHP_SELF'], 'NOTICE' + ); + } +} + /* Assigning to self? */ if ($can_assign_others || ($owner == $_SESSION['id'] && $can_assign_self)) { $revision = sprintf($hesklang['thist2'], hesk_date(), $row['name'] . ' (' . $row['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); if ($owner != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) { $_SERVER['PHP_SELF'] = 'admin_main.php'; diff --git a/admin/banned_emails.php b/admin/banned_emails.php index e44bf575..6fd9892c 100644 --- a/admin/banned_emails.php +++ b/admin/banned_emails.php @@ -1,32 +1,15 @@ - -
    -
      - - +
      +
      +
      +
        + + ' . $hesklang['banip'] . ' '; - } - // Show a link to status_message.php if user has permission to do so - if (hesk_checkPermission('can_service_msg', 0)) { - echo ' + } + // Show a link to status_message.php if user has permission to do so + if (hesk_checkPermission('can_service_msg', 0)) { + echo '
      • ' . $hesklang['sm_title'] . '
        • '; - } + } - // Show a link to email tpl management if user has permission to do so - if (hesk_checkPermission('can_man_email_tpl', 0)) { - echo ' + // Show a link to email tpl management if user has permission to do so + if (hesk_checkPermission('can_man_email_tpl', 0)) { + echo '
      • ' . $hesklang['email_templates'] . '
        • '; - } - if (hesk_checkPermission('can_man_ticket_statuses', 0)) { - echo ' + } + if (hesk_checkPermission('can_man_ticket_statuses', 0)) { + echo '
      • ' . $hesklang['statuses'] . '
        • '; - } - ?> -
      -
      - -
      -
      -

      - -
      -
      - - -
      - - - -
      + } + if (hesk_checkPermission('can_man_settings', 0)) { + echo '
    • ' . $hesklang['tab_4'] . '
      • '; + } + ?> +
    +
    + +
    +
    +

    + + +
    + + +
    + + + +
    +
    +
    +
    +
    + +
    +
    +
    -
    -
    -
    - +
    +
    + +
    + john@example.com
    + @example.com
    - -
    -
    -
    - -
    - john@email.com
    - @domain.com -
    -
    -
    - ' . $hesklang['eperm'] . ''; - if ($num < 1) { - echo '

    ' . $hesklang['no_banemails'] . '

    '; - } else { - // List of staff - if (!isset($admins)) { - $admins = array(); - $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`"); - while ($row = hesk_dbFetchAssoc($res2)) { - $admins[$row['id']] = $row['name']; - } - } - - ?> - - - - - - +
    +
    -
    - - - - - ' . $hesklang['eperm'] . ''; + if ($num < 1) { + echo '

    ' . $hesklang['no_banemails'] . '

    '; + } else { + // List of staff + if (!isset($admins)) { + $admins = array(); + $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`"); + while ($row = hesk_dbFetchAssoc($res2)) { + $admins[$row['id']] = $row['name']; + } + } + + ?> +
    + + + + + + + + + + + + '; - if ($can_unban) { - echo ' + if ($can_unban) { + echo ' '; - } + } - echo ''; - } // End while - ?> - -
    ' . $ban['email'] . ' ' . (isset($admins[$ban['banned_by']]) ? $admins[$ban['banned_by']] : $hesklang['e_udel']) . ' ' . $ban['dt'] . '
    -
    - - '; + } // End while + ?> + +
    +
    + + +
    +
    + - +
    +
    - +
    -
    + + + - -
    -
      - +
      +
      +
      + -
      - -
      -
      - -
      -
      - - -
      - - - -
      + } + if (hesk_checkPermission('can_man_settings', 0)) { + echo ' +
    • + ' . $hesklang['tab_4'] . ' +
      • '; + } + ?> +
    +
    + +
    +
    + + +
    + + +
    + + + +
    +
    +
    +
    +
    + +
    +
    +
    -
    -
    -
    - +
    +
    + +
    + 123.0.0.0
    + 123.0.0.1 - 123.0.0.53
    + 123.0.0.0/24
    + 123.0.*.*
    - -
    -
    -
    - -
    - 123.0.0.0
    - 123.0.0.1 - 123.0.0.53
    - 123.0.0.0/24
    - 123.0.*.* -
    -
    -
    - = " . intval($hesk_settings['attempt_limit']) . " AND `last_attempt` > (NOW() - INTERVAL " . intval($hesk_settings['attempt_banmin']) . " MINUTE)"); - $num = hesk_dbNumRows($res); - - echo '

    ' . $hesklang['iptemp'] . '

    '; - - if ($num > 0) { - ?> - - - - - +
    +
    = " . intval($hesk_settings['attempt_limit']) . " AND `last_attempt` > (NOW() - INTERVAL " . intval($hesk_settings['attempt_banmin']) . " MINUTE)"); + $num = hesk_dbNumRows($res); + + echo '

    ' . $hesklang['iptemp'] . '

    '; + + if ($num > 0) { ?> -
    - - - - - + + + + + + + + + + + '; - if ($can_unban) { - echo ' + if ($can_unban) { + echo ' '; - } + } - echo ''; - } // End while + echo ''; + } // End while - ?> - -
    ' . $ban['ip'] . ' ' . $ban['minutes'] . ' @@ -200,64 +193,64 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    - ' . $hesklang['no_banips'] . '

    '; - } - - // Get banned ips from database - $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'banned_ips` ORDER BY `ip_from` ASC'); - $num = hesk_dbNumRows($res); - - echo '

    ' . $hesklang['ipperm'] . '

    '; - - if ($num < 1) { - echo '

    ' . $hesklang['no_banips'] . '

    '; - } else { - // List of staff - if (!isset($admins)) { - $admins = array(); - $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`"); - while ($row = hesk_dbFetchAssoc($res2)) { - $admins[$row['id']] = $row['name']; - } - } - - ?> - - - - - - - - - + ?> + +
    - - - - ' . $hesklang['no_banips'] . '

    '; } - echo ' + // Get banned ips from database + $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'banned_ips` ORDER BY `ip_from` ASC'); + $num = hesk_dbNumRows($res); + + echo '

    ' . $hesklang['ipperm'] . '

    '; + + if ($num < 1) { + echo '

    ' . $hesklang['no_banips'] . '

    '; + } else { + // List of staff + if (!isset($admins)) { + $admins = array(); + $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`"); + while ($row = hesk_dbFetchAssoc($res2)) { + $admins[$row['id']] = $row['name']; + } + } + + ?> + + + + + + + + + + + + + + @@ -265,27 +258,32 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); '; - if ($can_unban) { - echo ' + if ($can_unban) { + echo ' '; - } + } - echo ''; - } // End while - ?> - -
    ' . $ban['ip_display'] . ' ' . (($ban['ip_to'] == $ban['ip_from']) ? long2ip($ban['ip_to']) : long2ip($ban['ip_from']) . ' - ' . long2ip($ban['ip_to'])) . '' . $ban['dt'] . '
    - '; + } // End while + ?> + + + + ?> +
    +
    +
    +
    -
    + + - -
    -
    -
    -
    -

    +
    +
    +
    +
    +
    +

    + +

    +
    + +
    +
    +
    +
    + + +
    +
      + +
    • +
      + +
      +
      + +
      +
      • + +
    +
    -
    -
    - - +
    +
    +

    + +

    +
    + +
    -
      - -
    • -
      - +
      +
      +
      + +
      +
      +
      -
      - +
      +
      -
      • - -
    +
    +
    -
    -
    -

    -
    -
    -
    -
    - -
    -
    - -
    -
    - +
    +
    +
    +

    + +

    +
    +
    +
    +
    +
    +
    +
    @@ -138,7 +173,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    -
    +
    diff --git a/admin/change_status.php b/admin/change_status.php index 7a16fd3a..36622e97 100644 --- a/admin/change_status.php +++ b/admin/change_status.php @@ -1,32 +1,15 @@ diff --git a/admin/custom_fields.php b/admin/custom_fields.php new file mode 100755 index 00000000..09f6d65f --- /dev/null +++ b/admin/custom_fields.php @@ -0,0 +1,1317 @@ + +
    + +
    +
    +
    + +
    + = 50 && $action != 'edit_cf') + { + hesk_show_info($hesklang['cf_limit']); + } + // Less than 50 custom fields + else + { + ?> +
    +
    +

    +
    +
    +
    +
    + + 1) + { + ?> + + $info): ?> + + + + + +
    + +
    + +
    + +
    +
    + +
    +
    + + +
    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    + + +
    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    + +
    +

    +

    + +
    + +
    +

    +

    + +
    + +
    +

    + +
    + +
    +
    + +
    + + +
    +
    + +
    +
    +
    +
    + +
    + +
    +
    +
    + +
    + + + +
    +
    +
    +
    + +
    + + +
    +
    + +
    +
    +
    +
    + +
    + +
    +
    +
    + +
    + + + +
    +
    +
    +
    + +
    +
    '; + } + + ?> +
    +
    + +
    + + + + +
    +
    +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +

    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    + + +
    +
    +
    +
    +
    + ' : ''; ?> + + +
    +
    + +
    +
    + + +
    +
    +

    +
    +
    + + + + + + + + + + + + + + + $cf) { + if ($cf['place']) { + $num_after++; + } else { + $num_before++; + } + } + + $k = 1; + foreach ($hesk_settings['custom_fields'] as $id => $cf) { + $id = intval(str_replace('custom', '', $id)); + + if ($hide_up) { + $hide_up = false; + } + + if ($before && $cf['place'] == 0) { + ?> + + + + + + + + + + + + + + + + + + + +
    + 1) { + if (($num_before == 1 && $cf['place'] == 0) || ($num_after == 1 && $cf['place'] == 1)) { + // Only 1 custom fields in this place, don't print anything + ?> +   +   + +   + + + + + + + +   + + + + + + + + + + + + + + +
    + +
    +
    +
    +
    +
    +
    + +$error\n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'custom_fields.php'); + } + + // Add custom field data into database + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET + `use` = '{$cf['use']}', + `place` = '{$cf['place']}', + `type` = '{$cf['type']}', + `req` = '{$cf['req']}', + `category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').", + `name` = '".hesk_dbEscape($cf['names'])."', + `value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL')." + WHERE `id`={$id}"); + + // Clear cache + hesk_purge_cache('cf'); + + // Show success + $_SESSION['cford'] = $id; + hesk_process_messages($hesklang['cf_mdf'],'custom_fields.php','SUCCESS'); + +} // End save_cf() + + +function edit_cf() +{ + global $hesk_settings, $hesklang; + + // Get custom field ID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + + // Get details from the database + $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `id`={$id} LIMIT 1"); + if ( hesk_dbNumRows($res) != 1 ) + { + hesk_error($hesklang['cf_not_found']); + } + $cf = hesk_dbFetchAssoc($res); + + $cf['names'] = json_decode($cf['name'], true); + unset($cf['name']); + + if (strlen($cf['category'])) + { + $cf['categories'] = json_decode($cf['category'], true); + $cf['category'] = 1; + } + else + { + $cf['categories'] = array(); + $cf['category'] = 0; + } + + $_SESSION['new_cf'] = $cf; + $_SESSION['edit_cf'] = true; + +} // End edit_cf() + + +function order_cf() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID and move parameters + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + $move = intval( hesk_GET('move') ); + $_SESSION['cford'] = $id; + + // Update article details + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=`order`+".intval($move)." WHERE `id`={$id}"); + + // Update order of all custom fields + update_cf_order(); + + // Clear cache + hesk_purge_cache('cf'); + + // Finish + header('Location: custom_fields.php'); + exit(); + +} // End order_cf() + + +function update_cf_order() +{ + global $hesk_settings, $hesklang; + + // Get list of current custom fields + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `use` IN ('1','2') ORDER BY `place` ASC, `order` ASC"); + + // Update database + $i = 10; + while ( $cf = hesk_dbFetchAssoc($res) ) + { + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=".intval($i)." WHERE `id`='".intval($cf['id'])."'"); + $i += 10; + } + + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=1000 WHERE `use`='0'"); + + return true; + +} // END update_cf_order() + + +function remove_cf() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + + // Reset the custom field + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `value`=NULL, `order`=1000 WHERE `id`={$id}"); + + // Were we successful? + if ( hesk_dbAffectedRows() == 1 ) + { + // Update order + update_cf_order(); + + // Clear cache + hesk_purge_cache('cf'); + + // Delete custom field data from tickets + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `custom{$id}`=''"); + + // Show success message + hesk_process_messages($hesklang['cf_deleted'],'./custom_fields.php','SUCCESS'); + } + else + { + hesk_process_messages($hesklang['cf_not_found'],'./custom_fields.php'); + } + +} // End remove_cf() + + +function cf_validate() +{ + global $hesk_settings, $hesklang; + global $hesk_error_buffer; + + $hesk_error_buffer = array(); + + // Get names + $cf['names'] = hesk_POST_array('name'); + + // Make sure only valid names pass + foreach ($cf['names'] as $key => $name) + { + if ( ! isset($hesk_settings['languages'][$key])) + { + unset($cf['names'][$key]); + } + else + { + $name = is_array($name) ? '' : hesk_input($name, 0, 0, HESK_SLASH); + + if (strlen($name) < 1) + { + unset($cf['names'][$key]); + } + else + { + $cf['names'][$key] = stripslashes($name); + } + } + } + + // No name entered? + if ( ! count($cf['names'])) + { + $hesk_error_buffer[] = $hesklang['err_custname']; + } + + // Get type and values + $cf['type'] = hesk_POST('type'); + switch ($cf['type']) + { + case 'textarea': + $cf['rows'] = hesk_checkMinMax(intval(hesk_POST('rows')), 1, 100, 12); + $cf['cols'] = hesk_checkMinMax(intval(hesk_POST('cols')), 1, 500, 60); + $cf['value'] = array('rows' => $cf['rows'], 'cols' => $cf['cols']); + break; + + case 'radio': + $cf['radio_options'] = stripslashes(hesk_input(hesk_POST('radio_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['radio_options']); + + $no_default = hesk_POST('no_default') ? 1 : 0; + + $cf['value'] = array('radio_options' => $options, 'no_default' => $no_default); + + if (count($options) < 2) + { + $hesk_error_buffer[] = $hesklang['atl2']; + } + + break; + + case 'select': + $cf['select_options'] = stripslashes(hesk_input(hesk_POST('select_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['select_options']); + + $show_select = hesk_POST('show_select') ? 1 : 0; + + $cf['value'] = array('show_select' => $show_select, 'select_options' => $options); + + if (count($options) < 2) + { + $hesk_error_buffer[] = $hesklang['atl2']; + } + + break; + + case 'checkbox': + $cf['checkbox_options'] = stripslashes(hesk_input(hesk_POST('checkbox_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['checkbox_options']); + + $cf['value'] = array('checkbox_options' => $options); + + if ( ! isset($options[0]) || strlen($options[0]) < 1) + { + $hesk_error_buffer[] = $hesklang['atl1']; + } + + break; + + case 'date': + $cf['dmin'] = ''; + $cf['dmax'] = ''; + + // Minimum date + $dmin_rf = hesk_POST('dmin_rf'); + + if ($dmin_rf == 1) + { + $dmin = hesk_POST('dmin'); + + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmin)) + { + $cf['dmin'] = $dmin; + } + } + elseif ($dmin_rf == 2) + { + $dmin_pm = hesk_POST('dmin_pm') == '+' ? '+' : '-'; + $dmin_num = intval(hesk_POST('dmin_num', 0)); + $dmin_type = hesk_POST('dmin_type'); + if ( ! in_array($dmin_type, array('day', 'week', 'month', 'year'))) + { + $dmin_type = 'day'; + } + + $cf['dmin'] = $dmin_pm . $dmin_num . ' ' . $dmin_type; + } + + // Maximum date + $dmax_rf = hesk_POST('dmax_rf'); + + if ($dmax_rf == 1) + { + $dmax = hesk_POST('dmax'); + + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmax)) + { + $cf['dmax'] = $dmax; + } + } + elseif ($dmax_rf == 2) + { + $dmax_pm = hesk_POST('dmax_pm') == '+' ? '+' : '-'; + $dmax_num = intval(hesk_POST('dmax_num', 0)); + $dmax_type = hesk_POST('dmax_type'); + if ( ! in_array($dmax_type, array('day', 'week', 'month', 'year'))) + { + $dmax_type = 'day'; + } + + $cf['dmax'] = $dmax_pm . $dmax_num . ' ' . $dmax_type; + } + + // Minimum date should not be higher than maximum date + if (strlen($cf['dmin']) && strlen($cf['dmax'])) + { + if (strtotime($cf['dmin']) > strtotime($cf['dmax'])) + { + $hesk_error_buffer[] = $hesklang['d_mm']; + } + } + + // Date format + $date_format = hesk_POST('date_format'); + if ($date_format == 'custom') + { + $date_format = hesk_POST('date_format_custom'); + } + + $cf['date_format'] = preg_replace('/[^a-zA-Z0-9 \/\.\_+\-,;:#(){}\[\]\'@*]/', '', $date_format); + + $cf['value'] = array('dmin' => $cf['dmin'], 'dmax' => $cf['dmax'], 'date_format' => $cf['date_format']); + + break; + + case 'email': + $cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0; + $cf['email_type'] = hesk_POST('email_type', 'none'); + $cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']); + break; + + case 'hidden': + $cf['hidden_max_length'] = hesk_checkMinMax(intval(hesk_POST('hidden_max_length')), 1, 10000, 255); + $cf['hidden_default_value'] = stripslashes(hesk_input(hesk_POST('hidden_default_value'), 0, 0, HESK_SLASH)); + $cf['value'] = array('max_length' => $cf['hidden_max_length'], 'default_value' => $cf['hidden_default_value']); + break; + + case 'readonly': + $max_length = hesk_POST('max_length'); + $value = hesk_POST('default_value'); + $cf['value'] = array('default_value' => $value, 'max_length' => $max_length); + break; + + default: + $cf['type'] = 'text'; + $cf['max_length'] = hesk_checkMinMax(intval(hesk_POST('max_length')), 1, 10000, 255); + $cf['default_value'] = stripslashes(hesk_input(hesk_POST('default_value'), 0, 0, HESK_SLASH)); + $cf['value'] = array('max_length' => $cf['max_length'], 'default_value' => $cf['default_value']); + + } + + // Enable + $cf['use'] = hesk_POST('use') == 2 ? 2 : 1; + + // req + $cf['req'] = hesk_POST('req'); + $cf['req'] = $cf['req'] == 2 ? 2 : ($cf['req'] == 1 ? 1 : 0); + + // Private fields cannot be req for customers + if ($cf['use'] == 2 && $cf['req'] == 1) + { + $cf['req'] = 0; + } + + // Located above or below "Message"? + $cf['place'] = hesk_POST('place') ? 1 : 0; + + // Get allowed categories + if (hesk_POST('category')) + { + $cf['category'] = 1; + $cf['categories'] = hesk_POST_array('categories'); + + foreach ($cf['categories'] as $key => $cat_id) + { + if ( ! isset($hesk_settings['categories'][$cat_id]) ) + { + unset($cf['categories'][$key]); + } + } + + if ( ! count($cf['categories'])) + { + $hesk_error_buffer[] = $hesklang['cf_nocat']; + } + } + else + { + $cf['category'] = 0; + $cf['categories'] = array(); + } + + // Any errors? + if (count($hesk_error_buffer)) + { + $_SESSION['new_cf'] = $cf; + return false; + } + + $cf['names'] = addslashes(json_encode($cf['names'])); + $cf['value'] = $cf['type'] == 'date' ? json_encode($cf['value']) : addslashes(json_encode($cf['value'])); + + return $cf; +} // END cf_validate() + + +function new_cf() +{ + global $hesk_settings, $hesklang; + global $hesk_error_buffer; + + // A security check + # hesk_token_check('POST'); + + // Validate inputs + if (($cf = cf_validate()) == false) + { + $tmp = ''; + foreach ($hesk_error_buffer as $error) + { + $tmp .= "
  • $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'custom_fields.php'); + } + + // Get the lowest available custom field ID + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `use`='0' ORDER BY `id` ASC LIMIT 1"); + $row = hesk_dbFetchRow($res); + $_SESSION['cford'] = intval($row[0]); + + // Insert custom field into database + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET + `use` = '{$cf['use']}', + `place` = '{$cf['place']}', + `type` = '{$cf['type']}', + `req` = '{$cf['req']}', + `category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').", + `name` = '".hesk_dbEscape($cf['names'])."', + `value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').", + `order` = 990 + WHERE `id`={$_SESSION['cford']}"); + + // Update order + update_cf_order(); + + // Clear cache + hesk_purge_cache('cf'); + + // Show success + hesk_process_messages($hesklang['cf_added'],'custom_fields.php','SUCCESS'); + +} // End new_cf() diff --git a/admin/delete_tickets.php b/admin/delete_tickets.php index 4880d4cb..e387ea3f 100644 --- a/admin/delete_tickets.php +++ b/admin/delete_tickets.php @@ -1,32 +1,15 @@ -
    -
    -

    - -
    - -
    -
    - +
    +
    +
    +

    + +

    +
    + +
    +
    +
    + +
    + -
    +
    +
    -
    -
    -
    - - - - - +
    +
    + + + + +
    + + +
    +
    -
    - + +
    -
    +
    $v) { + if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + if ($v['req'] == 2) { + $v['req'] = '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } + + if ($v['type'] == 'checkbox') { + $tmpvar[$k]=''; + + if (isset($_POST[$k]) && is_array($_POST[$k])) { + foreach ($_POST[$k] as $myCB) { + $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '
    '; + } + $tmpvar[$k]=substr($tmpvar[$k],0,-6); + } else { + if ($v['req'] == 2) { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; + } + $_POST[$k] = ''; + } + } elseif ($v['type'] == 'date') { + $tmpvar[$k] = hesk_POST($k); + $_SESSION["as_$k"] = ''; + + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) { + $date = strtotime($tmpvar[$k] . ' t00:00:00'); + $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false; + $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false; + + $_SESSION["as_$k"] = $tmpvar[$k]; + + if ($dmin && $dmin > $date) { + $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format'])); + } elseif ($dmax && $dmax < $date) { + $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format'])); + } else { + $tmpvar[$k] = $date; + } + } else { + if ($v['req'] == 2) { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; + } + } + } elseif ($v['type'] == 'email') { + $tmp = $hesk_settings['multi_eml']; + $hesk_settings['multi_eml'] = $v['value']['multiple']; + $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0); + $hesk_settings['multi_eml'] = $tmp; + + if ($tmpvar[$k] != '') { + $_SESSION["as_$k"] = hesk_input($tmpvar[$k]); + } else { + $_SESSION["as_$k"] = ''; + + if ($v['req'] == 2) { + $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']); + } + } + } elseif ($v['req'] == 2) { + $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) ))); + if ($tmpvar[$k] == '') { + $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; + } + } else { + $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input(hesk_POST($k)))); + } + } else { + $tmpvar[$k] = ''; + } + } + if (count($hesk_error_buffer)) { $myerror = '
      '; foreach ($hesk_error_buffer as $error) { @@ -137,51 +220,20 @@ if (isset($_POST['save'])) { $tmpvar['message'] = nl2br($tmpvar['message']); } - foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use'] && isset($_POST[$k])) { - if ($v['type'] == 'date' && $_POST[$k] != '') { - $tmpvar[$k] = strtotime($_POST[$k]); - } elseif (is_array($_POST[$k])) { - $tmpvar[$k] = ''; - foreach ($_POST[$k] as $myCB) { - $tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '
      '; - } - $tmpvar[$k] = substr($tmpvar[$k], 0, -6); - } else { - $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k]))); - } - } else { - $tmpvar[$k] = ''; - } + $custom_SQL = ''; + for ($i = 1; $i <= 50; $i++) { + $custom_SQL .= '`custom'.$i.'`=' . (isset($tmpvar['custom'.$i]) ? "'".hesk_dbEscape($tmpvar['custom'.$i])."'" : "''") . ','; } + $custom_SQL = rtrim($custom_SQL, ','); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `name`='" . hesk_dbEscape($tmpvar['name']) . "', `email`='" . hesk_dbEscape($tmpvar['email']) . "', `subject`='" . hesk_dbEscape($tmpvar['subject']) . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "', - `custom1`='" . hesk_dbEscape($tmpvar['custom1']) . "', - `custom2`='" . hesk_dbEscape($tmpvar['custom2']) . "', - `custom3`='" . hesk_dbEscape($tmpvar['custom3']) . "', - `custom4`='" . hesk_dbEscape($tmpvar['custom4']) . "', - `custom5`='" . hesk_dbEscape($tmpvar['custom5']) . "', - `custom6`='" . hesk_dbEscape($tmpvar['custom6']) . "', - `custom7`='" . hesk_dbEscape($tmpvar['custom7']) . "', - `custom8`='" . hesk_dbEscape($tmpvar['custom8']) . "', - `custom9`='" . hesk_dbEscape($tmpvar['custom9']) . "', - `custom10`='" . hesk_dbEscape($tmpvar['custom10']) . "', - `custom11`='" . hesk_dbEscape($tmpvar['custom11']) . "', - `custom12`='" . hesk_dbEscape($tmpvar['custom12']) . "', - `custom13`='" . hesk_dbEscape($tmpvar['custom13']) . "', - `custom14`='" . hesk_dbEscape($tmpvar['custom14']) . "', - `custom15`='" . hesk_dbEscape($tmpvar['custom15']) . "', - `custom16`='" . hesk_dbEscape($tmpvar['custom16']) . "', - `custom17`='" . hesk_dbEscape($tmpvar['custom17']) . "', - `custom18`='" . hesk_dbEscape($tmpvar['custom18']) . "', - `custom19`='" . hesk_dbEscape($tmpvar['custom19']) . "', - `custom20`='" . hesk_dbEscape($tmpvar['custom20']) . "', `language`='" . hesk_dbEscape($tmpvar['language']) . "', - `html`='" . hesk_dbEscape($tmpvar['html']) . "' + `html`='" . hesk_dbEscape($tmpvar['html']) . "', + $custom_SQL WHERE `id`='" . intval($ticket['id']) . "' LIMIT 1"); } @@ -207,283 +259,307 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
      • -
      -
      -

      - -
      - -
      +
      +
      +
      +

      + +

      +
      + +
      +
      +
      + $onsubmit = ''; + if ($modsForHesk_settings['rich_text_for_tickets']) { + $onsubmit = 'onsubmit="return validateRichText(\'message-help-block\', \'message-group\', \'message\', \''.htmlspecialchars($hesklang['this_field_is_required']).'\')"'; + } + ?> + > + +
      + + +
      + +
      +
      + '; + } ?>
      - + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } + ?> +
      - +
      - '; - } ?> -
      - +
      + -
      - -
      -
      -
      - - -
      - -
      -
      -
      - - -
      - +
      + +
      -
      - $v) { - if ($v['use']) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; +
      + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; } + ?> + - $k_value = $ticket[$k]; - - if ($v['type'] == 'checkbox') { - $k_value = explode('
      ', $k_value); - } +
      + > +
      +
      +
      + $v) { + if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + $k_value = $ticket[$k]; + + if ($v['type'] == 'checkbox') { + $k_value = explode('
      ', $k_value); + } + + if ($v['req'] == 2) { + $v['req'] = '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } + + switch ($v['type']) { + /* Radio box */ + case 'radio': + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + echo ' +
      + +
      '; + foreach ($v['value']['radio_options'] as $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { + $k_value = $option; + $checked = 'checked="checked"'; + } else { + $checked = ''; + } + + echo '
      '; + } + echo '
      +
      '; - switch ($v['type']) { - /* Radio box */ - case 'radio': - echo ' -
      - -
      '; + break; - $options = explode('#HESK#', $v['value']); + /* Select drop-down box */ + case 'select': - foreach ($options as $option) { + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - if (strlen($k_value) == 0 || $k_value == $option) { - $k_value = $option; - $checked = 'checked="checked"'; - } else { - $checked = ''; + echo ' +
      + +
      + ' . $option . '
      '; - } + foreach ($v['value']['select_options'] as $option) { + if ($k_value == $option) { + $k_value = $option; + $selected = 'selected'; + } else { + $selected = ''; + } - echo '
      -
      - '; - break; - - /* Select drop-down box */ - case 'select': - echo ' -
      - -
      +
      +
      +
      '; + break; + + /* Checkbox */ + case 'checkbox': + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + echo ' +
      + +
      '; + foreach ($v['value']['checkbox_options'] as $option) { + if (in_array($option, $k_value)) { + $checked = 'checked'; + } else { + $checked = ''; + } + + echo '
      '; + } + echo '
      +
      +
      '; + break; - $options = explode('#HESK#', $v['value']); + /* Large text box */ + case 'textarea': + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + $k_value = hesk_msgToPlain($k_value, 0, 0); - foreach ($options as $option) { + echo ' +
      + +
      + +
      +
      +
      '; + break; - if (strlen($k_value) == 0 || $k_value == $option) { - $k_value = $option; - $selected = 'selected="selected"'; - } else { - $selected = ''; + // Date + case 'date': + if ($required_attribute !== '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; } - echo ''; - } + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
      -
      - '; - break; + $k_value = hesk_custom_date_display_format($k_value, 'Y-m-d'); - /* Checkbox */ - case 'checkbox': - echo ' -
      - -
      '; + echo ' +
      + +
      + +
      +
      +
      '; + break; - $options = explode('#HESK#', $v['value']); + // Email + case 'email': + $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - foreach ($options as $option) { + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\'' . $k . '\', \'' . $k . '_suggestions\', 0, 1' . ($v['value']['multiple'] ? ',1' : '') . ')"' : ''; - if (in_array($option, $k_value)) { - $checked = 'checked="checked"'; - } else { - $checked = ''; + echo ' +
      + +
      + +
      +
      +
      +
      + '; + break; + + // Hidden (same as text for staff) + case 'hidden': + case 'readonly': + default: + if (strlen($k_value) != 0) { + $v['value']['default_value'] = $k_value; } - echo '
      '; - } - - echo '
      -
      - '; - break; - - /* Large text box */ - case 'textarea': - $size = explode('#', $v['value']); - $size[0] = empty($size[0]) ? 5 : intval($size[0]); - $size[1] = empty($size[1]) ? 30 : intval($size[1]); - $k_value = hesk_msgToPlain($k_value, 0, 0); - - echo ' -
      - -
      - -
      -
      '; - break; - - case 'date': - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - echo ' -
      - -
      - -
      -
      '; - break; - case 'multiselect': - echo '
      -
      -
      - - -
      '; - break; - - case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - echo ''; - - break; - - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - echo '
      - -
      -
      '; - - break; - - /* Default text input */ - default: - if (strlen($k_value) != 0) { - $k_value = hesk_msgToPlain($k_value, 0, 0); - $v['value'] = $k_value; - } - echo ' -
      - -
      - -
      -
      - '; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + + echo ' +
      + +
      + +
      +
      +
      + '; + } } } - } - ?> + } ?> +
      + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } - -
      - + ?> + -
      - - -
      -
      +
      + + +
      +
      +
      - - + + + - +
      - + @@ -492,7 +568,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
      - + + + '; + } - +
      +
      + + diff --git a/admin/index.php b/admin/index.php index 5e7598f1..f3a3031b 100644 --- a/admin/index.php +++ b/admin/index.php @@ -1,35 +1,19 @@ -
      -
      - - -
      - -

       

      - - +
      - - - - -
      - - - - -
      - - - +
      + +
      -

      ()

      -
      - - '.$hesklang['nosr'].'

      '; - hesk_show_kb_category(1,1); - } - else - { -?> - - -
      -
      - - '.$alt.''; - } - else - { - $rat = ''; - } - - echo ' +
      +
      +
      +

      + () +

      +
      + +
      +
      +
      + '.$hesklang['nosr'].''; + $show_default_category = true; + } else { + ?> +
      + ' . mfh_get_stars($article['rating']) . ''; + } + else + { + $rat = ''; + } + + echo ' - -
      @@ -207,18 +203,16 @@ function hesk_kb_search($query) '; - } - ?> -
      - -
      - -


       

      + } + ?> +
      +   + +
      +
    + '.$article['subject'].' -
    +?> +
    +
    +
    +

    + +

    +
    + +
    +
    +
    + +
    + +
    +

    + '.$att_name.'
    '; + } + ?> +
    + +
    + +

    +
    + '.$hesklang['as'].' - '. $article['content']; + // Get relevant articles from the database + $res = hesk_dbQuery("SELECT `id`, `subject`, MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') AS `score` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') LIMIT ".intval($hesk_settings['kb_related']+1)); - if ( ! empty($article['attachments'])) - { - echo '

    '.$hesklang['attachments'].':
    '; - $att=explode(',',substr($article['attachments'], 0, -1)); - foreach ($att as $myatt) - { - list($att_id, $att_name) = explode('#', $myatt); - echo ' '.$att_name.'
    '; - } - echo '

    '; - } + // Array with related articles + $related_articles = array(); + while ($related = hesk_dbFetchAssoc($res)) + { + // Get base match score from the first (this) article + if ( ! isset($base_score) ) + { + $base_score = $related['score']; + } + // Ignore this article + if ($related['id'] == $artid) + { + continue; + } - if ($article['catid']==1) - { - $link = 'knowledgebase_private.php'; - } - else - { - $link = 'knowledgebase_private.php?category='.$article['catid']; - } - ?> -

    -
    - -
    -

    -
    - - - - - - - - - - - - - - - - - -
    :
    :
    :
    :
    -
    - -
    -

    -
    - $subject) - { - echo ' '.$subject.'
    '; - } - ?> -
    - -
    + // Stop when articles reach less than 10% of base score + if ($related['score'] / $base_score < 0.10) + { + break; + } - -


     

    - -

     

    - +
    +
    +
    +

    + +

    +
    + +
    +
    +
    + + + + + + + + + + + + + + + + + +
    : + ' . $hesklang['public_link'] . ']'; + } + ?> +
    :
    :
    :
    +
    +
    +
    + +
    +
    +
    +

    + +

    +
    + +
    +
    +
    + $subject) + { + echo ' '.$subject.'
    '; + } + ?> +
    +
    +
    + +
    + + +


     

    + +
    +'.$hesklang['kb_cat'].': '.$thiscat['name'].' -

    '.$hesklang['back'].'

    -
    '; - } - - $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='".intval($catid)."' ORDER BY `parent` ASC, `cat_order` ASC"); - if (hesk_dbNumRows($result) > 0) - { - ?> - -

    -
    - - - - - -
    - - - +?> +
    + +

    +

    + + +

    '; - } + endif; - $private = ($cat['type'] == 1) ? ' *' : ''; + $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='".intval($catid)."' ORDER BY `parent` ASC, `cat_order` ASC"); - echo ' + if (hesk_dbNumRows($result) > 0) { + ?> +
    +
    +

    + +

    +
    + +
    +
    +
    +
    + '; + } + + $private = ($cat['type'] == 1) ? ' *' : ''; + + echo ' '; - if ($i == $per_col) - { - echo ''; - $i = 0; - } - $i++; - } - /* Finish the table if needed */ - if ($i != 1) - { - for ($j=1;$j<=$per_col;$j++) - { - echo ''; - if ($i == $per_col) - { - echo ''; - break; - } - $i++; - } - } - - ?> -
    '; - /* Print most popular/sticky articles */ - if ($hesk_settings['kb_numshow'] && $cat['articles']) - { - $res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `catid`='".intval($cat['id'])."' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1) ); - $num = 1; - while ($art = hesk_dbFetchAssoc($res)) - { - $private = ($art['type'] == 1) ? ' *' : ''; - echo ' + /* Print most popular/sticky articles */ + if ($hesk_settings['kb_numshow'] && $cat['articles']) + { + $res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `catid`='".intval($cat['id'])."' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1) ); + $num = 1; + while ($art = hesk_dbFetchAssoc($res)) + { + $private = ($art['type'] == 1) ? ' *' : ''; + echo ' '; - if ($num == $hesk_settings['kb_numshow']) - { - break; - } - else - { - $num++; - } - } - if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) - { - echo ''; - } - } - - echo ' + if ($num == $hesk_settings['kb_numshow']) + { + break; + } + else + { + $num++; + } + } + if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) + { + echo ''; + } + } + + echo '
     '.$cat['name'].''.$private.'
           '.$art['subject'].''.$private.'
    » '.$hesklang['m'].'
    » '.$hesklang['m'].'
     
    - -
    - - 0 - ?> -
    -

    -
    - - - - - -
    - - '.$hesklang['noac'].'

    '; - } - else - { - echo '
    '; - while ($article = hesk_dbFetchAssoc($res)) - { - $private = ($article['type'] == 1) ? ' *' : ''; + if ($i == $per_col) + { + echo ''; + $i = 0; + } + $i++; + } + /* Finish the table if needed */ + if ($i != 1) + { + for ($j=1;$j<=$per_col;$j++) + { + echo ''; + if ($i == $per_col) + { + echo ''; + break; + } + $i++; + } + } + + ?> +
     
    +
    +
    + +
    + + +
    +
    +

    + +

    +
    + +
    +
    +
    + '.$hesklang['noac'].''; + } + else + { + echo ''; + while ($article = hesk_dbFetchAssoc($res)) + { + $private = ($article['type'] == 1) ? ' *' : ''; - $txt = hesk_kbArticleContentPreview($article['content']); + $txt = hesk_kbArticleContentPreview($article['content']); - echo ' + echo ' '; - } - echo '
    @@ -528,14 +564,16 @@ function hesk_show_kb_category($catid, $is_search = 0) {
    '; - } - ?> - -
    + } + echo ''; + } + ?> +
    +
    + +
    +
    + -
    -
    -
    -
    -
      - ' . $hesk_settings['mailtmp']['inbox'] . ' -
    • ' . $hesk_settings['mailtmp']['outbox'] . '
      • -
    • ' . $hesk_settings['mailtmp']['new'] . '
      • '; - ?> -
    +
    +
    +
    +
    +
    +

    + +

    +
    + +
    +
    +
    +
      +
    • + +
      • +
    • + +
      • +
    • + +
      • +
    +
    +
    -
    -
    -

    - -
    - - + +
    +
    +

    + +

    +
    + +
    +
    +
    + +
    +
    + - /* Show new message form */ - show_new_form(); + + /* Clean unneeded session variables */ + hesk_cleanSessionVars('hide'); + hesk_cleanSessionVars('mail'); + ?> +
    -
    + '.$admins[$pm[$hesk_settings['mailtmp']['other']]].'' : (($pm['from'] == 9999) ? 'HESK.com' : $hesklang['e_udel']); - - echo $pm['dt']; $pm['dt'] = hesk_dateToString($pm['dt'],0,1,0,true); ?> - - - - - -
    - - - - - - -
    - - - - - - - - - - - - - +
    +
    +

    + +

    +
    + +
    +
    +
    +
    +
    +
    + + +
    +
    + + +
    +
    + + +
    +
    +
    +
    + + +
    + + + +
    -     		- - '; - $folder = ''; - } - echo ''; - ?> - -
    - -

    - -
    -
    - - +

    +
    +
    +
    + '.$hesklang['mau'].' '; + $folder = ''; + } + echo ' '.$hesklang['delm'].''; + ?> +
    +
    +
    - + @@ -620,78 +629,89 @@ function show_new_form() { global $hesk_settings, $hesklang, $admins; ?> -
    +
    -

    - -
    - -
    - - -
    - -
    -
    -
    -
    - - -
    - data-error="" required> -
    +
    +
    +

    + +

    +
    + +
    -
    -
    - +
    +
    + + +
    + +
    +
    +
    +
    + + +
    + data-error="" required> +
    +
    +
    +
    + -
    +
    -
    -
    -
    -
    -
    -
    - () +
    +
    +
    +
    +
    +
    + () +
    +
    +
    +
    +
    + + + +
    -
    -
    - - - -
    -
    + diff --git a/admin/manage_canned.php b/admin/manage_canned.php index 191ba920..726ad8cf 100644 --- a/admin/manage_canned.php +++ b/admin/manage_canned.php @@ -1,32 +1,15 @@ -
    -
    -
    -
    -
    - ' . $hesklang['no_saved'] . '

    '; - } - else - { ?> - - - - - - +
    +
    +

    + +

    +
    + +
    +
    +
    + ' . $hesklang['no_saved'] . '

    '; + } + else + { ?> +
    + + + + + ' . $mysaved['title'] . ''; + $options .= ' '; - } // End while - } - ?> -
    ' . $mysaved['title'] . ' '; - if ($num > 1) { - if ($j == 1) { - echo ' '; - } elseif ($j == $num) { - echo ' '; - } else { - echo ' + if ($num > 1) { + if ($j == 1) { + echo ' '; + } elseif ($j == $num) { + echo ' '; + } else { + echo ' '; - } - } else { - echo ''; } + } else { + echo ''; + } - echo ' + echo '  
    -
    + } // End while + } + ?> +
    @@ -225,117 +219,123 @@ $num = hesk_dbNumRows($result); /* ]]> */ -
    - + + - - -

    - -
    - - -
    > -

    - -
    -
    -
    - 0) { - ?> -
    -
    - -
    -
    -
    -
    -
    - : + ?> + > +
    +
    + 0) { + ?> +
    +
    +
    + +
    -
    - +
    +
    +
    + : +
    +
    +
    + +
    -
    - '; - } - ?> + '; + } + ?> +
    -
    -
    - +
    + -
    +
    required> -
    +
    +
    -
    -
    - +
    + -
    +
    -
    - : - | - | - | - | - - $v) { - if ($v['use']) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } +
    + : + | + | + | + | + + $v) { + if ($v['use']) { + if ($modsForHesk_settings['custom_field_setting']) { + $v['name'] = $hesklang[$v['name']]; + } - echo '| ' . $v['name'] . ' '; + echo '| ' . $v['name'] . ' '; + } } - } - ?> + ?> +
    -
    -
    - - -
    - +
    + + +
    + +
    -
    + array('value' => 3, 'text' => $hesklang['low'], 'formatted' => $hesklang['low']), - 2 => array('value' => 2, 'text' => $hesklang['medium'], 'formatted' => '' . $hesklang['medium'] . ''), - 1 => array('value' => 1, 'text' => $hesklang['high'], 'formatted' => '' . $hesklang['high'] . ''), - 0 => array('value' => 0, 'text' => $hesklang['critical'], 'formatted' => '' . $hesklang['critical'] . ''), + 2 => array('value' => 2, 'text' => $hesklang['medium'], 'formatted' => '' . $hesklang['medium'] . ''), + 1 => array('value' => 1, 'text' => $hesklang['high'], 'formatted' => '' . $hesklang['high'] . ''), + 0 => array('value' => 0, 'text' => $hesklang['critical'], 'formatted' => '' . $hesklang['critical'] . ''), ); /* What should we do? */ @@ -106,221 +90,232 @@ while ($mycat = hesk_dbFetchAssoc($res)) { $options .= '>' . $mycat['name'] . ''; } ?> -
    -
    -
    -
    +
    +
    +
    +

    +

    +
    +
    -
    -
    -
    -

    - ()

    - -
    - - data-error="" - required> -
    -
    +
    +
    + +
    +

    + ()

    + +
    + + data-error="" + required> +
    -
    - - -
    -

    +
    +
    + + +
    + -
    -
    - -
    - -
    +
    +
    + +
    +
    -
    - -
    - -
    +
    +
    + +
    +
    -
    - +
    +
    + -
    - -
    -
    -
    - +
    - + } ?> />
    + +
    +
    -
    - - - -
    - -
    +
    +
    + + + +
    +
    -
    -
    -
    +
    +
    +

    +

    +
    +
    -
    - +
    + + + + + + + + + + + + + + -
    - - - - - - - - - - - - ' + $usage = array( + 0 => '', - 1 => '', - 2 => ' ' - ); - - while ($mycat = hesk_dbFetchAssoc($res)) { - $j++; - - if (isset($_SESSION['selcat2']) && $mycat['id'] == $_SESSION['selcat2']) { - $color = 'admin_green'; - unset($_SESSION['selcat2']); - } else { - $color = $i ? 'admin_white' : 'admin_gray'; - } + 1 => '', + 2 => ' ' + ); + + while ($mycat = hesk_dbFetchAssoc($res)) { + $j++; + + if (isset($_SESSION['selcat2']) && $mycat['id'] == $_SESSION['selcat2']) { + $color = 'admin_green'; + unset($_SESSION['selcat2']); + } else { + $color = $i ? 'admin_white' : 'admin_gray'; + } - $tmp = $i ? 'White' : 'Blue'; - $style = ''; - if ($mycat['color'] == null) { - $style .= 'color: black; border: solid 1px #000'; - } else { - $style .= 'background: ' . $mycat['color']; - } - $i = $i ? 0 : 1; + $tmp = $i ? 'White' : 'Blue'; + $style = ''; + if ($mycat['color'] == null) { + $style .= 'color: black; border: solid 1px #000'; + } else { + $style .= 'background: ' . $mycat['color']; + } + $i = $i ? 0 : 1; - /* Number of tickets and graph width */ - $all = isset($tickets_all[$mycat['id']]) ? $tickets_all[$mycat['id']] : 0; - $width_all = 0; - if ($tickets_total && $all) { - $width_all = round(($all / $tickets_total) * 100); - } + /* Number of tickets and graph width */ + $all = isset($tickets_all[$mycat['id']]) ? $tickets_all[$mycat['id']] : 0; + $width_all = 0; + if ($tickets_total && $all) { + $width_all = round(($all / $tickets_total) * 100); + } - /* Deleting category with ID 1 (default category) is not allowed */ - if ($mycat['id'] == 1) { - $remove_code = ' '; - } else { - $remove_code = ' '; - } + /* Deleting category with ID 1 (default category) is not allowed */ + if ($mycat['id'] == 1) { + $remove_code = ' '; + } else { + $remove_code = ' '; + } - /* Is category private or public? */ - if ($mycat['type']) { - $type_code = ''; - } else { - $type_code = ''; - } + /* Is category private or public? */ + if ($mycat['type']) { + $type_code = ''; + } else { + $type_code = ''; + } - /* Is auto assign enabled? */ - if ($hesk_settings['autoassign']) { - if ($mycat['autoassign']) { - $autoassign_code = ''; - } else { - $autoassign_code = ''; - } + /* Is auto assign enabled? */ + if ($hesk_settings['autoassign']) { + if ($mycat['autoassign']) { + $autoassign_code = ''; } else { - $autoassign_code = ''; + $autoassign_code = ''; } + } else { + $autoassign_code = ''; + } - echo ' + echo ' @@ -342,31 +337,30 @@ while ($mycat = hesk_dbFetchAssoc($res)) { ' . $autoassign_code . ' ' . $type_code . ' '; - if ($orderBy != 'name' && $num > 1) { - if ($j == 1) { - echo ' '; - } elseif ($j == $num) { - echo ''; - } else { - echo ' + if ($orderBy != 'name' && $num > 1) { + if ($j == 1) { + echo ' '; + } elseif ($j == $num) { + echo ''; + } else { + echo '   '; - } } - echo ''; - echo $remove_code . ' + } + echo ''; + echo $remove_code . ' '; - } // End while + } // End while - ?> -
    -
    + ?> +
    -
    +