|
|
|
@ -44,7 +44,9 @@ hesk_isLoggedIn();
|
|
|
|
|
$modsForHesk_settings = mfh_getSettings();
|
|
|
|
|
|
|
|
|
|
/* Check permissions for this feature */
|
|
|
|
|
hesk_checkPermission('can_change_cat');
|
|
|
|
|
if (hesk_checkPermission('can_change_cat', 0)) {
|
|
|
|
|
hesk_checkPermission('can_change_own_cat');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* A security check */
|
|
|
|
|
hesk_token_check('POST');
|
|
|
|
@ -73,6 +75,11 @@ if (!$row['autoassign']) {
|
|
|
|
|
/* Is user allowed to view tickets in new category? */
|
|
|
|
|
$category_ok = hesk_okCategory($category, 0);
|
|
|
|
|
|
|
|
|
|
// Is user allowed to move tickets to this category?
|
|
|
|
|
if (!$category_ok && !hesk_checkPermission('can_submit_any_cat', 0)) {
|
|
|
|
|
hesk_process_messages($hesklang['noauth_move'],'admin_main.php');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Get details about the original ticket */
|
|
|
|
|
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
|
|
|
|
|
if (hesk_dbNumRows($res) != 1) {
|
|
|
|
@ -113,7 +120,7 @@ if ($need_to_reassign || !$ticket['owner']) {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
|
|
|
|
|
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
|
|
|
|
|
|
|
|
|
|
$ticket['category'] = $category;
|
|
|
|
|
|
|
|
|
|