diff --git a/admin/admin_reply_ticket.php b/admin/admin_reply_ticket.php index 7abe3b11..3ade28b2 100644 --- a/admin/admin_reply_ticket.php +++ b/admin/admin_reply_ticket.php @@ -198,6 +198,11 @@ if ($submit_as_customer) { $revision = ''; /* Change the status of priority? */ +$audit_priority = null; +$audit_closed = null; +$audit_status = null; +$audit_customer_status = null; +$audit_assigned_self = null; if (!empty($_POST['set_priority'])) { $priority = intval(hesk_POST('priority')); if ($priority < 0 || $priority > 3) { @@ -220,9 +225,8 @@ if (!empty($_POST['set_priority'])) { $priority_sql = ",`priority`='$priority' "; - mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_priority', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $plain_options[$priority])); + $audit_priority = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => $plain_options[$priority]); } else { $priority_sql = ""; } @@ -247,7 +251,7 @@ if ($ticket['locked']) { $newStatus = hesk_dbFetchAssoc($newStatusRs); if ($newStatus['IsClosed'] && hesk_checkPermission('can_resolve', 0)) { - mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_closed', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " "; // Lock the ticket if customers are not allowed to reopen tickets @@ -256,9 +260,8 @@ if ($ticket['locked']) { } } else { // Ticket isn't being closed, just add the history to the sql query (or tried to close but doesn't have permission) - mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => mfh_getDisplayTextForStatusId($new_status))); + $audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => mfh_getDisplayTextForStatusId($new_status)); } } } // -> Submit as Customer reply @@ -269,9 +272,8 @@ elseif ($submit_as_customer) { $new_status = $customerReplyStatus['ID']; if ($ticket['status'] != $new_status) { - mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => mfh_getDisplayTextForStatusId($new_status))); + $audit_customer_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => mfh_getDisplayTextForStatusId($new_status)); } } // -> Default: submit as "Replied by staff" else { @@ -293,7 +295,7 @@ if ($time_worked == '00:00:00') { } if (!empty($_POST['assign_self']) && (hesk_checkPermission('can_assign_self', 0) || (isset($_REQUEST['isManager']) && $_REQUEST['isManager']))) { - mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_assigned_self', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_assigned_self = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql .= " , `owner`=" . intval($_SESSION['id']) . " "; } @@ -317,6 +319,29 @@ unset($sql); /* Update number of replies in the users table */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "'"); +//-- Insert necessary audit trail records +if ($audit_priority != null) { + mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_priority', hesk_date(), $audit_priority); +} + +if ($audit_closed != null) { + mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_closed', hesk_date(), $audit_closed); +} + +if ($audit_status != null) { + mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), $audit_status); +} + +if ($audit_customer_status != null) { + mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), + $audit_customer_status); +} + +if ($audit_assigned_self != null) { + mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_assigned_self', hesk_date(), $audit_assigned_self); +} + + // --> Prepare reply message // 1. Generate the array with ticket info that can be used in emails diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index f2e74a12..a587f42f 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -470,11 +470,10 @@ if ($hesk_settings['time_worked'] && ($can_reply || $can_edit) && isset($_POST[' $time_worked = hesk_getTime($h . ':' . $m . ':' . $s); /* Update database */ - //audit_time_worked who - value + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_time_worked', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $time_worked)); - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); + 1 => $time_worked)); /* Show ticket */ hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); @@ -562,10 +561,6 @@ if (isset($_GET['delatt']) && hesk_token_check()) { hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "'"); /* Update ticket or reply in the database */ - // audit_attachment_deleted - mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_attachment_deleted', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $att['real_name'])); if ($reply) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($reply) . "'"); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'"); @@ -576,6 +571,9 @@ if (isset($_GET['delatt']) && hesk_token_check()) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($ticket['id']) . "'"); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name']) . ",',''), `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'"); } + mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_attachment_deleted', hesk_date(), + array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => $att['real_name'])); hesk_process_messages($hesklang['kb_att_rem'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); } diff --git a/admin/assign_owner.php b/admin/assign_owner.php index a52c3fc9..9afc5df7 100755 --- a/admin/assign_owner.php +++ b/admin/assign_owner.php @@ -52,9 +52,9 @@ $owner = intval(hesk_REQUEST('owner')); /* If ID is -1 the ticket will be unassigned */ if ($owner == -1) { + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unassigned', date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); hesk_process_messages($hesklang['tunasi2'], $_SERVER['PHP_SELF'], 'SUCCESS'); } elseif ($owner < 1) { @@ -97,6 +97,8 @@ if ($ticket['owner'] && $ticket['owner'] != $owner && hesk_REQUEST('unassigned') /* Assigning to self? */ if ($can_assign_others || ($owner == $_SESSION['id'] && $can_assign_self)) { + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); + if ($owner == $_SESSION['id'] && $can_assign_self) { mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned_self', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); @@ -104,11 +106,9 @@ if ($can_assign_others || ($owner == $_SESSION['id'] && $can_assign_self)) { // current user -> assigned user mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $row['name'] . ' (' . $row['user'] . ')')); + 1 => $row['name'] . ' (' . $row['user'] . ')')); } - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); - if ($owner != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) { $_SERVER['PHP_SELF'] = 'admin_main.php'; } diff --git a/admin/change_status.php b/admin/change_status.php index 63c30832..9a7bfb74 100644 --- a/admin/change_status.php +++ b/admin/change_status.php @@ -58,6 +58,11 @@ if (!isset($status_options[$status])) { $locked = 0; +$audit_closed = null; +$audit_locked = null; +$audit_status = null; +$audit_opened = null; + $statusRow = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE ID = " . $status)); if ($statusRow['IsClosed']) // Closed { @@ -66,13 +71,12 @@ if ($statusRow['IsClosed']) // Closed } $action = $hesklang['ticket_been'] . ' ' . $hesklang['close']; - mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_closed', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); if ($hesk_settings['custopen'] != 1) { $locked = 1; - mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_automatically_locked', hesk_date(), array()); + $audit_locked = array(); } // Notify customer of closed ticket? @@ -98,17 +102,16 @@ if ($statusRow['IsClosed']) // Closed } elseif ($statusRow['IsNewTicketStatus'] == 0) //Ticket is still open, but not new { $action = sprintf($hesklang['tsst'], $status_options[$status]); - mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_status', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $status_options[$status])); + $audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => $status_options[$status]); + // Ticket is not resolved $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL '; } else // Ticket is marked as "NEW" { $action = $hesklang['ticket_been'] . ' ' . $hesklang['opened']; - mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_opened', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_opened = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); // Ticket is not resolved $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL '; @@ -117,6 +120,26 @@ if ($statusRow['IsClosed']) // Closed hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); +if ($audit_closed != null) { + mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_closed', hesk_date(), + $audit_closed); +} + +if ($audit_locked != null) { + mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_automatically_locked', hesk_date(), + array()); +} + +if ($audit_status != null) { + mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_status', hesk_date(), + $audit_status); +} + +if ($audit_opened != null) { + mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_opened', hesk_date(), + $audit_opened); +} + if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[trackID_not_found]."); } diff --git a/admin/delete_tickets.php b/admin/delete_tickets.php index 8a654873..45a7eaac 100644 --- a/admin/delete_tickets.php +++ b/admin/delete_tickets.php @@ -113,10 +113,10 @@ if (array_key_exists($_POST['a'], $priorities)) { hesk_okCategory($ticket['category']); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}' WHERE `id`={$this_id}"); mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_priority', hesk_date(), array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $priority['lang'])); - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}' WHERE `id`={$this_id}"); + 1 => $priority['lang'])); $i++; } @@ -222,9 +222,6 @@ else { hesk_token_check('POST'); require(HESK_PATH . 'inc/email_functions.inc.php'); - mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_closed', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); - foreach ($_POST['id'] as $this_id) { if (is_array($this_id)) { continue; @@ -241,6 +238,10 @@ else { $closedStatus = hesk_dbFetchAssoc($closedStatusRS); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='" . $closedStatus['ID'] . "', `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " WHERE `id`='" . intval($this_id) . "'"); + + mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_closed', hesk_date(), + array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $i++; // Notify customer of closed ticket? diff --git a/admin/lock.php b/admin/lock.php index 71591724..ec1836db 100644 --- a/admin/lock.php +++ b/admin/lock.php @@ -45,18 +45,19 @@ if (hesk_dbNumRows($result) != 1) { } $ticket = hesk_dbFetchAssoc($result); +$audit_unlocked = null; +$audit_locked = null; + /* New locked status */ if (empty($_GET['locked'])) { $status = 0; $tmp = $hesklang['tunlock']; - mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlocked', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_unlocked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL '; } else { $status = 1; $tmp = $hesklang['tlock']; - mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_locked', hesk_date(), - array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')')); + $audit_locked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval($_SESSION['id']) . ' '; // Notify customer of closed ticket? @@ -87,5 +88,15 @@ $statusId = $statusRow['ID']; hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); +if ($audit_unlocked) { + mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlocked', hesk_date(), + $audit_unlocked); +} + +if ($audit_locked) { + mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_locked', hesk_date(), + $audit_locked); +} + /* Back to ticket page and show a success message */ hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS'); \ No newline at end of file diff --git a/admin/move_category.php b/admin/move_category.php index 965bbab5..35971e02 100755 --- a/admin/move_category.php +++ b/admin/move_category.php @@ -70,11 +70,6 @@ if (hesk_dbNumRows($res) != 1) { } $ticket = hesk_dbFetchAssoc($res); -/* Log that ticket is being moved */ -mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_moved_category', hesk_date(), array( - 0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', - 1 => $row['name'] -)); /* Is the ticket assigned to someone? If yes, check that the user has access to category or change to unassigned */ $need_to_reassign = 0; @@ -95,14 +90,12 @@ if ($ticket['owner']) { } /* Reassign automatically if possible */ +$autoassign_owner = null; if ($need_to_reassign || !$ticket['owner']) { $need_to_reassign = 1; $autoassign_owner = hesk_autoAssignTicket($category); if ($autoassign_owner) { $ticket['owner'] = $autoassign_owner['id']; - mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(), array( - 0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')' - )); } else { $ticket['owner'] = 0; } @@ -110,6 +103,18 @@ if ($need_to_reassign || !$ticket['owner']) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); +/* Log that ticket is being moved */ +mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_moved_category', hesk_date(), array( + 0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', + 1 => $row['name'] +)); + +if ($autoassign_owner) { + mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(), array( + 0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')' + )); +} + $ticket['category'] = $category; /* --> Prepare message */ diff --git a/admin/priority.php b/admin/priority.php index b2fe75e5..ac86750f 100644 --- a/admin/priority.php +++ b/admin/priority.php @@ -57,12 +57,13 @@ $plain_options = array( $ticketRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($trackingID) . "'"); $ticket = hesk_dbFetchAssoc($ticketRs); +hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `priority`='{$priority}' WHERE `trackid`='".hesk_dbEscape($trackingID)."'"); + mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_priority', hesk_date(), array( - 0 => $_SESSION['name'].' ('.$_SESSION['user'].')', - 1 => $plain_options[$priority] + 0 => $_SESSION['name'].' ('.$_SESSION['user'].')', + 1 => $plain_options[$priority] )); -hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `priority`='{$priority}' WHERE `trackid`='".hesk_dbEscape($trackingID)."'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['inpr'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'NOTICE');