From 904202488d8891ebc8abf6583e15fa7d4ccb9a41 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Mon, 19 Feb 2018 12:40:12 -0500
Subject: [PATCH 1/3] Add an 'emails to receive' option for email custom fields

---
 admin/custom_fields.php | 40 ++++++++++++++++++++++++++++++++++++++--
 language/en/text.php    |  3 +++
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/admin/custom_fields.php b/admin/custom_fields.php
index 04917840..979f4114 100755
--- a/admin/custom_fields.php
+++ b/admin/custom_fields.php
@@ -519,7 +519,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 														<?php echo $hesklang['email_custom_field_label']; ?>
 													</label>
 													<div class="col-sm-8">
-														<?php $address_type = empty($value['email_type']) ? 'none' : $value['email_type']; ?>
+														<?php
+                                                        $address_type = empty($value['email_type']) ? 'none' : $value['email_type'];
+                                                        ?>
 														<div class="radio">
 															<label>
 																<input type="radio" name="email_type" value="none"
@@ -541,8 +543,41 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 																<?php echo $hesklang['bcc']; ?>
 															</label>
 														</div>
+                                                        <script>
+                                                            $('input[name="email_type"]').change(function() {
+                                                                if ($('input[name="email_type"]:checked').val() === 'none') {
+                                                                    $('#emails_to_receive').hide();
+                                                                } else {
+                                                                    $('#emails_to_receive').show();
+                                                                }
+                                                            });
+                                                        </script>
 													</div>
 												</div>
+                                                <div class="form-group" id="emails_to_receive" style="display: <?php if ($address_type === 'none') {echo 'none';} else {echo 'block';} ?>">
+                                                    <label for="staff_or_customer" class="col-sm-4 control-label">
+                                                        <?php echo $hesklang['emails_to_receive']; ?>
+                                                    </label>
+                                                    <div class="col-sm-8">
+                                                        <?php
+                                                        $emails_to_receive = empty($value['emails_to_receive']) ? array() : $value['emails_to_receive'];
+                                                        ?>
+                                                        <div class="checkbox">
+                                                            <label>
+                                                                <input type="checkbox" name="emails_to_receive[]" value="STAFF"
+                                                                       <?php if (in_array('STAFF', $emails_to_receive)) {echo 'checked';} ?>>
+                                                                <?php echo $hesklang['emails_sent_to_staff']; ?>
+                                                            </label>
+                                                        </div>
+                                                        <div class="checkbox">
+                                                            <label>
+                                                                <input type="checkbox" name="emails_to_receive[]" value="CUSTOMER"
+                                                                    <?php if (in_array('CUSTOMER', $emails_to_receive)) {echo 'checked';} ?>>
+                                                                <?php echo $hesklang['emails_sent_to_customer']; ?>
+                                                            </label>
+                                                        </div>
+                                                    </div>
+                                                </div>
 											</div>
 
 											<div id="hidden" style="display:<?php echo ($type == 'hidden') ? 'block' : 'none' ?>">
@@ -1250,7 +1285,8 @@ function cf_validate()
 		case 'email':
 			$cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0;
 			$cf['email_type'] = hesk_POST('email_type', 'none');
-			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']);
+			$cf['emails_to_receive'] = $cf['email_type'] === 'none' ? array() : hesk_POST_array('emails_to_receive', array());
+			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type'], 'emails_to_receive' => $cf['emails_to_receive']);
 			break;
 
 		case 'hidden':
diff --git a/language/en/text.php b/language/en/text.php
index a994fc6c..23fdbd79 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2239,6 +2239,9 @@ $hesklang['highlight_ticket_rows_based_on_priority'] = 'Highlight ticket rows ba
 $hesklang['highlight_ticket_rows_based_on_priority_help'] = 'If enabled, each ticket on the tickets page will be highlighted based on priority. If disabled, only * Critical * and High priority tickets will be highlighted.';
 $hesklang['highlight_ticket_rows_based_on_priority_descr'] = 'Highlight all ticket rows based on priority';
 $hesklang['protected_group'] = 'This is a protected group; you cannot change accessible categories / features.';
+$hesklang['emails_to_receive'] = 'Emails to receive';
+$hesklang['emails_sent_to_staff'] = 'Emails sent to staff';
+$hesklang['emails_sent_to_customer'] = 'Emails sent to customer';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 81b27ddb2e6e5468a9bf7e557b3401b651ccbf3c Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Mon, 19 Feb 2018 13:03:34 -0500
Subject: [PATCH 2/3] Add cc/bcc to rest API, re-enable in email_functions

---
 admin/custom_fields.php                       | 36 +------------------
 api/BusinessLogic/Emails/Addressees.php       |  4 +--
 .../Tickets/CustomFields/CustomField.php      | 17 +++++++++
 api/BusinessLogic/Tickets/TicketCreator.php   | 21 ++++++++++-
 api/DataAccess/CommonDao.php                  |  2 +-
 .../CustomFields/CustomFieldsGateway.php      | 26 ++++++++++++++
 inc/email_functions.inc.php                   | 26 +++++++-------
 7 files changed, 80 insertions(+), 52 deletions(-)
 create mode 100644 api/BusinessLogic/Tickets/CustomFields/CustomField.php
 create mode 100644 api/DataAccess/CustomFields/CustomFieldsGateway.php

diff --git a/admin/custom_fields.php b/admin/custom_fields.php
index 979f4114..238804b0 100755
--- a/admin/custom_fields.php
+++ b/admin/custom_fields.php
@@ -543,41 +543,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 																<?php echo $hesklang['bcc']; ?>
 															</label>
 														</div>
-                                                        <script>
-                                                            $('input[name="email_type"]').change(function() {
-                                                                if ($('input[name="email_type"]:checked').val() === 'none') {
-                                                                    $('#emails_to_receive').hide();
-                                                                } else {
-                                                                    $('#emails_to_receive').show();
-                                                                }
-                                                            });
-                                                        </script>
 													</div>
 												</div>
-                                                <div class="form-group" id="emails_to_receive" style="display: <?php if ($address_type === 'none') {echo 'none';} else {echo 'block';} ?>">
-                                                    <label for="staff_or_customer" class="col-sm-4 control-label">
-                                                        <?php echo $hesklang['emails_to_receive']; ?>
-                                                    </label>
-                                                    <div class="col-sm-8">
-                                                        <?php
-                                                        $emails_to_receive = empty($value['emails_to_receive']) ? array() : $value['emails_to_receive'];
-                                                        ?>
-                                                        <div class="checkbox">
-                                                            <label>
-                                                                <input type="checkbox" name="emails_to_receive[]" value="STAFF"
-                                                                       <?php if (in_array('STAFF', $emails_to_receive)) {echo 'checked';} ?>>
-                                                                <?php echo $hesklang['emails_sent_to_staff']; ?>
-                                                            </label>
-                                                        </div>
-                                                        <div class="checkbox">
-                                                            <label>
-                                                                <input type="checkbox" name="emails_to_receive[]" value="CUSTOMER"
-                                                                    <?php if (in_array('CUSTOMER', $emails_to_receive)) {echo 'checked';} ?>>
-                                                                <?php echo $hesklang['emails_sent_to_customer']; ?>
-                                                            </label>
-                                                        </div>
-                                                    </div>
-                                                </div>
 											</div>
 
 											<div id="hidden" style="display:<?php echo ($type == 'hidden') ? 'block' : 'none' ?>">
@@ -1285,8 +1252,7 @@ function cf_validate()
 		case 'email':
 			$cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0;
 			$cf['email_type'] = hesk_POST('email_type', 'none');
-			$cf['emails_to_receive'] = $cf['email_type'] === 'none' ? array() : hesk_POST_array('emails_to_receive', array());
-			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type'], 'emails_to_receive' => $cf['emails_to_receive']);
+			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']);
 			break;
 
 		case 'hidden':
diff --git a/api/BusinessLogic/Emails/Addressees.php b/api/BusinessLogic/Emails/Addressees.php
index baa37ae5..1e2a4669 100644
--- a/api/BusinessLogic/Emails/Addressees.php
+++ b/api/BusinessLogic/Emails/Addressees.php
@@ -12,10 +12,10 @@ class Addressees extends \BaseClass {
     /**
      * @var $cc string[]|null
      */
-    public $cc;
+    public $cc = array();
 
     /**
      * @var $bcc string[]|null
      */
-    public $bcc;
+    public $bcc = array();
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/CustomFields/CustomField.php b/api/BusinessLogic/Tickets/CustomFields/CustomField.php
new file mode 100644
index 00000000..142d842b
--- /dev/null
+++ b/api/BusinessLogic/Tickets/CustomFields/CustomField.php
@@ -0,0 +1,17 @@
+<?php
+namespace BusinessLogic\Tickets\CustomFields;
+
+
+class CustomField {
+    /* @var $id int */
+    public $id;
+
+    /* @var $name string */
+    public $name;
+
+    /* @var $type string */
+    public $type;
+
+    /* @var $properties array */
+    public $properties;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/TicketCreator.php b/api/BusinessLogic/Tickets/TicketCreator.php
index 4175ce0e..160b922c 100644
--- a/api/BusinessLogic/Tickets/TicketCreator.php
+++ b/api/BusinessLogic/Tickets/TicketCreator.php
@@ -9,6 +9,7 @@ use BusinessLogic\Emails\EmailTemplateRetriever;
 use BusinessLogic\Exceptions\ValidationException;
 use BusinessLogic\Statuses\DefaultStatusForAction;
 use DataAccess\AuditTrail\AuditTrailGateway;
+use DataAccess\CustomFields\CustomFieldsGateway;
 use DataAccess\Security\UserGateway;
 use DataAccess\Settings\ModsForHeskSettingsGateway;
 use DataAccess\Statuses\StatusGateway;
@@ -61,6 +62,9 @@ class TicketCreator extends \BaseClass {
     /* @var $auditTrailGateway AuditTrailGateway */
     private $auditTrailGateway;
 
+    /* @var $customFieldsGateway CustomFieldsGateway */
+    private $customFieldsGateway;
+
     function __construct(NewTicketValidator $newTicketValidator,
                          TrackingIdGenerator $trackingIdGenerator,
                          Autoassigner $autoassigner,
@@ -70,7 +74,8 @@ class TicketCreator extends \BaseClass {
                          EmailSenderHelper $emailSenderHelper,
                          UserGateway $userGateway,
                          ModsForHeskSettingsGateway $modsForHeskSettingsGateway,
-                         AuditTrailGateway $auditTrailGateway) {
+                         AuditTrailGateway $auditTrailGateway,
+                         CustomFieldsGateway $customFieldsGateway) {
         $this->newTicketValidator = $newTicketValidator;
         $this->trackingIdGenerator = $trackingIdGenerator;
         $this->autoassigner = $autoassigner;
@@ -81,6 +86,7 @@ class TicketCreator extends \BaseClass {
         $this->userGateway = $userGateway;
         $this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
         $this->auditTrailGateway = $auditTrailGateway;
+        $this->customFieldsGateway = $customFieldsGateway;
     }
 
     /**
@@ -162,6 +168,19 @@ class TicketCreator extends \BaseClass {
         $addressees = new Addressees();
         $addressees->to = $ticket->email;
 
+        foreach ($ticket->customFields as $key => $value) {
+            $customField = $this->customFieldsGateway->getCustomField($key, $heskSettings);
+            if ($customField !== null &&
+                $customField->type === 'email' &&
+                $customField->properties['email_type'] !== 'none') {
+                if ($customField->properties['email_type'] === 'cc') {
+                    $addressees->cc[] = $value;
+                } elseif ($customField->properties['email_type'] === 'bcc') {
+                    $addressees->bcc[] = $value;
+                }
+            }
+        }
+
         if ($ticketRequest->sendEmailToCustomer && $emailVerified) {
             $this->emailSenderHelper->sendEmailForTicket(EmailTemplateRetriever::NEW_TICKET, $ticketRequest->language, $addressees, $ticket, $heskSettings, $modsForHeskSettings);
         } else if ($modsForHeskSettings['customer_email_verification_required'] && !$emailVerified) {
diff --git a/api/DataAccess/CommonDao.php b/api/DataAccess/CommonDao.php
index cb3f5b3e..dce640b8 100644
--- a/api/DataAccess/CommonDao.php
+++ b/api/DataAccess/CommonDao.php
@@ -11,7 +11,7 @@ class CommonDao extends \BaseClass {
      */
     function init() {
         if (!function_exists('hesk_dbConnect')) {
-            throw new Exception('Database not loaded!');
+            throw new \BaseException('Database not loaded!');
         }
         hesk_dbConnect();
     }
diff --git a/api/DataAccess/CustomFields/CustomFieldsGateway.php b/api/DataAccess/CustomFields/CustomFieldsGateway.php
new file mode 100644
index 00000000..fb52d6a9
--- /dev/null
+++ b/api/DataAccess/CustomFields/CustomFieldsGateway.php
@@ -0,0 +1,26 @@
+<?php
+namespace DataAccess\CustomFields;
+
+use BusinessLogic\Tickets\CustomFields\CustomField;
+use DataAccess\CommonDao;
+
+class CustomFieldsGateway extends CommonDao {
+    public function getCustomField($id, $heskSettings) {
+        $this->init();
+
+        $rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "custom_fields` WHERE `id` = " . intval($id));
+
+        if ($row = hesk_dbFetchAssoc($rs)) {
+            $customField = new CustomField();
+            $customField->id = $row['id'];
+            $names = json_decode($row['name'], true);
+            $customField->name = (isset($names[$hesk_settings['language']])) ? $names[$heskSettings['language']] : reset($names);
+            $customField->type = $row['type'];
+            $customField->properties = json_decode($row['value'], true);
+
+            return $customField;
+        } else {
+            return null;
+        }
+    }
+}
\ No newline at end of file
diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php
index 5483d121..48a6948d 100644
--- a/inc/email_functions.inc.php
+++ b/inc/email_functions.inc.php
@@ -50,20 +50,19 @@ function hesk_notifyCustomerForVerifyEmail($email_template = 'verify_email', $ac
     $ccEmails = array();
     $bccEmails = array();
 
-    //TODO Update the email custom field to handle this properly
-    /*foreach ($hesk_settings['custom_fields'] as $k => $v) {
+    foreach ($hesk_settings['custom_fields'] as $k => $v) {
         if ($v['use']) {
             if ($v['type'] == 'email' && !empty($ticket[$k])) {
-                if ($v['value'] == 'cc') {
+                if ($v['value']['email_type'] == 'cc') {
                     $emails = explode(',', $ticket[$k]);
                     array_push($ccEmails, $emails);
-                } elseif ($v['value'] == 'bcc') {
+                } elseif ($v['value']['email_type'] == 'bcc') {
                     $emails = explode(',', $ticket[$k]);
                     array_push($bccEmails, $emails);
                 }
             }
         }
-    }*/
+    }
 
     hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage);
 }
@@ -95,18 +94,19 @@ function hesk_notifyCustomer($modsForHesk_settings, $email_template = 'new_ticke
     $ccEmails = array();
     $bccEmails = array();
 
-    //TODO Update the email custom field to handle this properly
-    /*foreach ($hesk_settings['custom_fields'] as $k => $v) {
+    foreach ($hesk_settings['custom_fields'] as $k => $v) {
         if ($v['use']) {
-            if ($v['type'] == 'email' && !empty($ticket[$k])) {
-                if ($v['value'] == 'cc') {
-                    array_push($ccEmails, $ticket[$k]);
-                } elseif ($v['value'] == 'bcc') {
-                    array_push($bccEmails, $ticket[$k]);
+            if ($v['type'] == 'email' && !empty($ticket[$k]) && isset($v['value']['emails_to_receive'])) {
+                if ($v['value']['email_type'] == 'cc') {
+                    $emails = explode(',', $ticket[$k]);
+                    array_push($ccEmails, $emails);
+                } elseif ($v['value']['email_type'] == 'bcc') {
+                    $emails = explode(',', $ticket[$k]);
+                    array_push($bccEmails, $emails);
                 }
             }
         }
-    }*/
+    }
 
     // Send e-mail
     hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage);

From 275a1691d1ea259d3938a99b841df1de9312cb2f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 19 Feb 2018 22:01:42 -0500
Subject: [PATCH 3/3] cc/bcc fields work properly in api

---
 api/BusinessLogic/Emails/BasicEmailSender.php       | 6 ++++--
 api/DataAccess/CustomFields/CustomFieldsGateway.php | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/api/BusinessLogic/Emails/BasicEmailSender.php b/api/BusinessLogic/Emails/BasicEmailSender.php
index 8ab1c37d..0ff5e449 100644
--- a/api/BusinessLogic/Emails/BasicEmailSender.php
+++ b/api/BusinessLogic/Emails/BasicEmailSender.php
@@ -10,8 +10,10 @@ use PHPMailer;
 class BasicEmailSender extends \BaseClass implements EmailSender {
 
     function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
-        if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $emailBuilder->to . $emailBuilder->subject)) {
-            return false;
+        foreach ($emailBuilder->to as $to) {
+            if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $to . $emailBuilder->subject)) {
+                return false;
+            }
         }
 
         $mailer = new PHPMailer();
diff --git a/api/DataAccess/CustomFields/CustomFieldsGateway.php b/api/DataAccess/CustomFields/CustomFieldsGateway.php
index fb52d6a9..ce26ba45 100644
--- a/api/DataAccess/CustomFields/CustomFieldsGateway.php
+++ b/api/DataAccess/CustomFields/CustomFieldsGateway.php
@@ -14,7 +14,7 @@ class CustomFieldsGateway extends CommonDao {
             $customField = new CustomField();
             $customField->id = $row['id'];
             $names = json_decode($row['name'], true);
-            $customField->name = (isset($names[$hesk_settings['language']])) ? $names[$heskSettings['language']] : reset($names);
+            $customField->name = (isset($names[$heskSettings['language']])) ? $names[$heskSettings['language']] : reset($names);
             $customField->type = $row['type'];
             $customField->properties = json_decode($row['value'], true);