From 8e0236b2b4870f979154a61c71b4119318ee5f03 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 3 Oct 2016 20:44:42 -0400 Subject: [PATCH 01/88] Some changes to admin/admin_reply --- admin/admin_main.php | 9 ++++++++- admin/admin_reply_ticket.php | 18 ++++++++++++------ 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/admin/admin_main.php b/admin/admin_main.php index b5d53cdd..0800c0f6 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -51,6 +51,7 @@ hesk_isLoggedIn(); define('CALENDAR', 1); define('MAIN_PAGE', 1); define('PAGE_TITLE', 'ADMIN_HOME'); +define('AUTO_RELOAD', 1); /* Print header */ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); @@ -58,7 +59,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); /* Reset default settings? */ if (isset($_GET['reset']) && hesk_token_check()) { - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1"); + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "'"); $_SESSION['default_list'] = ''; } /* Get default settings */ else { @@ -81,6 +82,12 @@ else {
+ + If locked, keep it resolved if ($ticket['locked']) { $new_status = $lockedTicketStatus['ID']; @@ -248,7 +254,7 @@ if ($ticket['locked']) { $newStatusRs = hesk_dbQuery('SELECT `IsClosed`, `Key` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `ID` = ' . hesk_dbEscape($new_status)); $newStatus = hesk_dbFetchAssoc($newStatusRs); - if ($newStatus['IsClosed']) { + if ($newStatus['IsClosed'] && hesk_checkPermission('can_resolve', 0)) { $revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') "; @@ -257,7 +263,7 @@ if ($ticket['locked']) { $sql_status .= " , `locked`='1' "; } } else { - // Ticket isn't being closed, just add the history to the sql query + // Ticket isn't being closed, just add the history to the sql query (or tried to close but doesn't have permission) $revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang[$newStatus['Key']], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); $sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') "; } @@ -310,12 +316,12 @@ $sql .= " , `replies`=`replies`+1 "; $sql .= $submit_as_customer ? '' : " , `staffreplies`=`staffreplies`+1 "; // End and execute the query -$sql .= " WHERE `id`='{$replyto}' LIMIT 1"; +$sql .= " WHERE `id`='{$replyto}'"; hesk_dbQuery($sql); unset($sql); /* Update number of replies in the users table */ -hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"); +hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "'"); // --> Prepare reply message @@ -357,7 +363,7 @@ elseif (!isset($_POST['no_notify']) || intval(hesk_POST('no_notify')) != 1) { } // Delete any existing drafts from this owner for this ticket -hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `owner`=" . intval($_SESSION['id']) . " AND `ticket`=" . intval($ticket['id']) . " LIMIT 1"); +hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `owner`=" . intval($_SESSION['id']) . " AND `ticket`=" . intval($ticket['id'])); /* Set reply submitted message */ $_SESSION['HESK_SUCCESS'] = TRUE; From 7ec6a2b0fb2e61d51cefbfae19dd32bd75d8ea88 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 3 Oct 2016 22:02:07 -0400 Subject: [PATCH 02/88] Some settings have been migrated. Missing several language keys --- admin/admin_settings.php | 185 ++++++++++++++++++--------------------- 1 file changed, 87 insertions(+), 98 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 6e337207..9aa24057 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -56,6 +56,9 @@ hesk_isLoggedIn(); // Check permissions for this feature hesk_checkPermission('can_man_settings'); +// Load custom fields +//require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + // Test languages function if (isset($_GET['test_languages'])) { hesk_testLanguage(0); @@ -89,6 +92,9 @@ if (defined('HESK_DEMO')) { $hesk_settings['pop3_password'] = $hesklang['hdemo']; $hesk_settings['recaptcha_public_key'] = $hesklang['hdemo']; $hesk_settings['recaptcha_private_key'] = $hesklang['hdemo']; + $hesk_settings['imap_host_name'] = $hesklang['hdemo']; + $hesk_settings['imap_user'] = $hesklang['hdemo']; + $hesk_settings['imap_password'] = $hesklang['hdemo']; } // Check file attachment limits @@ -214,89 +220,6 @@ $modsForHesk_settings = mfh_getSettings(); // MISC - // CUSTOM FIELDS - if (d.s_custom1_use.checked && d.s_custom1_name.value == '') { - alert(''); - return false; - } - if (d.s_custom2_use.checked && d.s_custom2_name.value == '') { - alert(''); - return false; - } - if (d.s_custom3_use.checked && d.s_custom3_name.value == '') { - alert(''); - return false; - } - if (d.s_custom4_use.checked && d.s_custom4_name.value == '') { - alert(''); - return false; - } - if (d.s_custom5_use.checked && d.s_custom5_name.value == '') { - alert(''); - return false; - } - if (d.s_custom6_use.checked && d.s_custom6_name.value == '') { - alert(''); - return false; - } - if (d.s_custom7_use.checked && d.s_custom7_name.value == '') { - alert(''); - return false; - } - if (d.s_custom8_use.checked && d.s_custom8_name.value == '') { - alert(''); - return false; - } - if (d.s_custom9_use.checked && d.s_custom9_name.value == '') { - alert(''); - return false; - } - if (d.s_custom10_use.checked && d.s_custom10_name.value == '') { - alert(''); - return false; - } - if (d.s_custom11_use.checked && d.s_custom11_name.value == '') { - alert(''); - return false; - } - if (d.s_custom12_use.checked && d.s_custom12_name.value == '') { - alert(''); - return false; - } - if (d.s_custom13_use.checked && d.s_custom13_name.value == '') { - alert(''); - return false; - } - if (d.s_custom14_use.checked && d.s_custom14_name.value == '') { - alert(''); - return false; - } - if (d.s_custom15_use.checked && d.s_custom15_name.value == '') { - alert(''); - return false; - } - if (d.s_custom16_use.checked && d.s_custom16_name.value == '') { - alert(''); - return false; - } - if (d.s_custom17_use.checked && d.s_custom17_name.value == '') { - alert(''); - return false; - } - if (d.s_custom18_use.checked && d.s_custom18_name.value == '') { - alert(''); - return false; - } - if (d.s_custom19_use.checked && d.s_custom19_name.value == '') { - alert(''); - return false; - } - if (d.s_custom20_use.checked && d.s_custom20_name.value == '') { - alert(''); - return false; - } - - // DISABLE SUBMIT BUTTON d.submitbutton.disabled = true; d.submitbutton.value = ''; @@ -304,21 +227,6 @@ $modsForHesk_settings = mfh_getSettings(); return true; } - function hesk_customOptions(cID, fID, fTYPE, maxlenID, oldTYPE) { - var t = document.getElementById(fTYPE).value; - if (t == oldTYPE) { - var d = document.getElementById(fID).value; - var m = document.getElementById(maxlenID).value; - } - else { - var d = ''; - var m = 255; - } - var myURL = "options.php?i=" + cID + "&q=" + encodeURIComponent(d) + "&t=" + t + "&m=" + m; - window.open(myURL, "Hesk_window", "height=400,width=500,menubar=0,location=0,toolbar=0,status=0,resizable=1,scrollbars=1"); - return false; - } - function hesk_toggleLayer(nr, setto) { if (document.all) document.all[nr].style.display = setto; @@ -380,6 +288,20 @@ $modsForHesk_settings = mfh_getSettings(); } return i; } + + function checkRequiredEmail(field) { + if (document.getElementById('s_require_email_0').checked && document.getElementById('s_email_view_ticket').checked) { + if (field == 's_require_email_0' && confirm('')) { + document.getElementById('s_email_view_ticket').checked = false; + return true; + } else if (field == 's_email_view_ticket' && confirm('')) { + document.getElementById('s_require_email_1').checked = true; + return true; + } + return false; + } + return true; + } //-->
@@ -980,6 +902,41 @@ $modsForHesk_settings = mfh_getSettings(); ?>
+
+ + +
+
    +
'; + ?> +
+ +
+ + +
+
    +
    +
'; + ?> +
+
+
+ + +
+
    +
    +
'; + ?> +
+
+
+ + +
+ + +
+
From 2713647d40008e5552af27f227eddd2f3fdd8cf4 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 4 Oct 2016 20:56:36 -0400 Subject: [PATCH 03/88] Add HESK 2.7.0 language keys --- language/en/text.php | 157 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) diff --git a/language/en/text.php b/language/en/text.php index 2a39ef5e..55d81043 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -1889,5 +1889,162 @@ $hesklang['rcpv']='Secret key (Private key)'; // If your language is NOT in the supported langauges, leave 'en' $hesklang['RECAPTCHA']='en'; +// Added or modified in version 2.7.0 +$hesklang['imap']='IMAP Fetching'; +$hesklang['imaph']='IMAP Host'; +$hesklang['imapp']='IMAP Port'; +$hesklang['enc']='Encryption'; +$hesklang['ssl']='SSL'; +$hesklang['tls']='TLS'; +$hesklang['none']='None'; +$hesklang['imapu']='IMAP Username'; +$hesklang['imapw']='IMAP Password'; +$hesklang['imaptest']='Test IMAP connection'; +$hesklang['ifd']='[HESK] IMAP FETCHING IS DISABLED IN SETTINGS'; +$hesklang['iei']='[HESK] PHP IMAP extension is not installed.'; +$hesklang['ifr']='Another IMAP fetching task is still in progress.'; +$hesklang['arp']='Auto reload page'; +$hesklang['arpp']='Automatically reload page with ticket list every:'; +$hesklang['seconds']='seconds'; // Reload page every X 'seconds' +$hesklang['minutes']='minutes'; // Reload page every X 'minutes' +$hesklang['atbr']='This ticket needs to be assigned before it can be replied to.'; +$hesklang['attm']='Assign this ticket to me'; +$hesklang['owneed']='Owner needed'; +$hesklang['taat']='This ticket is already assigned to %s.'; +$hesklang['scoy']='Are you sure you want to assign it to yourself?'; +$hesklang['scot']='Are you sure you want to assign it to %s?'; +$hesklang['ycto']='YES, change the owner'; +$hesklang['ncto']='NO, keep current owner'; +$hesklang['fass']='Require owner'; +$hesklang['req_sub']='Require subject'; +$hesklang['req_msg']='Require message'; +$hesklang['req_email']='Require email'; +$hesklang['default_subject']='Ticket from %s'; // Default ticket subject, %s will be replaced with name +$hesklang['off-hide']='Hide in customer form'; +$hesklang['ons']='ON - Everyone'; // For admin settings page +$hesklang['not_valid_email']='Enter a valid email address or leave this field empty'; +$hesklang['write_down']='We recommend that you write down your Ticket ID for future reference.'; +$hesklang['re_confirm1']='Disabling this will also disable "Require email to view tickets" under "Security". Proceed?'; +$hesklang['re_confirm2']='Enabling this will also enable "Require email" under "Features". Proceed?'; +$hesklang['can_email_tpl']='Edit email templates'; // Staff permission +$hesklang['et_title']='Email templates'; +$hesklang['et_intro']='Modify emails that are sent to your staff and customers'; +$hesklang['file']='File'; +$hesklang['efile']='Editing file'; +$hesklang['rdesc']='(Recipient) Description'; +$hesklang['desc_forgot_ticket_id'] = '(Customer) Forgot ticket tracking ID'; +$hesklang['desc_new_reply_by_staff'] = '(Customer) New staff reply'; +$hesklang['desc_new_ticket'] = '(Customer) Ticket received'; +$hesklang['desc_ticket_closed'] = '(Customer) Ticket closed/resolved'; +$hesklang['desc_category_moved'] = '(Staff) Ticket moved to a new category'; +$hesklang['desc_new_reply_by_customer'] = '(Staff) New customer reply'; +$hesklang['desc_new_ticket_staff'] = '(Staff) New ticket submitted'; +$hesklang['desc_ticket_assigned_to_you'] = '(Staff) A ticket was assigned to you'; +$hesklang['desc_new_pm'] = '(Staff) New private message'; +$hesklang['desc_new_note'] = '(Staff) New note on a ticket assigned to you'; +$hesklang['desc_reset_password'] = '(Staff) Reset your password'; +$hesklang['etfm']='One or more email templates are missing.

Make sure you upload all email template files inside your /language/%s/emails folder.'; +$hesklang['etfw']='Some email templates are not writable.

+ Make sure PHP has permission to write to all files inside your /language/%s/emails folder.

+ On Unix servers you might need to CHMOD email templates to 666 (rw-rw-rw-)'; +$hesklang['et_e_id']='Missing template ID'; +$hesklang['et_fm']='This email template file is missing'; +$hesklang['et_fw']='This email template file is not writable'; +$hesklang['et_save']='Save email template'; +$hesklang['updated_on']='Updated on'; +$hesklang['ticket_url']='Ticket URL'; +$hesklang['pm_url']='Private message URL'; +$hesklang['et_num']='Number of tickets'; +$hesklang['et_list']='List of support tickets'; +$hesklang['et_empty']='Email template cannot be empty'; +$hesklang['et_saved']='Email template saved'; +$hesklang['source']='Source'; +$hesklang['select_category']='Select a category'; +$hesklang['select_category_text']='What can we help you with?'; +$hesklang['select_category_staff']='Select ticket category'; +$hesklang['scat']='Category select limit'; +$hesklang['scat2']='(a select box will show if category count is higher)'; +$hesklang['new_cf']='New custom field'; +$hesklang['cf_intro']='Use this feature to add custom fields to the Submit a ticket form so you can collect additional data from customers.'; +$hesklang['cf_public']='Public'; +$hesklang['cf_private']='Staff only'; +$hesklang['cf_cust']='For customers'; +$hesklang['cf_all']='All'; +$hesklang['cf_cat']='Selected'; +$hesklang['cf_ctrl']='Tip: hold down CTRL key to select multiple categories'; +$hesklang['visibility']='Visibility'; +$hesklang['cf_save']='Save custom field'; +$hesklang['ex_cf']='Active custom fields'; +$hesklang['no_cf']='No active custom fields'; +$hesklang['del_cf']='Delete this custom field? This will also delete any saved custom field data from the database!'; +$hesklang['cf_e_id']='Invalid ID'; +$hesklang['edit_cf']='Edit custom field'; +$hesklang['cf_deleted']='Custom field deleted'; +$hesklang['cf_not_found']='This custom field does not exist'; +$hesklang['err_custname']='Enter custom field name'; +$hesklang['cf_added']='A new custom field has been added'; +$hesklang['cf_nocat']='Select at least one category for this custom field'; +$hesklang['cf_mdf']='Custom field has been saved'; +$hesklang['opt4']='Options for this checkbox, enter one option per line. Each line will be a choice your customers can choose from, multiple choices are possible.'; +$hesklang['atl1']='Enter at least one option.'; +$hesklang['sch']='Hidden'; +$hesklang['meml3']='Allow multiple emails to be entered'; +$hesklang['dmin']='Minimum accepted date'; +$hesklang['dmax']='Maximum accepted date'; +$hesklang['d_day']='day(s)'; +$hesklang['d_week']='week(s)'; +$hesklang['d_month']='month(s)'; +$hesklang['d_year']='year(s)'; +$hesklang['d_any']='Any date'; +$hesklang['d_fixed']='Fixed date'; +$hesklang['d_relative']='Relative date'; +$hesklang['d_mm']='Minimum date may not be higher than maximum date'; +$hesklang['d_emin']='Minimum date for %s is %s'; // Minimum date for FIELD_NAME is DATE +$hesklang['d_emax']='Maximum date for %s is %s'; // Maximum date for FIELD_NAME is DATE +$hesklang['d_format']='Date display format'; +$hesklang['d_custom']='Custom format'; +$hesklang['d_ci']='ADVANCED USERS ONLY: a valid PHP date format, see PHP manual.'; +$hesklang['cf_noe']='Enter a valid email address into %s'; +$hesklang['cf_noem']='Enter one or more valid email addresses into %s'; +$hesklang['cf_limit']='You have 50 active custom fields, no new can be created.'; +$hesklang['can_resolve']='Can resolve tickets'; +$hesklang['can_change_cat']='Change ticket category (to any)'; +$hesklang['can_change_own_cat']='Change ticket category (to allowed)'; +$hesklang['can_submit_any_cat']='Can submit tickets to any category'; +$hesklang['noauth_submit']='You are not authorized to submit tickets to this category!'; +$hesklang['noauth_move']='You are not authorized to move tickets to this category!'; +$hesklang['noauth_resolve']='You are not authorized to resolve tickets!'; +$hesklang['force_ssl']='Force SSL connections'; +$hesklang['d_ssl']='disabled - open this page with https:// to manage this option'; +$hesklang['enn']='Except for tickets from emails if email subject contains:'; +$hesklang['scno']='This status cannot be changed'; +$hesklang['statuses']='Statuses'; +$hesklang['statuses_intro']='Use this tool to add custom ticket statuses to your help desk'; +$hesklang['color']='Color'; +$hesklang['csscl']='CSS class or color'; +$hesklang['clr_view']='Color preview on text'; +$hesklang['cbc']='Changeable by customers'; +$hesklang['ccc']='Can customers change this status?'; +$hesklang['del_status']='Delete this status?'; +$hesklang['ex_status']='Existing Statuses'; +$hesklang['status_hesk']='Built-in Statuses (cannot be modified here)'; +$hesklang['status_custom']='Custom Statuses'; +$hesklang['status_custom_none']='No custom statuses. You can add them using the form above.'; +$hesklang['status_save']='Save Status'; +$hesklang['list_tkt_status']='List all tickets with this status'; +$hesklang['new_status']='New custom status'; +$hesklang['edit_status']='Edit custom status'; +$hesklang['err_status']='Enter the status name'; +$hesklang['status_added']='A new custom status has been added'; +$hesklang['status_e_id']='Invalid ID'; +$hesklang['status_mdf']='Custom status has been saved'; +$hesklang['status_deleted']='Custom status deleted'; +$hesklang['status_not_found']='This custom status does not exist'; +$hesklang['status_not_empty']='This status cannot be removed because tickets with this status exist'; +$hesklang['status_limit']='You have 100 custom statuses, no new can be created.'; +$hesklang['public_link']='Public link'; // Link to the public KB article in the private KB pages +$hesklang['frames']='Frames'; +$hesklang['frames2']='Prevent loading HESK in frames on third party domains'; + // DO NOT CHANGE BELOW if (!defined('IN_SCRIPT')) die('PHP syntax OK!'); From 444f05486f0d86852477a7d395e24596a20e94fd Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 4 Oct 2016 22:08:07 -0400 Subject: [PATCH 04/88] Moved more settings, removed custom fields from settings --- admin/admin_main.php | 4 +- admin/admin_settings.php | 161 ++++++++++----------------------------- 2 files changed, 44 insertions(+), 121 deletions(-) diff --git a/admin/admin_main.php b/admin/admin_main.php index 0800c0f6..9f9c519a 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -84,10 +84,10 @@ else {
- +
   
    @@ -1156,8 +1156,8 @@ $modsForHesk_settings = mfh_getSettings();
   
    @@ -1303,12 +1303,12 @@ $modsForHesk_settings = mfh_getSettings();
- -
+
@@ -1505,12 +1505,48 @@ $modsForHesk_settings = mfh_getSettings();
+
+ + +
+
+ +
+
+
+
+ + +
+
+ + + + +
+
+
- -
-
-

- -

-
- -
-
-
-

- - -
- - -
-
- -
-
-
- - - - - - - - - - - - - - - - - - - - '; - } // End FOR - ?> -
- -
- -
-

-
- 		- - - ' . $hesklang['opt'] . ' -
-
-
-
From 5094ce52008239b667efa7a09c3ccca34d4d09da Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 5 Oct 2016 13:03:38 -0400 Subject: [PATCH 05/88] Finished settings page updates --- admin/admin_settings.php | 198 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 197 insertions(+), 1 deletion(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 1a68facf..54951d0f 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -2608,6 +2608,202 @@ $modsForHesk_settings = mfh_getSettings();
+ +

+ +
+ + +
+
    +
'; + ?> + + + + + + +
+
+
+
+ + +
+ > +
+
+
+ + +
+ > +
+
+
+ + +
+ > +
+
+
+ + +
+
    +
    +
+ '; + ?> +
+
+
+ + +
+
    +
+ '; + ?> +
+
+
+ + +
+ autocomplete="off"> +
+
+
+ + +
+ autocomplete="off"> +
+
+
+
+ +
+
+ + + + + + + +
+

'; } else { echo '

'; echo isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : - ($can_assign_self ? $hesklang['unas'] . ' [' . $hesklang['asss'] . ']' : $hesklang['unas']); + ($can_assign_self ? $hesklang['unas'] . ' [' . $hesklang['asss'] . ']' : $hesklang['unas']); echo '

'; } - echo ''; echo '

' . $hesklang['category'] . '

'; - if ($can_change_cat) { + if (strlen($categories_options) && ($can_change_cat || $can_change_own_cat)) { echo '
@@ -1253,7 +1287,7 @@ require_once(HESK_PATH . 'inc/footer.inc.php'); function hesk_getAdminButtons($category_id) { - global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $isManager; + global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve, $isManager; $options = ''; @@ -1424,7 +1458,7 @@ function hesk_getAdminButtons($category_id) $isClosable = $isTicketClosedRow['Closable'] == 'yes' || $isTicketClosedRow['Closable'] == 'sonly'; $mgr = $isManager ? '&isManager=1' : ''; - if ($isTicketClosed == 0 && $isClosable) // Ticket is still open + if ($isTicketClosed == 0 && $isClosable && $can_resolve) // Ticket is still open { $dropdown .= '
  • ' . $hesklang['close_action'] . '
    • '; @@ -1434,7 +1468,7 @@ function hesk_getAdminButtons($category_id) } /* Lock ticket button */ - if ($can_edit) { + if ($can_resolve) { $template = '
  • %s
    • '; $dropdown .= $ticket['locked'] ? sprintf($template, 0, 'unlock', $hesklang['tul']) @@ -1575,7 +1609,7 @@ function mfh_print_message() {
    $v) { - if ($v['use'] && $v['place'] == 0) { + if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $ticket['category'])) { if ($modsForHesk_settings['custom_field_setting']) { $v['name'] = $hesklang[$v['name']]; } @@ -1584,12 +1618,15 @@ function mfh_print_message() { if ($v['type'] == 'date' && !empty($ticket[$k])) { $dt = hesk_date($ticket[$k], false, false); echo '
    ' . hesk_dateToString($dt, 0) . '
    '; + } elseif ($v['type'] == 'email') { + echo '
    '.$ticket[$k].'
    '; } else { echo '
    ' . $ticket[$k] . '
    '; } echo ''; } } + if ($ticket['message'] != '') { ?>
    @@ -1604,8 +1641,9 @@ function mfh_print_message() {
    $v) { - if ($v['use'] && $v['place']) { + if ($v['use'] && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { if ($modsForHesk_settings['custom_field_setting']) { $v['name'] = $hesklang[$v['name']]; } @@ -1614,6 +1652,8 @@ function mfh_print_message() { if ($v['type'] == 'date' && !empty($ticket[$k])) { $dt = hesk_date($ticket[$k], false, false); echo '
    ' . hesk_dateToString($dt, 0) . '
    '; + } elseif ($v['type'] == 'email') { + echo '
    '.$ticket[$k].'
    '; } else { echo '
    ' . $ticket[$k] . '
    '; } @@ -1751,6 +1791,13 @@ function hesk_printTicketReplies() function hesk_printReplyForm() { global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $options, $can_assign_self, $isManager, $modsForHesk_settings; + + // Force assigning a ticket before allowing to reply? + if ($hesk_settings['require_owner'] && ! $ticket['owner']) + { + hesk_show_notice($hesklang['atbr'].($can_assign_self ? '

    '.$hesklang['attm'].'' : ''), $hesklang['owneed']); + return ''; + } ?> From 6c5c9f0591890376465610707de09d5d8230aa4e Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 9 Oct 2016 21:18:24 -0400 Subject: [PATCH 10/88] Finish updating admin_ticket --- admin/admin_ticket.php | 30 ++++++++++-------------------- 1 file changed, 10 insertions(+), 20 deletions(-) diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index 4b7e3081..816c3c22 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -1996,6 +1996,10 @@ function hesk_printReplyForm() - - '; + + '.$v['name:'].' '.$v['req'].' + + + '; break; - case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } + // Email + case 'email': + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - echo ''; + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + +
    + + + '; break; - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - + // Hidden + case 'hidden': if (strlen($k_value) != 0) { - $v['value'] = $k_value; + $v['value']['hidden_default_value'] = $k_value; } - - echo '
    - -
    -
    '; - + echo ' + + '.$v['name:'].' '.$v['req'].' + ('.$hesklang['sch'].') + + '; break; /* Default text input */ default: if (strlen($k_value) != 0) { - $k_value = hesk_msgToPlain($k_value, 0, 0); - $v['value'] = $k_value; + $v['value']['default_value'] = $k_value; } + + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' -
    - -
    - -
    -
    - '; + + '.$v['name:'].' '.$v['req'].' + + + '; } } } From 67e5d805dc5c8ecc6a110d447d3a7a7515b35518 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:19:12 -0400 Subject: [PATCH 17/88] Update export --- admin/export.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/admin/export.php b/admin/export.php index 304e9594..fa47396e 100644 --- a/admin/export.php +++ b/admin/export.php @@ -389,6 +389,9 @@ if (isset($_GET['w'])) { + @@ -416,7 +419,15 @@ if (isset($_GET['w'])) { foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use']) { - $tmp .= '' . "\n"; + switch ($v['type']) { + case 'date': + $tmp_dt = hesk_custom_date_display_format($ticket[$k], 'Y-m-d\T00:00:00.000'); + $tmp .= strlen($tmp_dt) ? ''.$tmp_dt : ''; + $tmp .= " \n"; + break; + default: + $tmp .= ' ' . "\n"; + } } } From 2db83782c04f7f042606758c868c6f093d99ed28 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:20:30 -0400 Subject: [PATCH 18/88] Update find_tickets --- admin/find_tickets.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/admin/find_tickets.php b/admin/find_tickets.php index 9f667caf..8c37be01 100644 --- a/admin/find_tickets.php +++ b/admin/find_tickets.php @@ -51,6 +51,9 @@ hesk_checkPermission('can_view_tickets'); $_SERVER['PHP_SELF'] = './admin_main.php'; +// Load custom fields +require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + /* Print header */ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); From e1204b78c2966bd677d4a90c0807637227247063 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:21:24 -0400 Subject: [PATCH 19/88] Update admin index --- admin/index.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/admin/index.php b/admin/index.php index 8709a501..be1e4631 100644 --- a/admin/index.php +++ b/admin/index.php @@ -206,15 +206,15 @@ function do_login() /* Remember username? */ if ($hesk_settings['autologin'] && hesk_POST('remember_user') == 'AUTOLOGIN') { - setcookie('hesk_username', "$user", strtotime('+1 year')); - setcookie('hesk_p', "$pass_enc", strtotime('+1 year')); + hesk_setcookie('hesk_username', "$user", strtotime('+1 year')); + hesk_setcookie('hesk_p', "$pass_enc", strtotime('+1 year')); } elseif (hesk_POST('remember_user') == 'JUSTUSER') { - setcookie('hesk_username', "$user", strtotime('+1 year')); - setcookie('hesk_p', ''); + hesk_setcookie('hesk_username', "$user", strtotime('+1 year')); + hesk_setcookie('hesk_p', ''); } else { // Expire cookie if set otherwise - setcookie('hesk_username', ''); - setcookie('hesk_p', ''); + hesk_setcookie('hesk_username', ''); + hesk_setcookie('hesk_p', ''); } /* Close any old tickets here so Cron jobs aren't necessary */ @@ -510,7 +510,7 @@ function logout() /* Show success message and reset the cookie */ hesk_process_messages($hesklang['logout_success'], 'NOREDIRECT', 'SUCCESS'); - setcookie('hesk_p', ''); + hesk_setcookie('hesk_p', ''); /* Print the login form */ print_login(); From 7770b586737a774c83e43e47aa7782bf73e640f7 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:24:31 -0400 Subject: [PATCH 20/88] Update private KB --- admin/knowledgebase_private.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/admin/knowledgebase_private.php b/admin/knowledgebase_private.php index c675f387..372c2941 100644 --- a/admin/knowledgebase_private.php +++ b/admin/knowledgebase_private.php @@ -225,7 +225,7 @@ function hesk_show_kb_article($artid) hesk_kb_header($hesk_settings['kb_link'], $article['catid']); // Update views by 1 - hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `views`=`views`+1 WHERE `id`={$artid} LIMIT 1"); + hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `views`=`views`+1 WHERE `id`={$artid}"); ?>
    @@ -329,7 +329,15 @@ function hesk_show_kb_article($artid) - + From db960b2c2624727d437dce7239100862b31e1bf4 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:26:28 -0400 Subject: [PATCH 21/88] Update lock and mail --- admin/lock.php | 3 ++- admin/mail.php | 10 +++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/admin/lock.php b/admin/lock.php index 9ba669a2..d4b07be6 100644 --- a/admin/lock.php +++ b/admin/lock.php @@ -46,6 +46,7 @@ $modsForHesk_settings = mfh_getSettings(); hesk_checkPermission('can_view_tickets'); hesk_checkPermission('can_reply_tickets'); hesk_checkPermission('can_edit_tickets'); +hesk_checkPermission('can_resolve'); /* A security check */ hesk_token_check(); @@ -98,7 +99,7 @@ $statusRs = hesk_dbQuery($statusSql); $statusRow = hesk_dbFetchAssoc($statusRs); $statusId = $statusRow['ID']; -hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); +hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); /* Back to ticket page and show a success message */ hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS'); \ No newline at end of file diff --git a/admin/mail.php b/admin/mail.php index f3a5ac7c..2a5d183e 100644 --- a/admin/mail.php +++ b/admin/mail.php @@ -211,10 +211,10 @@ function mail_delete() if ($ids) { foreach ($ids as $id) { /* If both correspondents deleted the mail remove it from database, otherwise mark as deleted by this user */ - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `deletedby`='" . intval($_SESSION['id']) . "' WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`=0 LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `deletedby`='" . intval($_SESSION['id']) . "' WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`=0"); if (hesk_dbAffectedRows() != 1) { - hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`!=0 LIMIT 1"); + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`!=0"); } } @@ -236,7 +236,7 @@ function mail_mark_unread() if ($ids) { foreach ($ids as $id) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='0' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='0' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "'"); } hesk_process_messages($hesklang['smmu'], 'NOREDIRECT', 'SUCCESS'); @@ -257,7 +257,7 @@ function mail_mark_read() if ($ids) { foreach ($ids as $id) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "'"); } hesk_process_messages($hesklang['smmr'], 'NOREDIRECT', 'SUCCESS'); @@ -421,7 +421,7 @@ function show_message() /* Mark as read */ if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { - $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` SET `read`='1' WHERE `id`='".intval($id)."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` SET `read`='1' WHERE `id`='".intval($id)."'"); } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? ''.$admins[$pm[$hesk_settings['mailtmp']['other']]].'' : (($pm['from'] == 9999) ? 'HESK.com' : $hesklang['e_udel']); From 16841d9d5a00fb115a7e10b8044f692bf3e7a415 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:29:50 -0400 Subject: [PATCH 22/88] Update canned and categories --- admin/manage_canned.php | 11 +++++++---- admin/manage_categories.php | 14 +++++++------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/admin/manage_canned.php b/admin/manage_canned.php index dd7b4b56..02f22506 100644 --- a/admin/manage_canned.php +++ b/admin/manage_canned.php @@ -48,6 +48,9 @@ define('WYSIWYG', 1); /* Check permissions for this feature */ hesk_checkPermission('can_man_canned'); +// Load custom fields +require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + /* What should we do? */ if ($action = hesk_REQUEST('a')) { if (defined('HESK_DEMO')) { @@ -442,7 +445,7 @@ function edit_saved() hesk_process_messages($hesk_error_buffer, 'manage_canned.php?saved_replies=' . $id); } - $result = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `title`='" . hesk_dbEscape($savename) . "',`message`='" . hesk_dbEscape($msg) . "' WHERE `id`='" . intval($id) . "' LIMIT 1"); + $result = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `title`='" . hesk_dbEscape($savename) . "',`message`='" . hesk_dbEscape($msg) . "' WHERE `id`='" . intval($id) . "'"); unset($_SESSION['canned']['what']); unset($_SESSION['canned']['id']); @@ -501,7 +504,7 @@ function remove() $mysaved = intval(hesk_GET('id')) or hesk_error($hesklang['id_not_valid']); - hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` WHERE `id`='" . intval($mysaved) . "' LIMIT 1"); + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` WHERE `id`='" . intval($mysaved) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[reply_not_found]."); } @@ -522,7 +525,7 @@ function order_saved() $reply_move = intval(hesk_GET('move')); - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `reply_order`=`reply_order`+" . intval($reply_move) . " WHERE `id`='" . intval($replyid) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `reply_order`=`reply_order`+" . intval($reply_move) . " WHERE `id`='" . intval($replyid) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[reply_not_found]."); } @@ -532,7 +535,7 @@ function order_saved() $i = 10; while ($myreply = hesk_dbFetchAssoc($result)) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `reply_order`=" . intval($i) . " WHERE `id`='" . intval($myreply['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` SET `reply_order`=" . intval($i) . " WHERE `id`='" . intval($myreply['id']) . "'"); $i += 10; } diff --git a/admin/manage_categories.php b/admin/manage_categories.php index aaf9df54..2ffa9248 100644 --- a/admin/manage_categories.php +++ b/admin/manage_categories.php @@ -549,7 +549,7 @@ function change_priority() $priority = 3; } - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `priority`='{$priority}' WHERE `id`='" . intval($catid) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `priority`='{$priority}' WHERE `id`='" . intval($catid) . "'"); hesk_cleanSessionVars('cat_ch_priority'); @@ -703,7 +703,7 @@ function update_category() `manager` = " . intval($manager) . ", `color` = " . $color . ", `usage` = " . intval($usage) . " - WHERE `id`='" . intval($catid) . "' LIMIT 1"); + WHERE `id`='" . intval($catid) . "'"); unset($_SESSION['selcat']); unset($_SESSION['catname2']); @@ -726,7 +726,7 @@ function remove() hesk_process_messages($hesklang['cant_del_default_cat'], $_SERVER['PHP_SELF']); } - hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . intval($mycat) . "' LIMIT 1"); + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . intval($mycat) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[cat_not_found]."); } @@ -749,7 +749,7 @@ function order_cat() $cat_move = intval(hesk_GET('move')); - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `cat_order`=`cat_order`+" . intval($cat_move) . " WHERE `id`='" . intval($catid) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `cat_order`=`cat_order`+" . intval($cat_move) . " WHERE `id`='" . intval($catid) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[cat_not_found]."); } @@ -759,7 +759,7 @@ function order_cat() $i = 10; while ($mycat = hesk_dbFetchAssoc($res)) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `cat_order`=" . intval($i) . " WHERE `id`='" . intval($mycat['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `cat_order`=" . intval($i) . " WHERE `id`='" . intval($mycat['id']) . "'"); $i += 10; } @@ -787,7 +787,7 @@ function toggle_autoassign() } /* Update auto-assign settings */ - $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `autoassign`='" . intval($autoassign) . "' WHERE `id`='" . intval($catid) . "' LIMIT 1"); + $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `autoassign`='" . intval($autoassign) . "' WHERE `id`='" . intval($catid) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } @@ -816,7 +816,7 @@ function toggle_type() } /* Update auto-assign settings */ - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } From 64f1f9970513ee5c4eaf485900cf49abfd873632 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:34:27 -0400 Subject: [PATCH 23/88] Update manage kb --- admin/manage_knowledgebase.php | 38 +++++++++++++++++----------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/admin/manage_knowledgebase.php b/admin/manage_knowledgebase.php index b1b5cb3a..412af5c6 100644 --- a/admin/manage_knowledgebase.php +++ b/admin/manage_knowledgebase.php @@ -1001,7 +1001,7 @@ function remove_kb_att() // Remove attachment from article $art['attachments'] = str_replace($att_id.'#'.$att['real_name'].',','',$art['attachments']); - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `attachments`='".hesk_dbEscape($art['attachments'])."', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($id)."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `attachments`='".hesk_dbEscape($art['attachments'])."', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($id)."'"); hesk_process_messages($hesklang['kb_att_rem'],'manage_knowledgebase.php?a=edit_article&id='.$id,'SUCCESS'); } // END remove_kb_att() @@ -1074,7 +1074,7 @@ function edit_category() } // Now delete the category - hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."' LIMIT 1"); + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."'"); $_SESSION['hide'] = array( //'treemenu' => 1, @@ -1085,7 +1085,7 @@ function edit_category() hesk_process_messages($hesklang['kb_cat_dlt'],'./manage_knowledgebase.php','SUCCESS'); } - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `name`='".hesk_dbEscape($title)."',`parent`=".intval($parent).",`type`='".intval($type)."' WHERE `id`='".intval($catid)."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `name`='".hesk_dbEscape($title)."',`parent`=".intval($parent).",`type`='".intval($type)."' WHERE `id`='".intval($catid)."'"); unset($_SESSION['hide']); @@ -1124,9 +1124,9 @@ function save_article() $content = hesk_getHTML( hesk_POST('content') ); // Clean the HTML code - require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.standalone.php'); - $purifier = new HTMLPurifier(); - $content = $purifier->purify($content); + require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.php'); + $purifier = new HeskHTMLPurifier(); + $content = $purifier->heskPurify($content); } else { @@ -1236,7 +1236,7 @@ function save_article() `html`='".intval($html)."', `sticky`='".intval($sticky)."', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') - WHERE `id`='".intval($id)."' LIMIT 1"); + WHERE `id`='".intval($id)."'"); $_SESSION['artord'] = $id; @@ -1984,9 +1984,9 @@ function new_article() $content = hesk_getHTML( hesk_POST('content') ); // Clean the HTML code - require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.standalone.php'); - $purifier = new HTMLPurifier(); - $content = $purifier->purify($content); + require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.php'); + $purifier = new HeskHTMLPurifier(); + $content = $purifier->heskPurify($content); } else { @@ -2137,7 +2137,7 @@ function remove_article() $article = hesk_dbFetchAssoc($result); $catid = intval($article['catid']); - $result = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `id`='".intval($id)."' LIMIT 1"); + $result = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `id`='".intval($id)."'"); // Remove any attachments delete_kb_attachments($article['attachments']); @@ -2172,7 +2172,7 @@ function order_category() $_SESSION['newcat'] = $catid; - $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `cat_order`=`cat_order`+".intval($move)." WHERE `id`='".intval($catid)."' LIMIT 1"); + $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `cat_order`=`cat_order`+".intval($move)." WHERE `id`='".intval($catid)."'"); if (hesk_dbAffectedRows() != 1) { hesk_error($hesklang['kb_cat_inv']); @@ -2198,7 +2198,7 @@ function order_article() $_SESSION['artord'] = $id; - $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `art_order`=`art_order`+".intval($move)." WHERE `id`='".intval($id)."' LIMIT 1"); + $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `art_order`=`art_order`+".intval($move)." WHERE `id`='".intval($id)."'"); if (hesk_dbAffectedRows() != 1) { hesk_error($hesklang['kb_art_id']); @@ -2306,7 +2306,7 @@ function toggle_sticky() $_SESSION['artord'] = $id; /* Update article "sticky" status */ - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "'"); /* Update article order */ update_article_order($catid); @@ -2336,7 +2336,7 @@ function update_article_order($catid) $previous_sticky = $article['sticky']; } - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `art_order`=".intval($i)." WHERE `id`='".intval($article['id'])."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `art_order`=".intval($i)." WHERE `id`='".intval($article['id'])."'"); $i += 10; } @@ -2356,7 +2356,7 @@ function update_category_order() while ( $category = hesk_dbFetchAssoc($res) ) { - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `cat_order`=".intval($i)." WHERE `id`='".intval($category['id'])."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `cat_order`=".intval($i)." WHERE `id`='".intval($category['id'])."'"); $i += 10; } @@ -2396,7 +2396,7 @@ function update_count($show_success=0) $value['articles'] = isset($value['articles']) ? $value['articles'] : 0; $value['articles_private'] = isset($value['articles_private']) ? $value['articles_private'] : 0; $value['articles_draft'] = isset($value['articles_draft']) ? $value['articles_draft'] : 0; - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `articles`={$value['articles']}, `articles_private`={$value['articles_private']}, `articles_draft`={$value['articles_draft']} WHERE `id`='{$catid}' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `articles`={$value['articles']}, `articles_private`={$value['articles_private']}, `articles_draft`={$value['articles_draft']} WHERE `id`='{$catid}'"); } // Show a success message? @@ -2469,7 +2469,7 @@ function delete_kb_attachments($attachments) hesk_unlink(HESK_PATH.$hesk_settings['attach_dir'].'/'.$file['saved_name']); } - $result = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_attachments` WHERE `att_id`='".intval($att_id)."' LIMIT 1"); + $result = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_attachments` WHERE `att_id`='".intval($att_id)."'"); } return true; @@ -2485,7 +2485,7 @@ function hesk_stray_article($id) $article['catid'] = 1; // Update database - hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `catid`=1 WHERE `id`='".intval($id)."' LIMIT 1"); + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `catid`=1 WHERE `id`='".intval($id)."'"); // Update count of articles in categories update_count(); From c3c4a584f9f5305f01a2761d4bd6b09f8c839823 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 13:36:22 -0400 Subject: [PATCH 24/88] Update ticket tpls --- admin/manage_ticket_templates.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/admin/manage_ticket_templates.php b/admin/manage_ticket_templates.php index 5f60a975..b0fca927 100644 --- a/admin/manage_ticket_templates.php +++ b/admin/manage_ticket_templates.php @@ -408,7 +408,7 @@ function edit_saved() hesk_process_messages($hesk_error_buffer, 'manage_ticket_templates.php?saved_replies=' . $id); } - $result = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `title`='" . hesk_dbEscape($savename) . "',`message`='" . hesk_dbEscape($msg) . "' WHERE `id`='" . intval($id) . "' LIMIT 1"); + $result = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `title`='" . hesk_dbEscape($savename) . "',`message`='" . hesk_dbEscape($msg) . "' WHERE `id`='" . intval($id) . "'"); unset($_SESSION['canned']['what']); unset($_SESSION['canned']['id']); @@ -467,7 +467,7 @@ function remove() $mysaved = intval(hesk_GET('id')) or hesk_error($hesklang['id_not_valid']); - hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` WHERE `id`='" . intval($mysaved) . "' LIMIT 1"); + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` WHERE `id`='" . intval($mysaved) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[ticket_tpl_not_found]."); } @@ -488,7 +488,7 @@ function order_saved() $tpl_move = intval(hesk_GET('move')); - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[ticket_tpl_not_found]."); } @@ -498,7 +498,7 @@ function order_saved() $i = 10; while ($mytpl = hesk_dbFetchAssoc($result)) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "'"); $i += 10; } From e9632e57644181a26e53990ea940ca989f948a72 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 21:25:36 -0400 Subject: [PATCH 25/88] Update manage_users --- admin/manage_users.php | 19 ++++++++++++++++++- inc/common.inc.php | 7 +++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/admin/manage_users.php b/admin/manage_users.php index 767b0da8..676ed631 100644 --- a/admin/manage_users.php +++ b/admin/manage_users.php @@ -86,6 +86,7 @@ $default_userdata = array( 'notify_customer_new' => 1, 'notify_customer_reply' => 1, 'show_suggested' => 1, + 'autoreload' => 0, 'default_calendar_view' => $default_view, // Notifications @@ -521,6 +522,7 @@ function new_user() `heskprivileges`, `afterreply`, `autostart`, + `autoreload`, `notify_customer_new`, `notify_customer_reply`, `show_suggested`, @@ -547,6 +549,7 @@ function new_user() '" . hesk_dbEscape($myuser['features']) . "', '" . ($myuser['afterreply']) . "' , '" . ($myuser['autostart']) . "' , + '" . ($myuser['autoreload']) . "' , '" . ($myuser['notify_customer_new']) . "' , '" . ($myuser['notify_customer_reply']) . "' , '" . ($myuser['show_suggested']) . "' , @@ -673,6 +676,7 @@ function update_user() `heskprivileges`='" . hesk_dbEscape($myuser['features']) . "', `afterreply`='" . ($myuser['afterreply']) . "' , `autostart`='" . ($myuser['autostart']) . "' , + `autoreload`='" . ($myuser['autoreload']) . "' , `notify_customer_new`='" . ($myuser['notify_customer_new']) . "' , `notify_customer_reply`='" . ($myuser['notify_customer_reply']) . "' , `show_suggested`='" . ($myuser['show_suggested']) . "' , @@ -688,7 +692,7 @@ function update_user() `autorefresh`=" . intval($myuser['autorefresh']) . ", `permission_template`=" . intval($myuser['template']) . ", `default_calendar_view`=" . intval($myuser['default_calendar_view']) . " - WHERE `id`='" . intval($myuser['id']) . "' LIMIT 1"); + WHERE `id`='" . intval($myuser['id']) . "'"); // If they are now inactive, remove any manager rights if (!$myuser['active']) { @@ -788,6 +792,19 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user $myuser['notify_customer_new'] = isset($_POST['notify_customer_new']) ? 1 : 0; $myuser['notify_customer_reply'] = isset($_POST['notify_customer_reply']) ? 1 : 0; $myuser['show_suggested'] = isset($_POST['show_suggested']) ? 1 : 0; + $myuser['autoreload'] = isset($_POST['autoreload']) ? 1 : 0; + + if ($myuser['autoreload']) { + $myuser['autoreload'] = intval(hesk_POST('reload_time')); + + if (hesk_POST('secmin') == 'min') { + $myuser['autoreload'] *= 60; + } + + if ($myuser['autoreload'] < 0 || $myuser['autoreload'] > 65535) { + $myuser['autoreload'] = 30; + } + } $myuser['default_calendar_view'] = hesk_POST('default-calendar-view', 0); /* Notifications */ diff --git a/inc/common.inc.php b/inc/common.inc.php index d930433f..3cac75b8 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -1769,8 +1769,11 @@ function hesk_getFeatureArray() 'can_del_tickets', /* User can delete tickets */ 'can_edit_tickets', /* User can edit tickets */ 'can_merge_tickets', /* User can merge tickets */ + 'can_resolve', /* User can resolve tickets */ + 'can_submit_any_cat', /* User can submit a ticket to any category/department */ 'can_del_notes', /* User can delete ticket notes posted by other staff members */ - 'can_change_cat', /* User can move ticke to a new category/department */ + 'can_change_cat', /* User can move ticket to any category/department */ + 'can_change_own_cat', /* User can move ticket to a category/department he/she has access to */ 'can_man_kb', /* User can manage knowledgebase articles and categories */ 'can_man_users', /* User can create and edit staff accounts */ 'can_man_cat', /* User can manage categories/departments */ @@ -1790,7 +1793,7 @@ function hesk_getFeatureArray() 'can_ban_ips', /* User can ban IP addresses */ 'can_unban_ips', /* User can delete IP bans. Also enables "can_ban_ips" */ 'can_service_msg', /* User can manage service messages shown in customer interface */ - 'can_man_email_tpl', /* User can manage email templates */ + 'can_email_tpl', /* User can manage email templates */ 'can_man_ticket_statuses', /* User can manage ticket statuses */ 'can_set_manager', /* User can set category managers */ 'can_man_permission_tpl', /* User can manage permission templates */ From 41c858aa9bae5a207d5989132b24bc40821b235e Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 12 Oct 2016 21:29:44 -0400 Subject: [PATCH 26/88] Update move category --- admin/move_category.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/admin/move_category.php b/admin/move_category.php index cedd2216..d78b8ab3 100755 --- a/admin/move_category.php +++ b/admin/move_category.php @@ -44,7 +44,9 @@ hesk_isLoggedIn(); $modsForHesk_settings = mfh_getSettings(); /* Check permissions for this feature */ -hesk_checkPermission('can_change_cat'); +if (hesk_checkPermission('can_change_cat', 0)) { + hesk_checkPermission('can_change_own_cat'); +} /* A security check */ hesk_token_check('POST'); @@ -73,6 +75,11 @@ if (!$row['autoassign']) { /* Is user allowed to view tickets in new category? */ $category_ok = hesk_okCategory($category, 0); +// Is user allowed to move tickets to this category? +if (!$category_ok && !hesk_checkPermission('can_submit_any_cat', 0)) { + hesk_process_messages($hesklang['noauth_move'],'admin_main.php'); +} + /* Get details about the original ticket */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { @@ -113,7 +120,7 @@ if ($need_to_reassign || !$ticket['owner']) { } } -hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); +hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); $ticket['category'] = $category; From 0beabedf81a0345940baa6034851f1a0e11156c4 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 17 Oct 2016 22:09:51 -0400 Subject: [PATCH 27/88] Getting started on admin_ticket --- admin/new_ticket.php | 316 +++++++++++++++++-------------------------- 1 file changed, 124 insertions(+), 192 deletions(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index cedc18e8..fad34c8f 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -48,6 +48,9 @@ hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); +// Load custom fields +require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + // Pre-populate fields // Customer name if (isset($_REQUEST['name'])) { @@ -122,6 +125,35 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); /* Print admin navigation */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); +// Get categories +$hesk_settings['categories'] = array(); + +if (hesk_checkPermission('can_submit_any_cat', 0)) { + $res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC"); +} else { + $res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC"); +} + +while ($row = hesk_dbFetchAssoc($res)) { + $hesk_settings['categories'][$row['id']] = $row['name']; +} + +$number_of_categories = count($hesk_settings['categories']); + +if ($number_of_categories == 0) { + $category = 1; +} elseif ($number_of_categories == 1) { + $category = current(array_keys($hesk_settings['categories'])); +} else { + $category = isset($_GET['catid']) ? hesk_REQUEST('catid'): hesk_REQUEST('category'); + + // Force the customer to select a category? + if (!isset($hesk_settings['categories'][$category])) { + return print_select_category($number_of_categories); + } +} + + $showRs = hesk_dbQuery("SELECT `show` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "quick_help_sections` WHERE `id` = 5"); $show = hesk_dbFetchAssoc($showRs); $show_quick_help = $show['show']; @@ -129,7 +161,11 @@ $show_quick_help = $show['show'];
      2. -
      3. + 1): ?> +
      4. + +
      5. +
    - +
    - placeholder="" - onkeyup="disableIfEmpty('email-input','notify-email')"> + onkeyup="disableIfEmpty('email','notify-email')">
    - - -
    - - -
    - -
    -
    -
    + $v) { - if ($v['use'] && $v['place'] == 0) { + if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $category)) { if ($modsForHesk_settings['custom_field_setting']) { $v['name'] = $hesklang[$v['name']]; } - // $v['req'] = $v['req'] ? '*' : ''; - // Staff doesn't need to fill in required custom fields - $v['req'] = ''; + $v['req'] = $v['req']==2 ? '*' : ''; if ($v['type'] == 'checkbox' && !isset($_GET["c_$k"])) { $k_value = array(); @@ -374,10 +377,9 @@ $show_quick_help = $show['show']; case 'radio': echo '
    '; - $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - foreach ($options as $option) { + foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; @@ -409,15 +411,11 @@ $show_quick_help = $show['show'];
    '; break; - case 'multiselect': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    -
    -
    - - -
    '; - break; - /* Checkbox */ case 'checkbox': //Clean up multiple dashes or whitespaces @@ -469,11 +436,9 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s_]/", "-", $v['name']); echo '
    '; - $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - foreach ($options as $option) { - + foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option, $k_value)) { $checked = 'checked="checked"'; } else { @@ -491,15 +456,11 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - $size = explode('#', $v['value']); - $size[0] = empty($size[0]) ? 5 : intval($size[0]); - $size[1] = empty($size[1]) ? 30 : intval($size[1]); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo '
    -
    +
    '; break; @@ -516,20 +477,20 @@ $show_quick_help = $show['show']; echo '
    - +
    - ' . $hesklang['date_format'] . ' + maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" readonly>
    '; break; - case 'email': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + if (strlen($k_value) != 0) { $v['value'] = $k_value; } @@ -543,8 +504,8 @@ $show_quick_help = $show['show']; echo '
    -
    -
    '; +
    +
    '; break; @@ -554,13 +515,9 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s_]/", "-", $formattedId); if (strlen($k_value) != 0) { - $v['value'] = $k_value; + $v['value']['hidden_default_value'] = $k_value; } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo ''; - + $hidden_cf_buffer .= ''; break; case 'readonly': @@ -587,15 +544,15 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - if (strlen($k_value) != 0) { - $v['value'] = $k_value; + if (strlen($k_value) != 0 || isset($_SESSION["as_$k"])) { + $v['value']['default_value'] = $k_value; } $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo '
    -
    +
    '; } } @@ -750,17 +707,28 @@ $show_quick_help = $show['show']; $has_error = ''; if (in_array('subject', $_SESSION['iserror'])) { $has_error = 'has-error'; - }?> + } + + $red_star = ''; + $validator = ''; + if ($hesk_settings['require_subject'] == 1) { + $red_star = '*'; + $validator = 'data-error="' . htmlspecialchars($hesklang['enter_subject']) . '"" required'; + } + ?>
    - +
    + >
    @@ -768,16 +736,27 @@ $show_quick_help = $show['show']; $has_error = ''; if (in_array('message', $_SESSION['iserror'])) { $has_error = 'has-error'; - } ?> + } + + $red_star = ''; + $validator = ''; + if ($hesk_settings['require_message'] == 1) { + $red_star = '*'; + $validator = 'data-error="' . htmlspecialchars($hesklang['enter_message']) . '"" required'; + } + ?>
    - +
    @@ -789,14 +768,12 @@ $show_quick_help = $show['show']; /* custom fields AFTER comments */ foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use'] && $v['place']) { + if ($v['use'] && $v['place'] == 1 && hesk_is_custom_field_in_category($k, $category)) { if ($modsForHesk_settings['custom_field_setting']) { $v['name'] = $hesklang[$v['name']]; } - // $v['req'] = $v['req'] ? '*' : ''; - // Staff doesn't need to fill in required custom fields - $v['req'] = ''; + $v['req'] = $v['req'] == 2 ? '*' : ''; if ($v['type'] == 'checkbox') { $k_value = array(); @@ -814,16 +791,11 @@ $show_quick_help = $show['show']; switch ($v['type']) { /* Radio box */ case 'radio': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - echo '
    '; - $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - foreach ($options as $option) { + foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; @@ -832,6 +804,10 @@ $show_quick_help = $show['show']; $checked = ''; } + //Clean up multiple dashes or whitespaces + $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + echo '
    '; } @@ -840,25 +816,22 @@ $show_quick_help = $show['show']; /* Select drop-down box */ case 'select': + //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    + echo '
    +
    '; break; @@ -927,51 +893,20 @@ $show_quick_help = $show['show']; echo '
    - +
    - ' . $hesklang['date_format'] . ' + maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" readonly>
    '; break; - - case 'multiselect': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    -
    -
    - - -
    '; - break; - case 'email': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + if (strlen($k_value) != 0) { $v['value'] = $k_value; } @@ -985,8 +920,8 @@ $show_quick_help = $show['show']; echo '
    -
    -
    '; +
    +
    '; break; @@ -996,13 +931,9 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s_]/", "-", $formattedId); if (strlen($k_value) != 0) { - $v['value'] = $k_value; + $v['value']['hidden_default_value'] = $k_value; } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo ''; - + $hidden_cf_buffer .= ''; break; case 'readonly': @@ -1029,15 +960,15 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - if (strlen($k_value) != 0) { - $v['value'] = $k_value; + if (strlen($k_value) != 0 || isset($_SESSION["as_$k"])) { + $v['value']['default_value'] = $k_value; } $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo '
    -
    +
    '; } } @@ -1145,6 +1076,7 @@ $show_quick_help = $show['show']; +
    From b41928ee835c1acb1a856a74c357c215a5eebfe2 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 18 Oct 2016 21:35:04 -0400 Subject: [PATCH 28/88] Update new ticket. Probably broken right now but it's something --- admin/new_ticket.php | 77 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index fad34c8f..d818c168 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -1118,4 +1118,79 @@ hesk_cleanSessionVars('isnotice'); require_once(HESK_PATH . 'inc/footer.inc.php'); exit(); -?> + +/*** START FUNCTIONS ***/ + + +function print_select_category($number_of_categories) { + global $hesk_settings, $hesklang; + + // A category needs to be selected + if (isset($_GET['category']) && empty($_GET['category'])) { + hesk_process_messages($hesklang['sel_app_cat'],'NOREDIRECT','NOTICE'); + } + + /* This will handle error, success and notice messages */ + hesk_handle_messages(); + ?> + +
    + +

    + +
    + $hesk_settings['cat_show_select']) + { + ?> + + + +  
    + +
    + +
    + + + + +
    +
    + +

     

    + + Date: Tue, 18 Oct 2016 21:35:25 -0400 Subject: [PATCH 29/88] Delete options.php --- admin/options.php | 393 ---------------------------------------------- 1 file changed, 393 deletions(-) delete mode 100644 admin/options.php diff --git a/admin/options.php b/admin/options.php deleted file mode 100644 index beee06fc..00000000 --- a/admin/options.php +++ /dev/null @@ -1,393 +0,0 @@ - - - - - <?php echo $hesklang['opt']; ?> - - - - - -

    - -

    - - - function hesk_saveOptions() - { - window.opener.document.getElementById(\'s_' . $id . '_val\').value = document.getElementById(\'o2\').value; - window.opener.document.getElementById(\'s_' . $id . '_maxlen\').value = document.getElementById(\'o1\').value; - window.close(); - } - -
    : + ' . $hesklang['public_link'] . ']'; + } + ?> +
    :
    - - - - - - -
    ' . $hesklang['custom_l'] . ': -
    ' . $hesklang['defw'] . ': -
    -

    - '; - break; - case 'hidden': - echo ' - -

    ' . $hesklang['hidden_custom_field_help'] . '

    - - - - -
    ' . $hesklang['value_colon'] . ' -
    -

    - '; - break; - case 'readonly': - echo ' - -

    ' . $hesklang['readonly_custom_field_help'] . '

    - - - - -
    ' . $hesklang['value_colon'] . ' -
    -

    - '; - break; - case 'textarea': - if (strpos($query, '#') !== false) { - list($rows, $cols) = explode('#', $query); - } else { - $rows = ''; - $cols = ''; - } - echo ' - - - - - - - - -
    ' . $hesklang['rows'] . ': -
    ' . $hesklang['cols'] . ': -
    -

    - '; - break; - case 'radio': - $options = str_replace('#HESK#', "\n", $query); - echo ' - - -

    ' . $hesklang['opt2'] . '

    - -

    - '; - break; - case 'select': - $query = str_replace('{HESK_SELECT}', '', $query, $show_select); - - $options = str_replace('#HESK#', "\n", $query); - echo ' - - -

    ' . $hesklang['opt3'] . '

    -

    - -

    - '; - break; - case 'checkbox': - $options = str_replace('#HESK#', "\n", $query); - echo ' - - -

    ' . $hesklang['opt4'] . '

    - -

    - '; - break; - case 'date': - echo '

    ' . $hesklang['date_custom_field_text'] . '

    '; - break; - case 'multiselect': - $options = str_replace('#HESK#', "\n", $query); - echo ' - - -

    ' . $hesklang['multiple_select_custom_field_text'] . '

    - -

    - '; - break; - case 'email': - $ccSelected = $query == 'cc' ? 'selected="selected"' : ''; - $bccSelected = $query == 'bcc' ? 'selected="selected"' : ''; - echo ' - -

    ' . $hesklang['email_custom_field_help'] . '

    - - - - - -
    ' . $hesklang['email_custom_field_label'] . ': - -
    -

    - '; - break; - default: - die('Invalid type'); -} -?> - -

    - -

     

    - - - - - From f446cac055db0a452e902456536b7ddbf92b0333 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 18 Oct 2016 21:47:59 -0400 Subject: [PATCH 30/88] Update profile --- admin/profile.php | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/admin/profile.php b/admin/profile.php index 83570eec..f8a54e57 100644 --- a/admin/profile.php +++ b/admin/profile.php @@ -115,7 +115,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); /* Only update if it's a valid language */ if (isset($hesk_settings['languages'][$newlang])) { $newlang = ($newlang == HESK_DEFAULT_LANGUAGE) ? "NULL" : "'" . hesk_dbEscape($newlang) . "'"; - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `language`=$newlang WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `language`=$newlang WHERE `id`='" . intval($_SESSION['id']) . "'"); } } @@ -232,6 +232,19 @@ function update_profile() $_SESSION['new']['notify_customer_new'] = isset($_POST['notify_customer_new']) ? 1 : 0; $_SESSION['new']['notify_customer_reply'] = isset($_POST['notify_customer_reply']) ? 1 : 0; $_SESSION['new']['show_suggested'] = isset($_POST['show_suggested']) ? 1 : 0; + $_SESSION['new']['autoreload'] = isset($_POST['autoreload']) ? 1 : 0; + + if ($_SESSION['new']['autoreload']) { + $_SESSION['new']['autoreload'] = intval(hesk_POST('reload_time')); + + if (hesk_POST('secmin') == 'min') { + $_SESSION['new']['autoreload'] *= 60; + } + + if ($_SESSION['new']['autoreload'] < 0 || $_SESSION['new']['autoreload'] > 65535) { + $_SESSION['new']['autoreload'] = 30; + } + } /* Auto-start ticket timer */ $_SESSION['new']['autostart'] = isset($_POST['autostart']) ? 1 : 0; @@ -239,9 +252,6 @@ function update_profile() /* Default calendar view */ $_SESSION['new']['default_calendar_view'] = hesk_POST('default-calendar-view', 0); - /* Update auto-refresh time */ - $_SESSION['new']['autorefresh'] = isset($_POST['autorefresh']) ? $_POST['autorefresh'] : 0; - /* Notifications */ if (!(!$_SESSION[$session_array]['isadmin'] && isset($_SESSION[$session_array]['heskprivileges']) && strpos($_SESSION[$session_array]['heskprivileges'], 'can_change_notification_settings') === false)) { @@ -274,7 +284,7 @@ function update_profile() $sql_pass , `afterreply`='" . intval($_SESSION['new']['afterreply']) . "' , `autostart`='" . intval($_SESSION['new']['autostart']) . "' , - `autorefresh`='" . intval($_SESSION['new']['autorefresh']) . "' , + `autoreload`='".($_SESSION['new']['autoreload'])."' , `notify_new_unassigned`='" . intval($_SESSION['new']['notify_new_unassigned']) . "' , `notify_new_my`='" . intval($_SESSION['new']['notify_new_my']) . "' , `notify_reply_unassigned`='" . intval($_SESSION['new']['notify_reply_unassigned']) . "' , @@ -288,7 +298,7 @@ function update_profile() `notify_overdue_unassigned`='" . $_SESSION['new']['notify_overdue_unassigned'] . "', `show_suggested`='" . $_SESSION['new']['show_suggested'] . "', `default_calendar_view`=" . intval($_SESSION['new']['default_calendar_view']) . " - WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1" + WHERE `id`='" . intval($_SESSION['id']) . "'" ); /* Process the session variables */ From 4394a960909d1b61775d2182016e824e9b73bb3a Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 18 Oct 2016 21:56:19 -0400 Subject: [PATCH 31/88] Update service messages --- admin/service_messages.php | 39 ++++++++++++++++++-------------------- 1 file changed, 18 insertions(+), 21 deletions(-) diff --git a/admin/service_messages.php b/admin/service_messages.php index ccd10196..5e8d0978 100644 --- a/admin/service_messages.php +++ b/admin/service_messages.php @@ -111,22 +111,19 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
  • ' . $hesklang['statuses'] . '
    • + '; + } + // Show a link to custom_fields.php if user has permission to do so + if ( hesk_checkPermission('can_man_settings',0) ) { + echo ' +
  • + ' . $hesklang['tab_4'] . ' +
    • '; } ?>
    -
    purify($message); + require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); + $purifier = new HeskHTMLPurifier(); + $message = $purifier->heskPurify($message); // Any errors? if (count($hesk_error_buffer)) { @@ -547,7 +544,7 @@ function save_sm() `style` = '{$style}', `type` = '{$type}', `icon` = '{$icon}' - WHERE `id`={$id} LIMIT 1"); + WHERE `id`={$id}"); $_SESSION['smord'] = $id; hesk_process_messages($hesklang['sm_mdf'], 'service_messages.php', 'SUCCESS'); @@ -588,7 +585,7 @@ function order_sm() $_SESSION['smord'] = $id; // Update article details - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id} LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id}"); // Update order of all service messages update_sm_order(); @@ -610,7 +607,7 @@ function update_sm_order() // Update database $i = 10; while ($sm = hesk_dbFetchAssoc($res)) { - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "'"); $i += 10; } @@ -630,7 +627,7 @@ function remove_sm() $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']); // Delete the service message - hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1"); + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id}"); // Were we successful? if (hesk_dbAffectedRows() == 1) { @@ -663,9 +660,9 @@ function new_sm() $message = hesk_getHTML(hesk_POST('message')); // Clean the HTML code - require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.standalone.php'); - $purifier = new HTMLPurifier(); - $message = $purifier->purify($message); + require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); + $purifier = new HeskHTMLPurifier(); + $message = $purifier->heskPurify($message); // Any errors? if (count($hesk_error_buffer)) { From 27ded2f5938339fe8f2d5514bae0f06787e8008b Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 18 Oct 2016 21:57:33 -0400 Subject: [PATCH 32/88] Update show_tickets --- admin/show_tickets.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/admin/show_tickets.php b/admin/show_tickets.php index 7d510547..22ff698b 100644 --- a/admin/show_tickets.php +++ b/admin/show_tickets.php @@ -45,6 +45,7 @@ hesk_dbConnect(); hesk_isLoggedIn(); define('CALENDAR', 1); +define('AUTO_RELOAD',1); /* Check permissions for this feature */ hesk_checkPermission('can_view_tickets'); @@ -69,6 +70,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    + + Date: Tue, 18 Oct 2016 22:01:33 -0400 Subject: [PATCH 33/88] Update change_status --- change_status.php | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/change_status.php b/change_status.php index 11b2a48f..4d6ce44b 100644 --- a/change_status.php +++ b/change_status.php @@ -107,11 +107,21 @@ hesk_dbConnect(); // Verify email address match if needed hesk_verifyEmailMatch($trackingID); +// Setup required session vars +$_SESSION['t_track'] = $trackingID; +$_SESSION['t_email'] = $hesk_settings['e_email']; + +// Load statuses +require_once(HESK_PATH . 'inc/statuses.inc.php'); + +// Is current ticket status even changeable by customers? +$ticket = hesk_dbFetchAssoc( hesk_dbQuery( "SELECT `status`, `staffreplies`, `lastreplier` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `trackid`='".hesk_dbEscape($trackingID)."' LIMIT 1") ); +if (!hesk_can_customer_change_status($ticket['status'])) { + hesk_process_messages($hesklang['scno'],'ticket.php'); +} + // Lets make status assignment a bit smarter when reopening tickets if ($oldStatus == 2) { - // Get number of replies and last replier (customer or staff) - $ticket = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `staffreplies`, `lastreplier` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1")); - // If ticket has no staff replies set the status to "New" if ($ticket['staffreplies'] < 1) { $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsNewTicketStatus` = 1'); @@ -128,11 +138,11 @@ if ($oldStatus == 2) { // Modify values in the database -hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND `locked` != '1' LIMIT 1"); +hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND `locked` != '1'"); // Did we modify anything* if (hesk_dbAffectedRows() != 1) { - hesk_error($hesklang['elocked']); + hesk_process_messages($hesklang['elocked'],'ticket.php'); } // Show success message From b5955502e5111d35acbaec161b858b6bda6a08d0 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 22 Oct 2016 21:39:11 -0400 Subject: [PATCH 34/88] Update hesk_javascript --- hesk_javascript.js | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/hesk_javascript.js b/hesk_javascript.js index 2372420d..fed60f01 100644 --- a/hesk_javascript.js +++ b/hesk_javascript.js @@ -241,9 +241,10 @@ function hesk_suggestKBsearch(isAdmin) { setTimeout('hesk_suggestKBsearch(' + isAdmin + ');', 2000); } -function hesk_suggestEmail(isAdmin) { - var email = document.form1.email.value; - var element = document.getElementById('email_suggestions'); +function hesk_suggestEmail(emailField, displayDiv, padDiv, isAdmin, allowMultiple) { + allowMultiple = allowMultiple || 0; + var email = document.getElementById(emailField).value; + var element = document.getElementById(displayDiv); if (isAdmin) { var path = '../suggest_email.php'; @@ -253,7 +254,11 @@ function hesk_suggestEmail(isAdmin) { } if (email != '') { - var params = "e=" + encodeURIComponent(email); + var params = "e=" + encodeURIComponent(email) + "&ef=" + encodeURIComponent(emailField) + "&dd=" + encodeURIComponent(displayDiv) + "&pd=" + encodeURIComponent(padDiv); + + if (allowMultiple) { + params += "&am=1"; + } xmlHttp = GetXmlHttpObject(); if (xmlHttp == null) { @@ -369,7 +374,7 @@ function hesk_contains(password, validChars) { } function setCookie(name, value, expires, path, domain, secure) { - document.cookie = name + "=" + escape(value) + + document.cookie= name + "=" + escape(value) + ((expires) ? "; expires=" + expires.toGMTString() : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + From a960a0989271742ee2bc6dc5f638501eea513880 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 22 Oct 2016 21:42:22 -0400 Subject: [PATCH 35/88] Update hesk_style --- hesk_style.css | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/hesk_style.css b/hesk_style.css index 99749089..d3b66a4a 100644 --- a/hesk_style.css +++ b/hesk_style.css @@ -755,4 +755,60 @@ td.admin_yellow { height:16px; font-size:12px; margin-top:2px; +} + +/* New styles in HESK version 2.7 */ + +div.select_category +{ + min-width: 50%; + min-height: 300px; + display: inline-block; + text-align:left; + margin-top: 10px; +} + +#select_category { + border: 1px solid #111; + background: transparent; + width: 100%; + padding: 5px 35px 5px 5px; + font-size: 14px; + border: 1px solid #ccc; + height: 34px; +} + +#ul_category { + list-style-type: none; + margin: 0; + padding: 0; +} + +#ul_category li { + border: 1px solid #d1d5d7; + border-top: none; + border-radius: 2px; +} + +#ul_category li:first-child { + border-top: 1px solid #d1d5d7; +} + +#ul_category li a { + display: block; + font-size: 14px; + padding: 0.75em 0.75em; + text-decoration: none; + transition: all 0.12s ease; + word-wrap: break-word; +} + +#ul_category li a:hover { + color: black; + background-color: #e9ffdb; +} + +select.multiple { + font-size: 12px; + height: auto; } \ No newline at end of file From 34cf3106d015731150a83192b20d84a439322e9a Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 22 Oct 2016 21:45:41 -0400 Subject: [PATCH 36/88] Update admin_functions --- inc/admin_functions.inc.php | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php index 26e3ee3e..05131fd5 100644 --- a/inc/admin_functions.inc.php +++ b/inc/admin_functions.inc.php @@ -51,13 +51,6 @@ $hesk_settings['possible_ticket_list'] = array( 'time_worked' => $hesklang['ts'], ); -// Also possible to display all custom fields -for ($i = 1; $i <= 20; $i++) { - if ($hesk_settings['custom_fields']['custom' . $i]['use']) { - $hesk_settings['possible_ticket_list']['custom' . $i] = $hesk_settings['custom_fields']['custom' . $i]['name']; - } -} - /*** FUNCTIONS ***/ @@ -393,8 +386,8 @@ function hesk_autoLogin($noredirect = 0) /* Check username */ $result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1"); if (hesk_dbNumRows($result) != 1) { - setcookie('hesk_username', ''); - setcookie('hesk_p', ''); + hesk_setcookie('hesk_username', ''); + hesk_setcookie('hesk_p', ''); header('Location: '.$url); exit(); } @@ -403,8 +396,8 @@ function hesk_autoLogin($noredirect = 0) /* Check password */ if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass'])) { - setcookie('hesk_username', ''); - setcookie('hesk_p', ''); + hesk_setcookie('hesk_username', ''); + hesk_setcookie('hesk_p', ''); header('Location: '.$url); exit(); } @@ -437,8 +430,8 @@ function hesk_autoLogin($noredirect = 0) } /* Renew cookies */ - setcookie('hesk_username', "$user", strtotime('+1 year')); - setcookie('hesk_p', "$hash", strtotime('+1 year')); + hesk_setcookie('hesk_username', "$user", strtotime('+1 year')); + hesk_setcookie('hesk_p', "$hash", strtotime('+1 year')); /* Close any old tickets here so Cron jobs aren't necessary */ if ($hesk_settings['autoclose']) { @@ -646,7 +639,8 @@ function hesk_formatDate($dt, $from_database = true) function hesk_jsString($str) { - $str = str_replace(array('\'', '
    '), array('\\\'', ''), $str); + $str = addslashes($str); + $str = str_replace('
    ' , '' , $str); $from = array("/\r\n|\n|\r/", '/\([^\<]*)\<\/a\>/i', '/\([^\<]*)\<\/a\>/i'); $to = array("\\r\\n' + \r\n'", "$1", "$1"); return preg_replace($from, $to, $str); From 76ea4caaa93c232593e701bd76b041ed1a039b1a Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 22 Oct 2016 21:58:43 -0400 Subject: [PATCH 37/88] Update common --- inc/common.inc.php | 100 +++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 92 insertions(+), 8 deletions(-) diff --git a/inc/common.inc.php b/inc/common.inc.php index 3cac75b8..12739df6 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -38,7 +38,12 @@ if (!defined('IN_SCRIPT')) { // Set correct Content-Type header if (!defined('NO_HTTP_HEADER')) { header('Content-Type: text/html; charset=utf-8'); - header('X-Frame-Options: SAMEORIGIN'); + + // Don't allow HESK to be loaded in a frame on third party domains + if ($hesk_settings['x_frame_opt']) + { + header('X-Frame-Options: SAMEORIGIN'); + } } // Set backslash options @@ -56,12 +61,47 @@ if (!defined('ENT_XHTML')) { define('ENT_XHTML', 0); } +// Is this is a SSL connection? +if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') { + define('HESK_SSL', true); + + // Use https-only cookies + @ini_set('session.cookie_secure', 1); +} else { + // Force redirect? + if ($hesk_settings['force_ssl']) { + header('HTTP/1.1 301 Moved Permanently'); + header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); + exit(); + } + + define('HESK_SSL', false); +} + +// Prevents javascript XSS attacks aimed to steal the session ID +@ini_set('session.cookie_httponly', 1); + +// **PREVENTING SESSION FIXATION** +// Session ID cannot be passed through URLs +@ini_set('session.use_only_cookies', 1); + + // Load language file hesk_getLanguage(); /*** FUNCTIONS ***/ +function hesk_setcookie($name, $value, $expire=0, $path=""){ + if (HESK_SSL) { + setcookie($name, $value, $expire, $path, "", true, true); + } else { + setcookie($name, $value, $expire, $path, "", false, true); + } + + return true; +} // END hesk_setcookie() + function hesk_service_message($sm) { $faIcon = $sm['icon']; @@ -145,6 +185,11 @@ function hesk_clean_utf8($in) function hesk_load_database_functions() { + // Already loaded? + if (function_exists('hesk_dbQuery')) { + return true; + } + // Preferrably use the MySQLi functions if (function_exists('mysqli_connect')) { require(HESK_PATH . 'inc/database_mysqli.inc.php'); @@ -204,7 +249,11 @@ function hesk_utf8_urldecode($in) function hesk_SESSION($in, $default = '') { - return isset($_SESSION[$in]) && ! is_array($_SESSION[$in]) ? $_SESSION[$in] : $default; + if (is_array($in)) { + return isset($_SESSION[$in[0]][$in[1]]) && ! is_array(isset($_SESSION[$in[0]][$in[1]])) ? $_SESSION[$in[0]][$in[1]] : $default; + } else { + return isset($_SESSION[$in]) && ! is_array($_SESSION[$in]) ? $_SESSION[$in] : $default; + } } // END hesk_SESSION(); @@ -327,7 +376,7 @@ function hesk_verifyEmailMatch($trackingID, $my_email = 0, $ticket_email = 0, $e /* Email doesn't match, clean cookies and error out */ if ($error) { - setcookie('hesk_myemail', ''); + hesk_setcookie('hesk_myemail', ''); hesk_process_messages($hesklang['enmdb'], 'ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999)); } else { return false; @@ -1105,7 +1154,7 @@ function hesk_getLanguage() } /* Remember and set the selected language */ - setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/'); + hesk_setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/'); return hesk_returnLanguage(); } // END hesk_getLanguage() @@ -1113,10 +1162,45 @@ function hesk_getLanguage() function hesk_returnLanguage() { global $hesk_settings, $hesklang; - require(HESK_PATH . 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/text.php'); - $customLanguagePath = HESK_PATH . 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/custom-text.php'; - if (file_exists($customLanguagePath)) { - include($customLanguagePath); + // Variable that will be set to true if a language file was loaded + $language_loaded = false; + + // Load requested language file + $language_file = HESK_PATH . 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/text.php'; + if (file_exists($language_file)) { + require($language_file); + $language_loaded = true; + } + + // Requested language file not found, try to load default installed language + if (!$language_loaded && $hesk_settings['language'] != HESK_DEFAULT_LANGUAGE) { + $language_file = HESK_PATH . 'language/' . $hesk_settings['languages'][HESK_DEFAULT_LANGUAGE]['folder'] . '/text.php'; + if (file_exists($language_file)) { + require($language_file); + $language_loaded = true; + $hesk_settings['language'] = HESK_DEFAULT_LANGUAGE; + } + } + + // Requested language file not found, can we at least load English? + if (!$language_loaded && $hesk_settings['language'] != 'English' && HESK_DEFAULT_LANGUAGE != 'English') { + $language_file = HESK_PATH . 'language/en/text.php'; + if (file_exists($language_file)) { + require($language_file); + $language_loaded = true; + $hesk_settings['language'] = 'English'; + } + } + + // If a language is still not loaded, give up + if (!$language_loaded) { + die('Count not load a valid language file.'); + } + + // Load a custom text file if available + $language_file = HESK_PATH . 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/custom-text.php'; + if (file_exists($language_file)) { + require($language_file); } return true; } // END hesk_returnLanguage() From 007feed56cfb149d6cc7a6377d9712511edb51d8 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 23 Oct 2016 21:45:52 -0400 Subject: [PATCH 38/88] Update email_functions --- inc/email_functions.inc.php | 36 ++++++++++++++++++++++++++---------- 1 file changed, 26 insertions(+), 10 deletions(-) diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php index 4bb14dc4..7363645e 100644 --- a/inc/email_functions.inc.php +++ b/inc/email_functions.inc.php @@ -33,6 +33,9 @@ if (!defined('IN_SCRIPT')) { die('Invalid attempt'); } +// Make sure custom fields are loaded +require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + /* Get includes for SMTP */ if ($hesk_settings['smtp']) { require(HESK_PATH . 'inc/mail/smtp.php'); @@ -63,7 +66,9 @@ function hesk_notifyCustomerForVerifyEmail($email_template = 'verify_email', $ac // Add Cc / Bcc recipents if needed $ccEmails = array(); $bccEmails = array(); - foreach ($hesk_settings['custom_fields'] as $k => $v) { + + //TODO Update the email custom field to handle this properly + /*foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use']) { if ($v['type'] == 'email' && !empty($ticket[$k])) { if ($v['value'] == 'cc') { @@ -75,7 +80,7 @@ function hesk_notifyCustomerForVerifyEmail($email_template = 'verify_email', $ac } } } - } + }*/ hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage); } @@ -106,7 +111,9 @@ function hesk_notifyCustomer($modsForHesk_settings, $email_template = 'new_ticke // Add Cc / Bcc recipents if needed $ccEmails = array(); $bccEmails = array(); - foreach ($hesk_settings['custom_fields'] as $k => $v) { + + //TODO Update the email custom field to handle this properly + /*foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use']) { if ($v['type'] == 'email' && !empty($ticket[$k])) { if ($v['value'] == 'cc') { @@ -116,7 +123,7 @@ function hesk_notifyCustomer($modsForHesk_settings, $email_template = 'new_ticke } } } - } + }*/ // Send e-mail hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage); @@ -846,15 +853,24 @@ function hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message $msg = str_replace('%%ID%%', $ticket['id'], $msg); /* All custom fields */ - foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use']) { - if ($v['type'] == 'checkbox') { - $ticket[$k] = str_replace("
    ", "\n", $ticket[$k]); + for ($i=1; $i<=50; $i++) { + $k = 'custom'.$i; + + if (isset($hesk_settings['custom_fields'][$k])) { + $v = $hesk_settings['custom_fields'][$k]; + + switch ($v['type']) { + case 'checkbox': + $ticket[$k] = str_replace("
    ","\n",$ticket[$k]); + break; + case 'date': + $ticket[$k] = hesk_custom_date_display_format($ticket[$k], $v['value']['date_format']); + break; } - $msg = str_replace('%%' . strtoupper($k) . '%%', stripslashes($ticket[$k]), $msg); + $msg = str_replace('%%'.strtoupper($k).'%%',stripslashes($ticket[$k]),$msg); } else { - $msg = str_replace('%%' . strtoupper($k) . '%%', '', $msg); + $msg = str_replace('%%'.strtoupper($k).'%%','',$msg); } } From bb2d69ca0181eb99b0ebe35d3aa83a1d27cd0373 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 23 Oct 2016 21:58:34 -0400 Subject: [PATCH 39/88] Update header --- inc/header.inc.php | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/inc/header.inc.php b/inc/header.inc.php index 1d03dd02..efc1f34e 100644 --- a/inc/header.inc.php +++ b/inc/header.inc.php @@ -241,6 +241,50 @@ if (is_dir(HESK_PATH . 'install')) { echo ''; } + // Auto reload + if (defined('AUTO_RELOAD') && hesk_checkPermission('can_view_tickets',0) && ! isset($_SESSION['hide']['ticket_list'])) { + ?> + + From 5e2239a017ff62181e0ac549a7d4492b9b30b992 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 23 Oct 2016 22:00:12 -0400 Subject: [PATCH 40/88] Remove LIMIT 1 fro madmin_functions --- inc/admin_functions.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php index 05131fd5..329d7d4c 100644 --- a/inc/admin_functions.inc.php +++ b/inc/admin_functions.inc.php @@ -249,7 +249,7 @@ function hesk_mergeTickets($merge_these, $merge_into) } /* Update history (log) and merged IDs of target ticket */ - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET $replies_sql `time_worked`=ADDTIME(`time_worked`, '" . hesk_dbEscape($sec_worked) . "'), `merged`=CONCAT(`merged`,'" . hesk_dbEscape($merged . '#') . "'), `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `id`='" . intval($merge_into) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET $replies_sql `time_worked`=ADDTIME(`time_worked`, '" . hesk_dbEscape($sec_worked) . "'), `merged`=CONCAT(`merged`,'" . hesk_dbEscape($merged . '#') . "'), `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `id`='" . intval($merge_into) . "'"); return true; From fb0503b89b421dc5f8da00155ddf5b3a8fcfb2c9 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 23 Oct 2016 22:01:37 -0400 Subject: [PATCH 41/88] Update pipe_functions --- inc/pipe_functions.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inc/pipe_functions.inc.php b/inc/pipe_functions.inc.php index 8307cd68..ab7f2aba 100755 --- a/inc/pipe_functions.inc.php +++ b/inc/pipe_functions.inc.php @@ -227,7 +227,7 @@ function hesk_email2ticket($results, $pop3 = 0, $set_category = 1, $set_priority $ticket['status'] = $ticket['status'] ? $waiting_reply_rs['id'] : $new_status['id']; // Update ticket as necessary - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `lastchange`=NOW(),`status`='{$ticket['status']}',`replies`=`replies`+1,`lastreplier`='0' WHERE `id`='" . intval($ticket['id']) . "' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `lastchange`=NOW(),`status`='{$ticket['status']}',`replies`=`replies`+1,`lastreplier`='0' WHERE `id`='" . intval($ticket['id']) . "'"); // If customer replied, we assume staff replies have been read (no way to be sure if ticket.php hasn't been opened) hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `read` = '1' WHERE `replyto` = '" . intval($ticket['id']) . "' AND `staffid` != '0' "); @@ -475,7 +475,7 @@ function hesk_isEmailLoop($email, $message_hash) } // Update DB entry - hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` SET `hits` = `hits` + 1, `message_hash` = '" . hesk_dbEscape($message_hash) . "' WHERE `email` LIKE '{$email_like}' LIMIT 1"); + hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` SET `hits` = `hits` + 1, `message_hash` = '" . hesk_dbEscape($message_hash) . "' WHERE `email` LIKE '{$email_like}'"); } else { // First instance, insert a new database row hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` (`email`, `message_hash`) VALUES ('" . hesk_dbEscape($email) . "', '" . hesk_dbEscape($message_hash) . "')"); From 7f0a1628aa57f4f39a046842403eb4ad11ea0b7a Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 24 Oct 2016 13:33:34 -0400 Subject: [PATCH 42/88] Update posting_functions --- inc/posting_functions.inc.php | 66 ++++++++++++----------------------- 1 file changed, 22 insertions(+), 44 deletions(-) diff --git a/inc/posting_functions.inc.php b/inc/posting_functions.inc.php index be7843e6..adf18065 100644 --- a/inc/posting_functions.inc.php +++ b/inc/posting_functions.inc.php @@ -39,6 +39,12 @@ function hesk_newTicket($ticket, $isVerified = true) { global $hesk_settings, $hesklang, $hesk_db_link; + // Generate a subject if necessary + if (strlen($ticket['subject']) < 1) + { + $ticket['subject'] = sprintf($hesklang['default_subject'], $ticket['name']); + } + // If language is not set or default, set it to NULL. if (!isset($ticket['language']) || empty($ticket['language'])) { $language = (!$hesk_settings['can_sel_lang']) ? HESK_DEFAULT_LANGUAGE : hesk_dbEscape($hesklang['LANGUAGE']); @@ -59,6 +65,16 @@ function hesk_newTicket($ticket, $isVerified = true) $due_date = "'" . hesk_dbEscape($ticket['due_date']) . "'"; } + // Prepare SQL for custom fields + $custom_where = ''; + $custom_what = ''; + + for ($i=1; $i<=50; $i++) + { + $custom_where .= ", `custom{$i}`"; + $custom_what .= ", '" . (isset($ticket['custom'.$i]) ? hesk_dbEscape($ticket['custom'.$i]) : '') . "'"; + } + // Insert ticket into database hesk_dbQuery(" INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . $tableName . "` @@ -79,27 +95,6 @@ function hesk_newTicket($ticket, $isVerified = true) `owner`, `attachments`, `merged`, - `history`, - `custom1`, - `custom2`, - `custom3`, - `custom4`, - `custom5`, - `custom6`, - `custom7`, - `custom8`, - `custom9`, - `custom10`, - `custom11`, - `custom12`, - `custom13`, - `custom14`, - `custom15`, - `custom16`, - `custom17`, - `custom18`, - `custom19`, - `custom20`, `status`, `latitude`, `longitude`, @@ -107,7 +102,9 @@ function hesk_newTicket($ticket, $isVerified = true) `user_agent`, `screen_resolution_height`, `screen_resolution_width`, - `due_date` + `due_date`, + `history` + {$custom_where} ) VALUES ( @@ -127,27 +124,6 @@ function hesk_newTicket($ticket, $isVerified = true) '" . intval($ticket['owner']) . "', '" . hesk_dbEscape($ticket['attachments']) . "', '', - '" . hesk_dbEscape($ticket['history']) . "', - '" . hesk_dbEscape($ticket['custom1']) . "', - '" . hesk_dbEscape($ticket['custom2']) . "', - '" . hesk_dbEscape($ticket['custom3']) . "', - '" . hesk_dbEscape($ticket['custom4']) . "', - '" . hesk_dbEscape($ticket['custom5']) . "', - '" . hesk_dbEscape($ticket['custom6']) . "', - '" . hesk_dbEscape($ticket['custom7']) . "', - '" . hesk_dbEscape($ticket['custom8']) . "', - '" . hesk_dbEscape($ticket['custom9']) . "', - '" . hesk_dbEscape($ticket['custom10']) . "', - '" . hesk_dbEscape($ticket['custom11']) . "', - '" . hesk_dbEscape($ticket['custom12']) . "', - '" . hesk_dbEscape($ticket['custom13']) . "', - '" . hesk_dbEscape($ticket['custom14']) . "', - '" . hesk_dbEscape($ticket['custom15']) . "', - '" . hesk_dbEscape($ticket['custom16']) . "', - '" . hesk_dbEscape($ticket['custom17']) . "', - '" . hesk_dbEscape($ticket['custom18']) . "', - '" . hesk_dbEscape($ticket['custom19']) . "', - '" . hesk_dbEscape($ticket['custom20']) . "', '" . intval($ticket['status']) . "', '" . hesk_dbEscape($ticket['latitude']) . "', '" . hesk_dbEscape($ticket['longitude']) . "', @@ -155,7 +131,9 @@ function hesk_newTicket($ticket, $isVerified = true) '" . hesk_dbEscape($ticket['user_agent']) . "', " . hesk_dbEscape($ticket['screen_resolution_height']) . ", " . hesk_dbEscape($ticket['screen_resolution_width']) . ", - {$due_date} + {$due_date}, + '" . hesk_dbEscape($ticket['history']) . "' + {$custom_what} ) "); From f54e02fd14519de1e3213013a47bc4c2e20ca048 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 24 Oct 2016 13:35:55 -0400 Subject: [PATCH 43/88] Update print_tickets --- inc/print_tickets.inc.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/inc/print_tickets.inc.php b/inc/print_tickets.inc.php index 38c9656a..c326d470 100644 --- a/inc/print_tickets.inc.php +++ b/inc/print_tickets.inc.php @@ -33,6 +33,9 @@ if (!defined('IN_SCRIPT')) { die('Invalid attempt'); } +// Load custom fields +require_once(HESK_PATH . 'inc/custom_fields.inc.php'); + // This SQL code will be used to retrieve results $sql_final = "SELECT `id`, From 4ec37a5079351163f5dec7f70d3bdba1f7a93ef4 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 24 Oct 2016 15:20:16 -0400 Subject: [PATCH 44/88] Update profile_functions --- inc/profile_functions.inc.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/inc/profile_functions.inc.php b/inc/profile_functions.inc.php index 9b489263..1fefd2a9 100644 --- a/inc/profile_functions.inc.php +++ b/inc/profile_functions.inc.php @@ -98,6 +98,7 @@ function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $acti
    = 60 && $reload_time % 60 == 0) { + $reload_time = $reload_time / 60; + $sec = ''; + $min = 'selected'; + } else { + $sec = 'selected'; + $min = ''; + } + } ?> + + +
    ' . $hesklang['view_your_ticket'] . '' ); } else { From 3a690ace8e1f58e126d796030f76309d95d23771 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 25 Oct 2016 13:11:41 -0400 Subject: [PATCH 48/88] Update suggest_email --- suggest_email.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/suggest_email.php b/suggest_email.php index ad7cb6c2..f3fa5806 100644 --- a/suggest_email.php +++ b/suggest_email.php @@ -48,10 +48,13 @@ header("Pragma: no-cache"); // Get the search query composed of the subject and message $address = hesk_REQUEST('e') or die(''); +$email_field = hesk_REQUEST('ef') or die(''); +$display_div = hesk_REQUEST('dd') or die(''); +$pad_div = hesk_REQUEST('pd') ? 1 : 0; $div = 1; // Do we allow multiple emails? If yes, check all -if ($hesk_settings['multi_eml']) { +if ($hesk_settings['multi_eml'] || hesk_REQUEST('am')) { // Make sure the format is correct $address = preg_replace('/\s/', '', $address); $address = str_replace(';', ',', $address); @@ -75,9 +78,9 @@ exit(); function hesk_emailTypoShow($address, $suggest, $div = '') { - global $hesk_settings, $hesklang; + global $hesk_settings, $hesklang, $email_field, $display_div, $pad_div; ?> -
    +
    @@ -85,10 +88,8 @@ function hesk_emailTypoShow($address, $suggest, $div = '')
    ', $suggest . '')); ?>

    - - + +
    From 3fe649d14b78c3602081d643cf509e93d21f65f0 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 26 Oct 2016 13:10:23 -0400 Subject: [PATCH 49/88] Changes --- admin/new_ticket.php | 2 +- inc/ticket_list.inc.php | 42 +- index.php | 934 +++++++++++++++++++--------------------- 3 files changed, 453 insertions(+), 525 deletions(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index d818c168..707369f5 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -286,7 +286,7 @@ $show_quick_help = $show['show']; } else if (isset($_GET['email'])) { echo hesk_GET('email'); } ?>" placeholder="" onkeyup="disableIfEmpty('email','notify-email')"> diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php index 2d51790f..59e27218 100644 --- a/inc/ticket_list.inc.php +++ b/inc/ticket_list.inc.php @@ -27,7 +27,6 @@ * a license please visit the page below: * https://www.hesk.com/buy.php *******************************************************************************/ -define('MINIMUM_REFRESH_THRESHOLD_IN_SECONDS', 1); /* Check if this is a valid include */ if (!defined('IN_SCRIPT')) { die('Invalid attempt'); @@ -106,15 +105,7 @@ if ($total > 0) { $next_page = ($page + 1 > $pages) ? 0 : $page + 1; $autorefreshInSeconds = $_SESSION['autorefresh'] / 1000; $autorefresh = ''; - if ($autorefreshInSeconds >= MINIMUM_REFRESH_THRESHOLD_IN_SECONDS) { - $autorefresh = ' | ' . $hesklang['autorefresh'] . ' ' . $autorefreshInSeconds . ' ' . $hesklang['abbr']['second']; - ?> - - '; if ($pages > 1) { @@ -403,14 +394,11 @@ if ($total > 0) { // Print custom fields foreach ($hesk_settings['custom_fields'] as $key => $value) { if ($value['use'] && hesk_show_column($key)) { - echo ''; + echo ''; } } @@ -439,8 +427,13 @@ if ($total > 0) { - + + @@ -478,17 +471,6 @@ else { echo '
    '; $autorefreshInSeconds = $_SESSION['autorefresh'] / 1000; - if ($autorefreshInSeconds >= MINIMUM_REFRESH_THRESHOLD_IN_SECONDS) { - echo $hesklang['autorefresh'] . ' ' . $autorefreshInSeconds . ' ' . $hesklang['abbr']['second']; - ?> - - + +
     
    '; - if ($value['type'] == 'date' && !empty($ticket[$key])) { - $dt = date('Y-m-d h:i:s', $ticket[$key]); - echo hesk_dateToString($dt, 0); - } else { - echo $ticket[$key]; - } - echo ''. + ($value['type'] == 'date' + ? hesk_custom_date_display_format($ticket[$key], $value['value']['date_format']) + : $ticket[$key]). + '
    + + + + + +
    + + + + + +
    > + > +
    + + + + +  
    + + + +
    + +

    + +
    + $hesk_settings['cat_show_select']) + { + ?> +
    + + +  
    + +
    + + +
    +
    + + + +
    +
    + +

     

    + + $v) { - if ($v['use'] && isset($_REQUEST[$k])) { + if ($v['use']==1 && isset($_REQUEST[$k])) { $_SESSION['c_' . $k] = $_REQUEST[$k]; } } @@ -131,10 +230,6 @@ function print_add_ticket() $_SESSION['isnotice'] = array(); } - if (!isset($_SESSION['c_category']) && !$hesk_settings['select_cat']) { - $_SESSION['c_category'] = 0; - } - hesk_cleanSessionVars('already_submitted'); // Tell header to load reCaptcha API if needed @@ -143,6 +238,29 @@ function print_add_ticket() } define('PAGE_TITLE', 'CUSTOMER_TICKET'); + + // Get categories + $hesk_settings['categories'] = array(); + $res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `type`='0' ORDER BY `cat_order` ASC"); + while ($row=hesk_dbFetchAssoc($res)) { + $hesk_settings['categories'][$row['id']] = $row['name']; + } + + $number_of_categories = count($hesk_settings['categories']); + + if ($number_of_categories == 0) { + $category = 1; + } elseif ($number_of_categories == 1) { + $category = current(array_keys($hesk_settings['categories'])); + } else { + $category = isset($_GET['catid']) ? hesk_REQUEST('catid'): hesk_REQUEST('category'); + + // Force the customer to select a category? + if (!isset($hesk_settings['categories'][$category])) { + return print_select_category($number_of_categories); + } + } + // Print header $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['submit_ticket']; require_once(HESK_PATH . 'inc/header.inc.php'); @@ -151,7 +269,16 @@ function print_add_ticket()
      3. -
      4. + 1) { ?> +
    4. + + + +
      5. +
      6. + +
      7. +
    @@ -199,8 +326,8 @@ function print_add_ticket() enctype="multipart/form-data" >
    - +
    - +
    placeholder="" data-error="" required> @@ -237,8 +364,8 @@ function print_add_ticket() if ($hesk_settings['confirm_email']) { ?>
    - +
    - + 2 ORDER BY `" . $orderBy . "` ASC"); - - if (hesk_dbNumRows($res) == 1) { - // Only 1 public category, no need for a select box - $row = hesk_dbFetchAssoc($res); - echo ''; - } elseif (hesk_dbNumRows($res) < 1) { - // No public categories, set it to default one - echo ''; - } else { - ?> -
    - - -
    - - -
    -
    -
    - $v) { - - if ($v['use'] && $v['place'] == 0) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } + foreach ($hesk_settings['custom_fields'] as $k=>$v) + { + if ($v['use']==1 && $v['place']==0 && hesk_is_custom_field_in_category($k, $category) ) + { - $required = $v['req'] ? 'required' : ''; $v['req'] = $v['req'] ? '*' : ''; - if ($v['type'] == 'checkbox' || $v['type'] == 'multiselect') { + if ($v['type'] == 'checkbox') + { $k_value = array(); - if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) { - foreach ($_SESSION["c_$k"] as $myCB) { + if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) + { + foreach ($_SESSION["c_$k"] as $myCB) + { $k_value[] = stripslashes(hesk_input($myCB)); } } - } elseif (isset($_SESSION["c_$k"])) { - $k_value = stripslashes(hesk_input($_SESSION["c_$k"])); - } else { - $k_value = ''; + } + elseif (isset($_SESSION["c_$k"])) + { + $k_value = stripslashes(hesk_input($_SESSION["c_$k"])); + } + else + { + $k_value = ''; } - switch ($v['type']) { + switch ($v['type']) + { /* Radio box */ case 'radio': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - echo '
    '; - - $options = explode('#HESK#', $v['value']); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + '; - foreach ($options as $option) { + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - if (strlen($k_value) == 0 || $k_value == $option) { + foreach ($v['value']['radio_options'] as $option) + { + if (strlen($k_value) == 0 || $k_value == $option) + { $k_value = $option; $checked = 'checked="checked"'; - } else { + } + else + { $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; - echo '
    '; + echo ' + + '; break; /* Select drop-down box */ case 'select': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    -
    '; // Show "Click to select"? - $v['value'] = str_replace('{HESK_SELECT}', '', $v['value'], $num); - if ($num) { - echo ''; + if ( ! empty($v['value']['show_select'])) + { + echo ''; } - $options = explode('#HESK#', $v['value']); - - foreach ($options as $option) { - - if ($k_value == $option) { + foreach ($v['value']['select_options'] as $option) + { + if ($k_value == $option) + { $k_value = $option; $selected = 'selected="selected"'; - } else { + } + else + { $selected = ''; } - echo ''; + echo ''; } - echo '
    '; + echo ' + + '; break; /* Checkbox */ case 'checkbox': - $validator = $required == 'required' ? 'data-checkbox="' . $k . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - echo '
    '; - - $options = explode('#HESK#', $v['value']); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + '; - foreach ($options as $option) { + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - if (in_array($option, $k_value)) { + foreach ($v['value']['checkbox_options'] as $option) + { + if (in_array($option,$k_value)) + { $checked = 'checked="checked"'; - } else { + } + else + { $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; + + echo ' + + '; break; /* Large text box */ case 'textarea': - $errorText = $required == 'required' ? 'data-error="' . htmlspecialchars($hesklang['this_field_is_required']) . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - $size = explode('#', $v['value']); - $size[0] = empty($size[0]) ? 5 : intval($size[0]); - $size[1] = empty($size[1]) ? 30 : intval($size[1]); + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    -
    -
    '; - break; - - case 'multiselect': - $validator = $required == 'required' ? 'data-multiselect="' . $k . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    -
    -
    - - -
    - -
    '; + echo ' + + '.$v['name:'].' '.$v['req'].' + + + '; break; + // Date case 'date': - //Clean up multiple dashes or whitespaces - $errorText = $required == 'required' ? 'data-error="'.htmlspecialchars($hesklang['this_field_is_required']).'"' : ''; - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' isError ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' -
    - -
    - - ' . $hesklang['date_format'] . ' -
    -
    '; + + '.$v['name:'].' '.$v['req'].' + + + '; break; + // Email case 'email': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - if ($v['value'] == 'cc' || $v['value'] == 'bcc') { - // (b)cc isn't a valid email but is the "value" used by settings. Just remove it. - $v['value'] = ''; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    - -
    -
    -
    -
    '; + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 0'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + +
    + + + '; break; + // Hidden case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo ''; - - break; - - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; + if (strlen($k_value) != 0) + { + $v['value']['hidden_default_value'] = $k_value; } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    '; - + $hidden_cf_buffer .= ''; break; /* Default text input */ default: - $errorText = $required == 'required' ? 'data-error="' . htmlspecialchars($hesklang['this_field_is_required']) . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) + { + $v['value']['default_value'] = $k_value; } - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    - -
    -
    -
    -
    '; + echo ' + + '.$v['name:'].' '.$v['req'].' + + + '; } } } @@ -617,33 +626,44 @@ function print_add_ticket() ?> -
    -
    -
    -
    - -
    - + +
    +
    +
    +
    + + +
    + -
    - placeholder="" - data-error="" required> +
    + placeholder="" + data-error="" + required> -
    -
    -
    -
    - -
    +
    +
    +
    + +
    + +
    -
    - - - -
    -
    +
    + + + +
    +
    + $v) { - - if ($v['use'] && $v['place']) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - - $required = $v['req'] ? 'required' : ''; + foreach ($hesk_settings['custom_fields'] as $k=>$v) + { + if ($v['use']==1 && $v['place']==1 && hesk_is_custom_field_in_category($k, $category) ) + { $v['req'] = $v['req'] ? '*' : ''; - if ($v['type'] == 'checkbox' || $v['type'] == 'multiselect') { + if ($v['type'] == 'checkbox') + { $k_value = array(); - if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) { - foreach ($_SESSION["c_$k"] as $myCB) { + if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) + { + foreach ($_SESSION["c_$k"] as $myCB) + { $k_value[] = stripslashes(hesk_input($myCB)); } } - } elseif (isset($_SESSION["c_$k"])) { - $k_value = stripslashes(hesk_input($_SESSION["c_$k"])); - } else { - $k_value = ''; + } + elseif (isset($_SESSION["c_$k"])) + { + $k_value = stripslashes(hesk_input($_SESSION["c_$k"])); + } + else + { + $k_value = ''; } - switch ($v['type']) { + switch ($v['type']) + { /* Radio box */ case 'radio': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - echo '
    '; - - $options = explode('#HESK#', $v['value']); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + '; - foreach ($options as $option) { + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - if (strlen($k_value) == 0 || $k_value == $option) { + foreach ($v['value']['radio_options'] as $option) + { + if (strlen($k_value) == 0 || $k_value == $option) + { $k_value = $option; $checked = 'checked="checked"'; - } else { + } + else + { $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; + echo ' + + '; break; /* Select drop-down box */ case 'select': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    -
    '; // Show "Click to select"? - $v['value'] = str_replace('{HESK_SELECT}', '', $v['value'], $num); - if ($num) { - echo ''; + if ( ! empty($v['value']['show_select'])) + { + echo ''; } - - $options = explode('#HESK#', $v['value']); - - foreach ($options as $option) { - - if ($k_value == $option) { + foreach ($v['value']['select_options'] as $option) + { + if ($k_value == $option) + { $k_value = $option; $selected = 'selected="selected"'; - } else { + } + else + { $selected = ''; } - echo ''; + echo ''; } - echo '
    '; + echo ' + + '; break; /* Checkbox */ case 'checkbox': - $validator = $required == 'required' ? 'data-checkbox="' . $k . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - echo '
    '; - - $options = explode('#HESK#', $v['value']); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + '; - foreach ($options as $option) { + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - if (in_array($option, $k_value)) { + foreach ($v['value']['checkbox_options'] as $option) + { + if (in_array($option,$k_value)) + { $checked = 'checked="checked"'; - } else { + } + else + { $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; + + echo ' + + '; break; /* Large text box */ case 'textarea': - $errorText = $required == 'required' ? 'data-error="' . htmlspecialchars($hesklang['this_field_is_required']) . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - $size = explode('#', $v['value']); - $size[0] = empty($size[0]) ? 5 : intval($size[0]); - $size[1] = empty($size[1]) ? 30 : intval($size[1]); - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    -
    '; - break; - - case 'multiselect': - $validator = $required == 'required' ? 'data-multiselect="' . $k . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    -
    -
    - - -
    - -
    '; + echo ' + + '.$v['name:'].' '.$v['req'].' + + + '; break; + // Date case 'date': - $errorText = $required == 'required' ? 'data-error="'.htmlspecialchars($hesklang['this_field_is_required']).'"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' isError ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' -
    - -
    - - ' . $hesklang['date_format'] . ' - -
    -
    '; + + '.$v['name:'].' '.$v['req'].' + + + '; break; + // Email case 'email': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - if ($v['value'] == 'cc' || $v['value'] == 'bcc') { - // (b)cc isn't a valid email but is the "value" used by settings. Just remove it. - $v['value'] = ''; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    -
    '; + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 0'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + echo ' + + '.$v['name:'].' '.$v['req'].' + +
    + + + '; break; + // Hidden case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo ''; - - break; - - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    '; - + $hidden_cf_buffer .= ''; break; /* Default text input */ default: - $errorText = $required == 'required' ? 'data-error="' . htmlspecialchars($hesklang['this_field_is_required']) . '"' : ''; - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) + { + $v['value']['default_value'] = $k_value; } - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - echo '
    - -
    -
    -
    '; + echo ' + + '.$v['name:'].' '.$v['req'].' + + + '; } } } @@ -1164,8 +1106,12 @@ function print_add_ticket() + $v) { - if ($v['use'] && $v['place'] == 0) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - + if ($v['use'] == 1 && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $ticket['category'])) { echo '

    ' . $v['name'] . ': '; - if ($v['type'] == 'date' && !empty($ticket[$k])) { - $dt = date('Y-m-d h:i:s', $ticket[$k]); - echo hesk_dateToString($dt, 0); - } else { - echo $ticket[$k]; + switch ($v['type']) + { + case 'email': + $ticket[$k] = ''.$ticket[$k].''; + break; + case 'date': + $ticket[$k] = hesk_custom_date_display_format($ticket[$k], $v['value']['date_format']); + break; } - echo '

    '; + echo $ticket[$k].'

    '; } } ?>
    - -

    :

    + + +

    :

    -
    - -
    +
    + +
    +
    $v) { - if ($v['use'] && $v['place']) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - + if ($v['use'] == 1 && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { echo '

    ' . $v['name'] . ': '; - if ($v['type'] == 'date' && !empty($ticket[$k])) { - $dt = date('Y-m-d h:i:s', $ticket[$k]); - echo hesk_dateToString($dt, 0); - } else { - echo $ticket[$k]; + switch ($v['type']) + { + case 'email': + $ticket[$k] = ''.$ticket[$k].''; + break; + case 'date': + $ticket[$k] = hesk_custom_date_display_format($ticket[$k], $v['value']['date_format']); + break; } - echo '

    '; + echo $ticket[$k].'

    '; } } /* Attachments */ From 4910e25b0a1de103b103189072c10e25e8f89445 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 26 Oct 2016 13:24:11 -0400 Subject: [PATCH 51/88] Update settings --- admin/admin_settings.php | 2 +- admin/admin_settings_save.php | 15 ++++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 0bbb5655..7967ca47 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -3832,7 +3832,7 @@ $modsForHesk_settings = mfh_getSettings(); } /* Check if language file is for current version */ - if (strpos($tmp, '$hesklang[\'imap\']') === false) { + if (strpos($tmp, '$hesklang[\'rcheck\']') === false) { $err .= " |----> WRONG VERSION (not " . $hesk_settings['hesk_version'] . ")\n"; } diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index deeec071..cb0eb469 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -258,7 +258,7 @@ if ($set['smtp']) { $set['smtp'] = 0; } } else { - $set['smtp_host_name'] = hesk_input(hesk_POST('tmp_smtp_host_name', 'mail.domain.com')); + $set['smtp_host_name'] = hesk_input(hesk_POST('tmp_smtp_host_name', 'mail.example.com')); $set['smtp_host_port'] = intval(hesk_POST('tmp_smtp_host_port', 25)); $set['smtp_timeout'] = intval(hesk_POST('tmp_smtp_timeout', 10)); $set['smtp_ssl'] = empty($_POST['tmp_smtp_ssl']) ? 0 : 1; @@ -291,7 +291,7 @@ if ($set['pop3']) { } } else { $set['pop3_job_wait'] = intval(hesk_POST('s_pop3_job_wait', 15)); - $set['pop3_host_name'] = hesk_input(hesk_POST('tmp_pop3_host_name', 'mail.domain.com')); + $set['pop3_host_name'] = hesk_input(hesk_POST('tmp_pop3_host_name', 'mail.example.com')); $set['pop3_host_port'] = intval(hesk_POST('tmp_pop3_host_port', 110)); $set['pop3_tls'] = empty($_POST['tmp_pop3_tls']) ? 0 : 1; $set['pop3_keep'] = empty($_POST['tmp_pop3_keep']) ? 0 : 1; @@ -316,10 +316,10 @@ if ($set['imap']) { } } else { $set['imap_job_wait'] = intval( hesk_POST('s_imap_job_wait', 15) ); - $set['imap_host_name'] = hesk_input( hesk_POST('tmp_imap_host_name', 'mail.domain.com') ); + $set['imap_host_name'] = hesk_input( hesk_POST('tmp_imap_host_name', 'mail.example.com') ); $set['imap_host_port'] = intval( hesk_POST('tmp_imap_host_port', 110) ); - $set['imap_enc'] = hesk_POST('s_imap_enc'); - $set['imap_enc'] = ($set['tmp_imap_enc'] == 'ssl' || $set['tmp_imap_enc'] == 'tls') ? $set['tmp_imap_enc'] : ''; + $set['imap_enc'] = hesk_POST('tmp_imap_enc'); + $set['imap_enc'] = ($set['imap_enc'] == 'ssl' || $set['imap_enc'] == 'tls') ? $set['imap_enc'] : ''; $set['imap_keep'] = empty($_POST['tmp_imap_keep']) ? 0 : 1; $set['imap_user'] = hesk_input( hesk_POST('tmp_imap_user') ); $set['imap_password'] = hesk_input( hesk_POST('tmp_imap_password') ); @@ -424,7 +424,8 @@ foreach ($hesk_settings['possible_ticket_list'] as $key => $title) { // We need at least one of these: id, trackid, subject if (!in_array('id', $set['ticket_list']) && !in_array('trackid', $set['ticket_list']) && !in_array('subject', $set['ticket_list'])) { - $set['ticket_list'][] = 'trackid'; + // None of the required fields are there, add "trackid" as the first one + array_unshift($set['ticket_list'], 'trackid'); } $set['ticket_list'] = count($set['ticket_list']) ? "'" . implode("','", $set['ticket_list']) . "'" : 'trackid'; @@ -838,7 +839,7 @@ function hesk_getLanguagesArray($returnArray = 0) $add = 0; } elseif (!preg_match('/\$hesklang\[\'EMAIL_HR\'\]\=\'(.*)\'\;/', $tmp, $hr)) { $add = 0; - } elseif (!preg_match('/\$hesklang\[\'imap\'\]/', $tmp)) { + } elseif (!preg_match('/\$hesklang\[\'rcheck\'\]/', $tmp)) { $add = 0; } } else { From f883aff9047758baf1ab058644e8a3492be33260 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 26 Oct 2016 13:31:21 -0400 Subject: [PATCH 52/88] Several beta 3 updates --- admin/admin_submit_ticket.php | 4 +- admin/banned_emails.php | 4 +- admin/edit_post.php | 19 +++------- admin/manage_knowledgebase.php | 67 ++++++++++++++++++++++++++++------ 4 files changed, 64 insertions(+), 30 deletions(-) diff --git a/admin/admin_submit_ticket.php b/admin/admin_submit_ticket.php index 23ab2af2..56cce5d4 100644 --- a/admin/admin_submit_ticket.php +++ b/admin/admin_submit_ticket.php @@ -364,9 +364,7 @@ hesk_cleanSessionVars('as_owner'); hesk_cleanSessionVars('as_notify'); hesk_cleanSessionVars('as_show'); foreach ($hesk_settings['custom_fields'] as $k => $v) { - if ($v['use']) { - hesk_cleanSessionVars("as_$k"); - } + hesk_cleanSessionVars("as_$k"); } // If ticket has been assigned to the person submitting it lets show a message saying so diff --git a/admin/banned_emails.php b/admin/banned_emails.php index dd1e8a6c..37107fb5 100644 --- a/admin/banned_emails.php +++ b/admin/banned_emails.php @@ -155,8 +155,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    - john@email.com
    - @domain.com + john@example.com
    + @example.com
    diff --git a/admin/edit_post.php b/admin/edit_post.php index 9385c09c..1b15e20e 100644 --- a/admin/edit_post.php +++ b/admin/edit_post.php @@ -347,7 +347,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0 || $k_value == $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } else { @@ -460,20 +463,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); '; break; - // Hidden + // Hidden (same as text for staff) case 'hidden': - if (strlen($k_value) != 0) { - $v['value']['hidden_default_value'] = $k_value; - } - echo ' - - '.$v['name:'].' '.$v['req'].' - ('.$hesklang['sch'].') - - '; - break; - - /* Default text input */ default: if (strlen($k_value) != 0) { $v['value']['default_value'] = $k_value; diff --git a/admin/manage_knowledgebase.php b/admin/manage_knowledgebase.php index 412af5c6..38dc3a38 100644 --- a/admin/manage_knowledgebase.php +++ b/admin/manage_knowledgebase.php @@ -473,18 +473,33 @@ if (!isset($_SESSION['hide']['new_article']))
    - - + + +
    - - + +
    @@ -670,8 +685,8 @@ function list_draft() { - - + + - -   + +   2) ? 0 : $old_type; + $from = hesk_POST('from'); $subject = hesk_input( hesk_POST('subject') ) or $hesk_error_buffer[] = $hesklang['kb_e_subj']; @@ -1209,7 +1225,7 @@ function save_article() $hesk_error_buffer = $tmp; $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; - hesk_process_messages($hesk_error_buffer,'./manage_knowledgebase.php?a=edit_article&id='.$id); + hesk_process_messages($hesk_error_buffer,'./manage_knowledgebase.php?a=edit_article&id='.$id.'&from='.$from); } /* Add to database */ @@ -1247,7 +1263,20 @@ function save_article() // Update article order update_article_order($catid); - hesk_process_messages($hesklang['your_kb_mod'],'./manage_knowledgebase.php?a=manage_cat&catid='.$catid,'SUCCESS'); + // Redirect to the correct page + switch ($from) { + case 'draft': + $redirect_action = 'a=list_draft'; + break; + case 'private': + $redirect_action = 'a=list_private'; + break; + default: + $redirect_action = 'a=manage_cat&catid='.$catid; + break; + } + + hesk_process_messages($hesklang['your_kb_mod'],'./manage_knowledgebase.php?'.$redirect_action,'SUCCESS'); } // END save_article() @@ -1278,6 +1307,8 @@ function edit_article() $catid = $article['catid']; + $from = hesk_GET('from'); + if (isset($_SESSION['edit_article'])) { $_SESSION['edit_article'] = hesk_stripArray($_SESSION['edit_article']); @@ -2136,6 +2167,7 @@ function remove_article() $article = hesk_dbFetchAssoc($result); $catid = intval($article['catid']); + $from = hesk_GET('from'); $result = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `id`='".intval($id)."'"); @@ -2156,7 +2188,20 @@ function remove_article() hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `articles_draft`=`articles_draft`-1 WHERE `id`='{$catid}'"); } - hesk_process_messages($hesklang['your_kb_deleted'],'./manage_knowledgebase.php?a=manage_cat&catid='.$catid,'SUCCESS'); + // Redirect to the correct page + switch ($from) { + case 'draft': + $redirect_action = 'a=list_draft'; + break; + case 'private': + $redirect_action = 'a=list_private'; + break; + default: + $redirect_action = 'a=manage_cat&catid='.$catid; + break; + } + + hesk_process_messages($hesklang['your_kb_deleted'],'./manage_knowledgebase.php?'.$redirect_action,'SUCCESS'); } // End remove_article() From 9295cf4e142f0e9d9075f9edf9e0c9fe928751a3 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 26 Oct 2016 13:42:42 -0400 Subject: [PATCH 53/88] Rest of b3 updates --- admin/new_ticket.php | 67 ++++---------------------------------------- admin/profile.php | 2 ++ admin/reports.php | 17 ++++++++++- inc/common.inc.php | 9 ++++-- index.php | 23 +++++++++------ language/en/text.php | 3 ++ 6 files changed, 48 insertions(+), 73 deletions(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 707369f5..3b01b7d4 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -344,13 +344,8 @@ $show_quick_help = $show['show'];
    $v) { if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $category)) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - $v['req'] = $v['req']==2 ? '*' : ''; if ($v['type'] == 'checkbox' && !isset($_GET["c_$k"])) { @@ -381,7 +376,10 @@ $show_quick_help = $show['show']; foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0 || $k_value == $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } else { @@ -509,36 +507,9 @@ $show_quick_help = $show['show']; break; + // Hidden and read-only should work the same as text case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value']['hidden_default_value'] = $k_value; - } - $hidden_cf_buffer .= ''; - break; - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    '; - - break; - - /* Default text input */ default: //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); @@ -926,35 +897,7 @@ $show_quick_help = $show['show']; break; case 'hidden': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value']['hidden_default_value'] = $k_value; - } - $hidden_cf_buffer .= ''; - break; - case 'readonly': - //Clean up multiple dashes or whitespaces - $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    - -
    -
    '; - - break; - - /* Default text input */ default: //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); diff --git a/admin/profile.php b/admin/profile.php index f8a54e57..4d294a3a 100644 --- a/admin/profile.php +++ b/admin/profile.php @@ -244,6 +244,8 @@ function update_profile() if ($_SESSION['new']['autoreload'] < 0 || $_SESSION['new']['autoreload'] > 65535) { $_SESSION['new']['autoreload'] = 30; } + } else { + hesk_setcookie('autorefresh', ''); } /* Auto-start ticket timer */ diff --git a/admin/reports.php b/admin/reports.php index 1f8fa928..54c9e06d 100644 --- a/admin/reports.php +++ b/admin/reports.php @@ -530,7 +530,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); // Some variables we will need $tickets = array(); - $totals = array('asstickets' => 0, 'resolved' => 0, 'tickets' => 0, 'replies' => 0, 'worked' => 0); + $totals = array('asstickets' => 0, 'resolved' => 0, 'tickets' => 0, 'replies' => 0, 'worked' => 0, 'openedby' => 0); // Get list of users $admins = array(); @@ -550,6 +550,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); 'tickets' => 0, 'replies' => 0, 'worked' => '', + 'openedby' => 0, ); } @@ -625,10 +626,21 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); // Convert total seconds worked to HH:MM:SS $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0; + // Get total opened by tickets + $res = hesk_dbQuery("SELECT `openedby`, COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `openedby` IN ('" . implode("','", array_keys($admins) ) . "') AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `openedby`"); + + // -> update ticket list values + while ($row = hesk_dbFetchAssoc($res)) + { + $tickets[$row['openedby']]['openedby'] += $row['cnt']; + $totals['openedby'] += $row['cnt']; + } + ?> + @@ -647,6 +659,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?> + @@ -666,6 +679,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?> + @@ -682,6 +696,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?> + diff --git a/inc/common.inc.php b/inc/common.inc.php index 12739df6..83c8f1df 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -35,8 +35,13 @@ if (!defined('IN_SCRIPT')) { #error_reporting(E_ALL); -// Set correct Content-Type header -if (!defined('NO_HTTP_HEADER')) { +/* + * If code is executed from CLI, don't force SSL + * else set correct Content-Type header + */ +if (defined('NO_HTTP_HEADER')) { + $hesk_settings['force_ssl'] = false; +} else { header('Content-Type: text/html; charset=utf-8'); // Don't allow HESK to be loaded in a frame on third party domains diff --git a/index.php b/index.php index e59b24c9..84ad3523 100644 --- a/index.php +++ b/index.php @@ -473,8 +473,10 @@ function print_add_ticket() foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0 || $k_value == $option) - { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } @@ -597,11 +599,11 @@ function print_add_ticket() // Hidden case 'hidden': - if (strlen($k_value) != 0) + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) { - $v['value']['hidden_default_value'] = $k_value; + $v['value']['default_value'] = $k_value; } - $hidden_cf_buffer .= ''; + $hidden_cf_buffer .= ''; break; /* Default text input */ @@ -766,8 +768,10 @@ function print_add_ticket() foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0 || $k_value == $option) - { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } @@ -890,7 +894,10 @@ function print_add_ticket() // Hidden case 'hidden': - $hidden_cf_buffer .= ''; + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) { + $v['value']['default_value'] = $k_value; + } + $hidden_cf_buffer .= ''; break; /* Default text input */ diff --git a/language/en/text.php b/language/en/text.php index 55d81043..f514a8d3 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -2045,6 +2045,9 @@ $hesklang['status_limit']='You have 100 custom statuses, no new can be created.' $hesklang['public_link']='Public link'; // Link to the public KB article in the private KB pages $hesklang['frames']='Frames'; $hesklang['frames2']='Prevent loading HESK in frames on third party domains'; +$hesklang['numsub']='Submitted tickets'; // Will show how many tickets this user submitted +$hesklang['hidf']='Hidden inputs are not visible to customers on the Submit a ticket form (the value will still be visible on ticket details page if they are set as public). They behave as normal text fields for staff members.'; +$hesklang['rcheck']='Do not select a default option'; // DO NOT CHANGE BELOW if (!defined('IN_SCRIPT')) die('PHP syntax OK!'); From a11d2c95bbf79718fb0e567716090a1fa8386dab Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 27 Oct 2016 20:51:20 -0400 Subject: [PATCH 54/88] Update .gitignore --- .gitignore | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 3317dca5..f52064ac 100644 --- a/.gitignore +++ b/.gitignore @@ -1,14 +1,12 @@ admin/admin_suggest_articles.php admin/archive.php +admin/custom_statuses.php +admin/email_templates.php admin/generate_spam_question.php admin/priority.php admin/test_connection.php attachments/index.htm -docs/changelog.html -docs/docs_style.css -docs/index.html -docs/quick-guide.html -docs/step-by-step-guide.html +docs/ file_limits.php footer.txt header.txt @@ -27,6 +25,7 @@ img/clip.png img/code.png img/code_off.png img/delete.png +img/delete_off.png img/delete_ticket.png img/edit.png img/error.png @@ -159,7 +158,9 @@ inc/database_mysqli.inc.php inc/footer.inc.php inc/htmlpurifier inc/index.htm +inc/jscolor/ inc/mail/email_parser.php +inc/mail/hesk_imap.php inc/mail/hesk_pipe.php inc/mail/hesk_pop3.php inc/mail/index.htm @@ -184,6 +185,7 @@ inc/recaptcha/recaptchalib.php inc/reporting_functions.inc.php inc/secimg.inc.php inc/setup_functions.inc.php +inc/statuses.inc.php inc/tabs/index.htm inc/tabs/tabber-minimized.js inc/tabs/tabber.css From 47d32be2b8f1d1dfa915f4648a24510f62e1e9ec Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 31 Oct 2016 20:57:13 -0400 Subject: [PATCH 55/88] Custom fields page uses new UI --- admin/custom_fields.php | 1288 ++++++++++++++++++++++++++++++++++++ inc/show_admin_nav.inc.php | 8 +- language/en/text.php | 1 + 3 files changed, 1293 insertions(+), 4 deletions(-) create mode 100755 admin/custom_fields.php diff --git a/admin/custom_fields.php b/admin/custom_fields.php new file mode 100755 index 00000000..5ab6c61e --- /dev/null +++ b/admin/custom_fields.php @@ -0,0 +1,1288 @@ + +
    + +
    +
    +
    + +
    + = 50 && $action != 'edit_cf') + { + hesk_show_info($hesklang['cf_limit']); + } + // Less than 50 custom fields + else + { + ?> +
    +
    +

    +
    +
    +
    +
    + + 1) + { + ?> +
    + $info): ?> + + + + + +
    + +
    + +
    + +
    +
    + +
    + + + +
    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    + +
    +

    +

    + +
    + +
    +

    +

    + +
    + +
    +

    + +
    + +
    +
    + +
    + + +
    +
    + +
    +
    +
    +
    + +
    + +
    +
    +
    + +
    + + + +
    +
    +
    +
    + +
    + + +
    +
    + +
    +
    +
    +
    + +
    + +
    +
    +
    + +
    + + + +
    +
    +
    +
    + +
    +
    '; + } + + ?> +
    +
    + +
    + + + + +
    +
    +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    + + + + +
    +
    +
    + +
    +

    +
    + +
    + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    + +
    + +
    + +
    +
    + +
    +
    + + +
    +
    +
    +
    +
    + ' : ''; ?> + + +
    +
    + +
    +
    + + +
    +
    +

    +
    +
    + + + + + + + + + + + + + + + $cf) { + if ($cf['place']) { + $num_after++; + } else { + $num_before++; + } + } + + foreach ($hesk_settings['custom_fields'] as $id => $cf) { + $id = intval(str_replace('custom', '', $id)); + + if ($hide_up) { + $hide_up = false; + } + + if ($before && $cf['place'] == 0) { + ?> + + + + + + + + + + + + + + + + + + + +
    + 1) { + if (($num_before == 1 && $cf['place'] == 0) || ($num_after == 1 && $cf['place'] == 1)) { + // Only 1 custom fields in this place, don't print anything + ?> +   +   + +   + + + + + + + +   + + + + + + + + + + + + + + +
    + +
    +
    +
    +
    + + +
    +$error\n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'custom_fields.php'); + } + + // Add custom field data into database + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET + `use` = '{$cf['use']}', + `place` = '{$cf['place']}', + `type` = '{$cf['type']}', + `req` = '{$cf['req']}', + `category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').", + `name` = '".hesk_dbEscape($cf['names'])."', + `value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL')." + WHERE `id`={$id}"); + + // Clear cache + clear_cf_cache(); + + // Show success + $_SESSION['cford'] = $id; + hesk_process_messages($hesklang['cf_mdf'],'custom_fields.php','SUCCESS'); + +} // End save_cf() + + +function edit_cf() +{ + global $hesk_settings, $hesklang; + + // Get custom field ID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + + // Get details from the database + $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `id`={$id} LIMIT 1"); + if ( hesk_dbNumRows($res) != 1 ) + { + hesk_error($hesklang['cf_not_found']); + } + $cf = hesk_dbFetchAssoc($res); + + $cf['names'] = json_decode($cf['name'], true); + unset($cf['name']); + + if (strlen($cf['category'])) + { + $cf['categories'] = json_decode($cf['category'], true); + $cf['category'] = 1; + } + else + { + $cf['categories'] = array(); + $cf['category'] = 0; + } + + $_SESSION['new_cf'] = $cf; + $_SESSION['edit_cf'] = true; + +} // End edit_cf() + + +function order_cf() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID and move parameters + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + $move = intval( hesk_GET('move') ); + $_SESSION['cford'] = $id; + + // Update article details + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=`order`+".intval($move)." WHERE `id`={$id}"); + + // Update order of all custom fields + update_cf_order(); + + // Clear cache + clear_cf_cache(); + + // Finish + header('Location: custom_fields.php'); + exit(); + +} // End order_cf() + + +function update_cf_order() +{ + global $hesk_settings, $hesklang; + + // Get list of current custom fields + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `use` IN ('1','2') ORDER BY `place` ASC, `order` ASC"); + + // Update database + $i = 10; + while ( $cf = hesk_dbFetchAssoc($res) ) + { + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=".intval($i)." WHERE `id`='".intval($cf['id'])."'"); + $i += 10; + } + + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `order`=1000 WHERE `use`='0'"); + + return true; + +} // END update_cf_order() + + +function remove_cf() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']); + + // Reset the custom field + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `value`=NULL, `order`=1000 WHERE `id`={$id}"); + + // Were we successful? + if ( hesk_dbAffectedRows() == 1 ) + { + // Update order + update_cf_order(); + + // Clear cache + clear_cf_cache(); + + // Delete custom field data from tickets + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `custom{$id}`=''"); + + // Show success message + hesk_process_messages($hesklang['cf_deleted'],'./custom_fields.php','SUCCESS'); + } + else + { + hesk_process_messages($hesklang['cf_not_found'],'./custom_fields.php'); + } + +} // End remove_cf() + + +function cf_validate() +{ + global $hesk_settings, $hesklang; + global $hesk_error_buffer; + + $hesk_error_buffer = array(); + + // Get names + $cf['names'] = hesk_POST_array('name'); + + // Make sure only valid names pass + foreach ($cf['names'] as $key => $name) + { + if ( ! isset($hesk_settings['languages'][$key])) + { + unset($cf['names'][$key]); + } + else + { + $name = is_array($name) ? '' : hesk_input($name, 0, 0, HESK_SLASH); + + if (strlen($name) < 1) + { + unset($cf['names'][$key]); + } + else + { + $cf['names'][$key] = stripslashes($name); + } + } + } + + // No name entered? + if ( ! count($cf['names'])) + { + $hesk_error_buffer[] = $hesklang['err_custname']; + } + + // Get type and values + $cf['type'] = hesk_POST('type'); + switch ($cf['type']) + { + case 'textarea': + $cf['rows'] = hesk_checkMinMax(intval(hesk_POST('rows')), 1, 100, 12); + $cf['cols'] = hesk_checkMinMax(intval(hesk_POST('cols')), 1, 500, 60); + $cf['value'] = array('rows' => $cf['rows'], 'cols' => $cf['cols']); + break; + + case 'radio': + $cf['radio_options'] = stripslashes(hesk_input(hesk_POST('radio_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['radio_options']); + + $no_default = hesk_POST('no_default') ? 1 : 0; + + $cf['value'] = array('radio_options' => $options, 'no_default' => $no_default); + + if (count($options) < 2) + { + $hesk_error_buffer[] = $hesklang['atl2']; + } + + break; + + case 'select': + $cf['select_options'] = stripslashes(hesk_input(hesk_POST('select_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['select_options']); + + $show_select = hesk_POST('show_select') ? 1 : 0; + + $cf['value'] = array('show_select' => $show_select, 'select_options' => $options); + + if (count($options) < 2) + { + $hesk_error_buffer[] = $hesklang['atl2']; + } + + break; + + case 'checkbox': + $cf['checkbox_options'] = stripslashes(hesk_input(hesk_POST('checkbox_options'), 0, 0, HESK_SLASH)); + + $options = preg_split("/\\r\\n|\\r|\\n/", $cf['checkbox_options']); + + $cf['value'] = array('checkbox_options' => $options); + + if ( ! isset($options[0]) || strlen($options[0]) < 1) + { + $hesk_error_buffer[] = $hesklang['atl1']; + } + + break; + + case 'date': + $cf['dmin'] = ''; + $cf['dmax'] = ''; + + // Minimum date + $dmin_rf = hesk_POST('dmin_rf'); + + if ($dmin_rf == 1) + { + $dmin = hesk_POST('dmin'); + + if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmin)) + { + $cf['dmin'] = $dmin; + } + } + elseif ($dmin_rf == 2) + { + $dmin_pm = hesk_POST('dmin_pm') == '+' ? '+' : '-'; + $dmin_num = intval(hesk_POST('dmin_num', 0)); + $dmin_type = hesk_POST('dmin_type'); + if ( ! in_array($dmin_type, array('day', 'week', 'month', 'year'))) + { + $dmin_type = 'day'; + } + + $cf['dmin'] = $dmin_pm . $dmin_num . ' ' . $dmin_type; + } + + // Maximum date + $dmax_rf = hesk_POST('dmax_rf'); + + if ($dmax_rf == 1) + { + $dmax = hesk_POST('dmax'); + + if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmax)) + { + $cf['dmax'] = $dmax; + } + } + elseif ($dmax_rf == 2) + { + $dmax_pm = hesk_POST('dmax_pm') == '+' ? '+' : '-'; + $dmax_num = intval(hesk_POST('dmax_num', 0)); + $dmax_type = hesk_POST('dmax_type'); + if ( ! in_array($dmax_type, array('day', 'week', 'month', 'year'))) + { + $dmax_type = 'day'; + } + + $cf['dmax'] = $dmax_pm . $dmax_num . ' ' . $dmax_type; + } + + // Minimum date should not be higher than maximum date + if (strlen($cf['dmin']) && strlen($cf['dmax'])) + { + if (strtotime($cf['dmin']) > strtotime($cf['dmax'])) + { + $hesk_error_buffer[] = $hesklang['d_mm']; + } + } + + // Date format + $date_format = hesk_POST('date_format'); + if ($date_format == 'custom') + { + $date_format = hesk_POST('date_format_custom'); + } + + $cf['date_format'] = preg_replace('/[^a-zA-Z0-9 \/\.\_+\-,;:#(){}\[\]\'@*]/', '', $date_format); + + $cf['value'] = array('dmin' => $cf['dmin'], 'dmax' => $cf['dmax'], 'date_format' => $cf['date_format']); + + break; + + case 'email': + $cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0; + $cf['value'] = array('multiple' => $cf['email_multi']); + break; + + case 'hidden': + $cf['hidden_max_length'] = hesk_checkMinMax(intval(hesk_POST('hidden_max_length')), 1, 10000, 255); + $cf['hidden_default_value'] = stripslashes(hesk_input(hesk_POST('hidden_default_value'), 0, 0, HESK_SLASH)); + $cf['value'] = array('max_length' => $cf['hidden_max_length'], 'default_value' => $cf['hidden_default_value']); + break; + + default: + $cf['type'] = 'text'; + $cf['max_length'] = hesk_checkMinMax(intval(hesk_POST('max_length')), 1, 10000, 255); + $cf['default_value'] = stripslashes(hesk_input(hesk_POST('default_value'), 0, 0, HESK_SLASH)); + $cf['value'] = array('max_length' => $cf['max_length'], 'default_value' => $cf['default_value']); + + } + + // Enable + $cf['use'] = hesk_POST('use') == 2 ? 2 : 1; + + // req + $cf['req'] = hesk_POST('req'); + $cf['req'] = $cf['req'] == 2 ? 2 : ($cf['req'] == 1 ? 1 : 0); + + // Private fields cannot be req for customers + if ($cf['use'] == 2 && $cf['req'] == 1) + { + $cf['req'] = 0; + } + + // Located above or below "Message"? + $cf['place'] = hesk_POST('place') ? 1 : 0; + + // Get allowed categories + if (hesk_POST('category')) + { + $cf['category'] = 1; + $cf['categories'] = hesk_POST_array('categories'); + + foreach ($cf['categories'] as $key => $cat_id) + { + if ( ! isset($hesk_settings['categories'][$cat_id]) ) + { + unset($cf['categories'][$key]); + } + } + + if ( ! count($cf['categories'])) + { + $hesk_error_buffer[] = $hesklang['cf_nocat']; + } + } + else + { + $cf['category'] = 0; + $cf['categories'] = array(); + } + + // Any errors? + if (count($hesk_error_buffer)) + { + $_SESSION['new_cf'] = $cf; + return false; + } + + $cf['names'] = addslashes(json_encode($cf['names'])); + $cf['value'] = $cf['type'] == 'date' ? json_encode($cf['value']) : addslashes(json_encode($cf['value'])); + + return $cf; +} // END cf_validate() + + +function new_cf() +{ + global $hesk_settings, $hesklang; + global $hesk_error_buffer; + + // A security check + # hesk_token_check('POST'); + + // Validate inputs + if (($cf = cf_validate()) == false) + { + $tmp = ''; + foreach ($hesk_error_buffer as $error) + { + $tmp .= "
  • $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'custom_fields.php'); + } + + // Get the lowest available custom field ID + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` WHERE `use`='0' ORDER BY `id` ASC LIMIT 1"); + $row = hesk_dbFetchRow($res); + $_SESSION['cford'] = intval($row[0]); + + // Insert custom field into database + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET + `use` = '{$cf['use']}', + `place` = '{$cf['place']}', + `type` = '{$cf['type']}', + `req` = '{$cf['req']}', + `category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').", + `name` = '".hesk_dbEscape($cf['names'])."', + `value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').", + `order` = 990 + WHERE `id`={$_SESSION['cford']}"); + + // Update order + update_cf_order(); + + // Clear cache + clear_cf_cache(); + + // Show success + hesk_process_messages($hesklang['cf_added'],'custom_fields.php','SUCCESS'); + +} // End new_cf() + + +function clear_cf_cache() +{ + global $hesk_settings; + + $cache_dir = dirname(dirname(__FILE__)).'/'.$hesk_settings['attach_dir'].'/cf/'; + + if (is_dir($cache_dir)) + { + $files = preg_grep('/index\.htm$/', glob($cache_dir.'*', GLOB_NOSORT), PREG_GREP_INVERT); + array_walk($files, 'hesk_unlink'); + } + + return true; + +} // END clear_cf_cache() diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php index 32ea57e6..bd79a55e 100644 --- a/inc/show_admin_nav.inc.php +++ b/inc/show_admin_nav.inc.php @@ -125,10 +125,6 @@ $mails = mfh_get_mail_headers_for_dropdown($_SESSION['id'], $hesk_settings, $hes
  • - -

    @@ -382,6 +378,10 @@ $mails = mfh_get_mail_headers_for_dropdown($_SESSION['id'], $hesk_settings, $hes $tools_count++; $dropdown_items['manage_statuses'] = $hesklang['manage_statuses']; } + if (hesk_checkPermission('can_man_settings', 0)) { + $tools_count++; + $dropdown_items['custom_fields'] = $hesklang['manage_custom_fields']; + } if (hesk_checkPermission('can_view_logs', 0)) { $tools_count++; $dropdown_items['view_message_log'] = $hesklang['view_message_log']; diff --git a/language/en/text.php b/language/en/text.php index f514a8d3..d9aa9937 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -66,6 +66,7 @@ $hesklang['generated_token_colon'] = 'Generated Token:'; $hesklang['record_this_token_warning'] = 'Please record this token, as this is the only time you will be able to view it!'; $hesklang['all_tokens_revoked'] = 'All tokens for this user have been revoked'; $hesklang['staff_login_title'] = 'Staff Login'; +$hesklang['manage_custom_fields'] = 'Manage Custom Fields'; // ADDED OR MODIFIED IN Mods for HESK 2.6.0 $hesklang['search_logs'] = 'Search Logs'; From f2774badf133b9134e936f594b98c8c2be9e4add Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 31 Oct 2016 21:05:02 -0400 Subject: [PATCH 56/88] Add custom field header to tools pages --- admin/custom_fields.php | 2 +- admin/manage_email_templates.php | 10 ++++++++++ admin/manage_statuses.php | 11 +++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/admin/custom_fields.php b/admin/custom_fields.php index 5ab6c61e..f5154064 100755 --- a/admin/custom_fields.php +++ b/admin/custom_fields.php @@ -113,7 +113,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); + onclick="alert('')">

    • diff --git a/admin/manage_email_templates.php b/admin/manage_email_templates.php index e282d05b..8b487e29 100644 --- a/admin/manage_email_templates.php +++ b/admin/manage_email_templates.php @@ -103,6 +103,16 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); '; } + + if (hesk_checkPermission('can_man_settings', 0)) { + echo ' +
  • + ' . + $hesklang['tab_4'] + . ' +
    • + '; + } ?>
    diff --git a/admin/manage_statuses.php b/admin/manage_statuses.php index 96138f76..1b24074d 100644 --- a/admin/manage_statuses.php +++ b/admin/manage_statuses.php @@ -87,6 +87,17 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); title="" data-content=""> + + ' . + $hesklang['tab_4'] + . ' + + '; + } + ?>
    From 4c55e50c0462d017e4fef11b4e2ec8c85557c02c Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 31 Oct 2016 21:56:54 -0400 Subject: [PATCH 57/88] Add readonly to manage custom fields --- admin/custom_fields.php | 39 +++++++++++++++++++++++++-------------- inc/custom_fields.inc.php | 2 ++ language/en/text.php | 2 ++ 3 files changed, 29 insertions(+), 14 deletions(-) diff --git a/admin/custom_fields.php b/admin/custom_fields.php index f5154064..f581353c 100755 --- a/admin/custom_fields.php +++ b/admin/custom_fields.php @@ -179,8 +179,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); + - +
    -
    +
    -
    + +
    +
    + +
    + +
    +
    +
    + +
    - - - - -
    -
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    +
    +
    @@ -1154,7 +1177,8 @@ function cf_validate() case 'email': $cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0; - $cf['value'] = array('multiple' => $cf['email_multi']); + $cf['email_type'] = hesk_POST('email_type', 'none'); + $cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']); break; case 'hidden': From 7524d58218a007a5a734203ebe66e2cbe1762532 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 1 Nov 2016 13:04:16 -0400 Subject: [PATCH 59/88] Starting on fixing custom fields --- admin/new_ticket.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 3b01b7d4..1f8057f1 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -289,7 +289,9 @@ $show_quick_help = $show['show']; echo ' onblur="Javascript:Javascript:hesk_suggestEmail(\'email\', \'email_suggestions\', 1, 1)"'; } ?> placeholder="" - onkeyup="disableIfEmpty('email','notify-email')"> + onkeyup="disableIfEmpty('email','notify-email')" + > +
    From ea8aac8d64c1d75cb69d64345d0e13b454e250f9 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Fri, 4 Nov 2016 22:00:37 -0400 Subject: [PATCH 60/88] Working on re-converting custom fields --- index.php | 367 +++++++++++++++++++++++++++++------------------------- 1 file changed, 200 insertions(+), 167 deletions(-) diff --git a/index.php b/index.php index 84ad3523..8629bac0 100644 --- a/index.php +++ b/index.php @@ -85,22 +85,11 @@ function print_select_category($number_of_categories) hesk_process_messages($hesklang['sel_app_cat'],'NOREDIRECT','NOTICE'); } ?> - - - - - - - -
    - - - - - -
    > - > -
    +
      +
      2. +
      3. +
      4. +
    @@ -123,7 +112,7 @@ function print_select_category($number_of_categories) { ?>
    - -
      - $v) - { - echo '
    • » '.$v.'
      • '; + $new_row = 1; + + foreach ($hesk_settings['categories'] as $k=>$v): + if ($new_row == 1) { + echo '
      '; + $new_row = -1; } - ?> -
    + ?> +
    + +
    +
    +
    +
    + +
    +
    +
    +
    +     +
    '; + } + endforeach; } ?>
    @@ -326,7 +332,7 @@ function print_add_ticket() enctype="multipart/form-data" >
    -
    @@ -342,7 +348,7 @@ function print_add_ticket()
    + ($hesk_settings['require_email'] ? ' *' : ''); ?>
    + *' : ''; ?>
    -
    @@ -433,11 +439,11 @@ function print_add_ticket() /* custom fields BEFORE comments */ + $hidden_cf_buffer = ''; foreach ($hesk_settings['custom_fields'] as $k=>$v) { if ($v['use']==1 && $v['place']==0 && hesk_is_custom_field_in_category($k, $category) ) { - $v['req'] = $v['req'] ? '*' : ''; if ($v['type'] == 'checkbox') @@ -464,45 +470,40 @@ function print_add_ticket() { /* Radio box */ case 'radio': - echo ' - - '.$v['name:'].' '.$v['req'].' - '; - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' +
    + +
    '; - foreach ($v['value']['radio_options'] as $option) - { + foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0) { $k_value = $option; - $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + $checked = empty($v['value']['no_default']) ? 'checked' : ''; } elseif ($k_value == $option) { $k_value = $option; - $checked = 'checked="checked"'; - } - else - { + $checked = 'checked'; + } else { $checked = ''; } - echo '
    '; + echo '
    '; } - - echo ' - - '; + echo ' +
    +
    '; break; /* Select drop-down box */ case 'select': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; // Show "Click to select"? if ( ! empty($v['value']['show_select'])) { @@ -514,7 +515,7 @@ function print_add_ticket() if ($k_value == $option) { $k_value = $option; - $selected = 'selected="selected"'; + $selected = 'selected'; } else { @@ -524,77 +525,76 @@ function print_add_ticket() echo ''; } - echo ' - - '; + echo ' +
    +
    '; break; /* Checkbox */ case 'checkbox': + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; - - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; +
    + +
    '; - foreach ($v['value']['checkbox_options'] as $option) + foreach ($v['value']['checkbox_options'] as $option) + { + if (in_array($option,$k_value)) { - if (in_array($option,$k_value)) - { - $checked = 'checked="checked"'; - } - else - { - $checked = ''; - } - - echo '
    '; + $checked = 'checked'; + } + else + { + $checked = ''; } - echo ' - - '; + echo '
    '; + } + echo '
    +
    '; break; /* Large text box */ case 'textarea': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Date case 'date': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Email case 'email': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 0'.($v['value']['multiple'] ? ',1' : '').')"' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - -
    - - - '; +
    + +
    + +
    +
    +
    '; break; // Hidden @@ -603,7 +603,25 @@ function print_add_ticket() { $v['value']['default_value'] = $k_value; } - $hidden_cf_buffer .= ''; + $hidden_cf_buffer .= ''; + break; + + // Readonly + case 'readonly': + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) + { + $v['value']['default_value'] = $k_value; + } + + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; + + echo ' +
    + +
    + +
    +
    '; break; /* Default text input */ @@ -613,14 +631,15 @@ function print_add_ticket() $v['value']['default_value'] = $k_value; } - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; } } } @@ -759,45 +778,40 @@ function print_add_ticket() { /* Radio box */ case 'radio': - echo ' - - '.$v['name:'].' '.$v['req'].' - '; - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + echo ' +
    + +
    '; - foreach ($v['value']['radio_options'] as $option) - { + foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0) { $k_value = $option; - $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + $checked = empty($v['value']['no_default']) ? 'checked' : ''; } elseif ($k_value == $option) { $k_value = $option; - $checked = 'checked="checked"'; - } - else - { + $checked = 'checked'; + } else { $checked = ''; } - echo '
    '; + echo '
    '; } - - echo ' - - '; + echo ' +
    +
    '; break; /* Select drop-down box */ case 'select': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; // Show "Click to select"? if ( ! empty($v['value']['show_select'])) { @@ -809,7 +823,7 @@ function print_add_ticket() if ($k_value == $option) { $k_value = $option; - $selected = 'selected="selected"'; + $selected = 'selected'; } else { @@ -819,85 +833,103 @@ function print_add_ticket() echo ''; } - echo ' - - '; + echo ' +
    +
    '; break; /* Checkbox */ case 'checkbox': + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; - - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; +
    + +
    '; foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option,$k_value)) { - $checked = 'checked="checked"'; + $checked = 'checked'; } else { $checked = ''; } - echo '
    '; + echo '
    '; } - - echo ' - - '; + echo '
    +
    '; break; /* Large text box */ case 'textarea': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Date case 'date': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Email case 'email': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 0'.($v['value']['multiple'] ? ',1' : '').')"' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - -
    - - - '; +
    + +
    + +
    +
    +
    '; break; // Hidden case 'hidden': - if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) { + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) + { $v['value']['default_value'] = $k_value; } - $hidden_cf_buffer .= ''; + $hidden_cf_buffer .= ''; + break; + + // Readonly + case 'readonly': + if (strlen($k_value) != 0 || isset($_SESSION["c_$k"])) + { + $v['value']['default_value'] = $k_value; + } + + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; + + echo ' +
    + +
    + +
    +
    '; break; /* Default text input */ @@ -907,14 +939,15 @@ function print_add_ticket() $v['value']['default_value'] = $k_value; } - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; } } } From 49b8b4441342a48096fa5c6b80c5d46a2f53a226 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 7 Nov 2016 17:41:35 -0500 Subject: [PATCH 61/88] Use YYYY-MM-DD regex due to datepicker switch --- admin/admin_submit_ticket.php | 3 +-- admin/custom_fields.php | 8 ++++---- admin/edit_post.php | 2 +- submit_ticket.php | 2 +- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/admin/admin_submit_ticket.php b/admin/admin_submit_ticket.php index 56cce5d4..53386536 100644 --- a/admin/admin_submit_ticket.php +++ b/admin/admin_submit_ticket.php @@ -139,8 +139,7 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) { } elseif ($v['type'] == 'date') { $tmpvar[$k] = hesk_POST($k); $_SESSION["as_$k"] = ''; - - if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $tmpvar[$k])) { + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) { $date = strtotime($tmpvar[$k] . ' t00:00:00'); $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false; $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false; diff --git a/admin/custom_fields.php b/admin/custom_fields.php index b8a7ef8d..bdfc69ab 100755 --- a/admin/custom_fields.php +++ b/admin/custom_fields.php @@ -287,7 +287,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $dmin_type = $matches[3]; } // Minimum date is in "MM/DD/YYYY" format - elseif (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmin)) + elseif (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmin)) { $dmin_rf = 1; } @@ -359,7 +359,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $dmax_type = $matches[3]; } // Minimum date is in "MM/DD/YYYY" format - elseif (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmax)) + elseif (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmax)) { $dmax_rf = 1; } @@ -1110,7 +1110,7 @@ function cf_validate() { $dmin = hesk_POST('dmin'); - if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmin)) + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmin)) { $cf['dmin'] = $dmin; } @@ -1135,7 +1135,7 @@ function cf_validate() { $dmax = hesk_POST('dmax'); - if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $dmax)) + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $dmax)) { $cf['dmax'] = $dmax; } diff --git a/admin/edit_post.php b/admin/edit_post.php index 1b15e20e..354f2a34 100644 --- a/admin/edit_post.php +++ b/admin/edit_post.php @@ -166,7 +166,7 @@ if (isset($_POST['save'])) { $tmpvar[$k] = hesk_POST($k); $_SESSION["as_$k"] = ''; - if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $tmpvar[$k])) { + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) { $date = strtotime($tmpvar[$k] . ' t00:00:00'); $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false; $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false; diff --git a/submit_ticket.php b/submit_ticket.php index 81cea406..0a015ce5 100644 --- a/submit_ticket.php +++ b/submit_ticket.php @@ -284,7 +284,7 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) { $tmpvar[$k] = hesk_POST($k); $_SESSION["c_$k"] = ''; - if (preg_match("/^[0-9]{2}\/[0-9]{2}\/[0-9]{4}$/", $tmpvar[$k])) { + if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) { $date = strtotime($tmpvar[$k] . ' t00:00:00'); $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false; $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false; From 9f7a152941f70f8bd79cc5dd7b0492e3964510ff Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 8 Nov 2016 12:28:30 -0500 Subject: [PATCH 62/88] Add RC1 files to gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index f52064ac..1652cfff 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ admin/generate_spam_question.php admin/priority.php admin/test_connection.php attachments/index.htm +cache/ docs/ file_limits.php footer.txt @@ -113,6 +114,7 @@ img/print.png img/private.png img/public.png img/reload.png +img/refresh.png img/roundcornersb.jpg img/roundcornerslb.jpg img/roundcornerslm.jpg From 61f6e0eb985a764fc2448e83f1a5ca479c0b8c23 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 8 Nov 2016 12:53:19 -0500 Subject: [PATCH 63/88] Fixed custom fields on new ticket --- admin/new_ticket.php | 99 +++++++++++++++++++------------------------- 1 file changed, 42 insertions(+), 57 deletions(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 1f8057f1..0f74cb87 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -350,49 +350,42 @@ $show_quick_help = $show['show']; if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $category)) { $v['req'] = $v['req']==2 ? '*' : ''; - if ($v['type'] == 'checkbox' && !isset($_GET["c_$k"])) { + if ($v['type'] == 'checkbox') { $k_value = array(); - if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) { - foreach ($_SESSION["c_$k"] as $myCB) { + if (isset($_SESSION["as_$k"]) && is_array($_SESSION["as_$k"])) { + foreach ($_SESSION["as_$k"] as $myCB) { $k_value[] = stripslashes(hesk_input($myCB)); } } } elseif (isset($_SESSION["as_$k"])) { - $k_value = stripslashes(hesk_input($_SESSION["as_$k"])); - } elseif (isset($_GET["as_$k"])) { - if ($v['type'] == 'checkbox') { - $k_value = explode('-CHECKBOX-', $_GET["as_$k"]); - } else { - $k_value = stripslashes(hesk_GET("as_$k")); - } + $k_value = stripslashes(hesk_input($_SESSION["as_$k"])); } else { - $k_value = ''; + $k_value = ''; } switch ($v['type']) { /* Radio box */ case 'radio': - echo '
    '; - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + echo '
    '; foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0) { $k_value = $option; - $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + $checked = empty($v['value']['no_default']) ? 'checked' : ''; } elseif ($k_value == $option) { $k_value = $option; - $checked = 'checked="checked"'; + $checked = 'checked'; } else { $checked = ''; } //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; + echo '
    '; } echo '
    '; @@ -403,12 +396,12 @@ $show_quick_help = $show['show']; //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    -
    '; // Show "Click to select"? if (!empty($v['value']['show_select'])) { @@ -418,7 +411,7 @@ $show_quick_help = $show['show']; foreach ($v['value']['select_options'] as $option) { if ($k_value == $option) { $k_value = $option; - $selected = 'selected="selected"'; + $selected = 'selected'; } else { $selected = ''; } @@ -433,19 +426,19 @@ $show_quick_help = $show['show']; case 'checkbox': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + echo '
    '; foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option, $k_value)) { - $checked = 'checked="checked"'; + $checked = 'checked'; } else { $checked = ''; } - echo '
    '; + echo '
    '; } echo '
    '; break; @@ -454,33 +447,29 @@ $show_quick_help = $show['show']; case 'textarea': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    + echo '
    -
    +
    '; break; case 'date': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' isError ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo ' -
    - +
    +
    - +
    '; break; @@ -491,20 +480,11 @@ $show_quick_help = $show['show']; $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - if ($v['value'] == 'cc' || $v['value'] == 'bcc') { - // (b)cc isn't a valid email but is the "value" used by settings. Just remove it. - $v['value'] = ''; - } + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - - echo '
    + echo '
    -
    +
    '; break; @@ -515,15 +495,20 @@ $show_quick_help = $show['show']; default: //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); if (strlen($k_value) != 0 || isset($_SESSION["as_$k"])) { $v['value']['default_value'] = $k_value; } - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    + if ($v['type'] == 'readonly') { + $v['value']['max_length'] = 0; + $v['value']['default_value'] = $v['value']['value']; + } + + echo '
    '; From 59cc8498cfe2dbe9bac6a71a60275afd4e154c7c Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 8 Nov 2016 13:09:54 -0500 Subject: [PATCH 64/88] More custom field fixes --- admin/custom_fields.php | 20 ++++++--- admin/new_ticket.php | 93 ++++++++++++++++------------------------- index.php | 4 +- 3 files changed, 53 insertions(+), 64 deletions(-) diff --git a/admin/custom_fields.php b/admin/custom_fields.php index bdfc69ab..3876d5a8 100755 --- a/admin/custom_fields.php +++ b/admin/custom_fields.php @@ -214,13 +214,22 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    +
    + +
    + +
    +
    - +
    @@ -1188,8 +1197,9 @@ function cf_validate() break; case 'readonly': - $value = hesk_POST('value'); - $cf['value'] = array('value' => $value); + $max_length = hesk_POST('max_length'); + $value = hesk_POST('default_value'); + $cf['value'] = array('default_value' => $value, 'max_length' => $max_length); break; default: diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 0f74cb87..26fa3968 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -503,11 +503,6 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - if ($v['type'] == 'readonly') { - $v['value']['max_length'] = 0; - $v['value']['default_value'] = $v['value']['value']; - } - echo '
    @@ -727,46 +722,43 @@ $show_quick_help = $show['show']; foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && $v['place'] == 1 && hesk_is_custom_field_in_category($k, $category)) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - - $v['req'] = $v['req'] == 2 ? '*' : ''; + $v['req'] = $v['req']==2 ? '*' : ''; if ($v['type'] == 'checkbox') { $k_value = array(); - if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"])) { - foreach ($_SESSION["c_$k"] as $myCB) { + if (isset($_SESSION["as_$k"]) && is_array($_SESSION["as_$k"])) { + foreach ($_SESSION["as_$k"] as $myCB) { $k_value[] = stripslashes(hesk_input($myCB)); } } - } elseif (isset($_SESSION["c_$k"])) { - $k_value = stripslashes(hesk_input($_SESSION["c_$k"])); + } elseif (isset($_SESSION["as_$k"])) { + $k_value = stripslashes(hesk_input($_SESSION["as_$k"])); } else { - $k_value = ''; + $k_value = ''; } switch ($v['type']) { /* Radio box */ case 'radio': - echo '
    '; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + + echo '
    '; - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($v['value']['radio_options'] as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; - $checked = 'checked="checked"'; + $checked = 'checked'; } else { $checked = ''; } //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; + echo '
    '; } echo '
    '; @@ -777,12 +769,12 @@ $show_quick_help = $show['show']; //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    -
    '; // Show "Click to select"? if (!empty($v['value']['show_select'])) { @@ -792,7 +784,7 @@ $show_quick_help = $show['show']; foreach ($v['value']['select_options'] as $option) { if ($k_value == $option) { $k_value = $option; - $selected = 'selected="selected"'; + $selected = 'selected'; } else { $selected = ''; } @@ -807,19 +799,19 @@ $show_quick_help = $show['show']; case 'checkbox': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + echo '
    '; foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option, $k_value)) { - $checked = 'checked="checked"'; + $checked = 'checked'; } else { $checked = ''; } - echo '
    '; + echo '
    '; } echo '
    '; break; @@ -828,11 +820,11 @@ $show_quick_help = $show['show']; case 'textarea': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    + echo '
    '; @@ -841,44 +833,31 @@ $show_quick_help = $show['show']; case 'date': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); - - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - $cls = in_array($k, $_SESSION['iserror']) ? ' isError ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo ' -
    - +
    +
    - +
    '; break; case 'email': //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; - if (strlen($k_value) != 0) { - $v['value'] = $k_value; - } - - if ($v['value'] == 'cc' || $v['value'] == 'bcc') { - // (b)cc isn't a valid email but is the "value" used by settings. Just remove it. - $v['value'] = ''; - } - - $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    -
    +
    '; break; @@ -888,7 +867,7 @@ $show_quick_help = $show['show']; default: //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); - $formattedId = preg_replace("/[\s_]/", "-", $v['name']); + $formattedId = preg_replace("/[\s_]/", "-", $formattedId); if (strlen($k_value) != 0 || isset($_SESSION["as_$k"])) { $v['value']['default_value'] = $k_value; @@ -898,7 +877,7 @@ $show_quick_help = $show['show']; echo '
    -
    +
    '; } } diff --git a/index.php b/index.php index 8629bac0..d391fdf4 100644 --- a/index.php +++ b/index.php @@ -619,7 +619,7 @@ function print_add_ticket()
    - +
    '; break; @@ -927,7 +927,7 @@ function print_add_ticket()
    - +
    '; break; From f176f2238f458ccbaa67be7d347386931c5dcf33 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 8 Nov 2016 20:56:19 -0500 Subject: [PATCH 65/88] Restyled select ticket category for new ticket --- admin/new_ticket.php | 111 +++++++++++++++++++-------------- css/mods-for-hesk-new.css | 18 ++++++ index.php | 128 ++++++++++++++++++-------------------- 3 files changed, 144 insertions(+), 113 deletions(-) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 26fa3968..f32417de 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -1042,58 +1042,79 @@ function print_select_category($number_of_categories) { /* This will handle error, success and notice messages */ hesk_handle_messages(); ?> - -
    - -

    - -
    - $hesk_settings['cat_show_select']) - { - ?> - - + + -  
    +  
    -
    - -
    - - -
      - $v) +
      + +
      + + » '.$v.''; + // echo '
    • » '.$v.'
      • '; + $new_row = 1; + + foreach ($hesk_settings['categories'] as $k=>$v): + if ($new_row == 1) { + echo '
      '; + $new_row = -1; + } + ?> +
      + +
      +
      +
      +
      + +
      +
      +
      +
      +       +
      + '; + } + endforeach; } ?> -
    - +
    +
    -
    - -

     

    +
    • + - - +
    -  
    +

    +
    - -
    - -

    - -
    - $hesk_settings['cat_show_select']) - { + // Print a select box if number of categories is large + if ($number_of_categories > $hesk_settings['cat_show_select']) + { + ?> +
    + - '.$hesklang['select'].''; - } - foreach ($hesk_settings['categories'] as $k=>$v) - { - echo ''; - } - ?> - + -  
    +  
    -
    - - -
    -
    - + + +
    + + $v): - if ($new_row == 1) { - echo '
    '; - $new_row = -1; - } - ?> -
    - -
    -
    -
    -
    - -
    -
    + foreach ($hesk_settings['categories'] as $k=>$v): + if ($new_row == 1) { + echo '
    '; + $new_row = -1; + } + ?> +
    + +
    +
    +
    +
    +
    -     +
    - '; - } - endforeach; + +
    + '; } - ?> -
    -
    - -

     

    + endforeach; + } + ?> +
    +
    Date: Wed, 9 Nov 2016 13:21:16 -0500 Subject: [PATCH 66/88] Fix saving settings --- admin/admin_settings_save.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index cb0eb469..d03c2028 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -85,9 +85,6 @@ if (isset($lang[1]) && in_array($lang[1], hesk_getLanguagesArray(1))) { hesk_error($hesklang['err_lang']); } -/* --> Database settings */ -hesk_dbClose(); - if (hesk_testMySQL()) { // Database connection OK } elseif ($mysql_log) { @@ -461,7 +458,6 @@ $set['check_updates'] = empty($_POST['s_check_updates']) ? 0 : 1; $set['hesk_version'] = $hesk_settings['hesk_version']; // Process quick help sections -hesk_dbConnect(); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "quick_help_sections` SET `show` = '0'"); $postArray = hesk_POST_array('quick_help_sections'); foreach ($postArray as $value) { From 9532ab3ee71c39786cbd7d5551158db0a4700f93 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 10 Nov 2016 21:56:39 -0500 Subject: [PATCH 67/88] Edit post restyled, fixes to admin_ticket --- admin/admin_ticket.php | 72 +++++++------- admin/edit_post.php | 195 +++++++++++++++++++------------------- css/mods-for-hesk-new.css | 4 + 3 files changed, 134 insertions(+), 137 deletions(-) diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index 816c3c22..4b148211 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -1599,7 +1599,7 @@ function mfh_print_message() {

    -
    +
    @@ -1608,17 +1608,12 @@ function mfh_print_message() {
    - $v) { + $v) { if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $ticket['category'])) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } echo '
    '; echo '
    ' . $v['name'] . ':
    '; - if ($v['type'] == 'date' && !empty($ticket[$k])) { - $dt = hesk_date($ticket[$k], false, false); - echo '
    ' . hesk_dateToString($dt, 0) . '
    '; - } elseif ($v['type'] == 'email') { + if ($v['type'] == 'email') { echo '
    '.$ticket[$k].'
    '; } else { echo '
    ' . $ticket[$k] . '
    '; @@ -1626,42 +1621,41 @@ function mfh_print_message() { echo '
    '; } } - if ($ticket['message'] != '') { ?> -
    -
    - -
    -
    - -
    -
    +
    +
    $v) { - if ($v['use'] && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { - if ($modsForHesk_settings['custom_field_setting']) { - $v['name'] = $hesklang[$v['name']]; - } - echo '
    '; - echo '
    ' . $v['name'] . ':
    '; - if ($v['type'] == 'date' && !empty($ticket[$k])) { - $dt = hesk_date($ticket[$k], false, false); - echo '
    ' . hesk_dateToString($dt, 0) . '
    '; - } elseif ($v['type'] == 'email') { - echo '
    '.$ticket[$k].'
    '; - } else { - echo '
    ' . $ticket[$k] . '
    '; - } - echo '
    '; + if ($ticket['message'] != '') { + if ($ticket['html']) { + echo hesk_html_entity_decode($ticket['message']); + } else { + echo $ticket['message']; } } ?>
    + $v) { + if ($v['use'] && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + if ($first) { + echo '
    '; + $first = false; + } + echo '
    '; + echo '
    ' . $v['name'] . ':
    '; + if ($v['type'] == 'email') { + echo '
    '.$ticket[$k].'
    '; + } else { + echo '
    ' . $ticket[$k] . '
    '; + } + echo '
    '; + } + } + if (!$first) { + echo '
    '; + } + ?>
    diff --git a/admin/edit_post.php b/admin/edit_post.php index 354f2a34..a3b7b202 100644 --- a/admin/edit_post.php +++ b/admin/edit_post.php @@ -37,6 +37,7 @@ require(HESK_PATH . 'hesk_settings.inc.php'); require(HESK_PATH . 'inc/common.inc.php'); require(HESK_PATH . 'inc/admin_functions.inc.php'); require(HESK_PATH . 'inc/mail_functions.inc.php'); +require(HESK_PATH . 'inc/custom_fields.inc.php'); hesk_load_database_functions(); hesk_session_start(); @@ -240,7 +241,7 @@ if (isset($_POST['save'])) { `message`='" . hesk_dbEscape($tmpvar['message']) . "', `language`='" . hesk_dbEscape($tmpvar['language']) . "', `html`='" . hesk_dbEscape($tmpvar['html']) . "', - $custom_sql + $custom_SQL WHERE `id`='" . intval($ticket['id']) . "' LIMIT 1"); } @@ -286,8 +287,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); if ($hesk_settings['can_sel_lang']) { ?>
    - +
    '; } ?>
    - +
    - +
    - +
    ',$k_value); + $k_value = explode('
    ',$k_value); } - $v['req'] = $v['req']==2 ? '*' : ''; + $v['req'] = $v['req']==2 ? '*' : ''; switch ($v['type']) { /* Radio box */ case 'radio': + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; - - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - - foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0) { - $k_value = $option; - $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; - } elseif ($k_value == $option) { - $k_value = $option; - $checked = 'checked="checked"'; - } else { - $checked = ''; - } - - echo '
    '; - } +
    + +
    '; + foreach ($v['value']['radio_options'] as $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { + $k_value = $option; + $checked = 'checked="checked"'; + } else { + $checked = ''; + } + + echo '
    '; + } + echo '
    +
    '; - echo ' - - '; break; /* Select drop-down box */ case 'select': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; + // Show "Click to select"? + if ( ! empty($v['value']['show_select'])) { + echo ''; + } + + foreach ($v['value']['select_options'] as $option) { + if ($k_value == $option) { + $k_value = $option; + $selected = 'selected'; + } else { + $selected = ''; } - foreach ($v['value']['select_options'] as $option) { - if ($k_value == $option) { - $k_value = $option; - $selected = 'selected="selected"'; - } else { - $selected = ''; - } - - echo ''; - } + echo ''; + } - echo ' - - '; + echo ' +
    +
    '; break; /* Checkbox */ case 'checkbox': + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - '; - - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; - - foreach ($v['value']['checkbox_options'] as $option) { - if (in_array($option,$k_value)) { - $checked = 'checked="checked"'; - } else { - $checked = ''; - } - - echo '
    '; - } - - echo ' - - '; +
    + +
    '; + foreach ($v['value']['checkbox_options'] as $option) { + if (in_array($option,$k_value)) { + $checked = 'checked'; + } else { + $checked = ''; + } + + echo '
    '; + } + echo '
    +
    '; break; /* Large text box */ case 'textarea': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; $k_value = hesk_msgToPlain($k_value,0,0); echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Date case 'date': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; - $k_value = hesk_custom_date_display_format($k_value, 'm/d/Y'); + $k_value = hesk_custom_date_display_format($k_value, 'Y-m-d'); echo ' - - '.$v['name:'].' '.$v['req'].' - - - '; +
    + +
    + +
    +
    '; break; // Email @@ -454,29 +449,33 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - +
    + +
    + +
    - - +
    '; break; // Hidden (same as text for staff) case 'hidden': + case 'readonly': default: if (strlen($k_value) != 0) { $v['value']['default_value'] = $k_value; } - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; echo ' - - '.$v['name:'].' '.$v['req'].' - - +
    + +
    + +
    +
    '; } } @@ -485,7 +484,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    - +
    - + value=""> + - + @@ -513,7 +512,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $html = $ticket['html'] ? 1 : 0; ?> - + diff --git a/css/mods-for-hesk-new.css b/css/mods-for-hesk-new.css index b60c6f72..ed39b438 100644 --- a/css/mods-for-hesk-new.css +++ b/css/mods-for-hesk-new.css @@ -168,4 +168,8 @@ button.dropdown-submit { .button-link .panel-body:hover { background-color: #EEE; +} + +.timeline-header.header-info { + font-size: 14px !important; } \ No newline at end of file From 9b2c6d08be1a0ee92d6f4a5d815cbf3903d11541 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Fri, 11 Nov 2016 23:05:36 -0500 Subject: [PATCH 68/88] Fix autorefresh --- admin/admin_main.php | 12 ++++++----- admin/show_tickets.php | 1 + inc/header.inc.php | 44 ----------------------------------------- inc/headerAdmin.inc.php | 44 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 52 insertions(+), 49 deletions(-) diff --git a/admin/admin_main.php b/admin/admin_main.php index 9f9c519a..f4e036e9 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -82,11 +82,13 @@ else {
    - +
    + +

    +
    - - +
    + +
    Date: Sat, 12 Nov 2016 16:06:56 -0500 Subject: [PATCH 70/88] RC1 changes --- admin/admin_settings.php | 53 +++++++++++++++++++++++++++++----- admin/admin_settings_save.php | 4 ++- admin/custom_fields.php | 25 +++------------- admin/export.php | 26 ++++++++++------- admin/manage_knowledgebase.php | 26 +++++++---------- admin/service_messages.php | 4 +-- css/mods-for-hesk-new.css | 4 +++ inc/admin_functions.inc.php | 50 ++++++++++++++++++++++++++++++++ inc/common.inc.php | 46 +++++++++++++++++++++++++++-- inc/custom_fields.inc.php | 4 +-- language/en/text.php | 22 ++++++++++---- ticket.php | 11 +++++-- 12 files changed, 207 insertions(+), 68 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 7967ca47..63e291b0 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -465,6 +465,31 @@ $modsForHesk_settings = mfh_getSettings(); ?> + + + / + + + + ' . $hesklang['exists'] . ', '; + if ($attachmentsWritable) { + $enable_use_attachments = 1; + echo '' . $hesklang['writable'] . ''; + } else { + echo '' . $hesklang['not_writable'] . '
    ' . $hesklang['e_cdir']; + } + } else { + echo '' . $hesklang['no_exists'] . ', ' . $hesklang['not_writable'] . '
    ' . $hesklang['e_cdir']; + } + ?> + +
    @@ -798,6 +823,20 @@ $modsForHesk_settings = mfh_getSettings(); value=""/>
    +
    + + +
    + +
    +
    - - - - -
    -
    + + + + + +
    +
    @@ -2015,8 +2011,8 @@ function new_article() $content = hesk_getHTML( hesk_POST('content') ); // Clean the HTML code - require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.php'); - $purifier = new HeskHTMLPurifier(); + require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); + $purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']); $content = $purifier->heskPurify($content); } else diff --git a/admin/service_messages.php b/admin/service_messages.php index 5e8d0978..7ee9ba1c 100644 --- a/admin/service_messages.php +++ b/admin/service_messages.php @@ -492,7 +492,7 @@ function save_sm() // Clean the HTML code require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); - $purifier = new HeskHTMLPurifier(); + $purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']); $message = $purifier->heskPurify($message); // Any errors? @@ -661,7 +661,7 @@ function new_sm() // Clean the HTML code require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); - $purifier = new HeskHTMLPurifier(); + $purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']); $message = $purifier->heskPurify($message); // Any errors? diff --git a/css/mods-for-hesk-new.css b/css/mods-for-hesk-new.css index ed39b438..3881aa10 100644 --- a/css/mods-for-hesk-new.css +++ b/css/mods-for-hesk-new.css @@ -172,4 +172,8 @@ button.dropdown-submit { .timeline-header.header-info { font-size: 14px !important; +} + +.full-width { + width: 100%; } \ No newline at end of file diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php index 329d7d4c..ac790bcb 100644 --- a/inc/admin_functions.inc.php +++ b/inc/admin_functions.inc.php @@ -709,3 +709,53 @@ function hesk_checkPermission($feature, $showerror = 1) } } // END hesk_checkPermission() + +function hesk_purge_cache($type = '', $expire_after_seconds = 0) +{ + global $hesk_settings; + + $cache_dir = dirname(dirname(__FILE__)).'/'.$hesk_settings['cache_dir'].'/'; + + if ( ! is_dir($cache_dir)) + { + return false; + } + + switch ($type) + { + case 'export': + $files = glob($cache_dir.'hesk_export_*', GLOB_NOSORT); + break; + case 'status': + $files = glob($cache_dir.'status_*', GLOB_NOSORT); + break; + case 'cf': + $files = glob($cache_dir.'cf_*', GLOB_NOSORT); + break; + default: + hesk_rrmdir(trim($cache_dir, '/'), true); + return true; + } + + if (is_array($files)) + { + array_walk($files, 'hesk_unlink_callable', $expire_after_seconds); + } + + return true; + +} // END hesk_purge_cache() + + +function hesk_rrmdir($dir, $keep_top_level=false) +{ + $files = $keep_top_level ? array_diff(scandir($dir), array('.','..','index.htm')) : array_diff(scandir($dir), array('.','..')); + + foreach ($files as $file) + { + (is_dir("$dir/$file")) ? hesk_rrmdir("$dir/$file") : @unlink("$dir/$file"); + } + + return $keep_top_level ? true : @rmdir($dir); + +} // END hesk_rrmdir() diff --git a/inc/common.inc.php b/inc/common.inc.php index 83c8f1df..de31a962 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -246,6 +246,12 @@ function hesk_unlink($file, $older_than = 0) } // END hesk_unlink() +function hesk_unlink_callable($file, $key, $older_than=0) +{ + return hesk_unlink($file, $older_than); +} // END hesk_unlink_callable() + + function hesk_utf8_urldecode($in) { $in = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($in)); @@ -1726,9 +1732,43 @@ function hesk_check_maintenance($dodie = true)
    -

    -

    - + {$hesklang['hni1']}

    + {$hesklang['hni2']}

    + {$hesklang['hni3']}"; + } + // Hesk appears to be installed, show a "Maintenance in progress" message + else + { + echo " + {$hesklang['mm1']}

    + {$hesklang['mm2']}

    + {$hesklang['mm3']}"; + } + ?>
    private ticket into a public $hesklang['tab_1']='General'; $hesklang['tab_2']='Help Desk'; $hesklang['tab_3']='Knowledgebase'; -$hesklang['tab_4']='Custom Fields'; $hesklang['tab_5']='Misc'; $hesklang['disable']='Disable'; $hesklang['dat']='Date & Time'; @@ -1766,7 +1765,6 @@ $hesklang['mm3']='We apologize for the inconvenience and ask that you please try $hesklang['mma1']='Maintenance mode is active!'; $hesklang['mma2']='Customers are not able to use the help desk.'; $hesklang['tools']='Tools'; -$hesklang['banemail']='Banned Emails'; $hesklang['banemail_intro']='Prevent certain email addresses from submitting tickets to your help desk.'; $hesklang['no_banemails']='No emails are being banned.'; $hesklang['eperm']='Permanent email bans:'; @@ -1786,7 +1784,6 @@ $hesklang['can_ban_emails']='Can ban emails'; $hesklang['can_unban_emails']='Can unban emails (enables Can ban emails)'; $hesklang['eisban']='This email address is banned.'; $hesklang['click_unban']='Click here to unban.'; -$hesklang['banip']='Banned IPs'; $hesklang['banip_intro']='Visitors from banned IP addresses will not be able to view or submit tickets and login into the help desk.'; $hesklang['ipperm']='Permanent IP bans:'; $hesklang['iptemp']='Login failure bans:'; @@ -2029,11 +2026,11 @@ $hesklang['clr_view']='Color preview on text'; $hesklang['cbc']='Changeable by customers'; $hesklang['ccc']='Can customers change this status?'; $hesklang['del_status']='Delete this status?'; -$hesklang['ex_status']='Existing Statuses'; +$hesklang['ex_status']='Existing statuses'; $hesklang['status_hesk']='Built-in Statuses (cannot be modified here)'; $hesklang['status_custom']='Custom Statuses'; $hesklang['status_custom_none']='No custom statuses. You can add them using the form above.'; -$hesklang['status_save']='Save Status'; +$hesklang['status_save']='Save status'; $hesklang['list_tkt_status']='List all tickets with this status'; $hesklang['new_status']='New custom status'; $hesklang['edit_status']='Edit custom status'; @@ -2051,6 +2048,21 @@ $hesklang['frames2']='Prevent loading HESK in frames on third party domains'; $hesklang['numsub']='Submitted tickets'; // Will show how many tickets this user submitted $hesklang['hidf']='Hidden inputs are not visible to customers on the Submit a ticket form (the value will still be visible on ticket details page if they are set as public). They behave as normal text fields for staff members.'; $hesklang['rcheck']='Do not select a default option'; +$hesklang['refresh_page']='Refresh this page'; +$hesklang['banemail']='Ban emails'; +$hesklang['banip']='Ban IPs'; +$hesklang['tab_4']='Custom fields'; +$hesklang['del_kba']='Delete this article'; +$hesklang['del_kbaa']='Permanently delete this article'; +$hesklang['hni1']='HESK not installed yet?'; +$hesklang['hni2']='It appears that this help desk has not been properly installed and configured yet.'; +$hesklang['hni3']='To install HESK, follow Instructions in the documentation'; +$hesklang['cf']='Cache folder'; +$hesklang['e_cdir']='Hesk will not be able to parse emails or cache results unless the cache folder exists and is writable.'; +$hesklang['step1']='Step 1'; +$hesklang['step2']='Step 2'; +$hesklang['dffs']='When download completes, delete the file from server'; +$hesklang['fd']='Export file deleted from server'; // DO NOT CHANGE BELOW if (!defined('IN_SCRIPT')) die('PHP syntax OK!'); diff --git a/ticket.php b/ticket.php index a794cefd..3542bcc8 100644 --- a/ticket.php +++ b/ticket.php @@ -259,9 +259,15 @@ if (!$show['show']) {
    -
    +

    +
    + + + + +
    @@ -284,7 +290,8 @@ if (!$show['show']) { echo '' . $hesklang['close_action'] . ''; } } - ?>

    + ?> +

    From 31b3aeabf853fa2115d70e6a6e06174dd2cc13e0 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 14 Nov 2016 15:52:39 -0500 Subject: [PATCH 71/88] Fix multilang custom fields, add validators to CF on admin new ticket --- admin/custom_fields.php | 5 +- admin/new_ticket.php | 124 ++++++++++++++++++++++++++++------------ 2 files changed, 89 insertions(+), 40 deletions(-) diff --git a/admin/custom_fields.php b/admin/custom_fields.php index e059953a..09f6d65f 100755 --- a/admin/custom_fields.php +++ b/admin/custom_fields.php @@ -148,7 +148,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $info): ?> - + @@ -737,6 +737,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } } + $k = 1; foreach ($hesk_settings['custom_fields'] as $id => $cf) { $id = intval(str_replace('custom', '', $id)); @@ -820,8 +821,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); diff --git a/admin/new_ticket.php b/admin/new_ticket.php index f32417de..7fe6d350 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -348,7 +348,13 @@ $show_quick_help = $show['show']; /* custom fields BEFORE comments */ foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && $v['place'] == 0 && hesk_is_custom_field_in_category($k, $category)) { - $v['req'] = $v['req']==2 ? '*' : ''; + if ($v['req'] == 2) { + $v['req']= '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } if ($v['type'] == 'checkbox') { $k_value = array(); @@ -367,7 +373,7 @@ $show_quick_help = $show['show']; /* Radio box */ case 'radio': $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    '; + echo '
    '; foreach ($v['value']['radio_options'] as $option) { @@ -385,10 +391,18 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; + echo '
    + +
    '; } - echo '
    '; + echo ' +
    +
    +
    '; break; /* Select drop-down box */ @@ -400,8 +414,8 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    -
    '; // Show "Click to select"? if (!empty($v['value']['show_select'])) { @@ -419,7 +433,8 @@ $show_quick_help = $show['show']; echo ''; } - echo '
    '; + echo ' +
    '; break; /* Checkbox */ @@ -429,7 +444,7 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s_]/", "-", $formattedId); $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    '; + echo '
    '; foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option, $k_value)) { @@ -438,9 +453,10 @@ $show_quick_help = $show['show']; $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; + echo ' +
    '; break; /* Large text box */ @@ -452,12 +468,16 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - -
    -
    '; + +
    +
    '; break; case 'date': + if ($required_attribute != '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; + } + //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $formattedId); @@ -468,8 +488,9 @@ $show_quick_help = $show['show'];
    - + +
    '; break; @@ -483,8 +504,11 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - -
    + +
    + +
    +
    '; break; @@ -504,8 +528,11 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - -
    + +
    + +
    +
    '; } } @@ -722,7 +749,13 @@ $show_quick_help = $show['show']; foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && $v['place'] == 1 && hesk_is_custom_field_in_category($k, $category)) { - $v['req'] = $v['req']==2 ? '*' : ''; + if ($v['req'] == 2) { + $v['req']= '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } if ($v['type'] == 'checkbox') { $k_value = array(); @@ -742,12 +775,15 @@ $show_quick_help = $show['show']; case 'radio': $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    '; + echo '
    '; foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0 || $k_value == $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked' : ''; + } elseif ($k_value == $option) { $k_value = $option; $checked = 'checked'; } else { @@ -758,10 +794,10 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $formattedId); - echo '
    '; + echo '
    '; } - echo '
    '; + echo '
    '; break; /* Select drop-down box */ @@ -773,8 +809,8 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    -
    '; // Show "Click to select"? if (!empty($v['value']['show_select'])) { @@ -792,7 +828,7 @@ $show_quick_help = $show['show']; echo ''; } - echo '
    '; + echo '
    '; break; /* Checkbox */ @@ -802,7 +838,7 @@ $show_quick_help = $show['show']; $formattedId = preg_replace("/[\s_]/", "-", $formattedId); $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; - echo '
    '; + echo '
    '; foreach ($v['value']['checkbox_options'] as $option) { if (in_array($option, $k_value)) { @@ -811,9 +847,9 @@ $show_quick_help = $show['show']; $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    '; + echo '
    '; break; /* Large text box */ @@ -825,12 +861,17 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - -
    + +
    +
    '; break; case 'date': + if ($required_attribute != '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; + } + //Clean up multiple dashes or whitespaces $formattedId = preg_replace("/[\s-]+/", " ", $v['name']); $formattedId = preg_replace("/[\s_]/", "-", $formattedId); @@ -841,8 +882,9 @@ $show_quick_help = $show['show'];
    - + +
    '; break; @@ -856,8 +898,11 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - -
    + +
    + +
    +
    '; break; @@ -876,8 +921,11 @@ $show_quick_help = $show['show']; $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo '
    - -
    + +
    + +
    +
    '; } } From 8bc2d954745bf414a41fc5b96d39f84b1d66744e Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 14 Nov 2016 22:02:12 -0500 Subject: [PATCH 72/88] Add validator fields to custom fields --- index.php | 76 ++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 56 insertions(+), 20 deletions(-) diff --git a/index.php b/index.php index 4a5e409f..a674bb80 100644 --- a/index.php +++ b/index.php @@ -436,7 +436,13 @@ function print_add_ticket() { if ($v['use']==1 && $v['place']==0 && hesk_is_custom_field_in_category($k, $category) ) { - $v['req'] = $v['req'] ? '*' : ''; + if ($v['req']) { + $v['req']= '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } if ($v['type'] == 'checkbox') { @@ -479,9 +485,10 @@ function print_add_ticket() $checked = ''; } - echo '
    '; + echo '
    '; } echo ' +
    '; break; @@ -495,7 +502,7 @@ function print_add_ticket()
    - '; // Show "Click to select"? if ( ! empty($v['value']['show_select'])) { @@ -518,6 +525,7 @@ function print_add_ticket() } echo ' +
    '; break; @@ -541,9 +549,11 @@ function print_add_ticket() $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    + echo ' +
    +
    '; break; @@ -555,20 +565,26 @@ function print_add_ticket()
    - + +
    '; break; // Date case 'date': + if ($required_attribute != '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; + } + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo '
    - + +
    '; break; @@ -583,7 +599,8 @@ function print_add_ticket()
    - + +
    '; @@ -611,7 +628,7 @@ function print_add_ticket()
    - +
    '; break; @@ -629,7 +646,8 @@ function print_add_ticket()
    - + +
    '; } @@ -744,7 +762,13 @@ function print_add_ticket() { if ($v['use']==1 && $v['place']==1 && hesk_is_custom_field_in_category($k, $category) ) { - $v['req'] = $v['req'] ? '*' : ''; + if ($v['req']) { + $v['req']= '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } if ($v['type'] == 'checkbox') { @@ -787,9 +811,10 @@ function print_add_ticket() $checked = ''; } - echo '
    '; + echo '
    '; } echo ' +
    '; break; @@ -803,7 +828,7 @@ function print_add_ticket()
    - '; // Show "Click to select"? if ( ! empty($v['value']['show_select'])) { @@ -826,6 +851,7 @@ function print_add_ticket() } echo ' +
    '; break; @@ -849,9 +875,11 @@ function print_add_ticket() $checked = ''; } - echo '
    '; + echo '
    '; } - echo '
    + echo ' +
    +
    '; break; @@ -863,20 +891,26 @@ function print_add_ticket()
    - + +
    '; break; // Date case 'date': + if ($required_attribute != '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; + } + $cls = in_array($k,$_SESSION['iserror']) ? 'isError' : ''; echo '
    - + +
    '; break; @@ -891,7 +925,8 @@ function print_add_ticket()
    - + +
    '; @@ -919,7 +954,7 @@ function print_add_ticket()
    - +
    '; break; @@ -937,7 +972,8 @@ function print_add_ticket()
    - + +
    '; } From 011072f4b7443efbe016774509aa2a5f598da3cd Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 15 Nov 2016 12:18:02 -0500 Subject: [PATCH 73/88] Fix footer, don't show box around 'Powered by' message --- .gitignore | 1 - admin/admin_main.php | 14 +++---- inc/footer.inc.php | 90 +++++++++++++++++++++++++++++++++++++++++ inc/headerAdmin.inc.php | 2 + 4 files changed, 97 insertions(+), 10 deletions(-) create mode 100644 inc/footer.inc.php diff --git a/.gitignore b/.gitignore index 1652cfff..866d200a 100644 --- a/.gitignore +++ b/.gitignore @@ -157,7 +157,6 @@ inc/calendar/tcal.js inc/calendar/tcal.php inc/database.inc.php inc/database_mysqli.inc.php -inc/footer.inc.php inc/htmlpurifier inc/index.htm inc/jscolor/ diff --git a/admin/admin_main.php b/admin/admin_main.php index f4e036e9..0d466735 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -104,10 +104,8 @@ else { ?>
    -
    -
    - -
    -
    + /* Clean unneeded session variables */ + hesk_cleanSessionVars('hide'); + ?> + + +
    '; +} + + +/******************************************************************************* +The code below handles HESK licensing. Removing or modifying this code without +purchasing a HESK license is strictly prohibited. + +To purchase a HESK license and support future HESK development please visit: +https://www.hesk.com/buy.php +*******************************************************************************/ +$hesk_settings['hesk_license']('HMgPSAxOw0KaWYgKGZpbGVfZXhpc3RzKEhFU0tfUEFUSCAuI +CdoZXNrX2xpY2Vuc2UucGhwJykpDQp7DQokaCA9ICghZW1wdHkoJF9TRVJWRVJbJ0hUVFBfSE9TVCddK +SkgPyAkX1NFUlZFUlsnSFRUUF9IT1NUJ10gOiAoKCFlbXB0eSgkX1NFUlZFUlsnU0VSVkVSX05BTUUnX +SkpID8gJF9TRVJWRVJbJ1NFUlZFUl9OQU1FJ10gOiBnZXRlbnYoJ1NFUlZFUl9OQU1FJykpOw0KJGggP +SBzdHJfcmVwbGFjZSgnd3d3LicsJycsc3RydG9sb3dlcigkaCkpOw0KaW5jbHVkZShIRVNLX1BBVEggL +iAnaGVza19saWNlbnNlLnBocCcpOw0KaWYgKGlzc2V0KCRoZXNrX3NldHRpbmdzWydsaWNlbnNlJ10pI +CYmIHN0cnBvcygkaGVza19zZXR0aW5nc1snbGljZW5zZSddLHNoYTEoJGguJ2gzJkZwMiNMYUEmNTkhd +yg4LlpjXSordVI1MTInKSkgIT09IGZhbHNlKQ0Kew0KJHMgPSAwOw0KfQ0KZWxzZQ0Kew0KZWNobyAnP +HAgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyO2NvbG9yOnJlZDsiPklOVkFMSUQgTElDRU5TRSAoTk9UI +FJFR0lTVEVSRUQgRk9SICcuJGguJykhPC9wPic7DQp9DQp9DQppZiAoJHMpDQp7DQplY2hvICc8cCBzd +HlsZT0idGV4dC1hbGlnbjpjZW50ZXIiPjxzcGFuIGNsYXNzPSJzbWFsbGVyIj4mbmJzcDs8YnIgLz5Qb +3dlcmVkIGJ5IDxhIGhyZWY9Imh0dHA6Ly93d3cuaGVzay5jb20iIGNsYXNzPSJzbWFsbGVyIiB0aXRsZ +T0iRnJlZSBQSFAgSGVscCBEZXNrIFNvZnR3YXJlIj5IZWxwIERlc2sgU29mdHdhcmU8L2E+IDxiPkhFU +0s8L2I+LCBicm91Z2h0IHRvIHlvdSBieSA8YSBocmVmPSJodHRwczovL3d3dy5zeXNhaWQuY29tLz91d +G1fc291cmNlPUhlc2smYW1wO3V0bV9tZWRpdW09Y3BjJmFtcDt1dG1fY2FtcGFpZ249SGVza1Byb2R1Y +3RfVG9fSFAiPlN5c0FpZDwvYT48L3NwYW4+PC9wPic7DQp9DQplY2hvICc8L3RkPjwvdHI+PC90YWJsZ +T48L2Rpdj4nOw0KaW5jbHVkZShIRVNLX1BBVEggLiAnZm9vdGVyLnR4dCcpOw0KZWNobyAnPC9ib2R5P +jwvaHRtbD4nOw==',"\112"); + +if (defined('ADMIN_PAGE')) { + echo '
    '; +} + +exit(); diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php index c53bd84f..38d38f8c 100644 --- a/inc/headerAdmin.inc.php +++ b/inc/headerAdmin.inc.php @@ -35,6 +35,8 @@ if (!defined('IN_SCRIPT')) { die('Invalid attempt'); } +define('ADMIN_PAGE', true); + $modsForHesk_settings = mfh_getSettings(); ?> From 8c596538e2318806c83340f7dfa1ba5a3ada2549 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 15 Nov 2016 12:29:05 -0500 Subject: [PATCH 74/88] Fix 'Click to view ticket' when submitting ticket --- inc/common.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/common.inc.php b/inc/common.inc.php index de31a962..b12359ad 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -425,7 +425,7 @@ function hesk_getCustomerEmail($can_remember = 0, $field = '') if (isset($_GET['e']) || isset($_POST['e'])) { $my_email = hesk_validateEmail(hesk_REQUEST('e'), 'ERR', 0); } /* Is email in cookie? */ - elseif ( isset($_GET['e']) || isset($_POST['e']) ) { + elseif (isset($_COOKIE['hesk_myemail'])) { $my_email = hesk_validateEmail(hesk_COOKIE('hesk_myemail'), 'ERR', 0); if ($can_remember && $my_email) { $do_remember = ' checked="checked" '; From 99b88ed0b383712714da624326d27505d226de09 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 15 Nov 2016 12:31:01 -0500 Subject: [PATCH 75/88] Fix breadcrumb on admin create ticket --- admin/new_ticket.php | 1 + 1 file changed, 1 insertion(+) diff --git a/admin/new_ticket.php b/admin/new_ticket.php index 7fe6d350..685f19b4 100644 --- a/admin/new_ticket.php +++ b/admin/new_ticket.php @@ -163,6 +163,7 @@ $show_quick_help = $show['show'];
    • 1): ?>
    • +
    • From a186ef7eed278cb3e4fa21b57819f6515ddbfecc Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 15 Nov 2016 12:34:31 -0500 Subject: [PATCH 76/88] Add require owner field on settings page --- admin/admin_settings.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 63e291b0..921c0377 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -958,6 +958,22 @@ $modsForHesk_settings = mfh_getSettings(); ?>
    +
    + + +
    +
        +
    '; + ?> +
    +
    -
    - - -
    - - -
    -
    Date: Tue, 15 Nov 2016 12:58:47 -0500 Subject: [PATCH 79/88] Restyled edit user page --- admin/manage_users.php | 43 +++++++++++++++++++++--------------------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/admin/manage_users.php b/admin/manage_users.php index 07a7b555..7adc89c7 100644 --- a/admin/manage_users.php +++ b/admin/manage_users.php @@ -79,7 +79,6 @@ $default_userdata = array( // Preferences 'afterreply' => 0, - 'autorefresh' => 0, // Defaults 'autostart' => 1, @@ -457,27 +456,29 @@ function edit_user()
    • -
    -
    - - -

    -
    *
    - -
    - - - - - +
    +
    +
    +

    + ' . $_SESSION['original_user'] . ''; ?> +

    +
    +
    + +
    *
    +
    + +
    + +
    -
    + Date: Tue, 15 Nov 2016 21:50:30 -0500 Subject: [PATCH 80/88] Don't show home and ticket tabs when helpdesk in KB-only mode --- inc/header.inc.php | 51 +++++++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/inc/header.inc.php b/inc/header.inc.php index cefb2cc9..09810309 100644 --- a/inc/header.inc.php +++ b/inc/header.inc.php @@ -283,33 +283,38 @@ if ($modsForHesk_settings['show_icons']) {
      -
    • >>  -
      • +
    • >>  +
      • + +
    • + >  + + +
      • -
    • - >  - - -
      • + Date: Tue, 15 Nov 2016 22:00:05 -0500 Subject: [PATCH 81/88] Don't show header items during maintenance mode --- inc/header.inc.php | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/inc/header.inc.php b/inc/header.inc.php index 09810309..47125c57 100644 --- a/inc/header.inc.php +++ b/inc/header.inc.php @@ -40,6 +40,7 @@ if (!function_exists('mfh_getSettings')) { $modsForHesk_settings = array(); if (is_dir(HESK_PATH . 'install')) { + define('MAINTENANCE_MODE', true); $modsForHesk_settings['navbar_title_url'] = 'javascript:;'; $modsForHesk_settings['rtl'] = 0; $modsForHesk_settings['use_bootstrap_theme'] = 1; @@ -55,14 +56,14 @@ if (is_dir(HESK_PATH . 'install')) { $modsForHesk_settings['dropdownItemTextHoverColor'] = '#262626'; $modsForHesk_settings['dropdownItemTextHoverBackgroundColor'] = '#f5f5f5'; $modsForHesk_settings['questionMarkColor'] = '#000000'; + $modsForHesk_settings['enable_calendar'] = 1; } else { $modsForHesk_settings = mfh_getSettings(); } ?> - - + + <?php echo(isset($hesk_settings['tmp_title']) ? $hesk_settings['tmp_title'] : $hesk_settings['hesk_title']); ?> @@ -283,7 +284,7 @@ if ($modsForHesk_settings['show_icons']) {
        - -
      • >  @@ -338,11 +337,13 @@ if ($modsForHesk_settings['show_icons']) {
      From 267afc8c21b4ae1083c9ef07d83ddd516613c9ec Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 16 Nov 2016 13:21:26 -0500 Subject: [PATCH 82/88] Add validation to edit post --- admin/edit_post.php | 255 ++++++++++++++++++++++++++++---------------- 1 file changed, 161 insertions(+), 94 deletions(-) diff --git a/admin/edit_post.php b/admin/edit_post.php index a3b7b202..779c8400 100644 --- a/admin/edit_post.php +++ b/admin/edit_post.php @@ -31,6 +31,7 @@ define('IN_SCRIPT', 1); define('HESK_PATH', '../'); define('WYSIWYG', 1); +define('VALIDATOR', 1); /* Get all the required files and functions */ require(HESK_PATH . 'hesk_settings.inc.php'); @@ -149,12 +150,20 @@ if (isset($_POST['save'])) { // Custom fields foreach ($hesk_settings['custom_fields'] as $k=>$v) { if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + if ($v['req'] == 2) { + $v['req'] = '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } + if ($v['type'] == 'checkbox') { $tmpvar[$k]=''; if (isset($_POST[$k]) && is_array($_POST[$k])) { foreach ($_POST[$k] as $myCB) { - $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '
      ';; + $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '
      '; } $tmpvar[$k]=substr($tmpvar[$k],0,-6); } else { @@ -280,14 +289,21 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    -
    + + >
    - +
    '; } ?>
    - + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } + ?> +
    - +
    + placeholder="" + data-error="" + required>
    - + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } + ?> +
    + placeholder="" + > +
    $v) { - if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) { - $k_value = $ticket[$k]; + foreach ($hesk_settings['custom_fields'] as $k => $v) { + if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) { + $k_value = $ticket[$k]; if ($v['type'] == 'checkbox') { - $k_value = explode('
    ',$k_value); + $k_value = explode('
    ', $k_value); } - $v['req'] = $v['req']==2 ? '*' : ''; + if ($v['req'] == 2) { + $v['req'] = '*'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } else { + $v['req'] = ''; + $required_attribute = ''; + } switch ($v['type']) { /* Radio box */ case 'radio': - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo ' -
    - +
    +
    '; - foreach ($v['value']['radio_options'] as $option) { - if (strlen($k_value) == 0) { - $k_value = $option; - $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; - } elseif ($k_value == $option) { - $k_value = $option; - $checked = 'checked="checked"'; - } else { - $checked = ''; - } - - echo '
    '; - } - echo '
    + foreach ($v['value']['radio_options'] as $option) { + if (strlen($k_value) == 0) { + $k_value = $option; + $checked = empty($v['value']['no_default']) ? 'checked="checked"' : ''; + } elseif ($k_value == $option) { + $k_value = $option; + $checked = 'checked="checked"'; + } else { + $checked = ''; + } + + echo '
    '; + } + echo '
    '; break; @@ -365,96 +411,105 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); /* Select drop-down box */ case 'select': - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo '
    - +
    - '; + // Show "Click to select"? + if (!empty($v['value']['show_select'])) { + echo ''; } - echo ''; - } + foreach ($v['value']['select_options'] as $option) { + if ($k_value == $option) { + $k_value = $option; + $selected = 'selected'; + } else { + $selected = ''; + } - echo ' + echo ''; + } + + echo ' +
    '; break; /* Checkbox */ case 'checkbox': - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo ' -
    - +
    +
    '; - foreach ($v['value']['checkbox_options'] as $option) { - if (in_array($option,$k_value)) { - $checked = 'checked'; - } else { - $checked = ''; - } - - echo '
    '; - } - echo '
    + foreach ($v['value']['checkbox_options'] as $option) { + if (in_array($option, $k_value)) { + $checked = 'checked'; + } else { + $checked = ''; + } + + echo '
    '; + } + echo '
    +
    '; break; /* Large text box */ case 'textarea': - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; - $k_value = hesk_msgToPlain($k_value,0,0); + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; + $k_value = hesk_msgToPlain($k_value, 0, 0); echo ' -
    - +
    +
    - + +
    '; break; // Date case 'date': - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; + if ($required_attribute !== '') { + $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"'; + } + + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; $k_value = hesk_custom_date_display_format($k_value, 'Y-m-d'); echo ' -
    - +
    +
    - + +
    '; break; // Email case 'email': - $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; - $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\''.$k.'\', \''.$k.'_suggestions\', 0, 1'.($v['value']['multiple'] ? ',1' : '').')"' : ''; + $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\'' . $k . '\', \'' . $k . '_suggestions\', 0, 1' . ($v['value']['multiple'] ? ',1' : '') . ')"' : ''; echo ' -
    - +
    +
    - + +
    -
    +
    '; break; @@ -467,37 +522,46 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $v['value']['default_value'] = $k_value; } - $cls = in_array($k,$_SESSION['iserror']) ? ' isError' : ''; + $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : ''; echo ' -
    - +
    +
    - + +
    '; } } } - ?> + } ?> +
    + *'; + $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required'; + } - -
    - + ?> + -
    - - -
    -
    +
    + + +
    +
    +
    - + +
    + + '; + } - +
    +
    + + diff --git a/admin/show_tickets.php b/admin/show_tickets.php index f0c0e3a9..caa22758 100644 --- a/admin/show_tickets.php +++ b/admin/show_tickets.php @@ -93,32 +93,28 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>
    -
    -
    - -
    -
    + /* Clean unneeded session variables */ + hesk_cleanSessionVars('hide'); + ?> - data-error="" - required> -
    + } ?>>
    @@ -515,7 +512,7 @@ $more2 = empty($_GET['more2']) ? 0 : 1; :   -
    Date: Wed, 16 Nov 2016 20:46:14 -0500 Subject: [PATCH 88/88] Add admin color scheme setting --- admin/admin_settings.php | 82 ++++++++++++++++++++++++++++------- admin/admin_settings_save.php | 2 + inc/headerAdmin.inc.php | 47 +------------------- 3 files changed, 70 insertions(+), 61 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 921c0377..1f003357 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -3487,7 +3487,28 @@ $modsForHesk_settings = mfh_getSettings();
    -

    +

    Common Properties

    +
    +
    +
    + + +
    + +
    +
    +
    +
    + +

    Customer View

    @@ -3650,40 +3671,71 @@ $modsForHesk_settings = mfh_getSettings();
    +
    +
    -
    - +
    +

    Admin Panel

    -
    +
    -
    diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index a3c74d3a..3661d17c 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -513,6 +513,7 @@ $set['dropdownItemTextColor'] = hesk_input(hesk_POST('dropdownItemTextColor')); $set['dropdownItemTextHoverColor'] = hesk_input(hesk_POST('dropdownItemTextHoverColor')); $set['questionMarkColor'] = hesk_input(hesk_POST('questionMarkColor')); $set['dropdownItemTextHoverBackgroundColor'] = hesk_input(hesk_POST('dropdownItemTextHoverBackgroundColor')); +$set['admin_color_scheme'] = hesk_input(hesk_POST('admin-color-scheme')); mfh_updateSetting('rtl', $set['rtl']); mfh_updateSetting('show_icons', $set['show-icons']); mfh_updateSetting('custom_field_setting', $set['custom-field-setting']); @@ -549,6 +550,7 @@ mfh_updateSetting('use_mailgun', $set['use_mailgun'], false); mfh_updateSetting('enable_calendar', $set['enable_calendar'], false); mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false); mfh_updateSetting('default_calendar_view', $set['default_view'], true); +mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true); // Prepare settings file and save it $settings_file_content = '