diff --git a/.gitignore b/.gitignore
index a52b3901..c9c52d4d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -277,4 +277,3 @@ rate.php
readme.html
reply_ticket.php
robots.txt
-submit_ticket.php
diff --git a/index.php b/index.php
index 33d038ce..e3721e16 100644
--- a/index.php
+++ b/index.php
@@ -820,7 +820,7 @@ function print_start()
if ($hesk_settings['alink'])
{
?>
-
-
-
- |
- |
- |
-
-
- |
-
-
-
-
-
-
-
-
-
- |
- |
-
-
- |
- |
- |
-
-
-
is_valid)
+ {
+ $_SESSION['img_verified']=true;
+ }
+ else
+ {
+ $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error'];
+ }
+ }
+ // Using PHP generated image
+ else
+ {
+ $mysecnum = intval( hesk_POST('mysecnum', 0) );
+
+ if ( empty($mysecnum) )
+ {
+ $hesk_error_buffer['mysecnum']=$hesklang['sec_miss'];
+ }
+ else
+ {
+ require(HESK_PATH . 'inc/secimg.inc.php');
+ $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);
+ if ( isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum']) )
+ {
+ $_SESSION['img_verified']=true;
+ }
+ else
+ {
+ $hesk_error_buffer['mysecnum']=$hesklang['sec_wrng'];
+ }
+ }
+ }
+}
+
+$tmpvar['name'] = hesk_input( hesk_POST('name') ) or $hesk_error_buffer['name']=$hesklang['enter_your_name'];
+$tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
+
+if ($hesk_settings['confirm_email'])
+{
+ $tmpvar['email2'] = hesk_input( hesk_POST('email2') ) or $hesk_error_buffer['email2']=$hesklang['confemail2'];
+
+ if (strlen($tmpvar['email2']) && ( strtolower($tmpvar['email']) != strtolower($tmpvar['email2']) ))
+ {
+ $tmpvar['email2'] = '';
+ $_POST['email2'] = '';
+ $_SESSION['c_email2'] = '';
+ $_SESSION['isnotice'][] = 'email';
+ $hesk_error_buffer['email2']=$hesklang['confemaile'];
+ }
+ else
+ {
+ $_SESSION['c_email2'] = $_POST['email2'];
+ }
+}
+
+$tmpvar['category'] = intval( hesk_POST('category') ) or $hesk_error_buffer['category']=$hesklang['sel_app_cat'];
+$tmpvar['priority'] = $hesk_settings['cust_urgency'] ? intval( hesk_POST('priority') ) : 3;
+
+// Is priority a valid choice?
+if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3)
+{
+ $hesk_error_buffer['priority'] = $hesklang['sel_app_priority'];
+}
+
+$tmpvar['subject'] = hesk_input( hesk_POST('subject') ) or $hesk_error_buffer['subject']=$hesklang['enter_ticket_subject'];
+$tmpvar['message'] = hesk_input( hesk_POST('message') ) or $hesk_error_buffer['message']=$hesklang['enter_message'];
+
+// Is category a valid choice?
+if ($tmpvar['category'])
+{
+ hesk_verifyCategory();
+
+ // Is auto-assign of tickets disabled in this category?
+ if ( empty($hesk_settings['category_data'][$tmpvar['category']]['autoassign']) )
+ {
+ $hesk_settings['autoassign'] = false;
+ }
+}
+
+// Custom fields
+foreach ($hesk_settings['custom_fields'] as $k=>$v)
+{
+ if ($v['use'])
+ {
+ if ($v['type'] == 'checkbox')
+ {
+ $tmpvar[$k]='';
+
+ if (isset($_POST[$k]))
+ {
+ if (is_array($_POST[$k]))
+ {
+ foreach ($_POST[$k] as $myCB)
+ {
+ $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . ' ';;
+ }
+ $tmpvar[$k]=substr($tmpvar[$k],0,-6);
+ }
+ }
+ else
+ {
+ if ($v['req'])
+ {
+ $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
+ }
+ $_POST[$k] = '';
+ }
+ }
+ elseif ($v['req'])
+ {
+ $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
+ if (!strlen($tmpvar[$k]))
+ {
+ $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
+ }
+ }
+ else
+ {
+ $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
+ }
+ $_SESSION["c_$k"]=hesk_POST($k);
+ }
+ else
+ {
+ $tmpvar[$k] = '';
+ }
+}
+
+// Check maximum open tickets limit
+$below_limit = true;
+if ($hesk_settings['max_open'] && ! isset($hesk_error_buffer['email']) )
+{
+ $res = hesk_dbQuery("SELECT COUNT(*) FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `status` IN ('0', '1', '2', '4', '5') AND " . hesk_dbFormatEmail($tmpvar['email']));
+ $num = hesk_dbResult($res);
+
+ if ($num >= $hesk_settings['max_open'])
+ {
+ $hesk_error_buffer = array( 'max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']) );
+ $below_limit = false;
+ }
+}
+
+// If we reached max tickets let's save some resources
+if ($below_limit)
+{
+ // Generate tracking ID
+ $tmpvar['trackid'] = hesk_createID();
+
+ // Attachments
+ if ($hesk_settings['attachments']['use'])
+ {
+ require_once(HESK_PATH . 'inc/attachments.inc.php');
+
+ $attachments = array();
+ $trackingID = $tmpvar['trackid'];
+
+ for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++)
+ {
+ $att = hesk_uploadFile($i);
+ if ($att !== false && ! empty($att) )
+ {
+ $attachments[$i] = $att;
+ }
+ }
+ }
+ $tmpvar['attachments'] = '';
+}
+
+// If we have any errors lets store info in session to avoid re-typing everything
+if (count($hesk_error_buffer))
+{
+ $_SESSION['iserror'] = array_keys($hesk_error_buffer);
+
+ $_SESSION['c_name'] = hesk_POST('name');
+ $_SESSION['c_email'] = hesk_POST('email');
+ $_SESSION['c_category'] = hesk_POST('category');
+ $_SESSION['c_priority'] = hesk_POST('priority');
+ $_SESSION['c_subject'] = hesk_POST('subject');
+ $_SESSION['c_message'] = hesk_POST('message');
+
+ $tmp = '';
+ foreach ($hesk_error_buffer as $error)
+ {
+ $tmp .= "$error\n";
+ }
+
+ // Remove any successfully uploaded attachments
+ if ($below_limit && $hesk_settings['attachments']['use'])
+ {
+ hesk_removeAttachments($attachments);
+ }
+
+ $hesk_error_buffer = $hesklang['pcer'] . '
';
+ hesk_process_messages($hesk_error_buffer, 'index.php?a=add');
+}
+
+$tmpvar['message']=hesk_makeURL($tmpvar['message']);
+$tmpvar['message']=nl2br($tmpvar['message']);
+
+// All good now, continue with ticket creation
+$tmpvar['owner'] = 0;
+$tmpvar['history'] = sprintf($hesklang['thist15'], hesk_date(), $tmpvar['name']);
+
+// Auto assign tickets if aplicable
+$autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
+if ($autoassign_owner)
+{
+ $tmpvar['owner'] = $autoassign_owner['id'];
+ $tmpvar['history'] .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'].' ('.$autoassign_owner['user'].')');
+}
+
+// Insert attachments
+if ($hesk_settings['attachments']['use'] && ! empty($attachments) )
+{
+ foreach ($attachments as $myatt)
+ {
+ hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($tmpvar['trackid'])."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
+ $tmpvar['attachments'] .= hesk_dbInsertID() . '#' . $myatt['real_name'] .',';
+ }
+}
+
+// Insert ticket to database
+$ticket = hesk_newTicket($tmpvar);
+
+// Notify the customer
+hesk_notifyCustomer();
+
+// Need to notify staff?
+// --> From autoassign?
+if ($tmpvar['owner'] && $autoassign_owner['notify_assigned'])
+{
+ hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you');
+}
+// --> No autoassign, find and notify appropriate staff
+elseif ( ! $tmpvar['owner'] )
+{
+ hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' ");
+}
+
+// Next ticket show suggested articles again
+$_SESSION['ARTICLES_SUGGESTED']=false;
+$_SESSION['already_submitted']=1;
+
+// Need email to view ticket? If yes, remember it by default
+if ($hesk_settings['email_view_ticket'])
+{
+ setcookie('hesk_myemail', $tmpvar['email'], strtotime('+1 year'));
+}
+
+// Unset temporary variables
+unset($tmpvar);
+hesk_cleanSessionVars('tmpvar');
+hesk_cleanSessionVars('c_category');
+hesk_cleanSessionVars('c_priority');
+hesk_cleanSessionVars('c_subject');
+hesk_cleanSessionVars('c_message');
+hesk_cleanSessionVars('c_question');
+hesk_cleanSessionVars('img_verified');
+
+// Print header
+require_once(HESK_PATH . 'inc/header.inc.php');
+
+?>
+
+
+
+
+
+
+
+
+ ' .
+ $hesklang['ticket_submitted_success'] . ': ' . $ticket['trackid'] . '
+ ' . $hesklang['view_your_ticket'] . ''
+
+ );
+
+ // Any other messages to display?
+ hesk_handle_messages();
+ ?>
+
+
+
+
+
+
+
+
+ .
+
+
+
|