From dd958b694604037d10c5a0823a5bc94aacba957c Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 14 Jan 2015 16:57:20 -0500
Subject: [PATCH] #110 Update Service Messages page

---
 admin/service_messages.php | 653 +++++++++++++++++++++++++++++++++++++
 inc/common.inc.php         |  17 +-
 inc/show_admin_nav.inc.php |   4 +-
 3 files changed, 666 insertions(+), 8 deletions(-)
 create mode 100644 admin/service_messages.php

diff --git a/admin/service_messages.php b/admin/service_messages.php
new file mode 100644
index 00000000..40939492
--- /dev/null
+++ b/admin/service_messages.php
@@ -0,0 +1,653 @@
+<?php
+/*******************************************************************************
+*  Title: Help Desk Software HESK
+*  Version: 2.6.0 beta 1 from 30th December 2014
+*  Author: Klemen Stirn
+*  Website: http://www.hesk.com
+********************************************************************************
+*  COPYRIGHT AND TRADEMARK NOTICE
+*  Copyright 2005-2014 Klemen Stirn. All Rights Reserved.
+*  HESK is a registered trademark of Klemen Stirn.
+
+*  The HESK may be used and modified free of charge by anyone
+*  AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
+*  By using this code you agree to indemnify Klemen Stirn from any
+*  liability that might arise from it's use.
+
+*  Selling the code for this program, in part or full, without prior
+*  written consent is expressly forbidden.
+
+*  Using this code, in part or full, to create derivate work,
+*  new scripts or products is expressly forbidden. Obtain permission
+*  before redistributing this software over the Internet or in
+*  any other medium. In all cases copyright and header must remain intact.
+*  This Copyright is in full effect in any country that has International
+*  Trade Agreements with the United States of America or
+*  with the European Union.
+
+*  Removing any of the copyright notices without purchasing a license
+*  is expressly forbidden. To remove HESK copyright notice you must purchase
+*  a license for this script. For more information on how to obtain
+*  a license please visit the page below:
+*  https://www.hesk.com/buy.php
+*******************************************************************************/
+
+define('IN_SCRIPT',1);
+define('HESK_PATH','../');
+
+/* Get all the required files and functions */
+require(HESK_PATH . 'hesk_settings.inc.php');
+require(HESK_PATH . 'inc/common.inc.php');
+require(HESK_PATH . 'inc/admin_functions.inc.php');
+hesk_load_database_functions();
+
+hesk_session_start();
+hesk_dbConnect();
+hesk_isLoggedIn();
+
+/* Check permissions for this feature */
+hesk_checkPermission('can_service_msg');
+
+// Define required constants
+define('LOAD_TABS',1);
+define('WYSIWYG',1);
+
+// What should we do?
+if ( $action = hesk_REQUEST('a') )
+{
+	if ($action == 'edit_sm') {edit_sm();}
+	elseif ( defined('HESK_DEMO') ) {hesk_process_messages($hesklang['ddemo'], 'service_messages.php', 'NOTICE');}
+	elseif ($action == 'new_sm') {new_sm();}
+	elseif ($action == 'save_sm') {save_sm();}
+	elseif ($action == 'order_sm') {order_sm();}
+	elseif ($action == 'remove_sm') {remove_sm();}
+}
+
+/* Print header */
+require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
+
+/* Print main manage users page */
+require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
+?>
+
+<div class="row" style="padding: 20px">
+    <ul class="nav nav-tabs" role="tablist">
+        <?php
+        // Show a link to banned_emails.php if user has permission to do so
+        if ( hesk_checkPermission('can_ban_emails',0) )
+        {
+            echo '
+            <li role="presentation">
+                <a title="' . $hesklang['banemail'] . '" href="banned_emails.php">'.$hesklang['banemail'].'</a>
+            </li>';
+        }
+        if ( hesk_checkPermission('can_ban_ips',0) )
+        {
+            echo '
+            <li role="presentation">
+                <a title="' . $hesklang['banip'] . '" href="banned_ips.php">'.$hesklang['banip'].'</a>
+            </li>';
+        }
+        ?>
+        <li role="presentation" class="active">
+            <a href="#"><?php echo $hesklang['sm_title']; ?> <i class="fa fa-question-circle settingsquestionmark" onclick="javascript:alert('<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>')"></i></a>
+        </li>
+    </ul>
+    <div class="tab-content summaryList tabPadding">
+        <script language="javascript" type="text/javascript"><!--
+            function confirm_delete()
+            {
+                if (confirm('<?php echo hesk_makeJsString($hesklang['delban_confirm']); ?>')) {return true;}
+                else {return false;}
+            }
+            //-->
+        </script>
+        <div class="row">
+            <?php
+            /* This will handle error, success and notice messages */
+            hesk_handle_messages();
+
+            if ( isset($_SESSION['new_sm']) )
+            {
+                $_SESSION['new_sm'] = hesk_stripArray($_SESSION['new_sm']);
+            }
+
+            if ( isset($_SESSION['preview_sm']) )
+            {
+                hesk_service_message($_SESSION['new_sm']);
+            }
+
+            if ($hesk_settings['kb_wysiwyg'])
+            {
+                ?>
+                <script type="text/javascript">
+                    tinyMCE.init({
+                        mode : "exact",
+                        elements : "content",
+                        theme : "advanced",
+                        convert_urls : false,
+                        gecko_spellcheck: true,
+
+                        theme_advanced_buttons1 : "cut,copy,paste,|,undo,redo,|,formatselect,fontselect,fontsizeselect,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull",
+                        theme_advanced_buttons2 : "sub,sup,|,charmap,|,bullist,numlist,|,outdent,indent,insertdate,inserttime,preview,|,forecolor,backcolor,|,hr,removeformat,visualaid,|,link,unlink,anchor,image,cleanup,code",
+                        theme_advanced_buttons3 : "",
+
+                        theme_advanced_toolbar_location : "top",
+                        theme_advanced_toolbar_align : "left",
+                        theme_advanced_statusbar_location : "bottom",
+                        theme_advanced_resizing : true
+                    });
+                </script>
+            <?php
+            }
+            ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h4><?php echo $hesklang['ex_sm']; ?></h4>
+                </div>
+                <div class="panel-body">
+                    <?php
+
+                    // Get banned ips from database
+                    $res = hesk_dbQuery('SELECT * FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'service_messages` ORDER BY `order` ASC');
+                    $num = hesk_dbNumRows($res);
+
+                    if ($num < 1)
+                    {
+                        echo '<p>'.$hesklang['no_sm'].'</p>';
+                    }
+                    else
+                    {
+                        // List of staff
+                        if ( ! isset($admins) )
+                        {
+                            $admins = array();
+                            $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users`");
+                            while ($row=hesk_dbFetchAssoc($res2))
+                            {
+                                $admins[$row['id']]=$row['name'];
+                            }
+                        }
+
+                        ?>
+                        <table class="table table-hover">
+                            <thead>
+                                <tr>
+                                    <th><?php echo $hesklang['sm_mtitle']; ?></th>
+                                    <th><?php echo $hesklang['sm_author']; ?></th>
+                                    <th><?php echo $hesklang['sm_type']; ?></th>
+                                    <th>&nbsp;<?php echo $hesklang['opt']; ?>&nbsp;</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <?php
+                                $j = 1;
+                                $k = 1;
+
+                                while ($sm=hesk_dbFetchAssoc($res))
+                                {
+                                    $faIcon = "";
+                                    switch ($sm['style'])
+                                    {
+                                        case 1:
+                                            $sm_style = "alert alert-success";
+                                            $faIcon = "fa fa-check-circle";
+                                            break;
+                                        case 2:
+                                            $sm_style = "alert alert-info";
+                                            $faIcon = "fa fa-comment";
+                                            break;
+                                        case 3:
+                                            $sm_style = "alert alert-warning";
+                                            $faIcon = "fa fa-exclamation-triangle";
+                                            break;
+                                        case 4:
+                                            $sm_style = "alert alert-danger";
+                                            $faIcon = "fa fa-times-circle";
+                                            break;
+                                        default:
+                                            $sm_style = "none";
+                                    }
+
+                                    $type = $sm['type'] ? $hesklang['sm_draft']: $hesklang['sm_published'];
+
+                                    ?>
+                                    <tr>
+                                        <td>
+                                            <div class="<?php echo $sm_style; ?>">
+                                                <i class="<?php echo $faIcon; ?>"></i>
+                                                <b><?php echo $sm['title']; ?></b>
+                                            </div>
+                                        </td>
+                                        <td><?php echo (isset($admins[$sm['author']]) ? $admins[$sm['author']] : $hesklang['e_udel']); ?></td>
+                                        <td><?php echo $type; ?></td>
+                                        <td>
+                                            <?php
+                                            if ($num > 1)
+                                            {
+                                                if ($k == 1)
+                                                {
+                                                    ?>
+                                                    <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />
+                                                    <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
+                                                        <i class="fa fa-arrow-down" style="font-size: 16px; color: green" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
+                                                <?php
+                                                }
+                                                elseif ($k == $num)
+                                                {
+                                                    ?>
+                                                    <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
+                                                        <i class="fa fa-arrow-up" style="font-size: 16px; color: green" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
+                                                    <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />
+                                                <?php
+                                                }
+                                                else
+                                                {
+                                                    ?>
+                                                    <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
+                                                        <i class="fa fa-arrow-up" style="font-size: 16px; color: green" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
+                                                    <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
+                                                        <i class="fa fa-arrow-down" style="font-size: 16px; color: green" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
+                                                <?php
+                                                }
+                                            }
+                                            ?>
+                                            <a href="service_messages.php?a=edit_sm&amp;id=<?php echo $sm['id']; ?>">
+                                                <i class="fa fa-pencil" style="font-size: 16px;color:orange" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['edit']; ?>"></i></a>
+                                            <a href="service_messages.php?a=remove_sm&amp;id=<?php echo $sm['id']; ?>&amp;token=<?php hesk_token_echo(); ?>" onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_sm']); ?>');">
+                                                <i class="fa fa-times" style="font-size: 16px;color:red" data-toggle="tooltip" data-placement="top" data-original-title="<?php echo $hesklang['delete']; ?>"></i></a>&nbsp;</td>
+                                    </tr>
+                                    <?php
+                                    $j++;
+                                    $k++;
+                                } // End while
+
+                                ?>
+                            </tbody>
+                        </table>
+                        <div align="center">
+                            <table border="0" cellspacing="1" cellpadding="3" class="white" width="100%">
+
+
+                            </table>
+                        </div>
+                    <?php
+                    }
+
+                    ?>
+                </div>
+            </div>
+
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h4><a name="new_article"></a><?php echo $hesklang['new_sm']; ?></h4>
+                </div>
+                <div class="panel-body">
+                    <form action="service_messages.php" method="post" name="form1" role="form" class="form-horizontal">
+                        <div class="form-group">
+                            <label for="style" class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
+                            <div class="col-md-2">
+                                <div class="radio alert" style="box-shadow: none; padding: 5px; border-radius: 4px;">
+                                    <label>
+                                        <input type="radio" name="style" value="0"
+                                            <?php if (!isset($_SESSION['new_sm']['style']) || (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 0) ) {echo 'checked';} ?>>
+                                        <?php echo $hesklang['sm_none']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-2">
+                                <div class="radio alert alert-success" style="padding: 5px;">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="1"
+                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 1 ) {echo 'checked';} ?>>
+                                        <?php echo $hesklang['sm_success']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-2">
+                                <div class="radio alert alert-info" style="padding: 5px">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="2"
+                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 2) {echo 'checked';} ?>>
+                                        <?php echo $hesklang['sm_info']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-2">
+                                <div class="radio alert alert-warning" style="padding: 5px">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="3"
+                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 3) {echo 'checked';} ?>>
+                                        <?php echo $hesklang['sm_notice']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-2">
+                                <div class="radio alert alert-danger" style="padding: 5px">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="4"
+                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 4) {echo 'checked';} ?> >
+                                        <?php echo $hesklang['sm_error']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
+                            <div class="col-md-2">
+                                <div class="radio" style="padding: 5px">
+                                    <label>
+                                        <input type="radio" name="type" value="0"
+                                            <?php if (!isset($_SESSION['new_sm']['type']) || (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 0) ) {echo 'checked';} ?> >
+                                        <?php echo $hesklang['sm_published']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-2">
+                                <div class="radio" style="padding: 5px">
+                                    <label>
+                                        <input type="radio" name="type" value="1"
+                                            <?php if (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 1) {echo 'checked';} ?> >
+                                        <?php echo $hesklang['sm_draft']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <label for="title" class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
+                            <div class="col-md-10">
+                                <input class="form-control" placeholder="<?php echo $hesklang['sm_mtitle']; ?>"
+                                       type="text" name="title" size="70" maxlength="255"
+                                    <?php if (isset($_SESSION['new_sm']['title'])) {echo 'value="'.$_SESSION['new_sm']['title'].'"';} ?>>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <label for="message" class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
+                            <div class="col-md-10">
+                                <textarea placeholder="<?php echo $hesklang['sm_msg']; ?>" class="form-control" name="message" rows="25" cols="70" id="content">
+                                    <?php if (isset($_SESSION['new_sm']['message'])) {echo $_SESSION['new_sm']['message'];} ?>
+                                </textarea>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <?php echo isset($_SESSION['edit_sm']) ? '<input type="hidden" name="a" value="save_sm" /><input type="hidden" name="id" value="'.intval($_SESSION['new_sm']['id']).'" />' : '<input type="hidden" name="a" value="new_sm" />'; ?>
+                            <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>" />
+                            <div class="col-md-10 col-md-offset-2">
+                                <div class="btn-group" role="group">
+                                    <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>" class="btn btn-default">
+                                    <input type="submit" name="sm_preview" value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
+                                </div>
+                            </div>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php
+
+hesk_cleanSessionVars( array('new_sm', 'preview_sm', 'edit_sm') );
+
+require_once(HESK_PATH . 'inc/footer.inc.php');
+exit();
+
+
+/*** START FUNCTIONS ***/
+
+
+function save_sm()
+{
+	global $hesk_settings, $hesklang, $listBox;
+    global $hesk_error_buffer;
+
+	// A security check
+	# hesk_token_check('POST');
+
+    $hesk_error_buffer = array();
+
+	// Get service messageID
+	$id = intval( hesk_POST('id') ) or hesk_error($hesklang['sm_e_id']);
+
+	$style = intval( hesk_POST('style', 0) );
+	if ($style > 4 || $style < 0)
+	{
+    	$style = 0;
+	}
+
+    $type  = empty($_POST['type']) ? 0 : 1;
+    $title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
+	$message = hesk_getHTML( hesk_POST('message') );
+
+    // Any errors?
+    if (count($hesk_error_buffer))
+    {
+		$_SESSION['edit_sm'] = true;
+		$hesklang['new_sm'] = $hesklang['edit_sm'];
+
+		$_SESSION['new_sm'] = array(
+		'id' => $id,
+		'style' => $style,
+		'type' => $type,
+		'title' => $title,
+		'message' => hesk_input( hesk_POST('message') ),
+		);
+
+		$tmp = '';
+		foreach ($hesk_error_buffer as $error)
+		{
+			$tmp .= "<li>$error</li>\n";
+		}
+		$hesk_error_buffer = $tmp;
+
+    	$hesk_error_buffer = $hesklang['rfm'].'<br /><br /><ul>'.$hesk_error_buffer.'</ul>';
+    	hesk_process_messages($hesk_error_buffer,'service_messages.php');
+    }
+
+	// Just preview the message?
+	if ( isset($_POST['sm_preview']) )
+	{
+    	$_SESSION['preview_sm'] = true;
+		$_SESSION['edit_sm'] = true;
+		$hesklang['new_sm'] = $hesklang['edit_sm'];
+
+		$_SESSION['new_sm'] = array(
+		'id' => $id,
+		'style' => $style,
+		'type' => $type,
+		'title' => $title,
+		'message' => $message,
+		);
+
+		header('Location: service_messages.php');
+		exit;
+	}
+
+	// Update the service message in the database
+	hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET
+	`author` = '".intval($_SESSION['id'])."',
+	`title` = '".hesk_dbEscape($title)."',
+	`message` = '".hesk_dbEscape($message)."',
+	`style` = '{$style}',
+	`type` = '{$type}'
+	WHERE `id`={$id} LIMIT 1");
+
+    $_SESSION['smord'] = $id;
+    hesk_process_messages($hesklang['sm_mdf'],'service_messages.php','SUCCESS');
+
+} // End save_sm()
+
+
+function edit_sm()
+{
+	global $hesk_settings, $hesklang;
+
+	// Get service messageID
+	$id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
+
+	// Get details from the database
+	$res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id} LIMIT 1");
+	if ( hesk_dbNumRows($res) != 1 )
+	{
+    	hesk_error($hesklang['sm_not_found']);
+	}
+	$sm = hesk_dbFetchAssoc($res);
+
+	$_SESSION['new_sm'] = $sm;
+	$_SESSION['edit_sm'] = true;
+
+	$hesklang['new_sm'] = $hesklang['edit_sm'];
+
+} // End edit_sm()
+
+
+function order_sm()
+{
+	global $hesk_settings, $hesklang;
+
+	// A security check
+	hesk_token_check();
+
+	// Get ID and move parameters
+	$id    = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
+	$move  = intval( hesk_GET('move') );
+    $_SESSION['smord'] = $id;
+
+	// Update article details
+	hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=`order`+".intval($move)." WHERE `id`={$id} LIMIT 1");
+
+    // Update order of all service messages
+    update_sm_order();
+
+	// Finish
+	header('Location: service_messages.php');
+	exit();
+
+} // End order_sm()
+
+
+function update_sm_order()
+{
+	global $hesk_settings, $hesklang;
+
+	// Get list of current service messages
+	$res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` ASC");
+
+	// Update database
+	$i = 10;
+	while ( $sm = hesk_dbFetchAssoc($res) )
+	{
+		hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=".intval($i)." WHERE `id`='".intval($sm['id'])."' LIMIT 1");
+		$i += 10;
+	}
+
+	return true;
+
+} // END update_sm_order()
+
+
+function remove_sm()
+{
+	global $hesk_settings, $hesklang;
+
+	// A security check
+	hesk_token_check();
+
+	// Get ID
+	$id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
+
+	// Delete the service message
+    hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id} LIMIT 1");
+
+	// Were we successful?
+    if ( hesk_dbAffectedRows() == 1 )
+	{
+		hesk_process_messages($hesklang['sm_deleted'],'./service_messages.php','SUCCESS');
+	}
+	else
+	{
+		hesk_process_messages($hesklang['sm_not_found'],'./service_messages.php');
+	}
+
+} // End remove_sm()
+
+
+function new_sm()
+{
+	global $hesk_settings, $hesklang, $listBox;
+    global $hesk_error_buffer;
+
+	// A security check
+	# hesk_token_check('POST');
+
+    $hesk_error_buffer = array();
+
+	$style = intval( hesk_POST('style', 0) );
+	if ($style > 4 || $style < 0)
+	{
+    	$style = 0;
+	}
+
+    $type  = empty($_POST['type']) ? 0 : 1;
+    $title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
+	$message = hesk_getHTML( hesk_POST('message') );
+
+    // Any errors?
+    if (count($hesk_error_buffer))
+    {
+		$_SESSION['new_sm'] = array(
+		'style' => $style,
+		'type' => $type,
+		'title' => $title,
+		'message' => hesk_input( hesk_POST('message') ),
+		);
+
+		$tmp = '';
+		foreach ($hesk_error_buffer as $error)
+		{
+			$tmp .= "<li>$error</li>\n";
+		}
+		$hesk_error_buffer = $tmp;
+
+    	$hesk_error_buffer = $hesklang['rfm'].'<br /><br /><ul>'.$hesk_error_buffer.'</ul>';
+    	hesk_process_messages($hesk_error_buffer,'service_messages.php');
+    }
+
+	// Just preview the message?
+	if ( isset($_POST['sm_preview']) )
+	{
+    	$_SESSION['preview_sm'] = true;
+
+		$_SESSION['new_sm'] = array(
+		'style' => $style,
+		'type' => $type,
+		'title' => $title,
+		'message' => $message,
+		);
+
+		header('Location: service_messages.php');
+		exit;
+	}
+
+	// Get the latest service message order
+	$res = hesk_dbQuery("SELECT `order` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` DESC LIMIT 1");
+	$row = hesk_dbFetchRow($res);
+	$my_order = intval($row[0]) + 10;
+
+    // Insert service message into database
+	hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` (`author`,`title`,`message`,`style`,`type`,`order`) VALUES (
+    '".intval($_SESSION['id'])."',
+    '".hesk_dbEscape($title)."',
+    '".hesk_dbEscape($message)."',
+    '{$style}',
+    '{$type}',
+    '{$my_order}'
+    )");
+
+    $_SESSION['smord'] = hesk_dbInsertID();
+    hesk_process_messages($hesklang['sm_added'],'service_messages.php','SUCCESS');
+
+} // End new_sm()
+
+?>
diff --git a/inc/common.inc.php b/inc/common.inc.php
index 21e399a7..b68338d7 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -65,19 +65,24 @@ hesk_getLanguage();
 
 function hesk_service_message($sm)
 {
+    $faIcon = "";
     switch ($sm['style'])
     {
         case 1:
-            $style = "success";
+            $style = "alert alert-success";
+            $faIcon = "fa fa-check-circle";
             break;
         case 2:
-            $style = "info";
+            $style = "alert alert-info";
+            $faIcon = "fa fa-comment";
             break;
         case 3:
-            $style = "notice";
+            $style = "alert alert-warning";
+            $faIcon = "fa fa-exclamation-triangle";
             break;
         case 4:
-            $style = "error";
+            $style = "alert alert-danger";
+            $faIcon = "fa fa-times-circle";
             break;
         default:
             $style = "none";
@@ -85,8 +90,8 @@ function hesk_service_message($sm)
 
     ?>
     <div class="<?php echo $style; ?>">
-        <?php echo $style == 'none' ? '' : '<img src="'.HESK_PATH.'img/'.$style.'.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> '; ?>
-        <b><?php echo $sm['title']; ?></b> <?php echo $sm['message']; ?>
+        <?php echo $style == 'none' ? '' : '<i class="'.$faIcon.'"></i> '; ?>
+        <b><?php echo $sm['title']; ?></b><?php echo $sm['message']; ?>
     </div>
     <br />
 <?php
diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php
index b85bc7a6..87069a40 100644
--- a/inc/show_admin_nav.inc.php
+++ b/inc/show_admin_nav.inc.php
@@ -102,18 +102,18 @@ $num_mail = hesk_checkNewMail();
       </div><!-- /.navbar-collapse -->
     </nav>
 
+    <div style="padding: 20px 20px 0 20px; margin-bottom: -10px">
     <?php
     // Show a notice if we are in maintenance mode
     if ( hesk_check_maintenance(false) )
     {
-        echo '<br />';
         hesk_show_notice($hesklang['mma2'], $hesklang['mma1'], false);
     }
 
     // Show a notice if we are in "Knowledgebase only" mode
     if ( hesk_check_kb_only(false) )
     {
-        echo '<br />';
         hesk_show_notice($hesklang['kbo2'], $hesklang['kbo1'], false);
     }
     ?>
+    </div>