diff --git a/.gitignore b/.gitignore
index c56ef81c..ea3bb573 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,9 +1,7 @@
-admin/admin_reply_ticket.php
admin/admin_settings_save.php
admin/admin_suggest_articles.php
admin/archive.php
admin/assign_owner.php
-admin/change_status.php
admin/delete_tickets.php
admin/generate_spam_question.php
admin/lock.php
@@ -12,7 +10,6 @@ admin/options.php
admin/priority.php
admin/test_connection.php
attachments/index.htm
-change_status.php
docs/changelog.html
docs/docs_style.css
docs/index.html
diff --git a/admin/admin_reply_ticket.php b/admin/admin_reply_ticket.php
new file mode 100644
index 00000000..7b87cead
--- /dev/null
+++ b/admin/admin_reply_ticket.php
@@ -0,0 +1,307 @@
+ tags
+ $message = nl2br($message);
+}
+else
+{
+ $hesk_error_buffer[] = $hesklang['enter_message'];
+}
+
+/* Attachments */
+if ($hesk_settings['attachments']['use'])
+{
+ require(HESK_PATH . 'inc/attachments.inc.php');
+ $attachments = array();
+ for ($i=1;$i<=$hesk_settings['attachments']['max_number'];$i++)
+ {
+ $att = hesk_uploadFile($i);
+ if ($att !== false && !empty($att))
+ {
+ $attachments[$i] = $att;
+ }
+ }
+}
+$myattachments='';
+
+/* Time spent working on ticket */
+$time_worked = hesk_getTime(hesk_POST('time_worked'));
+
+/* Any errors? */
+if (count($hesk_error_buffer)!=0)
+{
+ $_SESSION['ticket_message'] = hesk_POST('message');
+ $_SESSION['time_worked'] = $time_worked;
+
+ // Remove any successfully uploaded attachments
+ if ($hesk_settings['attachments']['use'])
+ {
+ hesk_removeAttachments($attachments);
+ }
+
+ $tmp = '';
+ foreach ($hesk_error_buffer as $error)
+ {
+ $tmp .= "$error \n";
+ }
+ $hesk_error_buffer = $tmp;
+
+ $hesk_error_buffer = $hesklang['pcer'].''.$hesklang['critical'].' ',
+ 1 => ''.$hesklang['high'].' ',
+ 2 => ''.$hesklang['medium'].' ',
+ 3 => $hesklang['low']
+ );
+
+ $revision = sprintf($hesklang['thist8'],hesk_date(),$options[$priority],$_SESSION['name'].' ('.$_SESSION['user'].')');
+
+ $priority_sql = ",`priority`='$priority', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') ";
+}
+else
+{
+ $priority_sql = "";
+}
+
+/* Update the original ticket */
+$defaultStatusReplyStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsDefaultStaffReplyStatus` = 1 LIMIT 1"));
+$staffClosedCheckboxStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsStaffClosedCheckbox` = 1 LIMIT 1"));
+$lockedTicketStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `LockedTicketStatus` = 1 LIMIT 1"));
+
+$new_status = empty($_POST['close']) ? $defaultStatusReplyStatus['ID'] : $staffClosedCheckboxStatus['ID'];
+
+/* --> If a ticket is locked keep it closed */
+if ($ticket['locked'])
+{
+ $new_status = $lockedTicketStatus['ID'];
+}
+
+$sql = "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `status`='{$new_status}', `lastreplier`='1', `replierid`='".intval($_SESSION['id'])."' ";
+
+/* Update time_worked or force update lastchange */
+if ($time_worked == '00:00:00')
+{
+ $sql .= ", `lastchange` = NOW() ";
+}
+else
+{
+ $sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
+}
+
+if ( ! empty($_POST['assign_self']) && hesk_checkPermission('can_assign_self',0))
+{
+ $revision = sprintf($hesklang['thist2'],hesk_date(),$_SESSION['name'].' ('.$_SESSION['user'].')',$_SESSION['name'].' ('.$_SESSION['user'].')');
+ $sql .= " , `owner`=".intval($_SESSION['id']).", `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') ";
+}
+
+$sql .= " $priority_sql ";
+
+
+$isNewStatusClosed = empty($_POST['close']) ? $defaultStatusReplyStatus['IsClosed'] : $staffClosedCheckboxStatus['IsClosed'];
+if ($isNewStatusClosed)
+{
+ $revision = sprintf($hesklang['thist3'],hesk_date(),$_SESSION['name'].' ('.$_SESSION['user'].')');
+ $sql .= " , `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') ";
+
+ if ($hesk_settings['custopen'] != 1)
+ {
+ $sql .= " , `locked`='1' ";
+ }
+}
+$sql .= " WHERE `id`='{$replyto}' LIMIT 1";
+hesk_dbQuery($sql);
+unset($sql);
+
+/* Update number of replies in the users table */
+hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `replies`=`replies`+1 WHERE `id`='".intval($_SESSION['id'])."' LIMIT 1");
+
+// --> Prepare reply message
+
+// 1. Generate the array with ticket info that can be used in emails
+$info = array(
+'email' => $ticket['email'],
+'category' => $ticket['category'],
+'priority' => $ticket['priority'],
+'owner' => $ticket['owner'],
+'trackid' => $ticket['trackid'],
+'status' => $new_status,
+'name' => $ticket['name'],
+'lastreplier' => $_SESSION['name'],
+'subject' => $ticket['subject'],
+'message' => stripslashes($message),
+'attachments' => $myattachments,
+'dt' => hesk_date($ticket['dt']),
+'lastchange' => hesk_date($ticket['lastchange']),
+);
+
+// 2. Add custom fields to the array
+foreach ($hesk_settings['custom_fields'] as $k => $v)
+{
+ $info[$k] = $v['use'] ? $ticket[$k] : '';
+}
+
+// 3. Make sure all values are properly formatted for email
+$ticket = hesk_ticketToPlain($info, 1, 0);
+
+// Notify the customer
+if ( ! isset($_POST['no_notify']) || intval( hesk_POST('no_notify') ) != 1)
+{
+ hesk_notifyCustomer('new_reply_by_staff');
+}
+
+/* Set reply submitted message */
+$_SESSION['HESK_SUCCESS'] = TRUE;
+$_SESSION['HESK_MESSAGE'] = $hesklang['reply_submitted'];
+if (!empty($_POST['close']))
+{
+ $_SESSION['HESK_MESSAGE'] .= ''.$hesklang['closed'].' ';
+}
+
+/* What to do after reply? */
+if ($_SESSION['afterreply'] == 1)
+{
+ header('Location: admin_main.php');
+}
+elseif ($_SESSION['afterreply'] == 2)
+{
+ /* Get the next open ticket that needs a reply */
+ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` IN ('0','".intval($_SESSION['id'])."') AND " . hesk_myCategories() . " AND `status` IN ('0','1') ORDER BY `owner` DESC, `priority` ASC LIMIT 1");
+
+ if (hesk_dbNumRows($res) == 1)
+ {
+ $row = hesk_dbFetchAssoc($res);
+ $_SESSION['HESK_MESSAGE'] .= ''.$hesklang['status'].'
';
+ $status_options = array();
+ $results = hesk_dbQuery("SELECT `ID`, `ShortNameContentKey` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses`");
+ while ($row = $results->fetch_assoc())
+ {
+ $status_options[$row['ID']] = ''.$hesklang[$row['ShortNameContentKey']].' ';
+ }
- $status_options = array(
- 0 => ''.$hesklang['open'].' ',
- 1 => ''.$hesklang['wait_reply'].' ',
- 2 => ''.$hesklang['replied'].' ',
- 4 => ''.$hesklang['in_progress'].' ',
- 5 => ''.$hesklang['on_hold'].' ',
- 3 => ''.$hesklang['closed'].' ',
- );
-
- switch ($ticket['status'])
- {
- case 0:
- echo ''.$hesklang['open'].'
';
- break;
- case 1:
- echo ''.$hesklang['wait_staff_reply'].'
';
- break;
- case 2:
- echo ''.$hesklang['wait_cust_reply'].'
';
- break;
- case 4:
- echo ''.$hesklang['in_progress'].'
';
- break;
- case 5:
- echo ''.$hesklang['on_hold'].'
';
- break;
- default:
- echo ''.$hesklang['closed'].'
';
- } echo ''.$hesklang[$ticketStatus['TicketViewContentKey']].'
';
+ echo '