Bläddra i källkod

#544 Start updating to HESK 2.7.3

tags/3.1.0
Mike Koch 2 år sedan
förälder
incheckning
f4dbffa7e4

+ 1
- 1
admin/admin_main.php Visa fil

@@ -116,7 +116,7 @@ else {
F9ub3RpY2UnXS4nXCcpIj4nLiRoZXNrbGFuZ1snc2gnXS4nPC9hPjwvdGQ+PC90cj48L3RhYmxlPjxwP
icuJGhlc2tsYW5nWydzdXBwb3J0X3JlbW92ZSddLicuIDxhIGhyZWY9Imh0dHBzOi8vd3d3Lmhlc2suY
29tL2J1eS5waHAiIHRhcmdldD0iX2JsYW5rIj4nLiRoZXNrbGFuZ1snY2xpY2tfaW5mbyddLic8L2E+P
C9wPic7DQp9DQo=', "\112");
C9wPjxociAvPic7DQp9DQo=', "\112");

/* Clean unneeded session variables */
hesk_cleanSessionVars('hide');

+ 6
- 0
admin/admin_settings_save.php Visa fil

@@ -758,6 +758,12 @@ if (!$pop3_OK) {
$tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['pop3e'] . ':</span> ' . $pop3_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'pop3log\')">' . $hesklang['pop3log'] . '</a><div id="pop3log" style="display:none">&nbsp;<br /><textarea name="log" rows="10" cols="60">' . $pop3_log . '</textarea></div>';
}

// Clear the cache folder
hesk_purge_cache('kb');
hesk_purge_cache('cf');
hesk_purge_cache('export', 14400);
hesk_purge_cache('status');

// Show the settings page and display any notices or success
if (count($tmp)) {
$errors = implode('<br /><br />', $tmp);

+ 3
- 3
admin/admin_submit_ticket.php Visa fil

@@ -123,9 +123,9 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) {
$tmpvar[$k] = hesk_POST($k);
$_SESSION["as_$k"] = '';
if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
$date = strtotime($tmpvar[$k] . ' t00:00:00');
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false;
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false;
$date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;

$_SESSION["as_$k"] = $tmpvar[$k];


+ 1
- 1
admin/admin_ticket.php Visa fil

@@ -1604,7 +1604,7 @@ function mfh_print_message() {
<br> <i class="fa fa-fw fa-globe" data-toggle="tooltip" title="<?php echo $hesklang['ip']; ?>"></i>
<?php
// Format IP for lookup
if ($ticket['ip'] == 'Unknown' || $ticket['ip'] == $hesklang['unknown']) {
if ($ticket['ip'] == '' || $ticket['ip'] == 'Unknown' || $ticket['ip'] == $hesklang['unknown']) {
echo $hesklang['unknown'];
} else {
echo '<a href="../ip_whois.php?ip=' . urlencode($ticket['ip']) . '">' . $ticket['ip'] . '</a>';

+ 1
- 1
admin/banned_emails.php Visa fil

@@ -239,7 +239,7 @@ function ban_email()
hesk_token_check();

// Get the email
$email = strtolower(hesk_input(hesk_REQUEST('email')));
$email = hesk_emailCleanup(strtolower(hesk_input(hesk_REQUEST('email'))));

// Nothing entered?
if (!strlen($email)) {

+ 10
- 10
admin/custom_fields.php Visa fil

@@ -732,7 +732,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$num_before = 0;
$num_after = 0;

foreach ($hesk_settings['custom_fields'] as $id => $cf) {
foreach ($hesk_settings['custom_fields'] as $tmp_id => $cf) {
if ($cf['place']) {
$num_after++;
} else {
@@ -741,8 +741,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
}

$k = 1;
foreach ($hesk_settings['custom_fields'] as $id => $cf) {
$id = intval(str_replace('custom', '', $id));
foreach ($hesk_settings['custom_fields'] as $tmp_id => $cf) {
$tmp_id = intval(str_replace('custom', '', $tmp_id));

if ($hide_up) {
$hide_up = false;
@@ -771,7 +771,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$cf['category'] = count($cf['category']) ? $hesklang['cf_cat'] : $hesklang['cf_all'];
?>
<tr>
<td><?php echo $id; ?></td>
<td><?php echo $tmp_id; ?></td>
<td><?php echo $cf['name']; ?></td>
<td><?php echo $cf['type']; ?></td>
<td><?php echo $cf['use']; ?></td>
@@ -791,33 +791,33 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
} elseif ($k == 1 || $hide_up) {
?>
<i class="fa fa-fw icon-link">&nbsp;</i>
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $id; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $tmp_id; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-down fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_dn']; ?>"></i>
</a>
<?php
} elseif ($k == $hesk_settings['num_custom_fields'] || $k == $num_before) {
?>
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $id; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $tmp_id; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-up fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
</a>
<i class="fa fa-fw icon-link">&nbsp;</i>
<?php
} else {
?>
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $id; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $tmp_id; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-up fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
</a>
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $id; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<a href="custom_fields.php?a=order_cf&amp;id=<?php echo $tmp_id; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
<i class="fa fa-arrow-down fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_dn']; ?>"></i>
</a>
<?php
}
}
?>
<a href="custom_fields.php?a=edit_cf&amp;id=<?php echo $id; ?>">
<a href="custom_fields.php?a=edit_cf&amp;id=<?php echo $tmp_id; ?>">
<i class="fa fa-pencil fa-fw icon-link orange" data-toggle="tooltip" title="<?php echo $hesklang['edit']; ?>"></i>
</a>
<a href="custom_fields.php?a=remove_cf&amp;id=<?php echo $id; ?>&amp;token=<?php hesk_token_echo(); ?>"
<a href="custom_fields.php?a=remove_cf&amp;id=<?php echo $tmp_id; ?>&amp;token=<?php hesk_token_echo(); ?>"
onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_cf']); ?>');">
<i class="fa fa-times fa-fw icon-link red" data-toggle="tooltip" title="<?php echo $hesklang['delete']; ?>"></i>
</a>

+ 87
- 6
admin/edit_post.php Visa fil

@@ -24,6 +24,8 @@ require(HESK_PATH . 'inc/admin_functions.inc.php');
require(HESK_PATH . 'inc/mail_functions.inc.php');
require(HESK_PATH . 'inc/custom_fields.inc.php');
hesk_load_database_functions();
require(HESK_PATH . 'inc/posting_functions.inc.php');
require(HESK_PATH . 'inc/view_attachment_functions.inc.php');

hesk_session_start();
hesk_dbConnect();
@@ -76,16 +78,51 @@ if (hesk_isREQUEST('reply')) {
$is_reply = 1;
}

// Count number of existing attachments for this post
$number_of_attachments = $is_reply ? hesk_countAttachments($reply['attachments']) : hesk_countAttachments($ticket['attachments']);

if (isset($_POST['save'])) {
/* A security check */
hesk_token_check('POST');

$hesk_error_buffer = array();

// Add attachments?
if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) {
require_once(HESK_PATH . 'inc/attachments.inc.php');

$attachments = array();

$use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);

if ($use_legacy_attachments) {
for ($i = $number_of_attachments + 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
$att = hesk_uploadFile($i);
if ($att !== false && !empty($att)) {
$attachments[$i] = $att;
}
}
} else {
// The user used the new drag-and-drop system.
$temp_attachment_ids = hesk_POST_array('attachment-ids');
foreach ($temp_attachment_ids as $temp_attachment_id) {
// Simply get the temp info and move it to the attachments table
$temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
$attachments[] = $temp_attachment;
mfh_deleteTemporaryAttachment($temp_attachment_id);
}
}
}

if ($is_reply) {
$tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];

if (count($hesk_error_buffer)) {
// Remove any successfully uploaded attachments
if ($hesk_settings['attachments']['use'] && isset($attachments)) {
hesk_removeAttachments($attachments);
}

$myerror = '<ul>';
foreach ($hesk_error_buffer as $error) {
$myerror .= "<li>$error</li>\n";
@@ -101,7 +138,14 @@ if (isset($_POST['save'])) {

$tmpvar['html'] = hesk_POST('html');

hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "' WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
foreach ($attachments as $myatt) {
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
}
}

hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "', `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."') WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
} else {
$tmpvar['language'] = hesk_POST('customerLanguage');
$tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
@@ -161,9 +205,9 @@ if (isset($_POST['save'])) {
$_SESSION["as_$k"] = '';

if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
$date = strtotime($tmpvar[$k] . ' t00:00:00');
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false;
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false;
$date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;

$_SESSION["as_$k"] = $tmpvar[$k];

@@ -208,6 +252,11 @@ if (isset($_POST['save'])) {
}

if (count($hesk_error_buffer)) {
// Remove any successfully uploaded attachments
if ($hesk_settings['attachments']['use'] && isset($attachments)) {
hesk_removeAttachments($attachments);
}

$myerror = '<ul>';
foreach ($hesk_error_buffer as $error) {
$myerror .= "<li>$error</li>\n";
@@ -221,6 +270,13 @@ if (isset($_POST['save'])) {
$tmpvar['message'] = nl2br($tmpvar['message']);
}

if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
foreach ($attachments as $myatt) {
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
}
}

$custom_SQL = '';
for ($i = 1; $i <= 50; $i++) {
$custom_SQL .= '`custom'.$i.'`=' . (isset($tmpvar['custom'.$i]) ? "'".hesk_dbEscape($tmpvar['custom'.$i])."'" : "''") . ',';
@@ -232,6 +288,7 @@ if (isset($_POST['save'])) {
`email`='" . hesk_dbEscape($tmpvar['email']) . "',
`subject`='" . hesk_dbEscape($tmpvar['subject']) . "',
`message`='" . hesk_dbEscape($tmpvar['message']) . "',
`attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."'),
`language`='" . hesk_dbEscape($tmpvar['language']) . "',
`html`='" . hesk_dbEscape($tmpvar['html']) . "',
$custom_SQL
@@ -278,7 +335,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$onsubmit = 'onsubmit="return validateRichText(\'message-help-block\', \'message-group\', \'message\', \''.htmlspecialchars($hesklang['this_field_is_required']).'\')"';
}
?>
<form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" <?php echo $onsubmit; ?>>
<form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" enctype="multipart/form-data" <?php echo $onsubmit; ?>>
<?php
/* If it's not a reply edit all the fields */
if (!$is_reply) {
@@ -542,6 +599,19 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="help-block with-errors" id="message-help-block"></div>
</div>
</div>
<?php if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) : ?>
<div class="form-group">
<label for="attachments" class="control-label col-sm-3"><?php echo $hesklang['attachments']; ?>:</label>

<div class="col-sm-9">
<?php build_dropzone_markup(true, 'filedrop', $number_of_attachments + 1); ?>
</div>
</div>
<?php
display_dropzone_field($hesk_settings['hesk_url'] . '/internal-api/ticket/upload-attachment.php',
'filedrop',
$hesk_settings['attachments']['max_number'] - $number_of_attachments);
endif; ?>
<div class="form-group">
<input type="hidden" name="save" value="1">
<input type="hidden" name="track" value="<?php echo $trackingID; ?>">
@@ -598,4 +668,15 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<?php
require_once(HESK_PATH . 'inc/footer.inc.php');
exit();
exit();

function hesk_countAttachments($attachments_string) {
if ( ! strlen($attachments_string) || strpos($attachments_string, ',') === false) {
return 0;
}

$att = explode(',', substr($attachments_string, 0, -1));

return count($att);

} // END hesk_countAttachments()

+ 6
- 6
admin/find_tickets.php Visa fil

@@ -145,21 +145,21 @@ LEFT(`message`, 400) AS `message`,
$sql .= " ( `trackid` = '" . hesk_dbEscape($q) . "' OR `merged` LIKE '%#" . hesk_dbEscape($q) . "#%' ) ";
break;
case 'name':
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'email':
$sql .= "`email` LIKE '%" . hesk_dbEscape($q) . "%' ";
break;
case 'subject':
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'message':
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "'
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "'
OR
`id` IN (
SELECT DISTINCT `replyto`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
)
";
break;
@@ -170,12 +170,12 @@ LEFT(`message`, 400) AS `message`,
$sql .= "`id` IN (
SELECT DISTINCT `ticket`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
";
break;
default:
if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) {
$sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
$sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
} else {
$hesk_error_buffer .= '<br />' . $hesklang['invalid_search'];
}

+ 2
- 2
admin/index.php Visa fil

@@ -69,7 +69,7 @@ function do_login()
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');

$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
$_SERVER['REMOTE_ADDR'],
hesk_getClientIP(),
hesk_POST('recaptcha_challenge_field', ''),
hesk_POST('recaptcha_response_field', '')
);
@@ -88,7 +88,7 @@ function do_login()

// Was there a reCAPTCHA response?
if (isset($_POST["g-recaptcha-response"])) {
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response"));
$resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));
}

if ($resp != null && $resp->success) {

+ 0
- 2
admin/knowledgebase_private.php Visa fil

@@ -146,8 +146,6 @@ function hesk_kb_search($query)
{
global $hesk_settings, $hesklang;

define('HESK_NO_ROBOTS',1);

$res = hesk_dbQuery('SELECT t1.`id`, t1.`subject`, LEFT(`t1`.`content`, '.max(200, $hesk_settings['kb_substrart'] * 2).') AS `content`, t1.`rating` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'kb_articles` AS t1 LEFT JOIN `'.hesk_dbEscape($hesk_settings['db_pfix']).'kb_categories` AS t2 ON t1.`catid` = t2.`id` '." WHERE t1.`type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('".hesk_dbEscape($query)."') LIMIT ".intval($hesk_settings['kb_search_limit']));
$num = hesk_dbNumRows($res);
$show_default_category = false;

+ 9
- 0
admin/manage_knowledgebase.php Visa fil

@@ -1080,6 +1080,9 @@ function edit_category()
// Now delete the category
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."'");

// Clear KB cache
hesk_purge_cache('kb');

$_SESSION['hide'] = array(
//'treemenu' => 1,
'new_article' => 1,
@@ -1252,6 +1255,9 @@ function save_article()
// Update article order
update_article_order($catid);

// Clear KB cache
hesk_purge_cache('kb');

// Redirect to the correct page
switch ($from) {
case 'draft':
@@ -2174,6 +2180,9 @@ function remove_article()
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `articles_draft`=`articles_draft`-1 WHERE `id`='{$catid}'");
}

// Clear KB cache
hesk_purge_cache('kb');

// Redirect to the correct page
switch ($from) {
case 'draft':

+ 3
- 3
admin/password.php Visa fil

@@ -51,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');

$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
$_SERVER['REMOTE_ADDR'],
hesk_getClientIP(),
hesk_POST('recaptcha_challenge_field', ''),
hesk_POST('recaptcha_response_field', '')
);
@@ -70,7 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {

// Was there a reCAPTCHA response?
if (isset($_POST["g-recaptcha-response"])) {
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response"));
$resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));
}

if ($resp != null && $resp->success) {
@@ -121,7 +121,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
hesk_process_messages($hesklang['noace'], 'NOREDIRECT');
} else {
$row = hesk_dbFetchAssoc($res);
$hash = sha1(microtime() . $_SERVER['REMOTE_ADDR'] . mt_rand() . $row['id'] . $row['name'] . $row['pass']);
$hash = sha1(microtime() . hesk_getClientIP() . mt_rand() . $row['id'] . $row['name'] . $row['pass']);

// Insert the verification hash into the database
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` (`user`, `hash`, `ip`) VALUES (" . intval($row['id']) . ", '{$hash}', '" . hesk_dbEscape($_SERVER['REMOTE_ADDR']) . "') ");

+ 8
- 0
inc/admin_functions.inc.php Visa fil

@@ -34,6 +34,8 @@ $hesk_settings['possible_ticket_list'] = array(
'time_worked' => $hesklang['ts'],
);

define('HESK_NO_ROBOTS', true);

/*** FUNCTIONS ***/


@@ -564,6 +566,8 @@ function hesk_verifyGoto()
'banned_emails.php' => '',
'banned_ips.php' => '',
'change_status.php' => '',
'custom_fields.php' => '',
'custom_statuses.php' => '',
'edit_post.php' => '',
'email_templates.php' => '',
'export.php' => '',
@@ -572,6 +576,7 @@ function hesk_verifyGoto()
'knowledgebase_private.php' => '',
'lock.php' => '',
'mail.php' => '',
'mail.php?a=read&id=1' => '',
'manage_canned.php' => '',
'manage_categories.php' => '',
'manage_knowledgebase.php' => '',
@@ -715,6 +720,9 @@ function hesk_purge_cache($type = '', $expire_after_seconds = 0)
case 'cf':
$files = glob($cache_dir.'cf_*', GLOB_NOSORT);
break;
case 'kb':
$files = array($cache_dir.'kb.cache.php');
break;
default:
hesk_rrmdir(trim($cache_dir, '/'), true);
return true;

+ 1
- 1
inc/attachments.inc.php Visa fil

@@ -103,7 +103,7 @@ function hesk_fileError($error)
} // End hesk_fileError()


function hesk_removeAttachments($attachments, $isTicket)
function hesk_removeAttachments($attachments, $isTicket = true)
{
global $hesk_settings, $hesklang, $modsForHesk_settings;


+ 4
- 4
inc/view_attachment_functions.inc.php Visa fil

@@ -207,14 +207,14 @@ function output_attachment_id_holder_container($id) {
echo '<div id="attachment-holder-' . $id . '" class="hide"></div>';
}

function build_dropzone_markup($admin = false, $id = 'filedrop') {
function build_dropzone_markup($admin = false, $id = 'filedrop', $startingId = 1) {
global $hesklang, $hesk_settings;

$directory_separator = $admin ? '../' : '';
echo '<div class="dropzone" id="' . $id . '">
<div class="fallback">
<input type="hidden" name="use-legacy-attachments" value="1">';
for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
for ($i = $startingId; $i <= $hesk_settings['attachments']['max_number']; $i++) {
$cls = ($i == 1 && isset($_SESSION['iserror']) && in_array('attachments', $_SESSION['iserror'])) ? ' class="isError" ' : '';
echo '<input type="file" name="attachment[' . $i . ']" size="50" ' . $cls . ' /><br />';
}
@@ -225,7 +225,7 @@ function build_dropzone_markup($admin = false, $id = 'filedrop') {
onclick="Javascript:hesk_window(\'' . $directory_separator . 'file_limits.php\',250,500);return false;">'. $hesklang['ful'] . '</a>';
}

function display_dropzone_field($url, $id = 'filedrop') {
function display_dropzone_field($url, $id = 'filedrop', $max_files_override = -1) {
global $hesk_settings, $hesklang;

output_dropzone_window();
@@ -233,7 +233,7 @@ function display_dropzone_field($url, $id = 'filedrop') {

$acceptedFiles = implode(',', $hesk_settings['attachments']['allowed_types']);
$size = mfh_bytesToUnits($hesk_settings['attachments']['max_size']);
$max_files = $hesk_settings['attachments']['max_number'];
$max_files = $max_files_override > -1 ? $max_files_override : $hesk_settings['attachments']['max_number'];

echo "
<script type=\"text/javascript\">

Laddar…
Avbryt
Spara