0,2=>0); $s_my = array(1=>1,2=>1); $s_ot = array(1=>1,2=>1); $s_un = array(1=>1,2=>1); // --> TICKET CATEGORY $category = intval( hesk_GET('category', 0) ); // Make sure user has access to this category if ($category && hesk_okCategory($category, 0) ) { $sql .= " `category`='{$category}' "; } // No category selected, show only allowed categories else { $sql .= hesk_myCategories(); } // Show only tagged tickets? if ( ! empty($_GET['archive']) ) { $archive[2]=1; $sql .= " AND `archive`='1' "; } // Ticket owner preferences $fid = 2; require(HESK_PATH . 'inc/assignment_search.inc.php'); $hesk_error_buffer = ''; $no_query = 0; // Search query $q = stripslashes( hesk_input( hesk_GET('q', '') ) ); // No query entered? if ( ! strlen($q) ) { $hesk_error_buffer .= $hesklang['fsq']; $no_query = 1; } // What field are we searching in $what = hesk_GET('what', '') or $hesk_error_buffer .= '
' . $hesklang['wsel']; // Sequential ID supported? if ($what == 'seqid' && ! $hesk_settings['sequential']) { $what = 'trackid'; } // Setup SQL based on searching preferences if ( ! $no_query) { $sql .= " AND "; switch ($what) { case 'trackid': $sql .= " ( `trackid` = '".hesk_dbEscape($q)."' OR `merged` LIKE '%#".hesk_dbEscape($q)."#%' ) "; break; case 'name': $sql .= "`name` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' "; break; case 'email': $sql .= "`email` LIKE '%".hesk_dbEscape($q)."%' "; break; case 'subject': $sql .= "`subject` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' "; break; case 'message': $sql .= " ( `message` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' OR `id` IN ( SELECT DISTINCT `replyto` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `message` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ) ) "; break; case 'seqid': $sql .= "`id` = '".intval($q)."' "; break; case 'notes': $sql .= "`id` IN ( SELECT DISTINCT `ticket` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` WHERE `message` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ) "; break; default: if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) { $sql .= "`".hesk_dbEscape($what)."` LIKE '%".hesk_dbEscape($q)."%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' "; } else { $hesk_error_buffer .= '
' . $hesklang['invalid_search']; } } } /* Date */ /* -> Check for compatibility with old date format */ if (preg_match("/(\d{4})-(\d{2})-(\d{2})/", hesk_GET('dt'), $m)) { $_GET['dt']=$m[2].$m[3].$m[1]; } /* -> Now process the date value */ $dt = preg_replace('/[^0-9]/','', hesk_GET('dt') ); if (strlen($dt) == 8) { $date = substr($dt,4,4) . '-' . substr($dt,0,2) . '-' . substr($dt,2,2); $date_input= substr($dt,0,2) . '/' . substr($dt,2,2) . '/' . substr($dt,4,4); /* This search is valid even if no query is entered */ if ($no_query) { $hesk_error_buffer = str_replace($hesklang['fsq'],'',$hesk_error_buffer); } $sql .= " AND (`dt` LIKE '".hesk_dbEscape($date)."%' OR `lastchange` LIKE '".hesk_dbEscape($date)."%') "; } else { $date = ''; $date_input = ''; } /* Any errors? */ if (strlen($hesk_error_buffer)) { hesk_process_messages($hesk_error_buffer,'NOREDIRECT'); } /* This will handle error, success and notice messages */ $handle = hesk_handle_messages(); # echo "$sql
"; // That's all the SQL we need for count $sql_count .= $sql; $sql = $sql_final . $sql; /* Prepare variables used in search and forms */ require_once(HESK_PATH . 'inc/prepare_ticket_search.inc.php'); /* If there has been an error message skip searching for tickets */ if ($handle !== FALSE) { $href = 'find_tickets.php'; require_once(HESK_PATH . 'inc/ticket_list.inc.php'); } ?>

---