3)
{
// If we are showing "Click to select" priority needs to be selected
if ($hesk_settings['select_pri'])
{
$tmpvar['priority'] = -1;
$hesk_error_buffer['priority'] = $hesklang['select_priority'];
}
else
{
$tmpvar['priority'] = 3;
}
}
$tmpvar['subject'] = hesk_input( hesk_POST('subject') ) or $hesk_error_buffer['subject']=$hesklang['enter_ticket_subject'];
$tmpvar['message'] = hesk_input( hesk_POST('message') ) or $hesk_error_buffer['message']=$hesklang['enter_message'];
// Is category a valid choice?
if ($tmpvar['category'])
{
hesk_verifyCategory(1);
// Is auto-assign of tickets disabled in this category?
if ( empty($hesk_settings['category_data'][$tmpvar['category']]['autoassign']) )
{
$hesk_settings['autoassign'] = false;
}
}
// Custom fields
foreach ($hesk_settings['custom_fields'] as $k=>$v)
{
if ($v['use'] && isset($_POST[$k]))
{
// Date will be handled by the jQuery datepicker
if( $v['type'] == 'date' && $_POST[$k] != '')
{
$tmpvar[$k] = strtotime($_POST[$k]);
} else if (is_array($_POST[$k]))
{
$tmpvar[$k]='';
foreach ($_POST[$k] as $myCB)
{
$tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '
';
}
$tmpvar[$k]=substr($tmpvar[$k],0,-6);
}
else
{
$tmpvar[$k]=hesk_makeURL(nl2br(hesk_input($_POST[$k])));
}
}
else
{
$tmpvar[$k] = '';
}
}
// Generate tracking ID
$tmpvar['trackid'] = hesk_createID();
// Log who submitted ticket
$tmpvar['history'] = sprintf($hesklang['thist7'], hesk_date(), $_SESSION['name'].' ('.$_SESSION['user'].')');
$tmpvar['openedby'] = $_SESSION['id'];
// Owner
$tmpvar['owner'] = 0;
if (hesk_checkPermission('can_assign_others',0))
{
$tmpvar['owner'] = intval( hesk_POST('owner') );
// If ID is -1 the ticket will be unassigned
if ($tmpvar['owner'] == -1)
{
$tmpvar['owner'] = 0;
}
// Automatically assign owner?
elseif ($tmpvar['owner'] == -2 && $hesk_settings['autoassign'] == 1)
{
$autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
if ($autoassign_owner)
{
$tmpvar['owner'] = intval($autoassign_owner['id']);
$tmpvar['history'] .= sprintf($hesklang['thist10'],hesk_date(),$autoassign_owner['name'].' ('.$autoassign_owner['user'].')');
}
else
{
$tmpvar['owner'] = 0;
}
}
// Check for invalid owner values
elseif ($tmpvar['owner'] < 1)
{
$tmpvar['owner'] = 0;
}
else
{
// Has the new owner access to the selected category?
$res = hesk_dbQuery("SELECT `name`,`isadmin`,`categories` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='{$tmpvar['owner']}' LIMIT 1");
if (hesk_dbNumRows($res) == 1)
{
$row = hesk_dbFetchAssoc($res);
if (!$row['isadmin'])
{
$row['categories']=explode(',',$row['categories']);
if (!in_array($tmpvar['category'],$row['categories']))
{
$_SESSION['isnotice'][] = 'category';
$hesk_error_buffer['owner']=$hesklang['onasc'];
}
}
}
else
{
$_SESSION['isnotice'][] = 'category';
$hesk_error_buffer['owner']=$hesklang['onasc'];
}
}
}
elseif (hesk_checkPermission('can_assign_self',0) && hesk_okCategory($tmpvar['category'],0) && !empty($_POST['assing_to_self']))
{
$tmpvar['owner'] = intval($_SESSION['id']);
}
// Notify customer of the ticket?
$notify = (!empty($_POST['notify']) && !empty($tmpvar['email']) ) ? 1 : 0;
// Show ticket after submission?
$show = ! empty($_POST['show']) ? 1 : 0;
// Attachments
if ($hesk_settings['attachments']['use'])
{
require_once(HESK_PATH . 'inc/attachments.inc.php');
$attachments = array();
$trackingID = $tmpvar['trackid'];
for ($i=1;$i<=$hesk_settings['attachments']['max_number'];$i++)
{
$att = hesk_uploadFile($i);
if ($att !== false && !empty($att))
{
$attachments[$i] = $att;
}
}
}
$tmpvar['attachments'] = '';
// If we have any errors lets store info in session to avoid re-typing everything
if (count($hesk_error_buffer)!=0)
{
$_SESSION['iserror'] = array_keys($hesk_error_buffer);
$_SESSION['as_name'] = hesk_POST('name');
$_SESSION['as_email'] = hesk_POST('email');
$_SESSION['as_category'] = hesk_POST('category');
$_SESSION['as_priority'] = $tmpvar['priority'];
$_SESSION['as_subject'] = hesk_POST('subject');
$_SESSION['as_message'] = hesk_POST('message');
$_SESSION['as_owner'] = $tmpvar['owner'];
$_SESSION['as_notify'] = $notify;
$_SESSION['as_show'] = $show;
foreach ($hesk_settings['custom_fields'] as $k=>$v)
{
if ($v['use'])
{
$_SESSION["as_$k"] = ($v['type'] == 'checkbox') ? hesk_POST_array($k) : hesk_POST($k);
}
}
$tmp = '';
foreach ($hesk_error_buffer as $error)
{
$tmp .= "