Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

submit_ticket.php 20KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', './');
  15. // Try to detect some simple SPAM bots
  16. if (!isset($_POST['hx']) || $_POST['hx'] != 3 || !isset($_POST['hy']) || $_POST['hy'] != '' || isset($_POST['phone'])) {
  17. header('HTTP/1.1 403 Forbidden');
  18. exit();
  19. }
  20. // Get all the required files and functions
  21. require(HESK_PATH . 'hesk_settings.inc.php');
  22. require(HESK_PATH . 'inc/common.inc.php');
  23. // Are we in maintenance mode?
  24. hesk_check_maintenance();
  25. // Are we in "Knowledgebase only" mode?
  26. hesk_check_kb_only();
  27. hesk_load_database_functions();
  28. require(HESK_PATH . 'inc/email_functions.inc.php');
  29. require(HESK_PATH . 'inc/posting_functions.inc.php');
  30. require(HESK_PATH . 'inc/htmLawed.php');
  31. // We only allow POST requests to this file
  32. if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  33. header('Location: index.php?a=add');
  34. exit();
  35. }
  36. // Check for POST requests larger than what the server can handle
  37. if (empty($_POST) && !empty($_SERVER['CONTENT_LENGTH'])) {
  38. hesk_error($hesklang['maxpost']);
  39. }
  40. // Block obvious spammers trying to inject email headers
  41. if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", hesk_POST('name') . hesk_POST('subject'))) {
  42. header('HTTP/1.1 403 Forbidden');
  43. exit();
  44. }
  45. hesk_session_start();
  46. // A security check - not needed here, but uncomment if you require it
  47. # hesk_token_check();
  48. // Prevent submitting multiple tickets by reloading submit_ticket.php page
  49. if (isset($_SESSION['already_submitted'])) {
  50. hesk_forceStop();
  51. }
  52. // Connect to database
  53. hesk_dbConnect();
  54. $hesk_error_buffer = array();
  55. // Check anti-SPAM question
  56. if ($hesk_settings['question_use']) {
  57. $question = hesk_input(hesk_POST('question'));
  58. if (strlen($question) == 0) {
  59. $hesk_error_buffer['question'] = $hesklang['q_miss'];
  60. } elseif (strtolower($question) != strtolower($hesk_settings['question_ans'])) {
  61. $hesk_error_buffer['question'] = $hesklang['q_wrng'];
  62. } else {
  63. $_SESSION['c_question'] = $question;
  64. }
  65. }
  66. // Check anti-SPAM image
  67. if ($hesk_settings['secimg_use'] && !isset($_SESSION['img_verified'])) {
  68. // Using ReCaptcha?
  69. if ($hesk_settings['recaptcha_use'] == 1) {
  70. require(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
  71. $resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
  72. hesk_getClientIP(),
  73. hesk_POST('recaptcha_challenge_field', ''),
  74. hesk_POST('recaptcha_response_field', '')
  75. );
  76. if ($resp->is_valid) {
  77. $_SESSION['img_verified'] = true;
  78. } else {
  79. $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
  80. }
  81. } // Using ReCaptcha API v2?
  82. elseif ($hesk_settings['recaptcha_use'] == 2) {
  83. require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
  84. $resp = null;
  85. $reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']);
  86. // Was there a reCAPTCHA response?
  87. if (isset($_POST["g-recaptcha-response"])) {
  88. $resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response"));
  89. }
  90. if ($resp != null && $resp->success) {
  91. $_SESSION['img_verified'] = true;
  92. } else {
  93. $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
  94. }
  95. } // Using PHP generated image
  96. else {
  97. $mysecnum = intval(hesk_POST('mysecnum', 0));
  98. if (empty($mysecnum)) {
  99. $hesk_error_buffer['mysecnum'] = $hesklang['sec_miss'];
  100. } else {
  101. require(HESK_PATH . 'inc/secimg.inc.php');
  102. $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);
  103. if (isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum'])) {
  104. $_SESSION['img_verified'] = true;
  105. } else {
  106. $hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng'];
  107. }
  108. }
  109. }
  110. }
  111. $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer['name'] = $hesklang['enter_your_name'];
  112. $email_available = true;
  113. if ($hesk_settings['require_email']) {
  114. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
  115. } else {
  116. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0);
  117. // Not required, but must be valid if it is entered
  118. if ($tmpvar['email'] == '') {
  119. $email_available = false;
  120. if (strlen(hesk_POST('email'))) {
  121. $hesk_error_buffer['email'] = $hesklang['not_valid_email'];
  122. }
  123. // No need to confirm the email
  124. $hesk_settings['confirm_email'] = 0;
  125. $_POST['email2'] = '';
  126. $_SESSION['c_email'] = '';
  127. $_SESSION['c_email2'] = '';
  128. }
  129. }
  130. if ($hesk_settings['confirm_email']) {
  131. $tmpvar['email2'] = hesk_validateEmail(hesk_POST('email2'), 'ERR', 0) or $hesk_error_buffer['email2'] = $hesklang['confemail2'];
  132. // Anything entered as email confirmation?
  133. if ($tmpvar['email2'] != '') {
  134. // Do we have multiple emails?
  135. if ($hesk_settings['multi_eml']) {
  136. $tmpvar['email'] = str_replace(';', ',', $tmpvar['email']);
  137. $tmpvar['email2'] = str_replace(';', ',', $tmpvar['email2']);
  138. if (count(array_diff(explode(',', strtolower($tmpvar['email'])), explode(',', strtolower($tmpvar['email2'])))) == 0) {
  139. $_SESSION['c_email2'] = hesk_POST('email2');
  140. }
  141. } // Single email address match
  142. elseif (!$hesk_settings['multi_eml'] && strtolower($tmpvar['email']) == strtolower($tmpvar['email2'])) {
  143. $_SESSION['c_email2'] = hesk_POST('email2');
  144. } else {
  145. // Invalid match
  146. $tmpvar['email2'] = '';
  147. $_POST['email2'] = '';
  148. $_SESSION['c_email2'] = '';
  149. $_SESSION['isnotice'][] = 'email';
  150. $hesk_error_buffer['email2'] = $hesklang['confemaile'];
  151. }
  152. } else {
  153. $_SESSION['c_email2'] = hesk_POST('email2');
  154. }
  155. }
  156. $tmpvar['category'] = intval(hesk_POST('category')) or $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
  157. // Do we allow customer to select priority?
  158. if ($hesk_settings['cust_urgency']) {
  159. $tmpvar['priority'] = intval(hesk_POST('priority'));
  160. // We don't allow customers select "Critical". If priority is not valid set it to "low".
  161. if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3) {
  162. // If we are showing "Click to select" priority needs to be selected
  163. if ($hesk_settings['select_pri']) {
  164. $tmpvar['priority'] = -1;
  165. $hesk_error_buffer['priority'] = $hesklang['select_priority'];
  166. } else {
  167. $tmpvar['priority'] = 3;
  168. }
  169. }
  170. } // Priority will be selected based on the category selected
  171. else {
  172. $res = hesk_dbQuery("SELECT `priority` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`=" . intval($tmpvar['category']));
  173. if (hesk_dbNumRows($res) == 1) {
  174. $tmpvar['priority'] = intval(hesk_dbResult($res));
  175. } else {
  176. $tmpvar['priority'] = 3;
  177. }
  178. }
  179. if ($hesk_settings['require_subject'] == -1) {
  180. $tmpvar['subject'] = '';
  181. } else {
  182. $tmpvar['subject'] = hesk_input( hesk_POST('subject') );
  183. if ($hesk_settings['require_subject'] == 1 && $tmpvar['subject'] == '') {
  184. $hesk_error_buffer['subject'] = $hesklang['enter_ticket_subject'];
  185. }
  186. }
  187. if ($hesk_settings['require_message'] == -1) {
  188. $tmpvar['message'] = '';
  189. } else {
  190. $tmpvar['message'] = hesk_input( hesk_POST('message') );
  191. if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') {
  192. $hesk_error_buffer['message'] = $hesklang['enter_message'];
  193. }
  194. }
  195. // Is category a valid choice?
  196. if ($tmpvar['category']) {
  197. hesk_verifyCategory();
  198. // Is auto-assign of tickets disabled in this category?
  199. if (empty($hesk_settings['category_data'][$tmpvar['category']]['autoassign'])) {
  200. $hesk_settings['autoassign'] = false;
  201. }
  202. }
  203. // Custom fields
  204. $modsForHesk_settings = mfh_getSettings();
  205. foreach ($hesk_settings['custom_fields'] as $k=>$v) {
  206. if ($v['use']==1 && hesk_is_custom_field_in_category($k, $tmpvar['category'])) {
  207. if ($v['type'] == 'checkbox') {
  208. $tmpvar[$k]='';
  209. if (isset($_POST[$k]) && is_array($_POST[$k])) {
  210. foreach ($_POST[$k] as $myCB) {
  211. $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '<br />';;
  212. }
  213. $tmpvar[$k]=substr($tmpvar[$k],0,-6);
  214. } else {
  215. if ($v['req']) {
  216. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  217. }
  218. $_POST[$k] = '';
  219. }
  220. $_SESSION["c_$k"]=hesk_POST_array($k);
  221. } elseif ($v['type'] == 'date') {
  222. $tmpvar[$k] = hesk_POST($k);
  223. $_SESSION["c_$k"] = '';
  224. if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
  225. $date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
  226. $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
  227. $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
  228. $_SESSION["c_$k"] = $tmpvar[$k];
  229. if ($dmin && $dmin > $date) {
  230. $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format']));
  231. } elseif ($dmax && $dmax < $date) {
  232. $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format']));
  233. } else {
  234. $tmpvar[$k] = $date;
  235. }
  236. } else {
  237. if ($v['req']) {
  238. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  239. }
  240. }
  241. } elseif ($v['type'] == 'email') {
  242. $tmp = $hesk_settings['multi_eml'];
  243. $hesk_settings['multi_eml'] = $v['value']['multiple'];
  244. $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0);
  245. $hesk_settings['multi_eml'] = $tmp;
  246. if ($tmpvar[$k] != '') {
  247. $_SESSION["c_$k"] = hesk_input($tmpvar[$k]);
  248. } else {
  249. $_SESSION["c_$k"] = '';
  250. if ($v['req']) {
  251. $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']);
  252. }
  253. }
  254. } elseif ($v['req']) {
  255. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  256. if ($tmpvar[$k] == '') {
  257. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  258. }
  259. $_SESSION["c_$k"]=hesk_POST($k);
  260. } else {
  261. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  262. $_SESSION["c_$k"]=hesk_POST($k);
  263. }
  264. } else {
  265. $tmpvar[$k] = '';
  266. }
  267. }
  268. // Check bans
  269. if ($email_available && ! isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP(hesk_getClientIP())) {
  270. hesk_error($hesklang['baned_e']);
  271. }
  272. // Check maximum open tickets limit
  273. $below_limit = true;
  274. if ($email_available && $hesk_settings['max_open'] && ! isset($hesk_error_buffer['email'])) {
  275. $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `status` IN (SELECT `ID` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) AND " . hesk_dbFormatEmail($tmpvar['email']));
  276. $num = hesk_dbResult($res);
  277. if ($num >= $hesk_settings['max_open']) {
  278. $hesk_error_buffer = array('max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']));
  279. $below_limit = false;
  280. }
  281. }
  282. // If we reached max tickets let's save some resources
  283. if ($below_limit) {
  284. // Generate tracking ID
  285. $tmpvar['trackid'] = hesk_createID();
  286. // Attachments
  287. if ($hesk_settings['attachments']['use']) {
  288. require_once(HESK_PATH . 'inc/attachments.inc.php');
  289. $attachments = array();
  290. $trackingID = $tmpvar['trackid'];
  291. $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);
  292. if ($use_legacy_attachments) {
  293. // The user went to the fallback file upload system.
  294. for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
  295. $att = hesk_uploadFile($i);
  296. if ($att !== false && !empty($att)) {
  297. $attachments[$i] = $att;
  298. }
  299. }
  300. } else {
  301. // The user used the new drag-and-drop system.
  302. $temp_attachment_ids = hesk_POST_array('attachment-ids');
  303. foreach ($temp_attachment_ids as $temp_attachment_id) {
  304. // Simply get the temp info and move it to the attachments table
  305. $temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
  306. $attachments[] = $temp_attachment;
  307. mfh_deleteTemporaryAttachment($temp_attachment_id);
  308. }
  309. }
  310. }
  311. $tmpvar['attachments'] = '';
  312. }
  313. // If we have any errors lets store info in session to avoid re-typing everything
  314. if (count($hesk_error_buffer)) {
  315. $_SESSION['iserror'] = array_keys($hesk_error_buffer);
  316. $_SESSION['c_name'] = hesk_POST('name');
  317. $_SESSION['c_email'] = hesk_POST('email');
  318. $_SESSION['c_priority'] = hesk_POST('priority');
  319. $_SESSION['c_subject'] = hesk_POST('subject');
  320. $_SESSION['c_message'] = hesk_POST('message');
  321. $tmp = '';
  322. foreach ($hesk_error_buffer as $error) {
  323. $tmp .= "<li>$error</li>\n";
  324. }
  325. // Remove any successfully uploaded attachments
  326. if ($below_limit && $hesk_settings['attachments']['use']) {
  327. hesk_removeAttachments($attachments);
  328. }
  329. $hesk_error_buffer = $hesklang['pcer'] . '<br /><br /><ul>' . $tmp . '</ul>';
  330. hesk_process_messages($hesk_error_buffer, 'index.php?a=add&category='.$tmpvar['category']);
  331. }
  332. if (!$modsForHesk_settings['rich_text_for_tickets_for_customers']) {
  333. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  334. $tmpvar['message'] = nl2br($tmpvar['message']);
  335. }
  336. // Track suggested knowledgebase articles
  337. if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'] && isset($_POST['suggested']) && is_array($_POST['suggested'])) {
  338. $tmpvar['articles'] = implode(',', array_unique(array_map('intval', $_POST['suggested'])));
  339. }
  340. // All good now, continue with ticket creation
  341. $tmpvar['owner'] = 0;
  342. $tmpvar['history'] = sprintf($hesklang['thist15'], hesk_date(), $tmpvar['name']);
  343. // Auto assign tickets if aplicable
  344. $autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
  345. if ($autoassign_owner) {
  346. $tmpvar['owner'] = $autoassign_owner['id'];
  347. $tmpvar['history'] .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')');
  348. }
  349. // Insert attachments
  350. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  351. foreach ($attachments as $myatt) {
  352. hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($tmpvar['trackid']) . "','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
  353. $tmpvar['attachments'] .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  354. }
  355. }
  356. // Set latitude and longitude
  357. $tmpvar['latitude'] = hesk_POST('latitude');
  358. $tmpvar['longitude'] = hesk_POST('longitude');
  359. // Set html
  360. $tmpvar['html'] = $modsForHesk_settings['rich_text_for_tickets_for_customers'];
  361. // Set screen res and user agent
  362. $tmpvar['screen_resolution_height'] = hesk_POST('screen_resolution_height', "NULL");
  363. $tmpvar['screen_resolution_width'] = hesk_POST('screen_resolution_width', "NULL");
  364. $tmpvar['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
  365. // Tickets from customers never have a due date
  366. $tmpvar['due_date'] = '';
  367. // Should the helpdesk validate emails?
  368. $createTicket = true;
  369. if ($modsForHesk_settings['customer_email_verification_required'] && $email_available) {
  370. $verifiedEmailSql = "SELECT `Email` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "verified_emails` WHERE `Email` = '" . hesk_dbEscape($tmpvar['email']) . "'";
  371. $verifiedEmailRS = hesk_dbQuery($verifiedEmailSql);
  372. if (hesk_dbNumRows($verifiedEmailRS) == 0) {
  373. //-- email has not yet been verified.
  374. $ticket = hesk_newTicket($tmpvar, false);
  375. //-- generate the activation key, which is a hash of their email address along with the current time.
  376. $unhashedKey = $tmpvar['email'] . time();
  377. $key = hash('sha512', $unhashedKey);
  378. $escapedEmail = hesk_dbEscape($tmpvar['email']);
  379. $escapedKey = hesk_dbEscape($key);
  380. hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails` (`Email`, `ActivationKey`)
  381. VALUES ('" . $escapedEmail . "', '" . $escapedKey . "')");
  382. hesk_notifyCustomerForVerifyEmail('verify_email', $key, $modsForHesk_settings);
  383. $createTicket = false;
  384. }
  385. }
  386. if ($createTicket) {
  387. //-- email has been verified, and a ticket can be created
  388. $ticket = hesk_newTicket($tmpvar);
  389. // Notify the customer
  390. if ($hesk_settings['notify_new'] && $email_available) {
  391. hesk_notifyCustomer($modsForHesk_settings);
  392. }
  393. // Need to notify staff?
  394. // --> From autoassign?
  395. if ($tmpvar['owner'] && $autoassign_owner['notify_assigned']) {
  396. hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you', $modsForHesk_settings);
  397. } // --> No autoassign, find and notify appropriate staff
  398. elseif (!$tmpvar['owner']) {
  399. hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' ", $modsForHesk_settings);
  400. }
  401. }
  402. // Next ticket show suggested articles again
  403. $_SESSION['ARTICLES_SUGGESTED'] = false;
  404. $_SESSION['already_submitted'] = 1;
  405. // Need email to view ticket? If yes, remember it by default
  406. if ($hesk_settings['email_view_ticket']) {
  407. hesk_setcookie('hesk_myemail', $tmpvar['email'], strtotime('+1 year'));
  408. }
  409. // Unset temporary variables
  410. unset($tmpvar);
  411. hesk_cleanSessionVars('tmpvar');
  412. hesk_cleanSessionVars('c_category');
  413. hesk_cleanSessionVars('c_priority');
  414. hesk_cleanSessionVars('c_subject');
  415. hesk_cleanSessionVars('c_message');
  416. hesk_cleanSessionVars('c_question');
  417. hesk_cleanSessionVars('img_verified');
  418. // Print header
  419. require_once(HESK_PATH . 'inc/header.inc.php');
  420. ?>
  421. <ol class="breadcrumb">
  422. <li><a href="<?php echo $hesk_settings['site_url']; ?>"><?php echo $hesk_settings['site_title']; ?></a></li>
  423. <li><a href="<?php echo $hesk_settings['hesk_url']; ?>"><?php echo $hesk_settings['hesk_title']; ?></a></li>
  424. <li class="active"><?php echo $hesklang['tid_sent']; ?></li>
  425. </ol>
  426. <div style="width: 80%; margin-left: auto; margin-right: auto;">
  427. <?php
  428. if ($createTicket) {
  429. // Show success message with link to ticket
  430. hesk_show_success(
  431. $hesklang['ticket_submitted'] . '<br /><br />' .
  432. $hesklang['ticket_submitted_success'] . ': <b>' . $ticket['trackid'] . '</b><br /><br /> ' .
  433. ( ! $email_available ? $hesklang['write_down'] . '<br /><br />' : '') .
  434. ($email_available && $hesk_settings['notify_new'] && $hesk_settings['spam_notice'] ? $hesklang['spam_inbox'] . '<br /><br />' : '') .
  435. '<a href="' . $hesk_settings['hesk_url'] . '/ticket.php?track=' . $ticket['trackid'] . '">' . $hesklang['view_your_ticket'] . '</a>'
  436. );
  437. } else {
  438. hesk_show_notice($hesklang['verify_your_email'] . '<br><br>' . $hesklang['check_spambox']);
  439. }
  440. // Any other messages to display?
  441. hesk_handle_messages();
  442. ?>
  443. </div>
  444. <?php
  445. require_once(HESK_PATH . 'inc/footer.inc.php');
  446. exit();
  447. function hesk_forceStop()
  448. {
  449. global $hesklang;
  450. ?>
  451. <html>
  452. <head>
  453. <meta http-equiv="Refresh" content="0; url=index.php?a=add"/>
  454. </head>
  455. <body>
  456. <p><a href="index.php?a=add"><?php echo $hesklang['c2c']; ?></a>.</p>
  457. </body>
  458. </html>
  459. <?php
  460. exit();
  461. } // END hesk_forceStop()
  462. ?>