Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

change_status.php 4.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', './');
  15. // Get all the required files and functions
  16. require(HESK_PATH . 'hesk_settings.inc.php');
  17. require(HESK_PATH . 'inc/common.inc.php');
  18. // Are we in maintenance mode?
  19. hesk_check_maintenance();
  20. hesk_load_database_functions();
  21. hesk_session_start();
  22. // A security check
  23. hesk_token_check();
  24. // Get the tracking ID
  25. $trackingID = hesk_cleanID() or die("$hesklang[int_error]: $hesklang[no_trackID]");
  26. // Get new status
  27. $status = intval(hesk_GET('s', 0));
  28. $oldStatus = $status;
  29. $locked = 0;
  30. // Connect to database
  31. hesk_dbConnect();
  32. // Get the close status. It'll be used later on
  33. $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsClosedByClient` = 1');
  34. $statusRow = hesk_dbFetchAssoc($statusRes);
  35. $closedStatus = $statusRow['ID'];
  36. if ($status == 3) // Closed
  37. {
  38. // Is customer closing tickets enabled?
  39. if (!$hesk_settings['custclose']) {
  40. hesk_error($hesklang['attempt']);
  41. }
  42. $status = $closedStatus;
  43. $action = $hesklang['closed'];
  44. $revision_key = 'audit_closed';
  45. if ($hesk_settings['custopen'] != 1) {
  46. $locked = 1;
  47. }
  48. // Mark that customer resolved the ticket
  49. $closedby_sql = ' , `closedat`=NOW(), `closedby`=0 ';
  50. } elseif ($status == 2) // Opened
  51. {
  52. // Is customer reopening tickets enabled?
  53. if (!$hesk_settings['custopen']) {
  54. hesk_error($hesklang['attempt']);
  55. }
  56. //-- They want to close the ticket, so get the status that is the default for client-side closes
  57. $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsDefaultStaffReplyStatus` = 1');
  58. $statusRow = hesk_dbFetchAssoc($statusRes);
  59. $status = $statusRow['ID'];
  60. $action = $hesklang['opened'];
  61. $revision_key = 'audit_opened';
  62. // We will ask the customer why is the ticket being reopened
  63. $_SESSION['force_form_top'] = true;
  64. // Ticket is not resolved
  65. $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
  66. } else {
  67. die("$hesklang[int_error]: $hesklang[status_not_valid].");
  68. }
  69. // Connect to database
  70. hesk_dbConnect();
  71. // Verify email address match if needed
  72. hesk_verifyEmailMatch($trackingID);
  73. // Setup required session vars
  74. $_SESSION['t_track'] = $trackingID;
  75. $_SESSION['t_email'] = $hesk_settings['e_email'];
  76. // Is current ticket status even changeable by customers?
  77. $ticket = hesk_dbFetchAssoc( hesk_dbQuery( "SELECT `id`, `status`, `staffreplies`, `lastreplier` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `trackid`='".hesk_dbEscape($trackingID)."' LIMIT 1") );
  78. if (!mfh_can_customer_change_status($ticket['status'])) {
  79. hesk_process_messages($hesklang['scno'],'ticket.php');
  80. }
  81. // Lets make status assignment a bit smarter when reopening tickets
  82. if ($oldStatus == 2) {
  83. // If ticket has no staff replies set the status to "New"
  84. if ($ticket['staffreplies'] < 1) {
  85. $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsNewTicketStatus` = 1');
  86. $statusRow = hesk_dbFetchAssoc($statusRes);
  87. $status = $statusRow['ID'];
  88. } // If last reply was by customer set status to "Waiting reply from staff"
  89. elseif ($ticket['lastreplier'] == 0) {
  90. $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsCustomerReplyStatus` = 1');
  91. $statusRow = hesk_dbFetchAssoc($statusRes);
  92. $status = $statusRow['ID'];
  93. }
  94. // If nothing matches: last reply was from staff, keep status "Waiting reply from customer"
  95. }
  96. // Modify values in the database
  97. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND `locked` != '1'");
  98. // Insert audit trail record
  99. mfh_insert_audit_trail_record($ticket['id'], 'TICKET', $revision_key, hesk_date(), array(0 => $hesklang['customer']));
  100. // Did we modify anything*
  101. if (hesk_dbAffectedRows() != 1) {
  102. hesk_process_messages($hesklang['elocked'],'ticket.php');
  103. }
  104. // Show success message
  105. if ($status != $closedStatus) {
  106. hesk_process_messages($hesklang['wrepo'],'ticket.php','NOTICE');
  107. } else {
  108. hesk_process_messages($hesklang['your_ticket_been'].' '.$action,'ticket.php','SUCCESS');
  109. }