Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

submit_ticket.php 21KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', './');
  15. // Try to detect some simple SPAM bots
  16. if (!isset($_POST['hx']) || $_POST['hx'] != 3 || !isset($_POST['hy']) || $_POST['hy'] != '' || isset($_POST['phone'])) {
  17. header('HTTP/1.1 403 Forbidden');
  18. exit();
  19. }
  20. // Get all the required files and functions
  21. require(HESK_PATH . 'hesk_settings.inc.php');
  22. require(HESK_PATH . 'inc/common.inc.php');
  23. // Are we in maintenance mode?
  24. hesk_check_maintenance();
  25. // Are we in "Knowledgebase only" mode?
  26. hesk_check_kb_only();
  27. hesk_load_database_functions();
  28. require(HESK_PATH . 'inc/email_functions.inc.php');
  29. require(HESK_PATH . 'inc/posting_functions.inc.php');
  30. require(HESK_PATH . 'inc/htmLawed.php');
  31. // We only allow POST requests to this file
  32. if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  33. header('Location: index.php?a=add');
  34. exit();
  35. }
  36. // Check for POST requests larger than what the server can handle
  37. if (empty($_POST) && !empty($_SERVER['CONTENT_LENGTH'])) {
  38. hesk_error($hesklang['maxpost']);
  39. }
  40. // Block obvious spammers trying to inject email headers
  41. if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", hesk_POST('name') . hesk_POST('subject'))) {
  42. header('HTTP/1.1 403 Forbidden');
  43. exit();
  44. }
  45. hesk_session_start();
  46. // A security check - not needed here, but uncomment if you require it
  47. # hesk_token_check();
  48. // Prevent submitting multiple tickets by reloading submit_ticket.php page
  49. if (isset($_SESSION['already_submitted'])) {
  50. hesk_forceStop();
  51. }
  52. // Connect to database
  53. hesk_dbConnect();
  54. $hesk_error_buffer = array();
  55. // Check anti-SPAM question
  56. if ($hesk_settings['question_use']) {
  57. $question = hesk_input(hesk_POST('question'));
  58. if (strlen($question) == 0) {
  59. $hesk_error_buffer['question'] = $hesklang['q_miss'];
  60. } elseif (hesk_mb_strtolower($question) != hesk_mb_strtolower($hesk_settings['question_ans'])) {
  61. $hesk_error_buffer['question'] = $hesklang['q_wrng'];
  62. } else {
  63. $_SESSION['c_question'] = $question;
  64. }
  65. }
  66. // Check anti-SPAM image
  67. if ($hesk_settings['secimg_use'] && !isset($_SESSION['img_verified'])) {
  68. // Using reCAPTCHA?
  69. if ($hesk_settings['recaptcha_use']) {
  70. require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
  71. $resp = null;
  72. $reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']);
  73. // Was there a reCAPTCHA response?
  74. if (isset($_POST["g-recaptcha-response"])) {
  75. $resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));
  76. }
  77. if ($resp != null && $resp->success) {
  78. $_SESSION['img_verified'] = true;
  79. } else {
  80. $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
  81. }
  82. } // Using Netsyms Captcheck
  83. elseif ($hesk_settings['recaptcha_use'] == 3) {
  84. $url = 'https://captcheck.netsyms.com/api.php';
  85. $data = [
  86. 'session_id' => $_POST['captcheck_session_code'],
  87. 'answer_id' => $_POST['captcheck_selected_answer'],
  88. 'action' => "verify"
  89. ];
  90. $options = [
  91. 'http' => [
  92. 'header' => "Content-type: application/x-www-form-urlencoded\r\n",
  93. 'method' => 'POST',
  94. 'content' => http_build_query($data)
  95. ]
  96. ];
  97. $context = stream_context_create($options);
  98. $result = file_get_contents($url, false, $context);
  99. $resp = json_decode($result, TRUE);
  100. if ($resp['result'] === true) {
  101. $_SESSION['img_verified'] = true;
  102. } else {
  103. $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
  104. }
  105. } // Using PHP generated image
  106. else {
  107. $mysecnum = intval(hesk_POST('mysecnum', 0));
  108. if (empty($mysecnum)) {
  109. $hesk_error_buffer['mysecnum'] = $hesklang['sec_miss'];
  110. } else {
  111. require(HESK_PATH . 'inc/secimg.inc.php');
  112. $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);
  113. if (isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum'])) {
  114. $_SESSION['img_verified'] = true;
  115. } else {
  116. $hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng'];
  117. }
  118. }
  119. }
  120. }
  121. $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer['name'] = $hesklang['enter_your_name'];
  122. $email_available = true;
  123. if ($hesk_settings['require_email']) {
  124. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
  125. } else {
  126. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0);
  127. // Not required, but must be valid if it is entered
  128. if ($tmpvar['email'] == '') {
  129. $email_available = false;
  130. if (strlen(hesk_POST('email'))) {
  131. $hesk_error_buffer['email'] = $hesklang['not_valid_email'];
  132. }
  133. // No need to confirm the email
  134. $hesk_settings['confirm_email'] = 0;
  135. $_POST['email2'] = '';
  136. $_SESSION['c_email'] = '';
  137. $_SESSION['c_email2'] = '';
  138. }
  139. }
  140. if ($hesk_settings['confirm_email']) {
  141. $tmpvar['email2'] = hesk_validateEmail(hesk_POST('email2'), 'ERR', 0) or $hesk_error_buffer['email2'] = $hesklang['confemail2'];
  142. // Anything entered as email confirmation?
  143. if ($tmpvar['email2'] != '') {
  144. // Do we have multiple emails?
  145. if ($hesk_settings['multi_eml']) {
  146. $tmpvar['email'] = str_replace(';', ',', $tmpvar['email']);
  147. $tmpvar['email2'] = str_replace(';', ',', $tmpvar['email2']);
  148. if (count(array_diff(explode(',', strtolower($tmpvar['email'])), explode(',', strtolower($tmpvar['email2'])))) == 0) {
  149. $_SESSION['c_email2'] = hesk_POST('email2');
  150. }
  151. } // Single email address match
  152. elseif (!$hesk_settings['multi_eml'] && strtolower($tmpvar['email']) == strtolower($tmpvar['email2'])) {
  153. $_SESSION['c_email2'] = hesk_POST('email2');
  154. } else {
  155. // Invalid match
  156. $tmpvar['email2'] = '';
  157. $_POST['email2'] = '';
  158. $_SESSION['c_email2'] = '';
  159. $_SESSION['isnotice'][] = 'email';
  160. $hesk_error_buffer['email2'] = $hesklang['confemaile'];
  161. }
  162. } else {
  163. $_SESSION['c_email2'] = hesk_POST('email2');
  164. }
  165. }
  166. $tmpvar['category'] = intval(hesk_POST('category')) or $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
  167. // Do we allow customer to select priority?
  168. if ($hesk_settings['cust_urgency']) {
  169. $tmpvar['priority'] = intval(hesk_POST('priority'));
  170. // We don't allow customers select "Critical". If priority is not valid set it to "low".
  171. if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3) {
  172. // If we are showing "Click to select" priority needs to be selected
  173. if ($hesk_settings['select_pri']) {
  174. $tmpvar['priority'] = -1;
  175. $hesk_error_buffer['priority'] = $hesklang['select_priority'];
  176. } else {
  177. $tmpvar['priority'] = 3;
  178. }
  179. }
  180. } // Priority will be selected based on the category selected
  181. else {
  182. $res = hesk_dbQuery("SELECT `priority` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`=" . intval($tmpvar['category']));
  183. if (hesk_dbNumRows($res) == 1) {
  184. $tmpvar['priority'] = intval(hesk_dbResult($res));
  185. } else {
  186. $tmpvar['priority'] = 3;
  187. }
  188. }
  189. if ($hesk_settings['require_subject'] == -1) {
  190. $tmpvar['subject'] = '';
  191. } else {
  192. $tmpvar['subject'] = hesk_input( hesk_POST('subject') );
  193. if ($hesk_settings['require_subject'] == 1 && $tmpvar['subject'] == '') {
  194. $hesk_error_buffer['subject'] = $hesklang['enter_ticket_subject'];
  195. }
  196. }
  197. if ($hesk_settings['require_message'] == -1) {
  198. $tmpvar['message'] = '';
  199. } else {
  200. $tmpvar['message'] = hesk_input( hesk_POST('message') );
  201. if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') {
  202. $hesk_error_buffer['message'] = $hesklang['enter_message'];
  203. }
  204. }
  205. // Is category a valid choice?
  206. if ($tmpvar['category']) {
  207. hesk_verifyCategory();
  208. // Is auto-assign of tickets disabled in this category?
  209. if (empty($hesk_settings['category_data'][$tmpvar['category']]['autoassign'])) {
  210. $hesk_settings['autoassign'] = false;
  211. }
  212. }
  213. // Custom fields
  214. $modsForHesk_settings = mfh_getSettings();
  215. foreach ($hesk_settings['custom_fields'] as $k=>$v) {
  216. if ($v['use']==1 && hesk_is_custom_field_in_category($k, $tmpvar['category'])) {
  217. if ($v['type'] == 'checkbox') {
  218. $tmpvar[$k]='';
  219. if (isset($_POST[$k]) && is_array($_POST[$k])) {
  220. foreach ($_POST[$k] as $myCB) {
  221. $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '<br />';;
  222. }
  223. $tmpvar[$k]=substr($tmpvar[$k],0,-6);
  224. } else {
  225. if ($v['req']) {
  226. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  227. }
  228. $_POST[$k] = '';
  229. }
  230. $_SESSION["c_$k"]=hesk_POST_array($k);
  231. } elseif ($v['type'] == 'date') {
  232. $tmpvar[$k] = hesk_POST($k);
  233. $_SESSION["c_$k"] = '';
  234. if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
  235. $date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
  236. $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
  237. $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
  238. $_SESSION["c_$k"] = $tmpvar[$k];
  239. if ($dmin && $dmin > $date) {
  240. $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format']));
  241. } elseif ($dmax && $dmax < $date) {
  242. $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format']));
  243. } else {
  244. $tmpvar[$k] = $date;
  245. }
  246. } else {
  247. if ($v['req']) {
  248. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  249. }
  250. }
  251. } elseif ($v['type'] == 'email') {
  252. $tmp = $hesk_settings['multi_eml'];
  253. $hesk_settings['multi_eml'] = $v['value']['multiple'];
  254. $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0);
  255. $hesk_settings['multi_eml'] = $tmp;
  256. if ($tmpvar[$k] != '') {
  257. $_SESSION["c_$k"] = hesk_input($tmpvar[$k]);
  258. } else {
  259. $_SESSION["c_$k"] = '';
  260. if ($v['req']) {
  261. $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']);
  262. }
  263. }
  264. } elseif ($v['req']) {
  265. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  266. if ($tmpvar[$k] == '') {
  267. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  268. }
  269. $_SESSION["c_$k"]=hesk_POST($k);
  270. } else {
  271. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  272. $_SESSION["c_$k"]=hesk_POST($k);
  273. }
  274. } else {
  275. $tmpvar[$k] = '';
  276. }
  277. }
  278. // Check bans
  279. if ($email_available && ! isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP(hesk_getClientIP())) {
  280. hesk_error($hesklang['baned_e']);
  281. }
  282. // Check maximum open tickets limit
  283. $below_limit = true;
  284. if ($email_available && $hesk_settings['max_open'] && ! isset($hesk_error_buffer['email'])) {
  285. $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `status` IN (SELECT `ID` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) AND " . hesk_dbFormatEmail($tmpvar['email']));
  286. $num = hesk_dbResult($res);
  287. if ($num >= $hesk_settings['max_open']) {
  288. $hesk_error_buffer = array('max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']));
  289. $below_limit = false;
  290. }
  291. }
  292. // If we reached max tickets let's save some resources
  293. if ($below_limit) {
  294. // Generate tracking ID
  295. $tmpvar['trackid'] = hesk_createID();
  296. // Attachments
  297. if ($hesk_settings['attachments']['use']) {
  298. require_once(HESK_PATH . 'inc/attachments.inc.php');
  299. $attachments = array();
  300. $trackingID = $tmpvar['trackid'];
  301. $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);
  302. if ($use_legacy_attachments) {
  303. // The user went to the fallback file upload system.
  304. for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
  305. $att = hesk_uploadFile($i);
  306. if ($att !== false && !empty($att)) {
  307. $attachments[$i] = $att;
  308. }
  309. }
  310. } else {
  311. // The user used the new drag-and-drop system.
  312. $temp_attachment_ids = hesk_POST_array('attachment-ids');
  313. foreach ($temp_attachment_ids as $temp_attachment_id) {
  314. // Simply get the temp info and move it to the attachments table
  315. $temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
  316. $attachments[] = $temp_attachment;
  317. mfh_deleteTemporaryAttachment($temp_attachment_id);
  318. }
  319. }
  320. }
  321. $tmpvar['attachments'] = '';
  322. }
  323. // If we have any errors lets store info in session to avoid re-typing everything
  324. if (count($hesk_error_buffer)) {
  325. $_SESSION['iserror'] = array_keys($hesk_error_buffer);
  326. $_SESSION['c_name'] = hesk_POST('name');
  327. $_SESSION['c_email'] = hesk_POST('email');
  328. $_SESSION['c_priority'] = hesk_POST('priority');
  329. $_SESSION['c_subject'] = hesk_POST('subject');
  330. $_SESSION['c_message'] = hesk_POST('message');
  331. $tmp = '';
  332. foreach ($hesk_error_buffer as $error) {
  333. $tmp .= "<li>$error</li>\n";
  334. }
  335. // Remove any successfully uploaded attachments
  336. if ($below_limit && $hesk_settings['attachments']['use']) {
  337. hesk_removeAttachments($attachments);
  338. }
  339. $hesk_error_buffer = $hesklang['pcer'] . '<br /><br /><ul>' . $tmp . '</ul>';
  340. hesk_process_messages($hesk_error_buffer, 'index.php?a=add&category='.$tmpvar['category']);
  341. }
  342. if (!$modsForHesk_settings['rich_text_for_tickets_for_customers']) {
  343. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  344. $tmpvar['message'] = nl2br($tmpvar['message']);
  345. }
  346. // Track suggested knowledgebase articles
  347. if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'] && isset($_POST['suggested']) && is_array($_POST['suggested'])) {
  348. $tmpvar['articles'] = implode(',', array_unique(array_map('intval', $_POST['suggested'])));
  349. }
  350. // All good now, continue with ticket creation
  351. $tmpvar['owner'] = 0;
  352. // Auto assign tickets if aplicable
  353. $autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
  354. if ($autoassign_owner) {
  355. $tmpvar['owner'] = $autoassign_owner['id'];
  356. $tmpvar['assignedby'] = -1;
  357. }
  358. // Insert attachments
  359. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  360. foreach ($attachments as $myatt) {
  361. hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($tmpvar['trackid']) . "','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
  362. $tmpvar['attachments'] .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  363. }
  364. }
  365. // Set latitude and longitude
  366. $tmpvar['latitude'] = hesk_POST('latitude');
  367. $tmpvar['longitude'] = hesk_POST('longitude');
  368. // Set html
  369. $tmpvar['html'] = $modsForHesk_settings['rich_text_for_tickets_for_customers'];
  370. // Set screen res and user agent
  371. $tmpvar['screen_resolution_height'] = hesk_POST('screen_resolution_height', "NULL");
  372. $tmpvar['screen_resolution_width'] = hesk_POST('screen_resolution_width', "NULL");
  373. $tmpvar['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
  374. // Tickets from customers never have a due date
  375. $tmpvar['due_date'] = '';
  376. // Should the helpdesk validate emails?
  377. $createTicket = true;
  378. if ($modsForHesk_settings['customer_email_verification_required'] && $email_available) {
  379. $verifiedEmailSql = "SELECT `Email` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "verified_emails` WHERE `Email` = '" . hesk_dbEscape($tmpvar['email']) . "'";
  380. $verifiedEmailRS = hesk_dbQuery($verifiedEmailSql);
  381. if (hesk_dbNumRows($verifiedEmailRS) == 0) {
  382. //-- email has not yet been verified.
  383. $ticket = hesk_newTicket($tmpvar, false);
  384. //-- generate the activation key, which is a hash of their email address along with the current time.
  385. $unhashedKey = $tmpvar['email'] . time();
  386. $key = hash('sha512', $unhashedKey);
  387. $escapedEmail = hesk_dbEscape($tmpvar['email']);
  388. $escapedKey = hesk_dbEscape($key);
  389. hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails` (`Email`, `ActivationKey`)
  390. VALUES ('" . $escapedEmail . "', '" . $escapedKey . "')");
  391. hesk_notifyCustomerForVerifyEmail('verify_email', $key, $modsForHesk_settings);
  392. $createTicket = false;
  393. }
  394. }
  395. if ($createTicket) {
  396. //-- email has been verified, and a ticket can be created
  397. $ticket = hesk_newTicket($tmpvar);
  398. mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_submitted_by', hesk_date(),
  399. array(0 => $hesklang['customer']));
  400. if ($autoassign_owner) {
  401. mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(),
  402. array(0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'));
  403. }
  404. // Notify the customer
  405. if ($hesk_settings['notify_new'] && $email_available) {
  406. hesk_notifyCustomer($modsForHesk_settings);
  407. }
  408. // Need to notify staff?
  409. // --> From autoassign?
  410. if ($tmpvar['owner'] && $autoassign_owner['notify_assigned']) {
  411. hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you', $modsForHesk_settings);
  412. } // --> No autoassign, find and notify appropriate staff
  413. elseif (!$tmpvar['owner']) {
  414. hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' ", $modsForHesk_settings);
  415. }
  416. }
  417. // Next ticket show suggested articles again
  418. $_SESSION['ARTICLES_SUGGESTED'] = false;
  419. $_SESSION['already_submitted'] = 1;
  420. // Need email to view ticket? If yes, remember it by default
  421. if ($hesk_settings['email_view_ticket']) {
  422. hesk_setcookie('hesk_myemail', $tmpvar['email'], strtotime('+1 year'));
  423. }
  424. // Unset temporary variables
  425. unset($tmpvar);
  426. hesk_cleanSessionVars('tmpvar');
  427. hesk_cleanSessionVars('c_category');
  428. hesk_cleanSessionVars('c_priority');
  429. hesk_cleanSessionVars('c_subject');
  430. hesk_cleanSessionVars('c_message');
  431. hesk_cleanSessionVars('c_question');
  432. hesk_cleanSessionVars('img_verified');
  433. // Print header
  434. require_once(HESK_PATH . 'inc/header.inc.php');
  435. ?>
  436. <ol class="breadcrumb">
  437. <li><a href="<?php echo $hesk_settings['site_url']; ?>"><?php echo $hesk_settings['site_title']; ?></a></li>
  438. <li><a href="<?php echo $hesk_settings['hesk_url']; ?>"><?php echo $hesk_settings['hesk_title']; ?></a></li>
  439. <li class="active"><?php echo $hesklang['tid_sent']; ?></li>
  440. </ol>
  441. <div style="width: 80%; margin-left: auto; margin-right: auto;">
  442. <?php
  443. if ($createTicket) {
  444. ?>
  445. <div class="panel panel-success">
  446. <div class="panel-heading">
  447. <?php echo $hesklang['ticket_submitted']; ?>
  448. </div>
  449. <div class="panel-body">
  450. <?php
  451. echo $hesklang['ticket_submitted_success'] . ': <b>' . $ticket['trackid'] . '</b><br /><br /> ' .
  452. ( ! $email_available ? $hesklang['write_down'] . '<br /><br />' : '') .
  453. ($email_available && $hesk_settings['notify_new'] && $hesk_settings['spam_notice'] ? $hesklang['spam_inbox'] . '<br /><br />' : '') .
  454. '<a href="' . $hesk_settings['hesk_url'] . '/ticket.php?track=' . $ticket['trackid'] . '" class="btn btn-default">' . $hesklang['view_your_ticket'] . '</a>';
  455. ?>
  456. </div>
  457. </div>
  458. <?php
  459. } else {
  460. hesk_show_notice($hesklang['verify_your_email'] . '<br><br>' . $hesklang['check_spambox']);
  461. }
  462. // Any other messages to display?
  463. hesk_handle_messages();
  464. ?>
  465. </div>
  466. <?php
  467. require_once(HESK_PATH . 'inc/footer.inc.php');
  468. exit();
  469. function hesk_forceStop()
  470. {
  471. global $hesklang;
  472. ?>
  473. <html>
  474. <head>
  475. <meta http-equiv="Refresh" content="0; url=index.php?a=add"/>
  476. </head>
  477. <body>
  478. <p><a href="index.php?a=add"><?php echo $hesklang['c2c']; ?></a>.</p>
  479. </body>
  480. </html>
  481. <?php
  482. exit();
  483. } // END hesk_forceStop()
  484. ?>