Netsyms
/
Mods-for-HESK-Netsyms
2
0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 56 Wiki アクティビティ
Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
2319 コミット
6 ブランチ
9.5 MiB
 
 
 
ブランチ: master
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'master' から
${ noResults }
Mods-for-HESK-Netsyms/submit_ticket.php

574 行
21 KiB
Raw パーマリンク Blame 履歴 

  1. <?php

  2. /**

  3.  *

  4.  * This file is part of HESK - PHP Help Desk Software.

  5.  *

  6.  * (c) Copyright Klemen Stirn. All rights reserved.

  7.  * https://www.hesk.com

  8.  *

  9.  * For the full copyright and license agreement information visit

  10.  * https://www.hesk.com/eula.php

  11.  *

  12.  */

  13. 

  14. define('IN_SCRIPT', 1);

  15. define('HESK_PATH', './');

  16. 

  17. // Try to detect some simple SPAM bots

  18. if (!isset($_POST['hx']) || $_POST['hx'] != 3 || !isset($_POST['hy']) || $_POST['hy'] != '' || isset($_POST['phone'])) {

  19.     header('HTTP/1.1 403 Forbidden');

  20.     exit();

  21. }

  22. 

  23. // Get all the required files and functions

  24. require(HESK_PATH . 'hesk_settings.inc.php');

  25. require(HESK_PATH . 'inc/common.inc.php');

  26. 

  27. // Are we in maintenance mode?

  28. hesk_check_maintenance();

  29. 

  30. // Are we in "Knowledgebase only" mode?

  31. hesk_check_kb_only();

  32. 

  33. hesk_load_database_functions();

  34. require(HESK_PATH . 'inc/email_functions.inc.php');

  35. require(HESK_PATH . 'inc/posting_functions.inc.php');

  36. require(HESK_PATH . 'inc/htmLawed.php');

  37. 

  38. // We only allow POST requests to this file

  39. if ($_SERVER['REQUEST_METHOD'] != 'POST') {

  40.     header('Location: index.php?a=add');

  41.     exit();

  42. }

  43. 

  44. // Check for POST requests larger than what the server can handle

  45. if (empty($_POST) && !empty($_SERVER['CONTENT_LENGTH'])) {

  46.     hesk_error($hesklang['maxpost']);

  47. }

  48. 

  49. // Block obvious spammers trying to inject email headers

  50. if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", hesk_POST('name') . hesk_POST('subject'))) {

  51.     header('HTTP/1.1 403 Forbidden');

  52.     exit();

  53. }

  54. 

  55. hesk_session_start();

  56. 

  57. // A security check - not needed here, but uncomment if you require it

  58. # hesk_token_check();

  59. 

  60. // Prevent submitting multiple tickets by reloading submit_ticket.php page

  61. if (isset($_SESSION['already_submitted'])) {

  62.     hesk_forceStop();

  63. }

  64. 

  65. // Connect to database

  66. hesk_dbConnect();

  67. 

  68. $hesk_error_buffer = array();

  69. 

  70. // Check anti-SPAM question

  71. if ($hesk_settings['question_use']) {

  72.     $question = hesk_input(hesk_POST('question'));

  73. 

  74.     if (strlen($question) == 0) {

  75.         $hesk_error_buffer['question'] = $hesklang['q_miss'];

  76.     } elseif (hesk_mb_strtolower($question) != hesk_mb_strtolower($hesk_settings['question_ans'])) {

  77.         $hesk_error_buffer['question'] = $hesklang['q_wrng'];

  78.     } else {

  79.         $_SESSION['c_question'] = $question;

  80.     }

  81. }

  82. 

  83. // Check anti-SPAM image

  84. if ($hesk_settings['secimg_use'] && !isset($_SESSION['img_verified'])) {

  85.     // Using reCAPTCHA?

  86.     if ($hesk_settings['recaptcha_use']) {

  87.         require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');

  88. 

  89.         $resp = null;

  90.         $reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']);

  91. 

  92.         // Was there a reCAPTCHA response?

  93.         if (isset($_POST["g-recaptcha-response"])) {

  94.             $resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));

  95.         }

  96. 

  97.         if ($resp != null && $resp->success) {

  98.             $_SESSION['img_verified'] = true;

  99.         } else {

  100.             $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];

  101.         }

  102.     } // Using Netsyms Captcheck

  103.     elseif ($hesk_settings['recaptcha_use'] == 3) {

  104.         $url = 'https://captcheck.netsyms.com/api.php';

  105.         $data = [

  106.             'session_id' => $_POST['captcheck_session_code'],

  107.             'answer_id' => $_POST['captcheck_selected_answer'],

  108.             'action' => "verify"

  109.         ];

  110.         $options = [

  111.             'http' => [

  112.                 'header' => "Content-type: application/x-www-form-urlencoded\r\n",

  113.                 'method' => 'POST',

  114.                 'content' => http_build_query($data)

  115.             ]

  116.         ];

  117.         $context = stream_context_create($options);

  118.         $result = file_get_contents($url, false, $context);

  119.         $resp = json_decode($result, TRUE);

  120.         if ($resp['result'] === true) {

  121.             $_SESSION['img_verified'] = true;

  122.         } else {

  123.             $hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];

  124.         }

  125.     } // Using PHP generated image

  126.     else {

  127.         $mysecnum = intval(hesk_POST('mysecnum', 0));

  128. 

  129.         if (empty($mysecnum)) {

  130.             $hesk_error_buffer['mysecnum'] = $hesklang['sec_miss'];

  131.         } else {

  132.             require(HESK_PATH . 'inc/secimg.inc.php');

  133.             $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']);

  134.             if (isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum'])) {

  135.                 $_SESSION['img_verified'] = true;

  136.             } else {

  137.                 $hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng'];

  138.             }

  139.         }

  140.     }

  141. }

  142. 

  143. $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer['name'] = $hesklang['enter_your_name'];

  144. 

  145. $email_available = true;

  146. 

  147. if ($hesk_settings['require_email']) {

  148.     $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];

  149. } else {

  150.     $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0);

  151. 

  152.     // Not required, but must be valid if it is entered

  153.     if ($tmpvar['email'] == '') {

  154.         $email_available = false;

  155. 

  156.         if (strlen(hesk_POST('email'))) {

  157.             $hesk_error_buffer['email'] = $hesklang['not_valid_email'];

  158.         }

  159. 

  160.         // No need to confirm the email

  161.         $hesk_settings['confirm_email'] = 0;

  162.         $_POST['email2'] = '';

  163.         $_SESSION['c_email'] = '';

  164.         $_SESSION['c_email2'] = '';

  165.     }

  166. }

  167. 

  168. if ($hesk_settings['confirm_email']) {

  169.     $tmpvar['email2'] = hesk_validateEmail(hesk_POST('email2'), 'ERR', 0) or $hesk_error_buffer['email2'] = $hesklang['confemail2'];

  170. 

  171.     // Anything entered as email confirmation?

  172.     if ($tmpvar['email2'] != '') {

  173.         // Do we have multiple emails?

  174.         if ($hesk_settings['multi_eml']) {

  175.             $tmpvar['email'] = str_replace(';', ',', $tmpvar['email']);

  176.             $tmpvar['email2'] = str_replace(';', ',', $tmpvar['email2']);

  177. 

  178.             if (count(array_diff(explode(',', strtolower($tmpvar['email'])), explode(',', strtolower($tmpvar['email2'])))) == 0) {

  179.                 $_SESSION['c_email2'] =  hesk_POST('email2');

  180.             }

  181.         } // Single email address match

  182.         elseif (!$hesk_settings['multi_eml'] && strtolower($tmpvar['email']) == strtolower($tmpvar['email2'])) {

  183.             $_SESSION['c_email2'] =  hesk_POST('email2');

  184.         } else {

  185.             // Invalid match

  186.             $tmpvar['email2'] = '';

  187.             $_POST['email2'] = '';

  188.             $_SESSION['c_email2'] = '';

  189.             $_SESSION['isnotice'][] = 'email';

  190.             $hesk_error_buffer['email2'] = $hesklang['confemaile'];

  191.         }

  192.     } else {

  193.         $_SESSION['c_email2'] =  hesk_POST('email2');

  194.     }

  195. }

  196. 

  197. $tmpvar['category'] = intval(hesk_POST('category')) or $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];

  198. 

  199. // Do we allow customer to select priority?

  200. if ($hesk_settings['cust_urgency']) {

  201.     $tmpvar['priority'] = intval(hesk_POST('priority'));

  202. 

  203.     // We don't allow customers select "Critical". If priority is not valid set it to "low".

  204.     if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3) {

  205.         // If we are showing "Click to select" priority needs to be selected

  206.         if ($hesk_settings['select_pri']) {

  207.             $tmpvar['priority'] = -1;

  208.             $hesk_error_buffer['priority'] = $hesklang['select_priority'];

  209.         } else {

  210.             $tmpvar['priority'] = 3;

  211.         }

  212.     }

  213. } // Priority will be selected based on the category selected

  214. else {

  215.     $res = hesk_dbQuery("SELECT `priority` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`=" . intval($tmpvar['category']));

  216.     if (hesk_dbNumRows($res) == 1) {

  217.         $tmpvar['priority'] = intval(hesk_dbResult($res));

  218.     } else {

  219.         $tmpvar['priority'] = 3;

  220.     }

  221. }

  222. 

  223. if ($hesk_settings['require_subject'] == -1) {

  224.     $tmpvar['subject'] = '';

  225. } else {

  226.     $tmpvar['subject'] = hesk_input( hesk_POST('subject') );

  227. 

  228.     if ($hesk_settings['require_subject'] == 1 && $tmpvar['subject'] == '') {

  229.         $hesk_error_buffer['subject'] = $hesklang['enter_ticket_subject'];

  230.     }

  231. }

  232. 

  233. if ($hesk_settings['require_message'] == -1) {

  234.     $tmpvar['message'] = '';

  235. } else {

  236.     $tmpvar['message'] = hesk_input( hesk_POST('message') );

  237. 

  238.     if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') {

  239.         $hesk_error_buffer['message'] = $hesklang['enter_message'];

  240.     }

  241. }

  242. 

  243. // Is category a valid choice?

  244. if ($tmpvar['category']) {

  245.     hesk_verifyCategory();

  246. 

  247.     // Is auto-assign of tickets disabled in this category?

  248.     if (empty($hesk_settings['category_data'][$tmpvar['category']]['autoassign'])) {

  249.         $hesk_settings['autoassign'] = false;

  250.     }

  251. }

  252. 

  253. // Custom fields

  254. $modsForHesk_settings = mfh_getSettings();

  255. foreach ($hesk_settings['custom_fields'] as $k=>$v) {

  256.     if ($v['use']==1 && hesk_is_custom_field_in_category($k, $tmpvar['category'])) {

  257.         if ($v['type'] == 'checkbox') {

  258.             $tmpvar[$k]='';

  259. 

  260.             if (isset($_POST[$k]) && is_array($_POST[$k])) {

  261.                 foreach ($_POST[$k] as $myCB) {

  262.                     $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '<br />';;

  263.                 }

  264. 

  265.                 $tmpvar[$k]=substr($tmpvar[$k],0,-6);

  266.             } else {

  267.                 if ($v['req']) {

  268.                     $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];

  269.                 }

  270.                 $_POST[$k] = '';

  271.             }

  272. 

  273.             $_SESSION["c_$k"]=hesk_POST_array($k);

  274.         } elseif ($v['type'] == 'date') {

  275.             $tmpvar[$k] = hesk_POST($k);

  276.             $_SESSION["c_$k"] = '';

  277. 

  278.             if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {

  279.                 $date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');

  280.                 $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;

  281.                 $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;

  282. 

  283.                 $_SESSION["c_$k"] = $tmpvar[$k];

  284. 

  285.                 if ($dmin && $dmin > $date) {

  286.                     $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format']));

  287.                 } elseif ($dmax && $dmax < $date) {

  288.                     $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format']));

  289.                 } else {

  290.                     $tmpvar[$k] = $date;

  291.                 }

  292.             } else {

  293.                 if ($v['req']) {

  294.                     $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];

  295.                 }

  296.             }

  297.         } elseif ($v['type'] == 'email') {

  298.             $tmp = $hesk_settings['multi_eml'];

  299.             $hesk_settings['multi_eml'] = $v['value']['multiple'];

  300.             $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0);

  301.             $hesk_settings['multi_eml'] = $tmp;

  302. 

  303.             if ($tmpvar[$k] != '') {

  304.                 $_SESSION["c_$k"] = hesk_input($tmpvar[$k]);

  305.             } else {

  306.                 $_SESSION["c_$k"] = '';

  307. 

  308.                 if ($v['req']) {

  309.                     $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']);

  310.                 }

  311.             }

  312.         } elseif ($v['req']) {

  313.             $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));

  314.             if ($tmpvar[$k] == '') {

  315.                 $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];

  316.             }

  317.             $_SESSION["c_$k"]=hesk_POST($k);

  318.         } else {

  319.             $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));

  320.             $_SESSION["c_$k"]=hesk_POST($k);

  321.         }

  322.     } else {

  323.         $tmpvar[$k] = '';

  324.     }

  325. }

  326. 

  327. // Check bans

  328. if ($email_available && ! isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP(hesk_getClientIP())) {

  329.     hesk_error($hesklang['baned_e']);

  330. }

  331. 

  332. // Check maximum open tickets limit

  333. $below_limit = true;

  334. if ($email_available && $hesk_settings['max_open'] && ! isset($hesk_error_buffer['email'])) {

  335.     $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `status` IN (SELECT `ID` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) AND " . hesk_dbFormatEmail($tmpvar['email']));

  336.     $num = hesk_dbResult($res);

  337. 

  338.     if ($num >= $hesk_settings['max_open']) {

  339.         $hesk_error_buffer = array('max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']));

  340.         $below_limit = false;

  341.     }

  342. }

  343. 

  344. // If we reached max tickets let's save some resources

  345. if ($below_limit) {

  346.     // Generate tracking ID

  347.     $tmpvar['trackid'] = hesk_createID();

  348. 

  349.     // Attachments

  350.     if ($hesk_settings['attachments']['use']) {

  351.         require_once(HESK_PATH . 'inc/attachments.inc.php');

  352. 

  353.         $attachments = array();

  354.         $trackingID = $tmpvar['trackid'];

  355. 

  356.         $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);

  357. 

  358.         if ($use_legacy_attachments) {

  359.             // The user went to the fallback file upload system.

  360.             for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {

  361.                 $att = hesk_uploadFile($i);

  362.                 if ($att !== false && !empty($att)) {

  363.                     $attachments[$i] = $att;

  364.                 }

  365.             }

  366.         } else {

  367.             // The user used the new drag-and-drop system.

  368.             $temp_attachment_ids = hesk_POST_array('attachment-ids');

  369.             foreach ($temp_attachment_ids as $temp_attachment_id) {

  370.                 // Simply get the temp info and move it to the attachments table

  371.                 $temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);

  372.                 $attachments[] = $temp_attachment;

  373.                 mfh_deleteTemporaryAttachment($temp_attachment_id);

  374.             }

  375.         }

  376.     }

  377.     $tmpvar['attachments'] = '';

  378. }

  379. 

  380. // If we have any errors lets store info in session to avoid re-typing everything

  381. if (count($hesk_error_buffer)) {

  382.     $_SESSION['iserror'] = array_keys($hesk_error_buffer);

  383. 

  384.     $_SESSION['c_name'] = hesk_POST('name');

  385.     $_SESSION['c_email'] = hesk_POST('email');

  386.     $_SESSION['c_priority'] = hesk_POST('priority');

  387.     $_SESSION['c_subject'] = hesk_POST('subject');

  388.     $_SESSION['c_message'] = hesk_POST('message');

  389. 

  390.     $tmp = '';

  391.     foreach ($hesk_error_buffer as $error) {

  392.         $tmp .= "<li>$error</li>\n";

  393.     }

  394. 

  395.     // Remove any successfully uploaded attachments

  396.     if ($below_limit && $hesk_settings['attachments']['use']) {

  397.         hesk_removeAttachments($attachments);

  398.     }

  399. 

  400.     $hesk_error_buffer = $hesklang['pcer'] . '<br /><br /><ul>' . $tmp . '</ul>';

  401.     hesk_process_messages($hesk_error_buffer, 'index.php?a=add&category='.$tmpvar['category']);

  402. }

  403. 

  404. if (!$modsForHesk_settings['rich_text_for_tickets_for_customers']) {

  405.     $tmpvar['message'] = hesk_makeURL($tmpvar['message']);

  406.     $tmpvar['message'] = nl2br($tmpvar['message']);

  407. }

  408. 

  409. // Track suggested knowledgebase articles

  410. if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'] && isset($_POST['suggested']) && is_array($_POST['suggested'])) {

  411.     $tmpvar['articles'] = implode(',', array_unique(array_map('intval', $_POST['suggested'])));

  412. }

  413. 

  414. // All good now, continue with ticket creation

  415. $tmpvar['owner'] = 0;

  416. 

  417. // Auto assign tickets if aplicable

  418. $autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);

  419. if ($autoassign_owner) {

  420.     $tmpvar['owner'] = $autoassign_owner['id'];

  421.     $tmpvar['assignedby'] = -1;

  422. }

  423. 

  424. // Insert attachments

  425. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {

  426.     foreach ($attachments as $myatt) {

  427.         hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($tmpvar['trackid']) . "','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");

  428.         $tmpvar['attachments'] .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';

  429.     }

  430. }

  431. 

  432. // Set latitude and longitude

  433. $tmpvar['latitude'] = hesk_POST('latitude');

  434. $tmpvar['longitude'] = hesk_POST('longitude');

  435. 

  436. // Set html

  437. $tmpvar['html'] = $modsForHesk_settings['rich_text_for_tickets_for_customers'];

  438. 

  439. // Set screen res and user agent

  440. $tmpvar['screen_resolution_height'] = hesk_POST('screen_resolution_height', "NULL");

  441. $tmpvar['screen_resolution_width'] = hesk_POST('screen_resolution_width', "NULL");

  442. $tmpvar['user_agent'] = $_SERVER['HTTP_USER_AGENT'];

  443. 

  444. // Tickets from customers never have a due date

  445. $tmpvar['due_date'] = '';

  446. 

  447. // Should the helpdesk validate emails?

  448. $createTicket = true;

  449. if ($modsForHesk_settings['customer_email_verification_required'] && $email_available) {

  450.     $verifiedEmailSql = "SELECT `Email` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "verified_emails` WHERE `Email` = '" . hesk_dbEscape($tmpvar['email']) . "'";

  451.     $verifiedEmailRS = hesk_dbQuery($verifiedEmailSql);

  452.     if (hesk_dbNumRows($verifiedEmailRS) == 0) {

  453.         //-- email has not yet been verified.

  454.         $ticket = hesk_newTicket($tmpvar, false);

  455. 

  456.         //-- generate the activation key, which is a hash of their email address along with the current time.

  457.         $unhashedKey = $tmpvar['email'] . time();

  458.         $key = hash('sha512', $unhashedKey);

  459. 

  460.         $escapedEmail = hesk_dbEscape($tmpvar['email']);

  461.         $escapedKey = hesk_dbEscape($key);

  462.         hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails` (`Email`, `ActivationKey`)

  463.         VALUES ('" . $escapedEmail . "', '" . $escapedKey . "')");

  464. 

  465.         hesk_notifyCustomerForVerifyEmail('verify_email', $key, $modsForHesk_settings);

  466.         $createTicket = false;

  467.     }

  468. }

  469. if ($createTicket) {

  470.     //-- email has been verified, and a ticket can be created

  471.     $ticket = hesk_newTicket($tmpvar);

  472. 

  473.     mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_submitted_by', hesk_date(),

  474.         array(0 => $hesklang['customer']));

  475. 

  476.     if ($autoassign_owner) {

  477.         mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(),

  478.             array(0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'));

  479.     }

  480. 

  481.     // Notify the customer

  482.     if ($hesk_settings['notify_new'] && $email_available) {

  483.         hesk_notifyCustomer($modsForHesk_settings);

  484.     }

  485. 

  486.     // Need to notify staff?

  487.     // --> From autoassign?

  488.     if ($tmpvar['owner'] && $autoassign_owner['notify_assigned']) {

  489.         hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you', $modsForHesk_settings);

  490.     } // --> No autoassign, find and notify appropriate staff

  491.     elseif (!$tmpvar['owner']) {

  492.         hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' ", $modsForHesk_settings);

  493.     }

  494. }

  495. 

  496. // Next ticket show suggested articles again

  497. $_SESSION['ARTICLES_SUGGESTED'] = false;

  498. $_SESSION['already_submitted'] = 1;

  499. 

  500. // Need email to view ticket? If yes, remember it by default

  501. if ($hesk_settings['email_view_ticket']) {

  502.     hesk_setcookie('hesk_myemail', $tmpvar['email'], strtotime('+1 year'));

  503. }

  504. 

  505. // Unset temporary variables

  506. unset($tmpvar);

  507. hesk_cleanSessionVars('tmpvar');

  508. hesk_cleanSessionVars('c_category');

  509. hesk_cleanSessionVars('c_priority');

  510. hesk_cleanSessionVars('c_subject');

  511. hesk_cleanSessionVars('c_message');

  512. hesk_cleanSessionVars('c_question');

  513. hesk_cleanSessionVars('img_verified');

  514. 

  515. // Print header

  516. require_once(HESK_PATH . 'inc/header.inc.php');

  517. 

  518. ?>

  519. 

  520. <ol class="breadcrumb">

  521.     <li><a href="<?php echo $hesk_settings['site_url']; ?>"><?php echo $hesk_settings['site_title']; ?></a></li>

  522.     <li><a href="<?php echo $hesk_settings['hesk_url']; ?>"><?php echo $hesk_settings['hesk_title']; ?></a></li>

  523.     <li class="active"><?php echo $hesklang['tid_sent']; ?></li>

  524. </ol>

  525. 

  526. <div style="width: 80%; margin-left: auto; margin-right: auto;">

  527.     <?php

  528.     if ($createTicket) {

  529.     ?>

  530.     <div class="panel panel-success">

  531.         <div class="panel-heading">

  532.             <?php echo $hesklang['ticket_submitted']; ?>

  533.         </div>

  534.         <div class="panel-body">

  535.             <?php

  536.                 echo $hesklang['ticket_submitted_success'] . ': <b>' . $ticket['trackid'] . '</b><br /><br /> ' .

  537.                 ( ! $email_available ? $hesklang['write_down'] . '<br /><br />' : '') .

  538.                 ($email_available && $hesk_settings['notify_new'] && $hesk_settings['spam_notice'] ? $hesklang['spam_inbox'] . '<br /><br />' : '') .

  539.                 '<a href="' . $hesk_settings['hesk_url'] . '/ticket.php?track=' . $ticket['trackid'] . '" class="btn btn-default">' . $hesklang['view_your_ticket'] . '</a>';

  540.             ?>

  541.         </div>

  542.     </div>

  543.     <?php

  544.     } else {

  545.         hesk_show_notice($hesklang['verify_your_email'] . '<br><br>' . $hesklang['check_spambox']);

  546.     }

  547. 

  548.     // Any other messages to display?

  549.     hesk_handle_messages();

  550.     ?>

  551. </div>

  552. 

  553. <?php

  554. require_once(HESK_PATH . 'inc/footer.inc.php');

  555. exit();

  556. 

  557. 

  558. function hesk_forceStop()

  559. {

  560.     global $hesklang;

  561.     ?>

  562.     <html>

  563.     <head>

  564.         <meta http-equiv="Refresh" content="0; url=index.php?a=add"/>

  565.     </head>

  566.     <body>

  567.     <p><a href="index.php?a=add"><?php echo $hesklang['c2c']; ?></a>.</p>

  568.     </body>

  569.     </html>

  570.     <?php

  571.     exit();

  572. } // END hesk_forceStop()

  573. ?>