Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_post.php 35KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', '../');
  15. define('WYSIWYG', 1);
  16. define('VALIDATOR', 1);
  17. define('MFH_PAGE_LAYOUT', 'TOP_ONLY');
  18. /* Get all the required files and functions */
  19. require(HESK_PATH . 'hesk_settings.inc.php');
  20. require(HESK_PATH . 'inc/common.inc.php');
  21. require(HESK_PATH . 'inc/admin_functions.inc.php');
  22. require(HESK_PATH . 'inc/mail_functions.inc.php');
  23. require(HESK_PATH . 'inc/custom_fields.inc.php');
  24. hesk_load_database_functions();
  25. require(HESK_PATH . 'inc/posting_functions.inc.php');
  26. require(HESK_PATH . 'inc/view_attachment_functions.inc.php');
  27. hesk_session_start();
  28. hesk_dbConnect();
  29. hesk_isLoggedIn();
  30. /* Check permissions for this feature */
  31. if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
  32. hesk_checkPermission('can_view_tickets');
  33. hesk_checkPermission('can_edit_tickets');
  34. }
  35. $modsForHesk_settings = mfh_getSettings();
  36. /* Ticket ID */
  37. $trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
  38. $is_reply = 0;
  39. $tmpvar = array();
  40. if (!isset($_SESSION['iserror'])) {
  41. $_SESSION['iserror'] = array();
  42. }
  43. /* Get ticket info */
  44. $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
  45. if (hesk_dbNumRows($result) != 1) {
  46. hesk_error($hesklang['ticket_not_found']);
  47. }
  48. $ticket = hesk_dbFetchAssoc($result);
  49. // Demo mode
  50. if (defined('HESK_DEMO')) {
  51. $ticket['email'] = 'hidden@demo.com';
  52. }
  53. /* Is this user allowed to view tickets inside this category? */
  54. if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
  55. hesk_okCategory($ticket['category']);
  56. }
  57. if (hesk_isREQUEST('reply')) {
  58. $tmpvar['id'] = intval(hesk_REQUEST('reply')) or die($hesklang['id_not_valid']);
  59. $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$tmpvar['id']}' AND `replyto`='" . intval($ticket['id']) . "' LIMIT 1");
  60. if (hesk_dbNumRows($result) != 1) {
  61. hesk_error($hesklang['id_not_valid']);
  62. }
  63. $reply = hesk_dbFetchAssoc($result);
  64. $ticket['message'] = $reply['message'];
  65. $ticket['html'] = $reply['html'];
  66. $is_reply = 1;
  67. }
  68. // Count number of existing attachments for this post
  69. $number_of_attachments = $is_reply ? hesk_countAttachments($reply['attachments']) : hesk_countAttachments($ticket['attachments']);
  70. if (isset($_POST['save'])) {
  71. /* A security check */
  72. hesk_token_check('POST');
  73. $hesk_error_buffer = array();
  74. // Add attachments?
  75. if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) {
  76. require_once(HESK_PATH . 'inc/attachments.inc.php');
  77. $attachments = array();
  78. $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);
  79. if ($use_legacy_attachments) {
  80. for ($i = $number_of_attachments + 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
  81. $att = hesk_uploadFile($i);
  82. if ($att !== false && !empty($att)) {
  83. $attachments[$i] = $att;
  84. }
  85. }
  86. } else {
  87. // The user used the new drag-and-drop system.
  88. $temp_attachment_ids = hesk_POST_array('attachment-ids');
  89. foreach ($temp_attachment_ids as $temp_attachment_id) {
  90. // Simply get the temp info and move it to the attachments table
  91. $temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
  92. $attachments[] = $temp_attachment;
  93. mfh_deleteTemporaryAttachment($temp_attachment_id);
  94. }
  95. }
  96. }
  97. if ($is_reply) {
  98. $tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];
  99. if (count($hesk_error_buffer)) {
  100. // Remove any successfully uploaded attachments
  101. if ($hesk_settings['attachments']['use'] && isset($attachments)) {
  102. hesk_removeAttachments($attachments);
  103. }
  104. $myerror = '<ul>';
  105. foreach ($hesk_error_buffer as $error) {
  106. $myerror .= "<li>$error</li>\n";
  107. }
  108. $myerror .= '</ul>';
  109. hesk_error($myerror);
  110. }
  111. if (!$modsForHesk_settings['rich_text_for_tickets']) {
  112. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  113. $tmpvar['message'] = nl2br($tmpvar['message']);
  114. }
  115. $tmpvar['html'] = hesk_POST('html');
  116. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  117. foreach ($attachments as $myatt) {
  118. hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
  119. $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  120. }
  121. }
  122. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "', `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."') WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
  123. } else {
  124. $tmpvar['language'] = hesk_POST('customerLanguage');
  125. $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
  126. if ($hesk_settings['require_email']) {
  127. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
  128. } else {
  129. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0);
  130. // Not required, but must be valid if it is entered
  131. if ($tmpvar['email'] == '') {
  132. if (strlen(hesk_POST('email'))) {
  133. $hesk_error_buffer['email'] = $hesklang['not_valid_email'];
  134. }
  135. }
  136. }
  137. $tmpvar['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer[] = $hesklang['enter_ticket_subject'];
  138. $tmpvar['message'] = hesk_input( hesk_POST('message') );
  139. if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') {
  140. $hesk_error_buffer[] = $hesklang['enter_message'];
  141. }
  142. $tmpvar['html'] = hesk_POST('html');
  143. // Demo mode
  144. if (defined('HESK_DEMO')) {
  145. $tmpvar['email'] = 'hidden@demo.com';
  146. }
  147. // Custom fields
  148. foreach ($hesk_settings['custom_fields'] as $k=>$v) {
  149. if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) {
  150. if ($v['req'] == 2) {
  151. $v['req'] = '<span class="important">*</span>';
  152. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  153. } else {
  154. $v['req'] = '';
  155. $required_attribute = '';
  156. }
  157. if ($v['type'] == 'checkbox') {
  158. $tmpvar[$k]='';
  159. if (isset($_POST[$k]) && is_array($_POST[$k])) {
  160. foreach ($_POST[$k] as $myCB) {
  161. $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '<br />';
  162. }
  163. $tmpvar[$k]=substr($tmpvar[$k],0,-6);
  164. } else {
  165. if ($v['req'] == 2) {
  166. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  167. }
  168. $_POST[$k] = '';
  169. }
  170. } elseif ($v['type'] == 'date') {
  171. $tmpvar[$k] = hesk_POST($k);
  172. $_SESSION["as_$k"] = '';
  173. if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
  174. $date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
  175. $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
  176. $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
  177. $_SESSION["as_$k"] = $tmpvar[$k];
  178. if ($dmin && $dmin > $date) {
  179. $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format']));
  180. } elseif ($dmax && $dmax < $date) {
  181. $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format']));
  182. } else {
  183. $tmpvar[$k] = $date;
  184. }
  185. } else {
  186. if ($v['req'] == 2) {
  187. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  188. }
  189. }
  190. } elseif ($v['type'] == 'email') {
  191. $tmp = $hesk_settings['multi_eml'];
  192. $hesk_settings['multi_eml'] = $v['value']['multiple'];
  193. $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0);
  194. $hesk_settings['multi_eml'] = $tmp;
  195. if ($tmpvar[$k] != '') {
  196. $_SESSION["as_$k"] = hesk_input($tmpvar[$k]);
  197. } else {
  198. $_SESSION["as_$k"] = '';
  199. if ($v['req'] == 2) {
  200. $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']);
  201. }
  202. }
  203. } elseif ($v['req'] == 2) {
  204. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  205. if ($tmpvar[$k] == '') {
  206. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  207. }
  208. } else {
  209. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
  210. }
  211. } else {
  212. $tmpvar[$k] = '';
  213. }
  214. }
  215. if (count($hesk_error_buffer)) {
  216. // Remove any successfully uploaded attachments
  217. if ($hesk_settings['attachments']['use'] && isset($attachments)) {
  218. hesk_removeAttachments($attachments);
  219. }
  220. $myerror = '<ul>';
  221. foreach ($hesk_error_buffer as $error) {
  222. $myerror .= "<li>$error</li>\n";
  223. }
  224. $myerror .= '</ul>';
  225. hesk_error($myerror);
  226. }
  227. if (!$tmpvar['html']) {
  228. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  229. $tmpvar['message'] = nl2br($tmpvar['message']);
  230. }
  231. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  232. foreach ($attachments as $myatt) {
  233. hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
  234. $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  235. }
  236. }
  237. $custom_SQL = '';
  238. for ($i = 1; $i <= 50; $i++) {
  239. $custom_SQL .= '`custom'.$i.'`=' . (isset($tmpvar['custom'.$i]) ? "'".hesk_dbEscape($tmpvar['custom'.$i])."'" : "''") . ',';
  240. }
  241. $custom_SQL = rtrim($custom_SQL, ',');
  242. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET
  243. `name`='" . hesk_dbEscape($tmpvar['name']) . "',
  244. `email`='" . hesk_dbEscape($tmpvar['email']) . "',
  245. `subject`='" . hesk_dbEscape($tmpvar['subject']) . "',
  246. `message`='" . hesk_dbEscape($tmpvar['message']) . "',
  247. `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."'),
  248. `language`='" . hesk_dbEscape($tmpvar['language']) . "',
  249. `html`='" . hesk_dbEscape($tmpvar['html']) . "',
  250. $custom_SQL
  251. WHERE `id`='" . intval($ticket['id']) . "' LIMIT 1");
  252. }
  253. unset($tmpvar);
  254. hesk_cleanSessionVars('tmpvar');
  255. hesk_process_messages($hesklang['edt2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
  256. }
  257. $ticket['message'] = hesk_msgToPlain($ticket['message'], 0, 0);
  258. /* Print header */
  259. require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
  260. /* Print admin navigation */
  261. require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
  262. ?>
  263. <div class="content-wrapper">
  264. <ol class="breadcrumb">
  265. <li>
  266. <a href="admin_ticket.php?track=<?php echo $trackingID; ?>&amp;Refresh=<?php echo mt_rand(10000, 99999); ?>"><?php echo $hesklang['ticket'] . ' ' . $trackingID; ?></a>
  267. </li>
  268. <li class="active"><?php echo $hesklang['edtt']; ?></li>
  269. </ol>
  270. <section class="content">
  271. <div class="box">
  272. <div class="box-header with-border">
  273. <h1 class="box-title">
  274. <?php echo $hesklang['edtt']; ?>
  275. </h1>
  276. <div class="box-tools pull-right">
  277. <button type="button" class="btn btn-box-tool" data-widget="collapse">
  278. <i class="fa fa-minus"></i>
  279. </button>
  280. </div>
  281. </div>
  282. <div class="box-body">
  283. <?php
  284. $onsubmit = '';
  285. if ($modsForHesk_settings['rich_text_for_tickets']) {
  286. $onsubmit = 'onsubmit="return validateRichText(\'message-help-block\', \'message-group\', \'message\', \''.htmlspecialchars($hesklang['this_field_is_required']).'\')"';
  287. }
  288. ?>
  289. <form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" enctype="multipart/form-data" <?php echo $onsubmit; ?>>
  290. <?php
  291. /* If it's not a reply edit all the fields */
  292. if (!$is_reply) {
  293. if ($hesk_settings['can_sel_lang']) {
  294. ?>
  295. <div class="form-group">
  296. <label for="customerLanguage"
  297. class="col-sm-3 control-label"><?php echo $hesklang['chol']; ?></label>
  298. <div class="col-sm-9">
  299. <select name="customerLanguage" id="customerLanguage" class="form-control">
  300. <?php hesk_listLanguages(); ?>
  301. </select>
  302. </div>
  303. </div>
  304. <?php } else {
  305. echo '<input type="hidden" name="customerLanguage" value="' . $ticket['language'] . '">';
  306. } ?>
  307. <div class="form-group">
  308. <?php
  309. $required = '';
  310. $required_attribute = '';
  311. if ($hesk_settings['require_subject'] == 1) {
  312. $required = ' <span class="important">*</span>';
  313. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  314. }
  315. ?>
  316. <label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['subject'] . $required; ?></label>
  317. <div class="col-sm-9">
  318. <input class="form-control" type="text" name="subject" size="40" maxlength="70"
  319. value="<?php echo $ticket['subject']; ?>"
  320. placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"/>
  321. </div>
  322. </div>
  323. <div class="form-group">
  324. <label for="name" class="col-sm-3 control-label">
  325. <?php echo $hesklang['name']; ?>
  326. <span class="important">*</span>
  327. </label>
  328. <div class="col-sm-9">
  329. <input class="form-control" type="text" name="name" size="40" maxlength="50"
  330. value="<?php echo $ticket['name']; ?>"
  331. placeholder="<?php echo htmlspecialchars($hesklang['name']); ?>"
  332. data-error="<?php echo $hesklang['this_field_is_required']; ?>"
  333. required>
  334. </div>
  335. </div>
  336. <div class="form-group">
  337. <?php
  338. $required = '';
  339. $required_attribute = '';
  340. if ($hesk_settings['require_email']) {
  341. $required = ' <span class="important">*</span>';
  342. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  343. }
  344. ?>
  345. <label for="email"
  346. class="col-sm-3 control-label"><?php echo $hesklang['email'] . $required; ?></label>
  347. <div class="col-sm-9">
  348. <input class="form-control" type="text" name="email" size="40" maxlength="1000"
  349. value="<?php echo $ticket['email']; ?>"
  350. placeholder="<?php echo htmlspecialchars($hesklang['email']); ?>"
  351. <?php echo $required_attribute ?>>
  352. <div class="help-block with-errors"></div>
  353. </div>
  354. </div>
  355. <?php
  356. foreach ($hesk_settings['custom_fields'] as $k => $v) {
  357. if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) {
  358. $k_value = $ticket[$k];
  359. if ($v['type'] == 'checkbox') {
  360. $k_value = explode('<br />', $k_value);
  361. }
  362. if ($v['req'] == 2) {
  363. $v['req'] = '<span class="important">*</span>';
  364. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  365. } else {
  366. $v['req'] = '';
  367. $required_attribute = '';
  368. }
  369. switch ($v['type']) {
  370. /* Radio box */
  371. case 'radio':
  372. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  373. echo '
  374. <div class="form-group' . $cls . '">
  375. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  376. <div class="col-sm-9">';
  377. foreach ($v['value']['radio_options'] as $option) {
  378. if (strlen($k_value) == 0) {
  379. $k_value = $option;
  380. $checked = empty($v['value']['no_default']) ? 'checked="checked"' : '';
  381. } elseif ($k_value == $option) {
  382. $k_value = $option;
  383. $checked = 'checked="checked"';
  384. } else {
  385. $checked = '';
  386. }
  387. echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
  388. }
  389. if (!empty($v['mfh_description'])) {
  390. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  391. }
  392. echo '<div class="help-block with-errors"></div></div>
  393. </div>';
  394. break;
  395. /* Select drop-down box */
  396. case 'select':
  397. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  398. echo '
  399. <div class="form-group">
  400. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  401. <div class="col-sm-9">
  402. <select name="' . $k . '" class="form-control" ' . $required_attribute . '>';
  403. // Show "Click to select"?
  404. if (!empty($v['value']['show_select'])) {
  405. echo '<option value="">' . $hesklang['select'] . '</option>';
  406. }
  407. foreach ($v['value']['select_options'] as $option) {
  408. if ($k_value == $option) {
  409. $k_value = $option;
  410. $selected = 'selected';
  411. } else {
  412. $selected = '';
  413. }
  414. echo '<option ' . $selected . '>' . $option . '</option>';
  415. }
  416. if (!empty($v['mfh_description'])) {
  417. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  418. }
  419. echo '</select>';
  420. echo '<div class="help-block with-errors"></div>
  421. </div>
  422. </div>';
  423. break;
  424. /* Checkbox */
  425. case 'checkbox':
  426. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  427. echo '
  428. <div class="form-group' . $cls . '">
  429. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  430. <div class="col-sm-9">';
  431. foreach ($v['value']['checkbox_options'] as $option) {
  432. if (in_array($option, $k_value)) {
  433. $checked = 'checked';
  434. } else {
  435. $checked = '';
  436. }
  437. echo '<div class="checkbox"><label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
  438. }
  439. if (!empty($v['mfh_description'])) {
  440. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  441. }
  442. echo '<div class="help-block with-errors"></div>
  443. </div>
  444. </div>';
  445. break;
  446. /* Large text box */
  447. case 'textarea':
  448. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  449. $k_value = hesk_msgToPlain($k_value, 0, 0);
  450. echo '
  451. <div class="form-group' . $cls . '">
  452. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  453. <div class="col-sm-9">
  454. <textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
  455. if (!empty($v['mfh_description'])) {
  456. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  457. }
  458. echo '<div class="help-block with-errors"></div>
  459. </div>
  460. </div>';
  461. break;
  462. // Date
  463. case 'date':
  464. if ($required_attribute !== '') {
  465. $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"';
  466. }
  467. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  468. $k_value = hesk_custom_date_display_format($k_value, 'Y-m-d');
  469. echo '
  470. <div class="form-group' . $cls . '">
  471. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  472. <div class="col-sm-9">
  473. <input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>';
  474. if (!empty($v['mfh_description'])) {
  475. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  476. }
  477. echo '<div class="help-block with-errors"></div>
  478. </div>
  479. </div>';
  480. break;
  481. // Email
  482. case 'email':
  483. $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
  484. $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\'' . $k . '\', \'' . $k . '_suggestions\', 0, 1' . ($v['value']['multiple'] ? ',1' : '') . ')"' : '';
  485. echo '
  486. <div class="form-group' . $cls . '">
  487. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  488. <div class="col-sm-9">
  489. <input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>';
  490. if (!empty($v['mfh_description'])) {
  491. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  492. }
  493. echo '<div class="help-block with-errors"></div>
  494. </div>
  495. <div id="' . $k . '_suggestions"></div>
  496. </div>
  497. ';
  498. break;
  499. // Hidden (same as text for staff)
  500. case 'hidden':
  501. case 'readonly':
  502. default:
  503. $k_value = hesk_msgToPlain($k_value,0,0);
  504. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  505. echo '
  506. <div class="form-group' . $cls . '">
  507. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  508. <div class="col-sm-9">
  509. <input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $k_value . '" ' . $required_attribute . '>';
  510. if (!empty($v['mfh_description'])) {
  511. echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
  512. }
  513. echo '<div class="help-block with-errors"></div>
  514. </div>
  515. </div>
  516. ';
  517. }
  518. }
  519. }
  520. } ?>
  521. <div class="form-group" id="message-group">
  522. <?php
  523. $required = '';
  524. $required_attribute = '';
  525. if ($hesk_settings['require_message'] == 1) {
  526. $required = ' <span class="important">*</span>';
  527. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  528. }
  529. ?>
  530. <label for="message" class="col-sm-3 control-label"><?php echo $hesklang['message'] . $required; ?></label>
  531. <div class="col-sm-9">
  532. <?php
  533. $message = $ticket['html'] ? hesk_html_entity_decode($ticket['message']) : $ticket['message'];
  534. ?>
  535. <textarea class="form-control htmlEditor" name="message" rows="12"
  536. placeholder="<?php echo htmlspecialchars($hesklang['message']); ?>"
  537. cols="60" <?php echo $required_attribute; ?>><?php echo $message; ?></textarea>
  538. <div class="help-block with-errors" id="message-help-block"></div>
  539. </div>
  540. </div>
  541. <?php if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) : ?>
  542. <div class="form-group">
  543. <label for="attachments" class="control-label col-sm-3"><?php echo $hesklang['attachments']; ?>:</label>
  544. <div class="col-sm-9">
  545. <?php build_dropzone_markup(true, 'filedrop', $number_of_attachments + 1); ?>
  546. </div>
  547. </div>
  548. <?php
  549. display_dropzone_field(HESK_PATH . 'internal-api/ticket/upload-attachment.php',
  550. 'filedrop',
  551. $hesk_settings['attachments']['max_number'] - $number_of_attachments);
  552. endif; ?>
  553. <div class="form-group">
  554. <input type="hidden" name="save" value="1">
  555. <input type="hidden" name="track" value="<?php echo $trackingID; ?>">
  556. <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>">
  557. <?php
  558. if ($is_reply) {
  559. ?>
  560. <input type="hidden" name="reply" value="<?php echo $tmpvar['id']; ?>">
  561. <?php
  562. }
  563. ?>
  564. </div>
  565. <div class="form-group">
  566. <div class="col-md-9 col-md-offset-3">
  567. <?php
  568. $html = $ticket['html'] ? 1 : 0;
  569. ?>
  570. <input type="hidden" name="html" value="<?php echo $html; ?>">
  571. <div class="btn-group">
  572. <input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-primary">
  573. <a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
  574. </div>
  575. <?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
  576. <input type="hidden" name="isManager" value="1">
  577. <?php endif; ?>
  578. </div>
  579. </div>
  580. </form>
  581. </div>
  582. </div>
  583. <script>
  584. buildValidatorForTicketSubmission('form1', "<?php echo addslashes($hesklang['select_at_least_one_value']); ?>");
  585. </script>
  586. <?php if ($ticket['html']): ?>
  587. <script type="text/javascript">
  588. /* <![CDATA[ */
  589. $(document).ready(function() {
  590. $('.htmlEditor').summernote({
  591. height: 200,
  592. toolbar: [
  593. ['style', ['bold', 'italic', 'underline', 'clear']],
  594. ['font', ['strikethrough', 'superscript', 'subscript']],
  595. ['para', ['ul', 'ol']]
  596. ]
  597. });
  598. });
  599. /* ]]> */
  600. </script>
  601. <?php endif; ?>
  602. </section>
  603. </div>
  604. <?php
  605. require_once(HESK_PATH . 'inc/footer.inc.php');
  606. exit();
  607. function hesk_countAttachments($attachments_string) {
  608. if ( ! strlen($attachments_string) || strpos($attachments_string, ',') === false) {
  609. return 0;
  610. }
  611. $att = explode(',', substr($attachments_string, 0, -1));
  612. return count($att);
  613. } // END hesk_countAttachments()