Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

admin_settings_save.php 38KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', '../');
  15. // Make sure OPcache is reset when modifying settings
  16. if (function_exists('opcache_reset')) {
  17. opcache_reset();
  18. }
  19. /* Get all the required files and functions */
  20. require(HESK_PATH . 'hesk_settings.inc.php');
  21. require(HESK_PATH . 'inc/common.inc.php');
  22. require(HESK_PATH . 'inc/admin_functions.inc.php');
  23. require(HESK_PATH . 'inc/setup_functions.inc.php');
  24. hesk_load_database_functions();
  25. hesk_session_start();
  26. hesk_dbConnect();
  27. require(HESK_PATH . 'inc/email_functions.inc.php');
  28. hesk_isLoggedIn();
  29. // Check permissions for this feature
  30. hesk_checkPermission('can_manage_settings');
  31. // A security check
  32. hesk_token_check('POST');
  33. // Demo mode
  34. if (defined('HESK_DEMO')) {
  35. hesk_process_messages($hesklang['sdemo'], 'admin_settings.php');
  36. }
  37. $set = array();
  38. /*** GENERAL ***/
  39. /* --> General settings */
  40. $set['site_title'] = hesk_input(hesk_POST('s_site_title'), $hesklang['err_sname']);
  41. $set['site_title'] = str_replace('\\&quot;', '&quot;', $set['site_title']);
  42. $set['site_url'] = hesk_input(hesk_POST('s_site_url'), $hesklang['err_surl']);
  43. $set['hesk_title'] = hesk_input(hesk_POST('s_hesk_title'), $hesklang['err_htitle']);
  44. $set['hesk_title'] = str_replace('\\&quot;', '&quot;', $set['hesk_title']);
  45. $set['hesk_url'] = rtrim(hesk_input(hesk_POST('s_hesk_url'), $hesklang['err_hurl']), '/');
  46. $set['webmaster_mail'] = hesk_validateEmail(hesk_POST('s_webmaster_mail'), $hesklang['err_wmmail']);
  47. $set['noreply_mail'] = hesk_validateEmail(hesk_POST('s_noreply_mail'), $hesklang['err_nomail']);
  48. $set['noreply_name'] = hesk_input(hesk_POST('s_noreply_name'));
  49. $set['noreply_name'] = str_replace(array('\\&quot;', '&lt;', '&gt;'), '', $set['noreply_name']);
  50. $set['noreply_name'] = trim(preg_replace('/\s{2,}/', ' ', $set['noreply_name']));
  51. /* --> Language settings */
  52. $set['can_sel_lang'] = empty($_POST['s_can_sel_lang']) ? 0 : 1;
  53. $set['languages'] = hesk_getLanguagesArray();
  54. $lang = explode('|', hesk_input(hesk_POST('s_language')));
  55. if (isset($lang[1]) && in_array($lang[1], hesk_getLanguagesArray(1))) {
  56. $set['language'] = $lang[1];
  57. } else {
  58. hesk_error($hesklang['err_lang']);
  59. }
  60. if (hesk_testMySQL()) {
  61. // Database connection OK
  62. } elseif ($mysql_log) {
  63. hesk_error($mysql_error . '<br /><br /><b>' . $hesklang['mysql_said'] . ':</b> ' . $mysql_log);
  64. } else {
  65. hesk_error($mysql_error);
  66. }
  67. /*** HELP DESK ***/
  68. // ---> check admin folder
  69. $set['admin_dir'] = isset($_POST['s_admin_dir']) && !is_array($_POST['s_admin_dir']) ? preg_replace('/[^a-zA-Z0-9_-]/', '', $_POST['s_admin_dir']) : 'admin';
  70. /*
  71. if ( ! is_dir(HESK_PATH . $set['admin_dir']) )
  72. {
  73. hesk_error( sprintf($hesklang['err_adf'], $set['admin_dir']) );
  74. }
  75. */
  76. // ---> check attachments folder
  77. $set['attach_dir'] = isset($_POST['s_attach_dir']) && !is_array($_POST['s_attach_dir']) ? preg_replace('/[^a-zA-Z0-9_-]/', '', $_POST['s_attach_dir']) : 'attachments';
  78. /*
  79. if ( ! is_dir(HESK_PATH . $set['attach_dir']) )
  80. {
  81. hesk_error( sprintf($hesklang['err_atf'], $set['attach_dir']) );
  82. }
  83. if ( ! is_writable(HESK_PATH . $set['attach_dir']) )
  84. {
  85. hesk_error( sprintf($hesklang['err_atr'], $set['attach_dir']) );
  86. }
  87. */
  88. $set['cache_dir'] = isset($_POST['s_cache_dir']) && ! is_array($_POST['s_cache_dir']) ? preg_replace('/[^a-zA-Z0-9_-]/', '', $_POST['s_cache_dir']) : 'cache';
  89. $set['max_listings'] = hesk_checkMinMax(intval(hesk_POST('s_max_listings')), 1, 999, 10);
  90. $set['print_font_size'] = hesk_checkMinMax(intval(hesk_POST('s_print_font_size')), 1, 99, 12);
  91. $set['autoclose'] = hesk_checkMinMax(intval(hesk_POST('s_autoclose')), 0, 999, 7);
  92. $set['max_open'] = hesk_checkMinMax(intval(hesk_POST('s_max_open')), 0, 999, 0);
  93. $set['new_top'] = empty($_POST['s_new_top']) ? 0 : 1;
  94. $set['reply_top'] = empty($_POST['s_reply_top']) ? 0 : 1;
  95. /* --> Features */
  96. $set['autologin'] = empty($_POST['s_autologin']) ? 0 : 1;
  97. $set['autoassign'] = empty($_POST['s_autoassign']) ? 0 : 1;
  98. $set['require_email'] = empty($_POST['s_require_email']) ? 0 : 1;
  99. $set['require_owner'] = empty($_POST['s_require_owner']) ? 0 : 1;
  100. $set['require_subject'] = hesk_checkMinMax( intval( hesk_POST('s_require_subject') ) , -1, 1, 1);
  101. $set['require_message'] = hesk_checkMinMax( intval( hesk_POST('s_require_message') ) , -1, 1, 1);
  102. $set['custclose'] = empty($_POST['s_custclose']) ? 0 : 1;
  103. $set['custopen'] = empty($_POST['s_custopen']) ? 0 : 1;
  104. $set['rating'] = empty($_POST['s_rating']) ? 0 : 1;
  105. $set['cust_urgency'] = empty($_POST['s_cust_urgency']) ? 0 : 1;
  106. $set['sequential'] = empty($_POST['s_sequential']) ? 0 : 1;
  107. $set['time_worked'] = empty($_POST['s_time_worked']) ? 0 : 1;
  108. $set['spam_notice'] = empty($_POST['s_spam_notice']) ? 0 : 1;
  109. $set['list_users'] = empty($_POST['s_list_users']) ? 0 : 1;
  110. $set['debug_mode'] = empty($_POST['s_debug_mode']) ? 0 : 1;
  111. $set['short_link'] = empty($_POST['s_short_link']) ? 0 : 1;
  112. $set['select_cat'] = empty($_POST['s_select_cat']) ? 0 : 1;
  113. $set['select_pri'] = empty($_POST['s_select_pri']) ? 0 : 1;
  114. $set['cat_show_select'] = hesk_checkMinMax( intval( hesk_POST('s_cat_show_select') ) , 0, 999, 10);
  115. /* --> SPAM prevention */
  116. $set['secimg_use'] = empty($_POST['s_secimg_use']) ? 0 : (hesk_POST('s_secimg_use') == 2 ? 2 : 1);
  117. $set['secimg_sum'] = '';
  118. for ($i = 1; $i <= 10; $i++) {
  119. $set['secimg_sum'] .= substr('AEUYBDGHJLMNPQRSTVWXZ123456789', rand(0, 29), 1);
  120. }
  121. $set['recaptcha_use'] = hesk_checkMinMax(intval(hesk_POST('s_recaptcha_use')), 0, 2, 0);
  122. $set['recaptcha_public_key'] = hesk_input(hesk_POST('s_recaptcha_public_key'));
  123. $set['recaptcha_private_key'] = hesk_input(hesk_POST('s_recaptcha_private_key'));
  124. $set['question_use'] = empty($_POST['s_question_use']) ? 0 : 1;
  125. $set['question_ask'] = hesk_getHTML(hesk_POST('s_question_ask')) or hesk_error($hesklang['err_qask']);
  126. $set['question_ans'] = hesk_input(hesk_POST('s_question_ans'), $hesklang['err_qans']);
  127. /* --> Security */
  128. $set['attempt_limit'] = hesk_checkMinMax(intval(hesk_POST('s_attempt_limit')), 0, 999, 5);
  129. if ($set['attempt_limit'] > 0) {
  130. $set['attempt_limit']++;
  131. }
  132. $set['attempt_banmin'] = hesk_checkMinMax(intval(hesk_POST('s_attempt_banmin')), 5, 99999, 60);
  133. $set['reset_pass'] = empty($_POST['s_reset_pass']) ? 0 : 1;
  134. $set['email_view_ticket'] = ($set['require_email'] == 0) ? 0 : (empty($_POST['s_email_view_ticket']) ? 0 : 1);
  135. $set['x_frame_opt'] = empty($_POST['s_x_frame_opt']) ? 0 : 1;
  136. $set['force_ssl'] = HESK_SSL && isset($_POST['s_force_ssl']) && $_POST['s_force_ssl'] == 1 ? 1 : 0;
  137. // Make sure help desk URL starts with https if forcing SSL
  138. if ($set['force_ssl']) {
  139. $set['hesk_url'] = preg_replace('/^http:/i', 'https:', $set['hesk_url']);
  140. }
  141. /* --> Attachments */
  142. $set['attachments']['use'] = empty($_POST['s_attach_use']) ? 0 : 1;
  143. if ($set['attachments']['use']) {
  144. $set['attachments']['max_number'] = intval(hesk_POST('s_max_number', 2));
  145. $size = floatval(hesk_POST('s_max_size', '1.0'));
  146. $unit = hesk_htmlspecialchars(hesk_POST('s_max_unit', 'MB'));
  147. $set['attachments']['max_size'] = hesk_formatUnits($size . ' ' . $unit);
  148. $set['attachments']['allowed_types'] = isset($_POST['s_allowed_types']) && !is_array($_POST['s_allowed_types']) && strlen($_POST['s_allowed_types']) ? explode(',', strtolower(preg_replace('/[^a-zA-Z0-9,]/', '', $_POST['s_allowed_types']))) : array();
  149. $set['attachments']['allowed_types'] = array_diff($set['attachments']['allowed_types'], array('php', 'php4', 'php3', 'php5', 'phps', 'phtml', 'shtml', 'shtm', 'cgi', 'pl'));
  150. if (count($set['attachments']['allowed_types'])) {
  151. $keep_these = array();
  152. foreach ($set['attachments']['allowed_types'] as $ext) {
  153. if (strlen($ext) > 1) {
  154. $keep_these[] = '.' . $ext;
  155. }
  156. }
  157. $set['attachments']['allowed_types'] = $keep_these;
  158. } else {
  159. $set['attachments']['allowed_types'] = array('.gif', '.jpg', '.png', '.zip', '.rar', '.csv', '.doc', '.docx', '.xls', '.xlsx', '.txt', '.pdf');
  160. }
  161. } else {
  162. $set['attachments']['max_number'] = 2;
  163. $set['attachments']['max_size'] = 1048576;
  164. $set['attachments']['allowed_types'] = array('.gif', '.jpg', '.png', '.zip', '.rar', '.csv', '.doc', '.docx', '.xls', '.xlsx', '.txt', '.pdf');
  165. }
  166. /*** KNOWLEDGEBASE ***/
  167. /* --> Knowledgebase settings */
  168. $set['kb_enable'] = hesk_checkMinMax(intval(hesk_POST('s_kb_enable')), 0, 2, 1);
  169. $set['kb_wysiwyg'] = empty($_POST['s_kb_wysiwyg']) ? 0 : 1;
  170. $set['kb_search'] = empty($_POST['s_kb_search']) ? 0 : (hesk_POST('s_kb_search') == 2 ? 2 : 1);
  171. $set['kb_recommendanswers'] = empty($_POST['s_kb_recommendanswers']) ? 0 : 1;
  172. $set['kb_views'] = empty($_POST['s_kb_views']) ? 0 : 1;
  173. $set['kb_date'] = empty($_POST['s_kb_date']) ? 0 : 1;
  174. $set['kb_rating'] = empty($_POST['s_kb_rating']) ? 0 : 1;
  175. $set['kb_search_limit'] = hesk_checkMinMax(intval(hesk_POST('s_kb_search_limit')), 1, 99, 10);
  176. $set['kb_substrart'] = hesk_checkMinMax(intval(hesk_POST('s_kb_substrart')), 20, 9999, 200);
  177. $set['kb_cols'] = hesk_checkMinMax(intval(hesk_POST('s_kb_cols')), 1, 5, 2);
  178. $set['kb_numshow'] = intval(hesk_POST('s_kb_numshow')); // Popular articles on subcat listing
  179. $set['kb_popart'] = intval(hesk_POST('s_kb_popart')); // Popular articles on main category page
  180. $set['kb_latest'] = intval(hesk_POST('s_kb_latest')); // Popular articles on main category page
  181. $set['kb_index_popart'] = intval(hesk_POST('s_kb_index_popart'));
  182. $set['kb_index_latest'] = intval(hesk_POST('s_kb_index_latest'));
  183. $set['kb_related'] = intval(hesk_POST('s_kb_related'));
  184. /*** EMAIL ***/
  185. /* --> Email sending */
  186. $smtp_OK = true;
  187. if (empty($_POST['s_smtp'])) {
  188. $set['smtp'] = 0;
  189. $set['use_mailgun'] = 0;
  190. } elseif ($_POST['s_smtp'] == 1) {
  191. $set['smtp'] = 1;
  192. $set['use_mailgun'] = 0;
  193. } else {
  194. $set['smtp'] = 0;
  195. $set['use_mailgun'] = 1;
  196. }
  197. if ($set['smtp']) {
  198. // Test SMTP connection
  199. $smtp_OK = hesk_testSMTP(true);
  200. // If SMTP not working, disable it
  201. if (!$smtp_OK) {
  202. $set['smtp'] = 0;
  203. }
  204. } else {
  205. $set['smtp_host_name'] = hesk_input(hesk_POST('tmp_smtp_host_name', 'mail.example.com'));
  206. $set['smtp_host_port'] = intval(hesk_POST('tmp_smtp_host_port', 25));
  207. $set['smtp_timeout'] = intval(hesk_POST('tmp_smtp_timeout', 10));
  208. $set['smtp_ssl'] = empty($_POST['tmp_smtp_ssl']) ? 0 : 1;
  209. $set['smtp_tls'] = empty($_POST['tmp_smtp_tls']) ? 0 : 1;
  210. $set['smtp_user'] = hesk_input(hesk_POST('tmp_smtp_user'));
  211. $set['smtp_password'] = hesk_input(hesk_POST('tmp_smtp_password'));
  212. }
  213. if ($set['use_mailgun'] == 1) {
  214. $set['mailgun_api_key'] = hesk_input(hesk_POST('mailgun_api_key'));
  215. $set['mailgun_domain'] = hesk_input(hesk_POST('mailgun_domain'));
  216. }
  217. /* --> Email piping */
  218. $set['email_piping'] = empty($_POST['s_email_piping']) ? 0 : 1;
  219. /* --> POP3 fetching */
  220. $pop3_OK = true;
  221. $set['pop3'] = empty($_POST['s_pop3']) ? 0 : 1;
  222. if ($set['pop3']) {
  223. // Get POP3 fetching timeout
  224. $set['pop3_job_wait'] = hesk_checkMinMax(intval(hesk_POST('s_pop3_job_wait')), 0, 1440, 15);
  225. // Test POP3 connection
  226. $pop3_OK = hesk_testPOP3(true);
  227. // If POP3 not working, disable it
  228. if (!$pop3_OK) {
  229. $set['pop3'] = 0;
  230. }
  231. } else {
  232. $set['pop3_job_wait'] = intval(hesk_POST('s_pop3_job_wait', 15));
  233. $set['pop3_host_name'] = hesk_input(hesk_POST('tmp_pop3_host_name', 'mail.example.com'));
  234. $set['pop3_host_port'] = intval(hesk_POST('tmp_pop3_host_port', 110));
  235. $set['pop3_tls'] = empty($_POST['tmp_pop3_tls']) ? 0 : 1;
  236. $set['pop3_keep'] = empty($_POST['tmp_pop3_keep']) ? 0 : 1;
  237. $set['pop3_user'] = hesk_input(hesk_POST('tmp_pop3_user'));
  238. $set['pop3_password'] = hesk_input(hesk_POST('tmp_pop3_password'));
  239. }
  240. /* --> IMAP fetching */
  241. $imap_OK = true;
  242. $set['imap'] = empty($_POST['s_imap']) ? 0 : 1;
  243. if ($set['imap']) {
  244. // Get IMAP fetching timeout
  245. $set['imap_job_wait'] = hesk_checkMinMax( intval( hesk_POST('s_imap_job_wait') ) , 0, 1440, 15);
  246. // Test IMAP connection
  247. $imap_OK = hesk_testIMAP(true);
  248. // If IMAP not working, disable it
  249. if ( ! $imap_OK) {
  250. $set['imap'] = 0;
  251. }
  252. } else {
  253. $set['imap_job_wait'] = intval( hesk_POST('s_imap_job_wait', 15) );
  254. $set['imap_host_name'] = hesk_input( hesk_POST('tmp_imap_host_name', 'mail.example.com') );
  255. $set['imap_host_port'] = intval( hesk_POST('tmp_imap_host_port', 110) );
  256. $set['imap_enc'] = hesk_POST('tmp_imap_enc');
  257. $set['imap_enc'] = ($set['imap_enc'] == 'ssl' || $set['imap_enc'] == 'tls') ? $set['imap_enc'] : '';
  258. $set['imap_keep'] = empty($_POST['tmp_imap_keep']) ? 0 : 1;
  259. $set['imap_user'] = hesk_input( hesk_POST('tmp_imap_user') );
  260. $set['imap_password'] = hesk_input( hesk_POST('tmp_imap_password') );
  261. }
  262. /* --> Email loops */
  263. $set['loop_hits'] = hesk_checkMinMax(intval(hesk_POST('s_loop_hits')), 0, 999, 5);
  264. $set['loop_time'] = hesk_checkMinMax(intval(hesk_POST('s_loop_time')), 1, 86400, 300);
  265. /* --> Detect email typos */
  266. $set['detect_typos'] = empty($_POST['s_detect_typos']) ? 0 : 1;
  267. $set['email_providers'] = array();
  268. if (!empty($_POST['s_email_providers']) && !is_array($_POST['s_email_providers'])) {
  269. $lines = preg_split('/$\R?^/m', hesk_input($_POST['s_email_providers']));
  270. foreach ($lines as $domain) {
  271. $domain = trim($domain);
  272. $domain = str_replace('@', '', $domain);
  273. $domainLen = strlen($domain);
  274. /* Check domain part length */
  275. if ($domainLen < 1 || $domainLen > 254) {
  276. continue;
  277. }
  278. /* Check domain part characters */
  279. if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) {
  280. continue;
  281. }
  282. /* Domain part mustn't have two consecutive dots */
  283. if (strpos($domain, '..') !== false) {
  284. continue;
  285. }
  286. $set['email_providers'][] = $domain;
  287. }
  288. }
  289. if (!$set['detect_typos'] || count($set['email_providers']) < 1) {
  290. $set['detect_typos'] = 0;
  291. $set['email_providers']=array('aim.com','aol.co.uk','aol.com','att.net','bellsouth.net','blueyonder.co.uk','bt.com','btinternet.com','btopenworld.com','charter.net','comcast.net','cox.net','earthlink.net','email.com','facebook.com','fastmail.fm','free.fr','freeserve.co.uk','gmail.com','gmx.at','gmx.ch','gmx.com','gmx.de','gmx.fr','gmx.net','gmx.us','googlemail.com','hotmail.be','hotmail.co.uk','hotmail.com','hotmail.com.ar','hotmail.com.mx','hotmail.de','hotmail.es','hotmail.fr','hushmail.com','icloud.com','inbox.com','laposte.net','lavabit.com','list.ru','live.be','live.co.uk','live.com','live.com.ar','live.com.mx','live.de','live.fr','love.com','lycos.com','mac.com','mail.com','mail.ru','me.com','msn.com','nate.com','naver.com','neuf.fr','ntlworld.com','o2.co.uk','online.de','orange.fr','orange.net','outlook.com','pobox.com','prodigy.net.mx','qq.com','rambler.ru','rocketmail.com','safe-mail.net','sbcglobal.net','t-online.de','talktalk.co.uk','tiscali.co.uk','verizon.net','virgin.net','virginmedia.com','wanadoo.co.uk','wanadoo.fr','yahoo.co.id','yahoo.co.in','yahoo.co.jp','yahoo.co.kr','yahoo.co.uk','yahoo.com','yahoo.com.ar','yahoo.com.mx','yahoo.com.ph','yahoo.com.sg','yahoo.de','yahoo.fr','yandex.com','yandex.ru','ymail.com');
  292. }
  293. $set['email_providers'] = count($set['email_providers']) ? "'" . implode("','", array_unique($set['email_providers'])) . "'" : '';
  294. /* --> Notify customer when */
  295. $set['notify_new'] = empty($_POST['s_notify_new']) ? 0 : 1;
  296. $set['notify_closed'] = empty($_POST['s_notify_closed']) ? 0 : 1;
  297. // SPAM tags
  298. $set['notify_skip_spam'] = empty($_POST['s_notify_skip_spam']) ? 0 : 1;
  299. $set['notify_spam_tags'] = array();
  300. if (!empty($_POST['s_notify_spam_tags']) && !is_array($_POST['s_notify_spam_tags'])) {
  301. $lines = preg_split('/$\R?^/m', $_POST['s_notify_spam_tags']);
  302. foreach ($lines as $tag) {
  303. // Remove dangerous tags just as an extra precaution
  304. $tag = str_replace(array('<?php', '<?', '<%', '<script'), '', $tag);
  305. // Remove excess spaces
  306. $tag = trim($tag);
  307. // Remove anything not utf-8
  308. $tag = hesk_clean_utf8($tag);
  309. // Limit tag length
  310. if (strlen($tag) < 1 || strlen($tag) > 50) {
  311. continue;
  312. }
  313. // Escape single quotes and backslashes
  314. $set['notify_spam_tags'][] = str_replace(array("\\", "'"), array("\\\\", "\\'"), $tag); // '
  315. }
  316. }
  317. if (count($set['notify_spam_tags']) < 1) {
  318. $set['notify_skip_spam'] = 0;
  319. $set['notify_spam_tags'] = array('Spam?}', '***SPAM***', '[SPAM]', 'SPAM-LOW:', 'SPAM-MED:');
  320. }
  321. $set['notify_spam_tags'] = count($set['notify_spam_tags']) ? "'" . implode("','", $set['notify_spam_tags']) . "'" : '';
  322. /* --> Other */
  323. $set['strip_quoted'] = empty($_POST['s_strip_quoted']) ? 0 : 1;
  324. $set['eml_req_msg'] = empty($_POST['s_eml_req_msg']) ? 0 : 1;
  325. $set['save_embedded'] = empty($_POST['s_save_embedded']) ? 0 : 1;
  326. $set['multi_eml'] = empty($_POST['s_multi_eml']) ? 0 : 1;
  327. $set['confirm_email'] = empty($_POST['s_confirm_email']) ? 0 : 1;
  328. $set['open_only'] = empty($_POST['s_open_only']) ? 0 : 1;
  329. /*** TICKET LIST ***/
  330. $set['ticket_list'] = array();
  331. foreach ($hesk_settings['possible_ticket_list'] as $key => $title) {
  332. if (hesk_POST('s_tl_' . $key, 0) == 1) {
  333. $set['ticket_list'][] = $key;
  334. }
  335. }
  336. // We need at least one of these: id, trackid, subject
  337. if (!in_array('id', $set['ticket_list']) && !in_array('trackid', $set['ticket_list']) && !in_array('subject', $set['ticket_list'])) {
  338. // None of the required fields are there, add "trackid" as the first one
  339. array_unshift($set['ticket_list'], 'trackid');
  340. }
  341. $set['ticket_list'] = count($set['ticket_list']) ? "'" . implode("','", $set['ticket_list']) . "'" : 'trackid';
  342. /* --> Other */
  343. $set['submittedformat'] = hesk_checkMinMax(intval(hesk_POST('s_submittedformat')), 0, 2, 2);
  344. $set['updatedformat'] = hesk_checkMinMax(intval(hesk_POST('s_updatedformat')), 0, 2, 2);
  345. /*** MISC ***/
  346. /* --> Date & Time */
  347. $set['diff_hours'] = floatval(hesk_POST('s_diff_hours', 0));
  348. $set['diff_minutes'] = floatval(hesk_POST('s_diff_minutes', 0));
  349. $set['daylight'] = empty($_POST['s_daylight']) ? 0 : 1;
  350. $set['timeformat'] = hesk_input(hesk_POST('s_timeformat')) or $set['timeformat'] = 'Y-m-d H:i:s';
  351. /* --> Other */
  352. $set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois', 'http://whois.domaintools.com/{IP}'));
  353. // If no {IP} tag append it to the end
  354. if (strlen($set['ip_whois']) == 0) {
  355. $set['ip_whois'] = 'http://whois.domaintools.com/{IP}';
  356. } elseif (strpos($set['ip_whois'], '{IP}') === false) {
  357. $set['ip_whois'] .= '{IP}';
  358. }
  359. $set['maintenance_mode'] = empty($_POST['s_maintenance_mode']) ? 0 : 1;
  360. $set['alink'] = empty($_POST['s_alink']) ? 0 : 1;
  361. $set['submit_notice'] = empty($_POST['s_submit_notice']) ? 0 : 1;
  362. $set['online'] = empty($_POST['s_online']) ? 0 : 1;
  363. $set['online_min'] = hesk_checkMinMax(intval(hesk_POST('s_online_min')), 1, 999, 10);
  364. $set['check_updates'] = empty($_POST['s_check_updates']) ? 0 : 1;
  365. $set['hesk_version'] = $hesk_settings['hesk_version'];
  366. // Process quick help sections
  367. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "quick_help_sections` SET `show` = '0'");
  368. $postArray = hesk_POST_array('quick_help_sections');
  369. foreach ($postArray as $value) {
  370. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "quick_help_sections` SET `show` = '1' WHERE `id` = '" . intval($value) . "'");
  371. }
  372. // Save the modsForHesk_settings.inc.php file
  373. $set['rtl'] = empty($_POST['rtl']) ? 0 : 1;
  374. $set['show-icons'] = empty($_POST['show-icons']) ? 0 : 1;
  375. $set['custom-field-setting'] = empty($_POST['custom-field-setting']) ? 0 : 1;
  376. $set['customer-email-verification-required'] = empty($_POST['email-verification']) ? 0 : 1;
  377. $set['html_emails'] = empty($_POST['html_emails']) ? 0 : 1;
  378. $set['use_bootstrap_theme'] = empty($_POST['use_bootstrap_theme']) ? 0 : 1;
  379. $set['new_kb_article_visibility'] = hesk_checkMinMax(intval(hesk_POST('new_kb_article_visibility')), 0, 2, 2);
  380. $set['mfh_attachments'] = empty($_POST['email_attachments']) ? 0 : 1;
  381. $set['show_number_merged'] = empty($_POST['show_number_merged']) ? 0 : 1;
  382. $set['request_location'] = empty($_POST['request_location']) ? 0 : 1;
  383. $set['category_order_column'] = empty($_POST['category_order_column']) ? 'cat_order' : 'name';
  384. $rich_text_setting = hesk_POST('rich_text_for_tickets', 0);
  385. if ($rich_text_setting == 0) {
  386. $set['rich_text_for_tickets'] = 0;
  387. $set['rich_text_for_tickets_for_customers'] = 0;
  388. } elseif ($rich_text_setting == 1) {
  389. $set['rich_text_for_tickets'] = 1;
  390. $set['rich_text_for_tickets_for_customers'] = 0;
  391. } else {
  392. $set['rich_text_for_tickets'] = 1;
  393. $set['rich_text_for_tickets_for_customers'] = 1;
  394. }
  395. $set['statuses_order_column'] = empty($_POST['statuses_order_column']) ? 'sort' : 'name';
  396. $set['kb_attach_dir'] = hesk_POST('kb_attach_dir', 'attachments');
  397. $set['display_user_agent_information'] = empty($_POST['display_user_agent_information']) ? 0 : 1;
  398. $set['navbar_title_url'] = hesk_POST('navbar_title_url');
  399. $set['enable_calendar'] = hesk_checkMinMax(intval(hesk_POST('enable_calendar')), 0, 2, 2);
  400. $set['first_day_of_week'] = hesk_POST('first-day-of-week', 0);
  401. $set['default_view'] = hesk_POST('default-view', 'month');
  402. if ($set['customer-email-verification-required']) {
  403. //-- Don't allow multiple emails if verification is required
  404. $set['multi_eml'] = 0;
  405. }
  406. $set['navbarBackgroundColor'] = hesk_input(hesk_POST('navbarBackgroundColor'));
  407. $set['navbarBrandColor'] = hesk_input(hesk_POST('navbarBrandColor'));
  408. $set['navbarBrandHoverColor'] = hesk_input(hesk_POST('navbarBrandHoverColor'));
  409. $set['navbarItemTextColor'] = hesk_input(hesk_POST('navbarItemTextColor'));
  410. $set['navbarItemTextHoverColor'] = hesk_input(hesk_POST('navbarItemTextHoverColor'));
  411. $set['navbarItemTextSelectedColor'] = hesk_input(hesk_POST('navbarItemTextSelectedColor'));
  412. $set['navbarItemSelectedBackgroundColor'] = hesk_input(hesk_POST('navbarItemSelectedBackgroundColor'));
  413. $set['dropdownItemTextColor'] = hesk_input(hesk_POST('dropdownItemTextColor'));
  414. $set['dropdownItemTextHoverColor'] = hesk_input(hesk_POST('dropdownItemTextHoverColor'));
  415. $set['questionMarkColor'] = hesk_input(hesk_POST('questionMarkColor'));
  416. $set['dropdownItemTextHoverBackgroundColor'] = hesk_input(hesk_POST('dropdownItemTextHoverBackgroundColor'));
  417. $set['admin_color_scheme'] = hesk_input(hesk_POST('admin-color-scheme'));
  418. mfh_updateSetting('rtl', $set['rtl']);
  419. mfh_updateSetting('show_icons', $set['show-icons']);
  420. mfh_updateSetting('custom_field_setting', $set['custom-field-setting']);
  421. mfh_updateSetting('customer_email_verification_required', $set['customer-email-verification-required']);
  422. mfh_updateSetting('html_emails', $set['html_emails']);
  423. mfh_updateSetting('use_bootstrap_theme', $set['use_bootstrap_theme']);
  424. mfh_updateSetting('new_kb_article_visibility', $set['new_kb_article_visibility']);
  425. mfh_updateSetting('attachments', $set['mfh_attachments']);
  426. mfh_updateSetting('show_number_merged', $set['show_number_merged']);
  427. mfh_updateSetting('request_location', $set['request_location']);
  428. mfh_updateSetting('category_order_column', $set['category_order_column'], true);
  429. mfh_updateSetting('rich_text_for_tickets', $set['rich_text_for_tickets']);
  430. mfh_updateSetting('rich_text_for_tickets_for_customers', $set['rich_text_for_tickets_for_customers']);
  431. mfh_updateSetting('statuses_order_column', $set['statuses_order_column'], true);
  432. mfh_updateSetting('kb_attach_dir', $set['kb_attach_dir'], true);
  433. mfh_updateSetting('navbarBackgroundColor', $set['navbarBackgroundColor'], true);
  434. mfh_updateSetting('navbarBrandColor', $set['navbarBrandColor'], true);
  435. mfh_updateSetting('navbarBrandHoverColor', $set['navbarBrandHoverColor'], true);
  436. mfh_updateSetting('navbarItemTextColor', $set['navbarItemTextColor'], true);
  437. mfh_updateSetting('navbarItemTextHoverColor', $set['navbarItemTextHoverColor'], true);
  438. mfh_updateSetting('navbarItemTextSelectedColor', $set['navbarItemTextSelectedColor'], true);
  439. mfh_updateSetting('navbarItemSelectedBackgroundColor', $set['navbarItemSelectedBackgroundColor'], true);
  440. mfh_updateSetting('dropdownItemTextColor', $set['dropdownItemTextColor'], true);
  441. mfh_updateSetting('dropdownItemTextHoverColor', $set['dropdownItemTextHoverColor'], true);
  442. mfh_updateSetting('questionMarkColor', $set['questionMarkColor'], true);
  443. mfh_updateSetting('dropdownItemTextHoverBackgroundColor', $set['dropdownItemTextHoverBackgroundColor'], true);
  444. mfh_updateSetting('display_user_agent_information', $set['display_user_agent_information']);
  445. mfh_updateSetting('navbar_title_url', $set['navbar_title_url'], true);
  446. if ($set['use_mailgun'] == 1) {
  447. mfh_updateSetting('mailgun_api_key', $set['mailgun_api_key'], true);
  448. mfh_updateSetting('mailgun_domain', $set['mailgun_domain'], true);
  449. }
  450. mfh_updateSetting('use_mailgun', $set['use_mailgun'], false);
  451. mfh_updateSetting('enable_calendar', $set['enable_calendar'], false);
  452. mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false);
  453. mfh_updateSetting('default_calendar_view', $set['default_view'], true);
  454. mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true);
  455. // Prepare settings file and save it
  456. $settings_file_content = '<?php
  457. // Settings file for HESK ' . $set['hesk_version'] . '
  458. // ==> GENERAL
  459. // --> General settings
  460. $hesk_settings[\'site_title\']=\'' . $set['site_title'] . '\';
  461. $hesk_settings[\'site_url\']=\'' . $set['site_url'] . '\';
  462. $hesk_settings[\'hesk_title\']=\'' . $set['hesk_title'] . '\';
  463. $hesk_settings[\'hesk_url\']=\'' . $set['hesk_url'] . '\';
  464. $hesk_settings[\'webmaster_mail\']=\'' . $set['webmaster_mail'] . '\';
  465. $hesk_settings[\'noreply_mail\']=\'' . $set['noreply_mail'] . '\';
  466. $hesk_settings[\'noreply_name\']=\'' . $set['noreply_name'] . '\';
  467. // --> Language settings
  468. $hesk_settings[\'can_sel_lang\']=' . $set['can_sel_lang'] . ';
  469. $hesk_settings[\'language\']=\'' . $set['language'] . '\';
  470. $hesk_settings[\'languages\']=array(
  471. ' . $set['languages'] . ');
  472. // --> Database settings
  473. $hesk_settings[\'db_host\']=\'' . $set['db_host'] . '\';
  474. $hesk_settings[\'db_name\']=\'' . $set['db_name'] . '\';
  475. $hesk_settings[\'db_user\']=\'' . $set['db_user'] . '\';
  476. $hesk_settings[\'db_pass\']=\'' . $set['db_pass'] . '\';
  477. $hesk_settings[\'db_pfix\']=\'' . $set['db_pfix'] . '\';
  478. $hesk_settings[\'db_vrsn\']=' . $set['db_vrsn'] . ';
  479. // ==> HELP DESK
  480. // --> Help desk settings
  481. $hesk_settings[\'admin_dir\']=\'' . $set['admin_dir'] . '\';
  482. $hesk_settings[\'attach_dir\']=\'' . $set['attach_dir'] . '\';
  483. $hesk_settings[\'cache_dir\']=\'' . $set['cache_dir'] . '\';
  484. $hesk_settings[\'max_listings\']=' . $set['max_listings'] . ';
  485. $hesk_settings[\'print_font_size\']=' . $set['print_font_size'] . ';
  486. $hesk_settings[\'autoclose\']=' . $set['autoclose'] . ';
  487. $hesk_settings[\'max_open\']=' . $set['max_open'] . ';
  488. $hesk_settings[\'new_top\']=' . $set['new_top'] . ';
  489. $hesk_settings[\'reply_top\']=' . $set['reply_top'] . ';
  490. // --> Features
  491. $hesk_settings[\'autologin\']=' . $set['autologin'] . ';
  492. $hesk_settings[\'autoassign\']=' . $set['autoassign'] . ';
  493. $hesk_settings[\'require_email\']=' . $set['require_email'] . ';
  494. $hesk_settings[\'require_owner\']=' . $set['require_owner'] . ';
  495. $hesk_settings[\'require_subject\']=' . $set['require_subject'] . ';
  496. $hesk_settings[\'require_message\']=' . $set['require_message'] . ';
  497. $hesk_settings[\'custclose\']=' . $set['custclose'] . ';
  498. $hesk_settings[\'custopen\']=' . $set['custopen'] . ';
  499. $hesk_settings[\'rating\']=' . $set['rating'] . ';
  500. $hesk_settings[\'cust_urgency\']=' . $set['cust_urgency'] . ';
  501. $hesk_settings[\'sequential\']=' . $set['sequential'] . ';
  502. $hesk_settings[\'time_worked\']=' . $set['time_worked'] . ';
  503. $hesk_settings[\'spam_notice\']=' . $set['spam_notice'] . ';
  504. $hesk_settings[\'list_users\']=' . $set['list_users'] . ';
  505. $hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . ';
  506. $hesk_settings[\'short_link\']=' . $set['short_link'] . ';
  507. $hesk_settings[\'select_cat\']=' . $set['select_cat'] . ';
  508. $hesk_settings[\'select_pri\']=' . $set['select_pri'] . ';
  509. $hesk_settings[\'cat_show_select\']=' . $set['cat_show_select'] . ';
  510. // --> SPAM Prevention
  511. $hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . ';
  512. $hesk_settings[\'secimg_sum\']=\'' . $set['secimg_sum'] . '\';
  513. $hesk_settings[\'recaptcha_use\']=' . $set['recaptcha_use'] . ';
  514. $hesk_settings[\'recaptcha_public_key\']=\'' . $set['recaptcha_public_key'] . '\';
  515. $hesk_settings[\'recaptcha_private_key\']=\'' . $set['recaptcha_private_key'] . '\';
  516. $hesk_settings[\'question_use\']=' . $set['question_use'] . ';
  517. $hesk_settings[\'question_ask\']=\'' . $set['question_ask'] . '\';
  518. $hesk_settings[\'question_ans\']=\'' . $set['question_ans'] . '\';
  519. // --> Security
  520. $hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . ';
  521. $hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . ';
  522. $hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . ';
  523. $hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . ';
  524. $hesk_settings[\'x_frame_opt\']=' . $set['x_frame_opt'] . ';
  525. $hesk_settings[\'force_ssl\']=' . $set['force_ssl'] . ';
  526. // --> Attachments
  527. $hesk_settings[\'attachments\']=array (
  528. \'use\' => ' . $set['attachments']['use'] . ',
  529. \'max_number\' => ' . $set['attachments']['max_number'] . ',
  530. \'max_size\' => ' . $set['attachments']['max_size'] . ',
  531. \'allowed_types\' => array(\'' . implode('\',\'', $set['attachments']['allowed_types']) . '\')
  532. );
  533. // --> IMAP Fetching
  534. $hesk_settings[\'imap\']=' . $set['imap'] . ';
  535. $hesk_settings[\'imap_job_wait\']=' . $set['imap_job_wait'] . ';
  536. $hesk_settings[\'imap_host_name\']=\'' . $set['imap_host_name'] . '\';
  537. $hesk_settings[\'imap_host_port\']=' . $set['imap_host_port'] . ';
  538. $hesk_settings[\'imap_enc\']=\'' . $set['imap_enc'] . '\';
  539. $hesk_settings[\'imap_keep\']=' . $set['imap_keep'] . ';
  540. $hesk_settings[\'imap_user\']=\'' . $set['imap_user'] . '\';
  541. $hesk_settings[\'imap_password\']=\'' . $set['imap_password'] . '\';
  542. // ==> KNOWLEDGEBASE
  543. // --> Knowledgebase settings
  544. $hesk_settings[\'kb_enable\']=' . $set['kb_enable'] . ';
  545. $hesk_settings[\'kb_wysiwyg\']=' . $set['kb_wysiwyg'] . ';
  546. $hesk_settings[\'kb_search\']=' . $set['kb_search'] . ';
  547. $hesk_settings[\'kb_search_limit\']=' . $set['kb_search_limit'] . ';
  548. $hesk_settings[\'kb_views\']=' . $set['kb_views'] . ';
  549. $hesk_settings[\'kb_date\']=' . $set['kb_date'] . ';
  550. $hesk_settings[\'kb_recommendanswers\']=' . $set['kb_recommendanswers'] . ';
  551. $hesk_settings[\'kb_rating\']=' . $set['kb_rating'] . ';
  552. $hesk_settings[\'kb_substrart\']=' . $set['kb_substrart'] . ';
  553. $hesk_settings[\'kb_cols\']=' . $set['kb_cols'] . ';
  554. $hesk_settings[\'kb_numshow\']=' . $set['kb_numshow'] . ';
  555. $hesk_settings[\'kb_popart\']=' . $set['kb_popart'] . ';
  556. $hesk_settings[\'kb_latest\']=' . $set['kb_latest'] . ';
  557. $hesk_settings[\'kb_index_popart\']=' . $set['kb_index_popart'] . ';
  558. $hesk_settings[\'kb_index_latest\']=' . $set['kb_index_latest'] . ';
  559. $hesk_settings[\'kb_related\']=' . $set['kb_related'] . ';
  560. // ==> EMAIL
  561. // --> Email sending
  562. $hesk_settings[\'smtp\']=' . $set['smtp'] . ';
  563. $hesk_settings[\'smtp_host_name\']=\'' . $set['smtp_host_name'] . '\';
  564. $hesk_settings[\'smtp_host_port\']=' . $set['smtp_host_port'] . ';
  565. $hesk_settings[\'smtp_timeout\']=' . $set['smtp_timeout'] . ';
  566. $hesk_settings[\'smtp_ssl\']=' . $set['smtp_ssl'] . ';
  567. $hesk_settings[\'smtp_tls\']=' . $set['smtp_tls'] . ';
  568. $hesk_settings[\'smtp_user\']=\'' . $set['smtp_user'] . '\';
  569. $hesk_settings[\'smtp_password\']=\'' . $set['smtp_password'] . '\';
  570. // --> Email piping
  571. $hesk_settings[\'email_piping\']=' . $set['email_piping'] . ';
  572. // --> POP3 Fetching
  573. $hesk_settings[\'pop3\']=' . $set['pop3'] . ';
  574. $hesk_settings[\'pop3_job_wait\']=' . $set['pop3_job_wait'] . ';
  575. $hesk_settings[\'pop3_host_name\']=\'' . $set['pop3_host_name'] . '\';
  576. $hesk_settings[\'pop3_host_port\']=' . $set['pop3_host_port'] . ';
  577. $hesk_settings[\'pop3_tls\']=' . $set['pop3_tls'] . ';
  578. $hesk_settings[\'pop3_keep\']=' . $set['pop3_keep'] . ';
  579. $hesk_settings[\'pop3_user\']=\'' . $set['pop3_user'] . '\';
  580. $hesk_settings[\'pop3_password\']=\'' . $set['pop3_password'] . '\';
  581. // --> Email loops
  582. $hesk_settings[\'loop_hits\']=' . $set['loop_hits'] . ';
  583. $hesk_settings[\'loop_time\']=' . $set['loop_time'] . ';
  584. // --> Detect email typos
  585. $hesk_settings[\'detect_typos\']=' . $set['detect_typos'] . ';
  586. $hesk_settings[\'email_providers\']=array(' . $set['email_providers'] . ');
  587. // --> Notify customer when
  588. $hesk_settings[\'notify_new\']=' . $set['notify_new'] . ';
  589. $hesk_settings[\'notify_skip_spam\']=' . $set['notify_skip_spam'] . ';
  590. $hesk_settings[\'notify_spam_tags\']=array(' . $set['notify_spam_tags'] . ');
  591. $hesk_settings[\'notify_closed\']=' . $set['notify_closed'] . ';
  592. // --> Other
  593. $hesk_settings[\'strip_quoted\']=' . $set['strip_quoted'] . ';
  594. $hesk_settings[\'eml_req_msg\']=' . $set['eml_req_msg'] . ';
  595. $hesk_settings[\'save_embedded\']=' . $set['save_embedded'] . ';
  596. $hesk_settings[\'multi_eml\']=' . $set['multi_eml'] . ';
  597. $hesk_settings[\'confirm_email\']=' . $set['confirm_email'] . ';
  598. $hesk_settings[\'open_only\']=' . $set['open_only'] . ';
  599. // ==> TICKET LIST
  600. $hesk_settings[\'ticket_list\']=array(' . $set['ticket_list'] . ');
  601. // --> Other
  602. $hesk_settings[\'submittedformat\']=' . $set['submittedformat'] . ';
  603. $hesk_settings[\'updatedformat\']=' . $set['updatedformat'] . ';
  604. // ==> MISC
  605. // --> Date & Time
  606. $hesk_settings[\'diff_hours\']=' . $set['diff_hours'] . ';
  607. $hesk_settings[\'diff_minutes\']=' . $set['diff_minutes'] . ';
  608. $hesk_settings[\'daylight\']=' . $set['daylight'] . ';
  609. $hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\';
  610. // --> Other
  611. $hesk_settings[\'ip_whois\']=\'' . $set['ip_whois'] . '\';
  612. $hesk_settings[\'maintenance_mode\']=' . $set['maintenance_mode'] . ';
  613. $hesk_settings[\'alink\']=' . $set['alink'] . ';
  614. $hesk_settings[\'submit_notice\']=' . $set['submit_notice'] . ';
  615. $hesk_settings[\'online\']=' . $set['online'] . ';
  616. $hesk_settings[\'online_min\']=' . $set['online_min'] . ';
  617. $hesk_settings[\'check_updates\']=' . $set['check_updates'] . ';
  618. #############################
  619. # DO NOT EDIT BELOW #
  620. #############################
  621. $hesk_settings[\'hesk_version\']=\'' . $set['hesk_version'] . '\';
  622. if ($hesk_settings[\'debug_mode\'])
  623. {
  624. error_reporting(E_ALL);
  625. }
  626. else
  627. {
  628. error_reporting(0);
  629. }
  630. if (!defined(\'IN_SCRIPT\')) {die(\'Invalid attempt!\');}';
  631. // Write to the settings file
  632. if (!file_put_contents(HESK_PATH . 'hesk_settings.inc.php', $settings_file_content)) {
  633. hesk_error($hesklang['err_openset']);
  634. }
  635. // Any settings problems?
  636. $tmp = array();
  637. if (!$smtp_OK) {
  638. $tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['sme'] . ':</span> ' . $smtp_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'smtplog\')">' . $hesklang['scl'] . '</a><div id="smtplog" style="display:none">&nbsp;<br /><textarea name="log" rows="10" cols="60">' . $smtp_log . '</textarea></div>';
  639. }
  640. if (!$pop3_OK) {
  641. $tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['pop3e'] . ':</span> ' . $pop3_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'pop3log\')">' . $hesklang['pop3log'] . '</a><div id="pop3log" style="display:none">&nbsp;<br /><textarea name="log" rows="10" cols="60">' . $pop3_log . '</textarea></div>';
  642. }
  643. // Clear the cache folder
  644. hesk_purge_cache('kb');
  645. hesk_purge_cache('cf');
  646. hesk_purge_cache('export', 14400);
  647. hesk_purge_cache('status');
  648. // Show the settings page and display any notices or success
  649. if (count($tmp)) {
  650. $errors = implode('<br /><br />', $tmp);
  651. hesk_process_messages($hesklang['sns'] . '<br /><br />' . $errors, 'admin_settings.php', 'NOTICE');
  652. } else {
  653. hesk_process_messages($hesklang['set_were_saved'], 'admin_settings.php', 'SUCCESS');
  654. }
  655. exit();
  656. function mfh_updateSetting($key, $value, $isString = false)
  657. {
  658. global $hesk_settings;
  659. $formattedValue = $isString ? "'" . hesk_dbEscape($value) . "'" : intval($value);
  660. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` SET `Value` = " . $formattedValue . " WHERE `Key` = '" . $key . "'");
  661. }
  662. function hesk_getLanguagesArray($returnArray = 0)
  663. {
  664. global $hesk_settings, $hesklang;
  665. /* Get a list of valid emails */
  666. $hesk_settings['smtp'] = 0;
  667. $valid_emails = array_keys(hesk_validEmails());
  668. $dir = HESK_PATH . 'language/';
  669. $path = opendir($dir);
  670. $code = '';
  671. $langArray = array();
  672. /* Test all folders inside the language folder */
  673. while (false !== ($subdir = readdir($path))) {
  674. if ($subdir == "." || $subdir == "..") {
  675. continue;
  676. }
  677. if (filetype($dir . $subdir) == 'dir') {
  678. $add = 1;
  679. $langu = $dir . $subdir . '/text.php';
  680. $email = $dir . $subdir . '/emails';
  681. /* Check the text.php */
  682. if (file_exists($langu)) {
  683. $tmp = file_get_contents($langu);
  684. // Some servers add slashes to file_get_contents output
  685. if (strpos($tmp, '[\\\'LANGUAGE\\\']') !== false) {
  686. $tmp = stripslashes($tmp);
  687. }
  688. $err = '';
  689. if (!preg_match('/\$hesklang\[\'LANGUAGE\'\]\=\'(.*)\'\;/', $tmp, $l)) {
  690. $add = 0;
  691. } elseif (!preg_match('/\$hesklang\[\'ENCODING\'\]\=\'(.*)\'\;/', $tmp)) {
  692. $add = 0;
  693. } elseif (!preg_match('/\$hesklang\[\'_COLLATE\'\]\=\'(.*)\'\;/', $tmp)) {
  694. $add = 0;
  695. } elseif (!preg_match('/\$hesklang\[\'EMAIL_HR\'\]\=\'(.*)\'\;/', $tmp, $hr)) {
  696. $add = 0;
  697. } elseif (!preg_match('/\$hesklang\[\'LANGUAGE_EN\'\]/', $tmp)) {
  698. $add = 0;
  699. }
  700. } else {
  701. $add = 0;
  702. }
  703. /* Check emails folder */
  704. if (file_exists($email) && filetype($email) == 'dir') {
  705. foreach ($valid_emails as $eml) {
  706. if (!file_exists($email . '/' . $eml . '.txt')) {
  707. $add = 0;
  708. }
  709. }
  710. } else {
  711. $add = 0;
  712. }
  713. /* Add an option for the <select> if needed */
  714. if ($add) {
  715. $code .= "'" . addslashes($l[1]) . "' => array('folder'=>'" . $subdir . "','hr'=>'" . addslashes($hr[1]) . "'),\n";
  716. $langArray[] = $l[1];
  717. }
  718. }
  719. }
  720. closedir($path);
  721. if ($returnArray) {
  722. return $langArray;
  723. } else {
  724. return $code;
  725. }
  726. } // END hesk_getLanguagesArray()
  727. function hesk_formatUnits($size)
  728. {
  729. $units = array(
  730. 'GB' => 1073741824,
  731. 'MB' => 1048576,
  732. 'kB' => 1024,
  733. 'B' => 1
  734. );
  735. list($size, $suffix) = explode(' ', $size);
  736. if (isset($units[$suffix])) {
  737. return round($size * $units[$suffix]);
  738. }
  739. return false;
  740. } // End hesk_formatBytes()