Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_post.php 34KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', '../');
  15. define('WYSIWYG', 1);
  16. define('VALIDATOR', 1);
  17. define('MFH_PAGE_LAYOUT', 'TOP_ONLY');
  18. /* Get all the required files and functions */
  19. require(HESK_PATH . 'hesk_settings.inc.php');
  20. require(HESK_PATH . 'inc/common.inc.php');
  21. require(HESK_PATH . 'inc/admin_functions.inc.php');
  22. require(HESK_PATH . 'inc/mail_functions.inc.php');
  23. require(HESK_PATH . 'inc/custom_fields.inc.php');
  24. hesk_load_database_functions();
  25. require(HESK_PATH . 'inc/posting_functions.inc.php');
  26. require(HESK_PATH . 'inc/view_attachment_functions.inc.php');
  27. hesk_session_start();
  28. hesk_dbConnect();
  29. hesk_isLoggedIn();
  30. /* Check permissions for this feature */
  31. if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
  32. hesk_checkPermission('can_view_tickets');
  33. hesk_checkPermission('can_edit_tickets');
  34. }
  35. $modsForHesk_settings = mfh_getSettings();
  36. /* Ticket ID */
  37. $trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
  38. $is_reply = 0;
  39. $tmpvar = array();
  40. if (!isset($_SESSION['iserror'])) {
  41. $_SESSION['iserror'] = array();
  42. }
  43. /* Get ticket info */
  44. $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
  45. if (hesk_dbNumRows($result) != 1) {
  46. hesk_error($hesklang['ticket_not_found']);
  47. }
  48. $ticket = hesk_dbFetchAssoc($result);
  49. // Demo mode
  50. if (defined('HESK_DEMO')) {
  51. $ticket['email'] = 'hidden@demo.com';
  52. }
  53. /* Is this user allowed to view tickets inside this category? */
  54. if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
  55. hesk_okCategory($ticket['category']);
  56. }
  57. if (hesk_isREQUEST('reply')) {
  58. $tmpvar['id'] = intval(hesk_REQUEST('reply')) or die($hesklang['id_not_valid']);
  59. $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$tmpvar['id']}' AND `replyto`='" . intval($ticket['id']) . "' LIMIT 1");
  60. if (hesk_dbNumRows($result) != 1) {
  61. hesk_error($hesklang['id_not_valid']);
  62. }
  63. $reply = hesk_dbFetchAssoc($result);
  64. $ticket['message'] = $reply['message'];
  65. $ticket['html'] = $reply['html'];
  66. $is_reply = 1;
  67. }
  68. // Count number of existing attachments for this post
  69. $number_of_attachments = $is_reply ? hesk_countAttachments($reply['attachments']) : hesk_countAttachments($ticket['attachments']);
  70. if (isset($_POST['save'])) {
  71. /* A security check */
  72. hesk_token_check('POST');
  73. $hesk_error_buffer = array();
  74. // Add attachments?
  75. if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) {
  76. require_once(HESK_PATH . 'inc/attachments.inc.php');
  77. $attachments = array();
  78. $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);
  79. if ($use_legacy_attachments) {
  80. for ($i = $number_of_attachments + 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
  81. $att = hesk_uploadFile($i);
  82. if ($att !== false && !empty($att)) {
  83. $attachments[$i] = $att;
  84. }
  85. }
  86. } else {
  87. // The user used the new drag-and-drop system.
  88. $temp_attachment_ids = hesk_POST_array('attachment-ids');
  89. foreach ($temp_attachment_ids as $temp_attachment_id) {
  90. // Simply get the temp info and move it to the attachments table
  91. $temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
  92. $attachments[] = $temp_attachment;
  93. mfh_deleteTemporaryAttachment($temp_attachment_id);
  94. }
  95. }
  96. }
  97. if ($is_reply) {
  98. $tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];
  99. if (count($hesk_error_buffer)) {
  100. // Remove any successfully uploaded attachments
  101. if ($hesk_settings['attachments']['use'] && isset($attachments)) {
  102. hesk_removeAttachments($attachments);
  103. }
  104. $myerror = '<ul>';
  105. foreach ($hesk_error_buffer as $error) {
  106. $myerror .= "<li>$error</li>\n";
  107. }
  108. $myerror .= '</ul>';
  109. hesk_error($myerror);
  110. }
  111. if (!$modsForHesk_settings['rich_text_for_tickets']) {
  112. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  113. $tmpvar['message'] = nl2br($tmpvar['message']);
  114. }
  115. $tmpvar['html'] = hesk_POST('html');
  116. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  117. foreach ($attachments as $myatt) {
  118. hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
  119. $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  120. }
  121. }
  122. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "', `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."') WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
  123. } else {
  124. $tmpvar['language'] = hesk_POST('customerLanguage');
  125. $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
  126. if ($hesk_settings['require_email']) {
  127. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email'];
  128. } else {
  129. $tmpvar['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0);
  130. // Not required, but must be valid if it is entered
  131. if ($tmpvar['email'] == '') {
  132. if (strlen(hesk_POST('email'))) {
  133. $hesk_error_buffer['email'] = $hesklang['not_valid_email'];
  134. }
  135. }
  136. }
  137. $tmpvar['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer[] = $hesklang['enter_ticket_subject'];
  138. $tmpvar['message'] = hesk_input( hesk_POST('message') );
  139. if ($hesk_settings['require_message'] == 1 && $tmpvar['message'] == '') {
  140. $hesk_error_buffer[] = $hesklang['enter_message'];
  141. }
  142. $tmpvar['html'] = hesk_POST('html');
  143. // Demo mode
  144. if (defined('HESK_DEMO')) {
  145. $tmpvar['email'] = 'hidden@demo.com';
  146. }
  147. // Custom fields
  148. foreach ($hesk_settings['custom_fields'] as $k=>$v) {
  149. if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) {
  150. if ($v['req'] == 2) {
  151. $v['req'] = '<span class="important">*</span>';
  152. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  153. } else {
  154. $v['req'] = '';
  155. $required_attribute = '';
  156. }
  157. if ($v['type'] == 'checkbox') {
  158. $tmpvar[$k]='';
  159. if (isset($_POST[$k]) && is_array($_POST[$k])) {
  160. foreach ($_POST[$k] as $myCB) {
  161. $tmpvar[$k] .= ( is_array($myCB) ? '' : hesk_input($myCB) ) . '<br />';
  162. }
  163. $tmpvar[$k]=substr($tmpvar[$k],0,-6);
  164. } else {
  165. if ($v['req'] == 2) {
  166. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  167. }
  168. $_POST[$k] = '';
  169. }
  170. } elseif ($v['type'] == 'date') {
  171. $tmpvar[$k] = hesk_POST($k);
  172. $_SESSION["as_$k"] = '';
  173. if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
  174. $date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
  175. $dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
  176. $dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
  177. $_SESSION["as_$k"] = $tmpvar[$k];
  178. if ($dmin && $dmin > $date) {
  179. $hesk_error_buffer[$k] = sprintf($hesklang['d_emin'], $v['name'], hesk_custom_date_display_format($dmin, $v['value']['date_format']));
  180. } elseif ($dmax && $dmax < $date) {
  181. $hesk_error_buffer[$k] = sprintf($hesklang['d_emax'], $v['name'], hesk_custom_date_display_format($dmax, $v['value']['date_format']));
  182. } else {
  183. $tmpvar[$k] = $date;
  184. }
  185. } else {
  186. if ($v['req'] == 2) {
  187. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  188. }
  189. }
  190. } elseif ($v['type'] == 'email') {
  191. $tmp = $hesk_settings['multi_eml'];
  192. $hesk_settings['multi_eml'] = $v['value']['multiple'];
  193. $tmpvar[$k] = hesk_validateEmail( hesk_POST($k), 'ERR', 0);
  194. $hesk_settings['multi_eml'] = $tmp;
  195. if ($tmpvar[$k] != '') {
  196. $_SESSION["as_$k"] = hesk_input($tmpvar[$k]);
  197. } else {
  198. $_SESSION["as_$k"] = '';
  199. if ($v['req'] == 2) {
  200. $hesk_error_buffer[$k] = $v['value']['multiple'] ? sprintf($hesklang['cf_noem'], $v['name']) : sprintf($hesklang['cf_noe'], $v['name']);
  201. }
  202. }
  203. } elseif ($v['req'] == 2) {
  204. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) )));
  205. if ($tmpvar[$k] == '') {
  206. $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name'];
  207. }
  208. } else {
  209. $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
  210. }
  211. } else {
  212. $tmpvar[$k] = '';
  213. }
  214. }
  215. if (count($hesk_error_buffer)) {
  216. // Remove any successfully uploaded attachments
  217. if ($hesk_settings['attachments']['use'] && isset($attachments)) {
  218. hesk_removeAttachments($attachments);
  219. }
  220. $myerror = '<ul>';
  221. foreach ($hesk_error_buffer as $error) {
  222. $myerror .= "<li>$error</li>\n";
  223. }
  224. $myerror .= '</ul>';
  225. hesk_error($myerror);
  226. }
  227. if (!$tmpvar['html']) {
  228. $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
  229. $tmpvar['message'] = nl2br($tmpvar['message']);
  230. }
  231. if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
  232. foreach ($attachments as $myatt) {
  233. hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
  234. $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
  235. }
  236. }
  237. $custom_SQL = '';
  238. for ($i = 1; $i <= 50; $i++) {
  239. $custom_SQL .= '`custom'.$i.'`=' . (isset($tmpvar['custom'.$i]) ? "'".hesk_dbEscape($tmpvar['custom'.$i])."'" : "''") . ',';
  240. }
  241. $custom_SQL = rtrim($custom_SQL, ',');
  242. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET
  243. `name`='" . hesk_dbEscape($tmpvar['name']) . "',
  244. `email`='" . hesk_dbEscape($tmpvar['email']) . "',
  245. `subject`='" . hesk_dbEscape($tmpvar['subject']) . "',
  246. `message`='" . hesk_dbEscape($tmpvar['message']) . "',
  247. `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."'),
  248. `language`='" . hesk_dbEscape($tmpvar['language']) . "',
  249. `html`='" . hesk_dbEscape($tmpvar['html']) . "',
  250. $custom_SQL
  251. WHERE `id`='" . intval($ticket['id']) . "' LIMIT 1");
  252. }
  253. unset($tmpvar);
  254. hesk_cleanSessionVars('tmpvar');
  255. hesk_process_messages($hesklang['edt2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
  256. }
  257. $ticket['message'] = hesk_msgToPlain($ticket['message'], 0, 0);
  258. /* Print header */
  259. require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
  260. /* Print admin navigation */
  261. require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
  262. ?>
  263. <div class="content-wrapper">
  264. <ol class="breadcrumb">
  265. <li>
  266. <a href="admin_ticket.php?track=<?php echo $trackingID; ?>&amp;Refresh=<?php echo mt_rand(10000, 99999); ?>"><?php echo $hesklang['ticket'] . ' ' . $trackingID; ?></a>
  267. </li>
  268. <li class="active"><?php echo $hesklang['edtt']; ?></li>
  269. </ol>
  270. <section class="content">
  271. <div class="box">
  272. <div class="box-header with-border">
  273. <h1 class="box-title">
  274. <?php echo $hesklang['edtt']; ?>
  275. </h1>
  276. <div class="box-tools pull-right">
  277. <button type="button" class="btn btn-box-tool" data-widget="collapse">
  278. <i class="fa fa-minus"></i>
  279. </button>
  280. </div>
  281. </div>
  282. <div class="box-body">
  283. <?php
  284. $onsubmit = '';
  285. if ($modsForHesk_settings['rich_text_for_tickets']) {
  286. $onsubmit = 'onsubmit="return validateRichText(\'message-help-block\', \'message-group\', \'message\', \''.htmlspecialchars($hesklang['this_field_is_required']).'\')"';
  287. }
  288. ?>
  289. <form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" enctype="multipart/form-data" <?php echo $onsubmit; ?>>
  290. <?php
  291. /* If it's not a reply edit all the fields */
  292. if (!$is_reply) {
  293. if ($hesk_settings['can_sel_lang']) {
  294. ?>
  295. <div class="form-group">
  296. <label for="customerLanguage"
  297. class="col-sm-3 control-label"><?php echo $hesklang['chol']; ?></label>
  298. <div class="col-sm-9">
  299. <select name="customerLanguage" id="customerLanguage" class="form-control">
  300. <?php hesk_listLanguages(); ?>
  301. </select>
  302. </div>
  303. </div>
  304. <?php } else {
  305. echo '<input type="hidden" name="customerLanguage" value="' . $ticket['language'] . '">';
  306. } ?>
  307. <div class="form-group">
  308. <?php
  309. $required = '';
  310. $required_attribute = '';
  311. if ($hesk_settings['require_subject'] == 1) {
  312. $required = ' <span class="important">*</span>';
  313. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  314. }
  315. ?>
  316. <label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['subject'] . $required; ?></label>
  317. <div class="col-sm-9">
  318. <input class="form-control" type="text" name="subject" size="40" maxlength="40"
  319. value="<?php echo $ticket['subject']; ?>"
  320. placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"/>
  321. </div>
  322. </div>
  323. <div class="form-group">
  324. <label for="name" class="col-sm-3 control-label">
  325. <?php echo $hesklang['name']; ?>
  326. <span class="important">*</span>
  327. </label>
  328. <div class="col-sm-9">
  329. <input class="form-control" type="text" name="name" size="40" maxlength="30"
  330. value="<?php echo $ticket['name']; ?>"
  331. placeholder="<?php echo htmlspecialchars($hesklang['name']); ?>"
  332. data-error="<?php echo $hesklang['this_field_is_required']; ?>"
  333. required>
  334. </div>
  335. </div>
  336. <div class="form-group">
  337. <?php
  338. $required = '';
  339. $required_attribute = '';
  340. if ($hesk_settings['require_email']) {
  341. $required = ' <span class="important">*</span>';
  342. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  343. }
  344. ?>
  345. <label for="email"
  346. class="col-sm-3 control-label"><?php echo $hesklang['email'] . $required; ?></label>
  347. <div class="col-sm-9">
  348. <input class="form-control" type="text" name="email" size="40" maxlength="1000"
  349. value="<?php echo $ticket['email']; ?>"
  350. placeholder="<?php echo htmlspecialchars($hesklang['email']); ?>"
  351. <?php echo $required_attribute ?>>
  352. <div class="help-block with-errors"></div>
  353. </div>
  354. </div>
  355. <?php
  356. foreach ($hesk_settings['custom_fields'] as $k => $v) {
  357. if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category'])) {
  358. $k_value = $ticket[$k];
  359. if ($v['type'] == 'checkbox') {
  360. $k_value = explode('<br />', $k_value);
  361. }
  362. if ($v['req'] == 2) {
  363. $v['req'] = '<span class="important">*</span>';
  364. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  365. } else {
  366. $v['req'] = '';
  367. $required_attribute = '';
  368. }
  369. switch ($v['type']) {
  370. /* Radio box */
  371. case 'radio':
  372. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  373. echo '
  374. <div class="form-group' . $cls . '">
  375. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  376. <div class="col-sm-9">';
  377. foreach ($v['value']['radio_options'] as $option) {
  378. if (strlen($k_value) == 0) {
  379. $k_value = $option;
  380. $checked = empty($v['value']['no_default']) ? 'checked="checked"' : '';
  381. } elseif ($k_value == $option) {
  382. $k_value = $option;
  383. $checked = 'checked="checked"';
  384. } else {
  385. $checked = '';
  386. }
  387. echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
  388. }
  389. echo '<div class="help-block with-errors"></div></div>
  390. </div>';
  391. break;
  392. /* Select drop-down box */
  393. case 'select':
  394. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  395. echo '
  396. <div class="form-group">
  397. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  398. <div class="col-sm-9">
  399. <select name="' . $k . '" class="form-control" ' . $required_attribute . '>';
  400. // Show "Click to select"?
  401. if (!empty($v['value']['show_select'])) {
  402. echo '<option value="">' . $hesklang['select'] . '</option>';
  403. }
  404. foreach ($v['value']['select_options'] as $option) {
  405. if ($k_value == $option) {
  406. $k_value = $option;
  407. $selected = 'selected';
  408. } else {
  409. $selected = '';
  410. }
  411. echo '<option ' . $selected . '>' . $option . '</option>';
  412. }
  413. echo '</select>
  414. <div class="help-block with-errors"></div>
  415. </div>
  416. </div>';
  417. break;
  418. /* Checkbox */
  419. case 'checkbox':
  420. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  421. echo '
  422. <div class="form-group' . $cls . '">
  423. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  424. <div class="col-sm-9">';
  425. foreach ($v['value']['checkbox_options'] as $option) {
  426. if (in_array($option, $k_value)) {
  427. $checked = 'checked';
  428. } else {
  429. $checked = '';
  430. }
  431. echo '<div class="checkbox"><label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
  432. }
  433. echo '<div class="help-block with-errors"></div>
  434. </div>
  435. </div>';
  436. break;
  437. /* Large text box */
  438. case 'textarea':
  439. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  440. $k_value = hesk_msgToPlain($k_value, 0, 0);
  441. echo '
  442. <div class="form-group' . $cls . '">
  443. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  444. <div class="col-sm-9">
  445. <textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
  446. <div class="help-block with-errors"></div>
  447. </div>
  448. </div>';
  449. break;
  450. // Date
  451. case 'date':
  452. if ($required_attribute !== '') {
  453. $required_attribute .= ' pattern="[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])"';
  454. }
  455. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  456. $k_value = hesk_custom_date_display_format($k_value, 'Y-m-d');
  457. echo '
  458. <div class="form-group' . $cls . '">
  459. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  460. <div class="col-sm-9">
  461. <input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>
  462. <div class="help-block with-errors"></div>
  463. </div>
  464. </div>';
  465. break;
  466. // Email
  467. case 'email':
  468. $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
  469. $suggest = $hesk_settings['detect_typos'] ? 'onblur="Javascript:hesk_suggestEmail(\'' . $k . '\', \'' . $k . '_suggestions\', 0, 1' . ($v['value']['multiple'] ? ',1' : '') . ')"' : '';
  470. echo '
  471. <div class="form-group' . $cls . '">
  472. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  473. <div class="col-sm-9">
  474. <input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>
  475. <div class="help-block with-errors"></div>
  476. </div>
  477. <div id="' . $k . '_suggestions"></div>
  478. </div>
  479. ';
  480. break;
  481. // Hidden (same as text for staff)
  482. case 'hidden':
  483. case 'readonly':
  484. default:
  485. if (strlen($k_value) != 0) {
  486. $v['value']['default_value'] = $k_value;
  487. }
  488. $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
  489. echo '
  490. <div class="form-group' . $cls . '">
  491. <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
  492. <div class="col-sm-9">
  493. <input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>
  494. <div class="help-block with-errors"></div>
  495. </div>
  496. </div>
  497. ';
  498. }
  499. }
  500. }
  501. } ?>
  502. <div class="form-group" id="message-group">
  503. <?php
  504. $required = '';
  505. $required_attribute = '';
  506. if ($hesk_settings['require_message'] == 1) {
  507. $required = ' <span class="important">*</span>';
  508. $required_attribute = 'data-error="' . $hesklang['this_field_is_required'] . '" required';
  509. }
  510. ?>
  511. <label for="message" class="col-sm-3 control-label"><?php echo $hesklang['message'] . $required; ?></label>
  512. <div class="col-sm-9">
  513. <?php
  514. $message = $ticket['html'] ? hesk_html_entity_decode($ticket['message']) : $ticket['message'];
  515. ?>
  516. <textarea class="form-control htmlEditor" name="message" rows="12"
  517. placeholder="<?php echo htmlspecialchars($hesklang['message']); ?>"
  518. cols="60" <?php echo $required_attribute; ?>><?php echo $message; ?></textarea>
  519. <div class="help-block with-errors" id="message-help-block"></div>
  520. </div>
  521. </div>
  522. <?php if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) : ?>
  523. <div class="form-group">
  524. <label for="attachments" class="control-label col-sm-3"><?php echo $hesklang['attachments']; ?>:</label>
  525. <div class="col-sm-9">
  526. <?php build_dropzone_markup(true, 'filedrop', $number_of_attachments + 1); ?>
  527. </div>
  528. </div>
  529. <?php
  530. display_dropzone_field($hesk_settings['hesk_url'] . '/internal-api/ticket/upload-attachment.php',
  531. 'filedrop',
  532. $hesk_settings['attachments']['max_number'] - $number_of_attachments);
  533. endif; ?>
  534. <div class="form-group">
  535. <input type="hidden" name="save" value="1">
  536. <input type="hidden" name="track" value="<?php echo $trackingID; ?>">
  537. <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>">
  538. <?php
  539. if ($is_reply) {
  540. ?>
  541. <input type="hidden" name="reply" value="<?php echo $tmpvar['id']; ?>">
  542. <?php
  543. }
  544. ?>
  545. </div>
  546. <div class="form-group" style="text-align: center">
  547. <?php
  548. $html = $ticket['html'] ? 1 : 0;
  549. ?>
  550. <input type="hidden" name="html" value="<?php echo $html; ?>">
  551. <input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-default">
  552. <?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
  553. <input type="hidden" name="isManager" value="1">
  554. <?php endif; ?>
  555. <a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
  556. </div>
  557. </form>
  558. </div>
  559. </div>
  560. <script>
  561. buildValidatorForTicketSubmission('form1', "<?php echo addslashes($hesklang['select_at_least_one_value']); ?>");
  562. </script>
  563. <?php if ($ticket['html']): ?>
  564. <script type="text/javascript">
  565. /* <![CDATA[ */
  566. tinyMCE.init({
  567. mode: "textareas",
  568. editor_selector: "htmlEditor",
  569. elements: "content",
  570. theme: "advanced",
  571. convert_urls: false,
  572. plugins: "autolink",
  573. theme_advanced_buttons1: "cut,copy,paste,|,undo,redo,|,formatselect,fontselect,fontsizeselect,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull",
  574. theme_advanced_buttons2: "sub,sup,|,charmap,|,bullist,numlist,|,outdent,indent,insertdate,inserttime,preview,|,forecolor,backcolor,|,hr,removeformat,visualaid,|,link,unlink,anchor,image,cleanup,code",
  575. theme_advanced_buttons3: "",
  576. theme_advanced_toolbar_location: "top",
  577. theme_advanced_toolbar_align: "left",
  578. theme_advanced_statusbar_location: "bottom",
  579. theme_advanced_resizing: true
  580. });
  581. /* ]]> */
  582. </script>
  583. <?php endif; ?>
  584. </section>
  585. </div>
  586. <?php
  587. require_once(HESK_PATH . 'inc/footer.inc.php');
  588. exit();
  589. function hesk_countAttachments($attachments_string) {
  590. if ( ! strlen($attachments_string) || strpos($attachments_string, ',') === false) {
  591. return 0;
  592. }
  593. $att = explode(',', substr($attachments_string, 0, -1));
  594. return count($att);
  595. } // END hesk_countAttachments()