2014-06-14 21:50:59 -04:00
< ? php
2016-11-16 21:16:25 -05:00
/**
*
* This file is part of HESK - PHP Help Desk Software .
*
* ( c ) Copyright Klemen Stirn . All rights reserved .
2016-11-18 12:57:17 -05:00
* https :// www . hesk . com
2016-11-16 21:16:25 -05:00
*
* For the full copyright and license agreement information visit
2016-11-18 12:57:17 -05:00
* https :// www . hesk . com / eula . php
2016-11-16 21:16:25 -05:00
*
*/
2015-09-12 00:46:46 -04:00
define ( 'IN_SCRIPT' , 1 );
define ( 'HESK_PATH' , '../' );
2014-06-14 21:50:59 -04:00
/* Get all the required files and functions */
require ( HESK_PATH . 'hesk_settings.inc.php' );
require ( HESK_PATH . 'inc/common.inc.php' );
require ( HESK_PATH . 'inc/admin_functions.inc.php' );
hesk_load_database_functions ();
hesk_session_start ();
hesk_dbConnect ();
hesk_isLoggedIn ();
2015-09-03 21:58:05 -04:00
$modsForHesk_settings = mfh_getSettings ();
2014-06-14 21:50:59 -04:00
/* Check permissions for this feature */
2015-06-07 01:18:30 -04:00
if ( ! isset ( $_REQUEST [ 'isManager' ]) || ! $_REQUEST [ 'isManager' ]) {
hesk_checkPermission ( 'can_view_tickets' );
hesk_checkPermission ( 'can_reply_tickets' );
}
2014-06-14 21:50:59 -04:00
/* A security check */
hesk_token_check ();
/* Ticket ID */
2015-09-12 00:46:46 -04:00
$trackingID = hesk_cleanID () or die ( $hesklang [ 'int_error' ] . ': ' . $hesklang [ 'no_trackID' ]);
2014-06-14 21:50:59 -04:00
/* Valid statuses */
2015-09-12 00:46:46 -04:00
$statusSql = " SELECT `ID` FROM ` " . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . " statuses` " ;
2014-06-14 21:50:59 -04:00
$status_options = array ();
$results = hesk_dbQuery ( $statusSql );
2016-06-07 12:16:17 -04:00
while ( $row = hesk_dbFetchAssoc ( $results )) {
2015-07-28 12:52:30 -04:00
$status_options [ $row [ 'ID' ]] = mfh_getDisplayTextForStatusId ( $row [ 'ID' ]);
2014-06-14 21:50:59 -04:00
}
/* New status */
2015-09-12 00:46:46 -04:00
$status = intval ( hesk_REQUEST ( 's' ));
if ( ! isset ( $status_options [ $status ])) {
hesk_process_messages ( $hesklang [ 'instat' ], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand ( 10000 , 99999 ), 'NOTICE' );
2014-06-14 21:50:59 -04:00
}
$locked = 0 ;
2015-09-12 00:46:46 -04:00
$statusRow = hesk_dbFetchAssoc ( hesk_dbQuery ( " SELECT `ID`, `IsClosed` FROM ` " . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . " statuses` WHERE ID = " . $status ));
2014-06-14 21:50:59 -04:00
if ( $statusRow [ 'IsClosed' ]) // Closed
{
2016-10-11 21:47:16 -04:00
if ( ! hesk_checkPermission ( 'can_resolve' , 0 )) {
hesk_process_messages ( $hesklang [ 'noauth_resolve' ], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand ( 10000 , 99999 ), 'NOTICE' );
}
2015-09-12 00:46:46 -04:00
$action = $hesklang [ 'ticket_been' ] . ' ' . $hesklang [ 'close' ];
$revision = sprintf ( $hesklang [ 'thist3' ], hesk_date (), $_SESSION [ 'name' ] . ' (' . $_SESSION [ 'user' ] . ')' );
2014-06-14 21:50:59 -04:00
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'custopen' ] != 1 ) {
$locked = 1 ;
2014-06-14 21:50:59 -04:00
}
2015-01-11 16:18:14 -05:00
// Notify customer of closed ticket?
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'notify_closed' ]) {
2015-01-11 16:18:14 -05:00
// Get ticket info
2015-09-12 00:46:46 -04:00
$result = hesk_dbQuery ( " SELECT * FROM ` " . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . " tickets` WHERE `trackid`=' " . hesk_dbEscape ( $trackingID ) . " ' LIMIT 1 " );
if ( hesk_dbNumRows ( $result ) != 1 ) {
2015-01-11 16:18:14 -05:00
hesk_error ( $hesklang [ 'ticket_not_found' ]);
}
$ticket = hesk_dbFetchAssoc ( $result );
2015-11-16 12:29:35 -05:00
$ticket [ 'status' ] = $status ;
2015-01-11 16:18:14 -05:00
$ticket [ 'dt' ] = hesk_date ( $ticket [ 'dt' ], true );
$ticket [ 'lastchange' ] = hesk_date ( $ticket [ 'lastchange' ], true );
2015-02-22 11:40:15 -05:00
$ticket = hesk_ticketToPlain ( $ticket , 1 , 0 );
2015-01-11 16:18:14 -05:00
// Notify customer
require ( HESK_PATH . 'inc/email_functions.inc.php' );
2015-09-12 00:46:46 -04:00
hesk_notifyCustomer ( $modsForHesk_settings , 'ticket_closed' );
2015-01-11 16:18:14 -05:00
}
// Log who marked the ticket resolved
2015-09-12 00:46:46 -04:00
$closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval ( $_SESSION [ 'id' ]) . ' ' ;
2017-04-04 12:16:42 -04:00
} elseif ( $statusRow [ 'IsNewTicketStatus' ] == 0 ) //Ticket is still open, but not new
2014-06-14 21:50:59 -04:00
{
2015-09-12 00:46:46 -04:00
$action = sprintf ( $hesklang [ 'tsst' ], $status_options [ $status ]);
$revision = sprintf ( $hesklang [ 'thist9' ], hesk_date (), $status_options [ $status ], $_SESSION [ 'name' ] . ' (' . $_SESSION [ 'user' ] . ')' );
2015-01-11 16:18:14 -05:00
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ' ;
2015-09-12 00:46:46 -04:00
} else // Ticket is marked as "NEW"
2014-06-14 21:50:59 -04:00
{
2015-09-12 00:46:46 -04:00
$action = $hesklang [ 'ticket_been' ] . ' ' . $hesklang [ 'opened' ];
$revision = sprintf ( $hesklang [ 'thist4' ], hesk_date (), $_SESSION [ 'name' ] . ' (' . $_SESSION [ 'user' ] . ')' );
2015-01-11 16:18:14 -05:00
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ' ;
2014-06-14 21:50:59 -04:00
}
2014-11-23 00:20:28 -05:00
2016-10-11 21:47:16 -04:00
hesk_dbQuery ( " UPDATE ` " . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . " tickets` SET `status`=' { $status } ', `locked`=' { $locked } ' $closedby_sql , `history`=CONCAT(`history`,' " . hesk_dbEscape ( $revision ) . " ') WHERE `trackid`=' " . hesk_dbEscape ( $trackingID ) . " ' " );
2014-06-14 21:50:59 -04:00
2015-09-12 00:46:46 -04:00
if ( hesk_dbAffectedRows () != 1 ) {
hesk_error ( " $hesklang[int_error] : $hesklang[trackID_not_found] . " );
2014-06-14 21:50:59 -04:00
}
2015-09-12 00:46:46 -04:00
hesk_process_messages ( $action , 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand ( 10000 , 99999 ), 'SUCCESS' );
