Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'hesk-2-7-4' into 'master'

Browse Source 
HESK 2.7.5

See merge request mike-koch/Mods-for-HESK!81
This commit is contained in:
Mike Koch 2017-11-26 02:47:49 +00:00
commit 8d30a041fe
39 changed files with 163 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
admin/admin_reply_ticket.php
View File

@ -294,6 +294,15 @@ $sql .= $submit_as_customer ? "`lastreplier`='0', `replierid`='0' " : "`lastrepl
if ($time_worked == '00:00:00') {
$sql .= ", `lastchange` = NOW() ";
} else {
$parts = explode(':', $ticket['time_worked']);
$seconds = ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
$parts = explode(':', $time_worked);
$seconds += ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
require(HESK_PATH . 'inc/reporting_functions.inc.php');
$ticket['time_worked'] = hesk_SecondsToHHMMSS($seconds);
$sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
}
@ -363,7 +372,9 @@ $info = array(
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'language' => $ticket['language']
'language' => $ticket['language'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => ($submit_as_customer ? $ticket['name'] : $_SESSION['name']),
);
// 2. Add custom fields to the array

1
admin/admin_settings_save.php
View File

@ -62,6 +62,7 @@ $set['noreply_mail'] = hesk_validateEmail(hesk_POST('s_noreply_mail'), $hesklang
$set['noreply_name'] = hesk_input(hesk_POST('s_noreply_name'));
$set['noreply_name'] = str_replace(array('\\"', '<', '>'), '', $set['noreply_name']);
$set['noreply_name'] = trim(preg_replace('/\s{2,}/', ' ', $set['noreply_name']));
$set['noreply_name'] = preg_replace("/\n|\r|\t|%0A|%0D|%08|%09/", '', $set['noreply_name']);
/* --> Language settings */
$set['can_sel_lang'] = empty($_POST['s_can_sel_lang']) ? 0 : 1;

3
admin/admin_ticket.php
View File

@ -423,13 +423,14 @@ if (isset($_POST['notemsg']) && hesk_token_check('POST')) {
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $_SESSION['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => stripslashes($msg),
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'attachments' => $myattachments,
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => $ticket['repliername'],
);
// 2. Add custom fields to the array

3
admin/assign_owner.php
View File

@ -129,13 +129,14 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array

4
admin/edit_post.php
View File

@ -368,7 +368,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['subject'] . $required; ?></label>
<div class="col-sm-9">
<input class="form-control" type="text" name="subject" size="40" maxlength="40"
<input class="form-control" type="text" name="subject" size="40" maxlength="70"
value="<?php echo $ticket['subject']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"/>
</div>
@ -380,7 +380,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</label>
<div class="col-sm-9">
<input class="form-control" type="text" name="name" size="40" maxlength="30"
<input class="form-control" type="text" name="name" size="40" maxlength="50"
value="<?php echo $ticket['name']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['name']); ?>"
data-error="<?php echo $hesklang['this_field_is_required']; ?>"

2
admin/export.php
View File

@ -697,7 +697,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
)
</option>
<option value="5" <?php echo $selected['time'][5]; ?>><?php echo $hesklang['r5']; ?></option>

13
admin/find_tickets.php
View File

@ -145,21 +145,21 @@ LEFT(`message`, 400) AS `message`,
$sql .= " ( `trackid` = '" . hesk_dbEscape($q) . "' OR `merged` LIKE '%#" . hesk_dbEscape($q) . "#%' ) ";
break;
case 'name':
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`name` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'email':
$sql .= "`email` LIKE '%" . hesk_dbEscape($q) . "%' ";
break;
case 'subject':
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`subject` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'message':
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "'
$sql .= " ( `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "'
OR
`id` IN (
SELECT DISTINCT `replyto`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
)
";
break;
@ -170,7 +170,7 @@ LEFT(`message`, 400) AS `message`,
$sql .= "`id` IN (
SELECT DISTINCT `ticket`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
";
break;
default:
@ -220,6 +220,9 @@ LEFT(`message`, 400) AS `message`,
$sql_count .= $sql;
$sql = $sql_final . $sql;
// Strip extra slashes
$q = stripslashes($q);
/* Prepare variables used in search and forms */
require_once(HESK_PATH . 'inc/prepare_ticket_search.inc.php');
?>

4
admin/index.php
View File

@ -158,7 +158,7 @@ function do_login()
exit();
}
$pass_enc = hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass']);
$pass_enc = hesk_Pass2Hash($_SESSION['pass'].hesk_mb_strtolower($user).$_SESSION['pass']);
/* Check if default password */
if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') {
@ -330,7 +330,7 @@ function print_login()
<select class="form-control" name="user">
<?php
while ($row = hesk_dbFetchAssoc($res)):
$sel = (strtolower($savedUser) == strtolower($row['user'])) ? 'selected' : '';
$sel = (hesk_mb_strtolower($savedUser) == hesk_mb_strtolower($row['user'])) ? 'selected="selected"' : '';
?>
<option value="<?php echo $row['user']; ?>" <?php echo $sel; ?>>
<?php echo $row['user']; ?>

2
admin/manage_email_templates.php
View File

@ -328,6 +328,8 @@ function getSpecialTagMap()
$map['%%OWNER%%'] = $hesklang['ticket_owner'];
$map['%%PRIORITY%%'] = $hesklang['ticket_priority'];
$map['%%STATUS%%'] = $hesklang['ticket_status'];
$map['%%LAST_REPLY_BY%%'] = $hesklang['last_reply_by'];
$map['%%TIME_WORKED%%'] = $hesklang['ts'];
$i = 1;
foreach ($hesk_settings['custom_fields'] as $key => $value) {

8
admin/manage_knowledgebase.php
View File

@ -900,7 +900,7 @@ function import_article()
$_SESSION['new_article'] = array(
'html' => 0,
'subject' => $ticket['subject'],
'content' => hesk_msgToPlain($ticket['message']),
'content' => hesk_msgToPlain($ticket['message'], 0, 0),
);
}
@ -915,10 +915,14 @@ function import_article()
}
else
{
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message']);
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message'], 0, 0);
}
}
// Make sure everything is extra slashed as stripslashes will be called later
$_SESSION['new_article']['subject'] = addslashes($_SESSION['new_article']['subject']);
$_SESSION['new_article']['content'] = addslashes($_SESSION['new_article']['content']);
hesk_process_messages($hesklang['import'],'NOREDIRECT','NOTICE');
} // END add_article()

6
admin/move_category.php
View File

@ -59,7 +59,7 @@ if (!$row['autoassign']) {
$category_ok = hesk_okCategory($category, 0);
// Is user allowed to move tickets to this category?
if (!$category_ok && !hesk_checkPermission('can_submit_any_cat', 0)) {
if ( ! $category_ok && ! hesk_checkPermission('can_change_cat', 0) ) {
hesk_process_messages($hesklang['noauth_move'],'admin_main.php');
}
@ -128,13 +128,13 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'id' => $ticket['id'],'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array

4
admin/new_ticket.php
View File

@ -244,7 +244,7 @@ $show_quick_help = $show['show'];
class="important">*</span></label>
<div class="col-sm-9">
<input type="text" class="form-control" name="name" size="40" maxlength="30"
<input type="text" class="form-control" name="name" size="40" maxlength="50"
value="<?php if (isset($_SESSION['as_name'])) {
echo stripslashes(hesk_input($_SESSION['as_name']));
} else if (isset($_GET['name'])) {
@ -700,7 +700,7 @@ $show_quick_help = $show['show'];
?>
</label>
<div class="col-sm-9">
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="40"
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="70"
value="<?php if (isset($_SESSION['as_subject']) || isset($_GET['subject'])) {
echo stripslashes(hesk_input($_SESSION['as_subject']));
} ?>" placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"

2
admin/profile.php
View File

@ -166,7 +166,7 @@ function update_profile()
$hesk_error_buffer = '';
$_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
/* Signature */

2
admin/reports.php
View File

@ -249,7 +249,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
)
</option>
<option

4
api/BusinessLogic/Emails/BasicEmailSender.php
View File

@ -10,6 +10,10 @@ use PHPMailer;
class BasicEmailSender extends \BaseClass implements EmailSender {
function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $emailBuilder->to . $emailBuilder->subject)) {
return false;
}
$mailer = new PHPMailer();
if ($heskSettings['smtp']) {

11
api/BusinessLogic/Emails/EmailTemplateParser.php
View File

@ -247,6 +247,17 @@ class EmailTemplateParser extends \BaseClass {
$msg = str_replace('%%CREATED%%', $ticket->dateCreated, $msg);
$msg = str_replace('%%UPDATED%%', $ticket->lastChanged, $msg);
$msg = str_replace('%%ID%%', $ticket->id, $msg);
$msg = str_replace('%%TIME_WORKED%%', $ticket->timeWorked, $msg);
$lastReplyBy = '';
// Get the last reply by
if (!empty($ticket->lastReplier)) {
$lastReplyBy = $ticket->lastReplier;
} else {
$lastReplyBy = $ticket->name;
}
$msg = str_replace('%%LAST_REPLY_BY%%', $lastReplyBy, $msg);
/* All custom fields */
for ($i=1; $i<=50; $i++) {

4
api/Controllers/Tickets/ResendTicketEmailToCustomerController.php
View File

@ -41,6 +41,10 @@ class ResendTicketEmailToCustomerController extends InternalApiController {
$reply = null;
$emailTemplate = EmailTemplateRetriever::NEW_TICKET;
// Use 0 for new tickets
$ticket->lastReplier = 0;
if (isset($_GET['replyId'])) {
$replyId = $_GET['replyId'];
$emailTemplate = EmailTemplateRetriever::NEW_REPLY_BY_STAFF;

2
api/Core/database.inc.php
View File

@ -97,7 +97,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

2
api/Core/database_mysqli.inc.php
View File

@ -97,7 +97,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

2
cron/core/database.inc.php
View File

@ -98,7 +98,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

2
cron/core/database_mysqli.inc.php
View File

@ -97,7 +97,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

6
inc/admin_functions.inc.php
View File

@ -334,7 +334,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
list($salt, $hash) = explode('|', $tag, 2);
// Make sure the hash matches existing username and password
if ($hash == sha1($salt . strtolower($username) . $password_hash)) {
if ($hash == sha1($salt . hesk_mb_strtolower($username) . $password_hash) ) {
return true;
}
@ -345,7 +345,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
function hesk_activeSessionCreateTag($username, $password_hash)
{
$salt = uniqid(mt_rand(), true);
return $salt . '|' . sha1($salt . strtolower($username) . $password_hash);
return $salt . '|' . sha1($salt . hesk_mb_strtolower($username) . $password_hash);
} // END hesk_activeSessionCreateTag()
@ -383,7 +383,7 @@ function hesk_autoLogin($noredirect = 0)
$res = hesk_dbFetchAssoc($result);
/* Check password */
if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass'])) {
if ($hash != hesk_Pass2Hash($res['pass'] . hesk_mb_strtolower($user) . $res['pass']) ) {
hesk_setcookie('hesk_username', '');
hesk_setcookie('hesk_p', '');
header('Location: '.$url);

38
inc/common.inc.php
View File

@ -357,6 +357,10 @@ function hesk_isREQUEST($in)
return isset($_GET[$in]) || isset($_POST[$in]) ? true : false;
} // END hesk_isREQUEST()
function hesk_mb_strtolower($in) {
return function_exists('mb_strtolower') ? mb_strtolower($in) : strtolower($in);
} // END hesk_mb_strtolower()
function hesk_htmlspecialchars_decode($in)
{
@ -835,7 +839,39 @@ function hesk_getCategoryName($id)
$hesk_settings['category_data'][$id]['name'] = hesk_dbResult($res, 0, 0);
return $hesk_settings['category_data'][$id]['name'];
} // END hesk_getOwnerName()
} // END hesk_getCategoryName()
function hesk_getReplierName($ticket) {
global $hesk_settings, $hesklang;
// Already have this info?
if (isset($ticket['last_reply_by'])) {
return $ticket['last_reply_by'];
}
// Last reply by staff
if ( ! empty($ticket['lastreplier'])) {
// We don't know who from staff so just send "Staff"
if (empty($ticket['replierid'])) {
return $hesklang['staff'];
}
// Get the name using another function
$replier = hesk_getOwnerName($ticket['replierid']);
// If replier comes back as "unassigned", default to "Staff"
if ($replier == $hesklang['unas']) {
return $hesklang['staff'];
}
return $replier;
}
// Last reply by customer
return $ticket['name'];
} // END hesk_getReplierName()
function hesk_getOwnerName($id)

36
inc/email_functions.inc.php
View File

@ -418,15 +418,21 @@ function hesk_mail($to, $subject, $message, $htmlMessage, $modsForHesk_settings,
return true;
}
// Stop if we find anything suspicious in the headers
if ( preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $to . $subject) ) {
return false;
}
// Encode subject to UTF-8
$subject = "=?UTF-8?B?" . base64_encode(hesk_html_entity_decode($subject)) . "?=";
$subject = hesk_encodeIfNotAscii( hesk_html_entity_decode($subject) );
// Auto-generate URLs for HTML-formatted emails
$htmlMessage = hesk_makeURL($htmlMessage, '', false);
// Setup "name <email>" for headers
if ($hesk_settings['noreply_name']) {
$hesk_settings['from_header'] = "=?UTF-8?B?" . base64_encode(hesk_html_entity_decode($hesk_settings['noreply_name'])) . "?= <" . $hesk_settings['noreply_mail'] . ">";
$hesk_settings['from_header'] = hesk_encodeIfNotAscii( hesk_html_entity_decode($hesk_settings['noreply_name']) ) . " <" . $hesk_settings['noreply_mail'] . ">";
} else {
$hesk_settings['from_header'] = $hesk_settings['noreply_mail'];
}
@ -505,6 +511,10 @@ function hesk_mail($to, $subject, $message, $htmlMessage, $modsForHesk_settings,
//-- Close the email
$message .= "--" . $innerboundary . "--";
// Remove duplicate recipients
$to_arr = array_unique(explode(',', $to));
$to = implode(',', $to_arr);
// Use PHP's mail function
if (!$hesk_settings['smtp']) {
// Set additional headers
@ -552,8 +562,6 @@ function hesk_mail($to, $subject, $message, $htmlMessage, $modsForHesk_settings,
ob_start();
// Send the e-mail using SMTP
$to_arr = explode(',', $to);
$headersArray = array(
"From: $hesk_settings[from_header]",
"To: $to",
@ -728,6 +736,16 @@ function hesk_getEmailMessage($eml_file, $ticket, $modsForHesk_settings, $is_adm
} // END hesk_getEmailMessage
function hesk_encodeIfNotAscii($str) {
// Match anything outside of ASCII range
if (preg_match('/[^\x00-\x7F]/', $str)) {
return "=?UTF-8?B?" . base64_encode($str) . "?=";
}
return $str;
} // END hesk_encodeIfNotAscii()
function hesk_doesTemplateHaveTag($eml_file, $tag, $modsForHesk_settings)
{
global $hesk_settings;
@ -795,7 +813,7 @@ function hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message
$trackingURL .= '?track=' . $ticket['trackid'] . ($is_admin ? '' : $hesk_settings['e_param']) . '&Refresh=' . rand(10000, 99999);
/* Set category title */
$ticket['category'] = hesk_msgToPlain(hesk_getCategoryName($ticket['category']), 1);
$ticket['category'] = hesk_msgToPlain(hesk_getCategoryName($ticket['category']), 1, 0);
/* Set priority title */
switch ($ticket['priority']) {
@ -821,6 +839,12 @@ function hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message
$row = hesk_dbFetchAssoc($statusRs);
$ticket['status'] = $row['text'];
// Get name of the person who posted the last message
if ( ! isset($ticket['last_reply_by'])) {
$ticket['last_reply_by'] = hesk_getReplierName($ticket);
}
/* Replace all special tags */
$msg = str_replace('%%NAME%%', $ticket['name'], $msg);
$msg = str_replace('%%SUBJECT%%', $ticket['subject'], $msg);
@ -836,6 +860,8 @@ function hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message
$msg = str_replace('%%CREATED%%', $ticket['dt'], $msg);
$msg = str_replace('%%UPDATED%%', $ticket['lastchange'], $msg);
$msg = str_replace('%%ID%%', $ticket['id'], $msg);
$msg = str_replace('%%TIME_WORKED%%', $ticket['time_worked'] ,$msg);
$msg = str_replace('%%LAST_REPLY_BY%%',$ticket['last_reply_by'] ,$msg);
/* All custom fields */
for ($i=1; $i<=50; $i++) {

2
inc/pipe_functions.inc.php
View File

@ -347,7 +347,7 @@ function hesk_encodeUTF8($in, $encoding)
return utf8_encode($in);
break;
default:
return iconv($encoding, 'UTF-8', $in);
return function_exists('iconv') ? iconv($encoding, 'UTF-8', $in) : utf8_encode($in);
break;
}
} // END hesk_encodeUTF8()

5
inc/posting_functions.inc.php
View File

@ -129,7 +129,7 @@ function hesk_newTicket($ticket, $isVerified = true)
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['name'],
'last_reply_by' => $ticket['name'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
@ -138,7 +138,8 @@ function hesk_newTicket($ticket, $isVerified = true)
'id' => hesk_dbInsertID(),
'language' => $language,
'html' => $ticket['html'],
'due_date' => $ticket['due_date']
'due_date' => $ticket['due_date'],
'time_worked' => '00:00:00',
);
// Add custom fields to the array

4
index.php
View File

@ -340,7 +340,7 @@ function print_add_ticket()
class="important">*</span></label>
<div class="col-sm-9">
<input type="text" class="form-control" id="name" name="name" size="40" maxlength="30"
<input type="text" class="form-control" id="name" name="name" size="40" maxlength="50"
value="<?php if (isset($_SESSION['c_name'])) {
echo stripslashes(hesk_input($_SESSION['c_name']));
} ?>" <?php if (in_array('name', $_SESSION['iserror'])) {
@ -711,7 +711,7 @@ function print_add_ticket()
<div class="col-sm-9">
<input type="text" id="subject" class="form-control" name="subject" size="40"
maxlength="40"
maxlength="70"
value="<?php if (isset($_SESSION['c_subject'])) {
echo stripslashes(hesk_input($_SESSION['c_subject']));
} ?>" <?php if (in_array('subject', $_SESSION['iserror'])) {

4
install/install_functions.inc.php
View File

@ -15,8 +15,8 @@
if (!defined('IN_SCRIPT')) {die('Invalid attempt');}
// We will be installing this HESK version:
define('HESK_NEW_VERSION','2.7.3');
define('MODS_FOR_HESK_NEW_VERSION','3.2.2');
define('HESK_NEW_VERSION','2.7.5');
define('MODS_FOR_HESK_NEW_VERSION','3.2.4');
define('REQUIRE_PHP_VERSION','5.3.0');
define('REQUIRE_MYSQL_VERSION','5.0.7');

2
internal-api/core/database.inc.php
View File

@ -97,7 +97,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

2
internal-api/core/database_mysqli.inc.php
View File

@ -97,7 +97,7 @@ function hesk_dbEscape($in)
function hesk_dbLike($in)
{
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
return str_replace( array('_', '%', '\\'), array('\\\\_', '\\\\%', '\\\\'), $in); // '
} // END hesk_dbLike()

4
knowledgebase.php
View File

@ -286,8 +286,8 @@ if (!$show['show']) {
if ($hesk_settings['kb_rating'] && strpos(hesk_COOKIE('hesk_kb_rate'), 'a' . $artid . '%') === false) {
echo '
<div id="rating" class="rate" align="right">&nbsp;<br />' . $hesklang['rart'] . '
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&amp;id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&amp;id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['no']) . '</a>
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&amp;id=' . $article['id'] . '\'" rel="nofollow">' . hesk_mb_strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&amp;id=' . $article['id'] . '\'" rel="nofollow">' . hesk_mb_strtolower($hesklang['no']) . '</a>
</div>
';
}

2
language/en/emails/html/new_reply_by_customer.txt
View File

@ -1,6 +1,6 @@
<p>Hello,</p>
<p>A customer has just replied to ticket "%%SUBJECT%%".</p>
<p>You can manage this ticket here:
<p>You can read the reply message and manage this ticket here:
%%TRACK_URL%%</p>
<p>Regards,</p>
%%SITE_TITLE%% <br>

5
language/en/emails/html/new_reply_by_staff.txt
View File

@ -1,8 +1,9 @@
<p>Dear %%NAME%%,</p>
<p>Our staff has just replied to your ticket "%%SUBJECT%%".</p>
<p>You can view the ticket here:</p>
<p>We have just replied to your ticket "%%SUBJECT%%".</p>
<p>To read the message, submit a reply and view details, please visit:</p>
%%TRACK_URL%%
<br><br>
<p>If the above link is not clickable, try copying and pasting it into the address bar of your web browser.</p>
<p>Sincerely,</p>
%%SITE_TITLE%%
<br>

2
language/en/emails/html/ticket_closed.txt
View File

@ -1,8 +1,8 @@
<p>Dear %%NAME%%,</p>
<p>Your support ticket "%%SUBJECT%%" has been updated to a closed/resolved status.</p>
<p>Ticket tracking ID: %%TRACK_ID%%</p>
<p>You can view the status of your ticket here:
%%TRACK_URL%%</p>
<p>If the above link is not clickable, try copying and pasting it into the address bar of your web browser.</p>
<p>Sincerely,</p>
%%SITE_TITLE%% <br>
%%SITE_URL%%

3
language/en/emails/ticket_closed.txt
View File

@ -2,11 +2,10 @@ Dear %%NAME%%,
Your support ticket "%%SUBJECT%%" has been updated to a closed/resolved status.
Ticket tracking ID: %%TRACK_ID%%
You can view the status of your ticket here:
%%TRACK_URL%%
If the above link is not clickable, try copying and pasting it into the address bar of your web browser.
Sincerely,

3
language/en/text.php
View File

@ -1239,7 +1239,7 @@ $hesklang['cat_pri_ch']='Category priority has been set to:';
$hesklang['err_dbversion']='Too old MySQL version:'; // %s will be replaced with MySQL version
$hesklang['signature_max']='Signature (max 1000 chars)';
$hesklang['signature_long']='User signature is too long! Please limit the signature to 1000 chars';
$hesklang['ip_whois']='IP whois';
$hesklang['ip_whois']='IP WHOIS';
$hesklang['ednote']='Edit note message';
$hesklang['ednote2']='Note message saved';
$hesklang['perm_deny']='Permission denied';
@ -1284,7 +1284,6 @@ $hesklang['click_unban']='Click here to unban.';
$hesklang['banip_intro']='Visitors from banned IP addresses will not be able to view or submit tickets and login into the help desk.';
$hesklang['ipperm']='Permanent IP bans:';
$hesklang['iptemp']='Login failure bans:';
$hesklang['savebanip']='Ban this IP';
$hesklang['no_banips']='<i>No IPs are being banned.</i>';
$hesklang['bananip']='IP address to ban';
$hesklang['banex']='Examples:';

3
reply_ticket.php
View File

@ -206,13 +206,14 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['name'],
'subject' => $ticket['subject'],
'message' => stripslashes($message),
'attachments' => $myattachments,
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => $ticket['name'],
);
// 2. Add custom fields to the array

2
submit_ticket.php
View File

@ -73,7 +73,7 @@ if ($hesk_settings['question_use']) {
if (strlen($question) == 0) {
$hesk_error_buffer['question'] = $hesklang['q_miss'];
} elseif (strtolower($question) != strtolower($hesk_settings['question_ans'])) {
} elseif (hesk_mb_strtolower($question) != hesk_mb_strtolower($hesk_settings['question_ans'])) {
$hesk_error_buffer['question'] = $hesklang['q_wrng'];
} else {
$_SESSION['c_question'] = $question;

4
ticket.php
View File

@ -722,8 +722,8 @@ function hesk_printCustomerTicketReplies()
echo '
<div id="rating' . $reply['id'] . '" class="rate">
' . $hesklang['r'] . '
<a href="Javascript:void(0)" onclick="Javascript:hesk_rate(\'rate.php?rating=5&amp;id=' . $reply['id'] . '&amp;track=' . $trackingID . '\',\'rating' . $reply['id'] . '\')">' . strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:hesk_rate(\'rate.php?rating=1&amp;id=' . $reply['id'] . '&amp;track=' . $trackingID . '\',\'rating' . $reply['id'] . '\')">' . strtolower($hesklang['no']) . '</a>
<a href="Javascript:void(0)" onclick="Javascript:hesk_rate(\'rate.php?rating=5&amp;id=' . $reply['id'] . '&amp;track=' . $trackingID . '\',\'rating' . $reply['id'] . '\')">' . hesk_mb_strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:hesk_rate(\'rate.php?rating=1&amp;id=' . $reply['id'] . '&amp;track=' . $trackingID . '\',\'rating' . $reply['id'] . '\')">' . hesk_mb_strtolower($hesklang['no']) . '</a>
</div>
';
}