From f5f02d4200fb4b945e0b83bebac08bbfea3cb13d Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 10 Jan 2015 16:31:21 -0500 Subject: [PATCH 01/65] #92 Update admin_settings.php --- admin/admin_settings.php | 253 +++++++++++++++++++++++++++++---------- 1 file changed, 189 insertions(+), 64 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index d2cd8f43..bc9523c1 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -1,7 +1,7 @@ "; var today = new Date(); today.setHours(server_time.substr(0,server_time.indexOf(":"))); @@ -475,6 +437,7 @@ if ( defined('HESK_DEMO') )
    • +
  • @@ -732,6 +695,18 @@ if ( defined('HESK_DEMO') ) ?> +
    + +
    +
        +
    '; + ?> +
    +
    @@ -756,6 +731,30 @@ if ( defined('HESK_DEMO') ) ?>
    +
    + +
    +
        +
    '; + ?> +
    + +
    + +
    +
        +
    '; + ?> +
    +
    @@ -780,6 +779,23 @@ if ( defined('HESK_DEMO') ) ?>
    +
    + +
    +
    '; + ?> +
    + +
    +
    + +
    +
    +
    @@ -862,13 +878,18 @@ if ( defined('HESK_DEMO') )

    +


    @@ -884,24 +906,13 @@ if ( defined('HESK_DEMO') )  
    -
    +
     
    -
    +
     
    - - -
        -
    '; - ?> -
    - @@ -958,6 +969,14 @@ if ( defined('HESK_DEMO') ) +
    + +
    +
    + +
    +
    +
    @@ -1059,21 +1078,25 @@ if ( defined('HESK_DEMO') )
    -
    +
    - -
    +
        -
    '; +
        +
        +
    '; ?>
    + +
    +
    @@ -1081,8 +1104,8 @@ if ( defined('HESK_DEMO') ) $on = $hesk_settings['kb_wysiwyg'] ? 'checked="checked"' : ''; $off = $hesk_settings['kb_wysiwyg'] ? '' : 'checked="checked"'; echo ' -
        -
    '; +
        +
    '; ?>
    @@ -1208,6 +1231,15 @@ if ( defined('HESK_DEMO') )

    +
    + +
    + +
    +
    +

    +
    +
    @@ -1466,8 +1498,8 @@ if ( defined('HESK_DEMO') ) } echo ' -
        -
    '; +
        +
    '; ?> @@ -1478,6 +1510,12 @@ if ( defined('HESK_DEMO') )
    +
    + +
    + /> +
    +
    @@ -1655,6 +1693,37 @@ if ( defined('HESK_DEMO') )
    + +
    + +
    + +
    +
    + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    +
    @@ -1666,6 +1735,14 @@ if ( defined('HESK_DEMO') )
    +
    + +
    +
    + +
    +
    +
    @@ -1717,6 +1794,39 @@ if ( defined('HESK_DEMO') )
    + +
    +
    + +
    + $title) + { + echo ' +
    + +
    + '; + } + ?> +
    +
    +
    +
    + +
    +

    +

    +
    '; + ?> +
    +
    + +
    @@ -1772,6 +1882,21 @@ if ( defined('HESK_DEMO') )
    +
    + +
    + +
    +
    +
    +
    + +
    +
    + +
    +
    +
    @@ -2367,7 +2492,7 @@ function hesk_testLanguage($return_options = 0) } /* Check if language file is for current version */ - if (strpos($tmp,'$hesklang[\'recaptcha_error\']') === false) + if (strpos($tmp,'$hesklang[\'ms01\']') === false) { $err .= " |----> WRONG VERSION (not ".$hesk_settings['hesk_version'].")\n"; } From d45c2d5ab9fd9cee1500d0ad67ae064a96379f50 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 10 Jan 2015 23:56:09 -0500 Subject: [PATCH 02/65] #92 Update admin_settings_save.php --- admin/admin_settings_save.php | 129 +++++++++++++++++++++++++++++++--- 1 file changed, 120 insertions(+), 9 deletions(-) diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index 510e0be9..68e1a293 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -1,7 +1,7 @@ Features */ $set['autologin'] = empty($_POST['s_autologin']) ? 0 : 1; $set['autoassign'] = empty($_POST['s_autoassign']) ? 0 : 1; +$set['custclose'] = empty($_POST['s_custclose']) ? 0 : 1; $set['custopen'] = empty($_POST['s_custopen']) ? 0 : 1; $set['rating'] = empty($_POST['s_rating']) ? 0 : 1; $set['cust_urgency'] = empty($_POST['s_cust_urgency']) ? 0 : 1; $set['sequential'] = empty($_POST['s_sequential']) ? 0 : 1; +$set['time_worked'] = empty($_POST['s_time_worked']) ? 0 : 1; +$set['spam_notice'] = empty($_POST['s_spam_notice']) ? 0 : 1; $set['list_users'] = empty($_POST['s_list_users']) ? 0 : 1; $set['debug_mode'] = empty($_POST['s_debug_mode']) ? 0 : 1; $set['short_link'] = empty($_POST['s_short_link']) ? 0 : 1; +$set['select_cat'] = empty($_POST['s_select_cat']) ? 0 : 1; +$set['select_pri'] = empty($_POST['s_select_pri']) ? 0 : 1; /* --> SPAM prevention */ $set['secimg_use'] = empty($_POST['s_secimg_use']) ? 0 : ( hesk_POST('s_secimg_use') == 2 ? 2 : 1); @@ -173,8 +178,7 @@ for ($i=1;$i<=10;$i++) { $set['secimg_sum'] .= substr('AEUYBDGHJLMNPQRSTVWXZ123456789', rand(0,29), 1); } -$set['recaptcha_use'] = empty($_POST['s_recaptcha_use']) ? 0 : 1; -$set['recaptcha_ssl'] = empty($_POST['s_recaptcha_ssl']) ? 0 : 1; +$set['recaptcha_use'] = hesk_checkMinMax( intval( hesk_POST('s_recaptcha_use') ) , 0, 2, 0); $set['recaptcha_public_key'] = hesk_input( hesk_POST('s_recaptcha_public_key') ); $set['recaptcha_private_key'] = hesk_input( hesk_POST('s_recaptcha_private_key') ); $set['question_use'] = empty($_POST['s_question_use']) ? 0 : 1; @@ -188,6 +192,7 @@ if ($set['attempt_limit'] > 0) $set['attempt_limit']++; } $set['attempt_banmin'] = hesk_checkMinMax( intval( hesk_POST('s_attempt_banmin') ) , 5, 99999, 60); +$set['reset_pass'] = empty($_POST['s_reset_pass']) ? 0 : 1; $set['email_view_ticket'] = empty($_POST['s_email_view_ticket']) ? 0 : 1; /* --> Attachments */ @@ -233,7 +238,7 @@ else /*** KNOWLEDGEBASE ***/ /* --> Knowledgebase settings */ -$set['kb_enable'] = empty($_POST['s_kb_enable']) ? 0 : 1; +$set['kb_enable'] = hesk_checkMinMax( intval( hesk_POST('s_kb_enable') ) , 0, 2, 1); $set['kb_wysiwyg'] = empty($_POST['s_kb_wysiwyg']) ? 0 : 1; $set['kb_search'] = empty($_POST['s_kb_search']) ? 0 : ( hesk_POST('s_kb_search') == 2 ? 2 : 1); $set['kb_recommendanswers'] = empty($_POST['s_kb_recommendanswers']) ? 0 : 1; @@ -248,6 +253,7 @@ $set['kb_popart'] = intval( hesk_POST('s_kb_popart') ); // Popular articles on $set['kb_latest'] = intval( hesk_POST('s_kb_latest') ); // Popular articles on main category page $set['kb_index_popart'] = intval( hesk_POST('s_kb_index_popart') ); $set['kb_index_latest'] = intval( hesk_POST('s_kb_index_latest') ); +$set['kb_related'] = intval( hesk_POST('s_kb_related') ); /*** EMAIL ***/ @@ -258,7 +264,7 @@ $set['smtp'] = empty($_POST['s_smtp']) ? 0 : 1; if ($set['smtp']) { // Test SMTP connection - $smtp_OK = hesk_testSMTP(); + $smtp_OK = hesk_testSMTP(true); // If SMTP not working, disable it if ( ! $smtp_OK) @@ -268,7 +274,7 @@ if ($set['smtp']) } else { - $set['smtp_host_name'] = hesk_input( hesk_POST('tmp_smtp_host_name', 'localhost') ); + $set['smtp_host_name'] = hesk_input( hesk_POST('tmp_smtp_host_name', 'mail.domain.com') ); $set['smtp_host_port'] = intval( hesk_POST('tmp_smtp_host_port', 25) ); $set['smtp_timeout'] = intval( hesk_POST('tmp_smtp_timeout', 10) ); $set['smtp_ssl'] = empty($_POST['tmp_smtp_ssl']) ? 0 : 1; @@ -285,8 +291,11 @@ $pop3_OK = true; $set['pop3'] = empty($_POST['s_pop3']) ? 0 : 1; if ($set['pop3']) { + // Get POP3 fetching timeout + $set['pop3_job_wait'] = hesk_checkMinMax( intval( hesk_POST('s_pop3_job_wait') ) , 1, 1440, 15); + // Test POP3 connection - $pop3_OK = hesk_testPOP3(); + $pop3_OK = hesk_testPOP3(true); // If POP3 not working, disable it if ( ! $pop3_OK) @@ -296,6 +305,7 @@ if ($set['pop3']) } else { + $set['pop3_job_wait'] = intval( hesk_POST('s_pop3_job_wait', 15) ); $set['pop3_host_name'] = hesk_input( hesk_POST('tmp_pop3_host_name', 'mail.domain.com') ); $set['pop3_host_port'] = intval( hesk_POST('tmp_pop3_host_port', 110) ); $set['pop3_tls'] = empty($_POST['tmp_pop3_tls']) ? 0 : 1; @@ -351,13 +361,78 @@ if ( ! $set['detect_typos'] || count($set['email_providers']) < 1 ) $set['email_providers'] = count($set['email_providers']) ? "'" . implode("','", $set['email_providers']) . "'" : ''; + +/* --> Notify customer when */ +$set['notify_new'] = empty($_POST['s_notify_new']) ? 0 : 1; +$set['notify_closed'] = empty($_POST['s_notify_closed']) ? 0 : 1; + +// SPAM tags +$set['notify_skip_spam'] = empty($_POST['s_notify_skip_spam']) ? 0 : 1; +$set['notify_spam_tags'] = array(); + +if ( ! empty($_POST['s_notify_spam_tags']) && ! is_array($_POST['s_notify_spam_tags']) ) +{ + $lines = preg_split('/$\R?^/m', $_POST['s_notify_spam_tags']); + + foreach ($lines as $tag) + { + // Remove dangerous tags just as an extra precaution + $tag = str_replace( array(' 50) + { + continue; + } + + // Escape single quotes and backslashes + $set['notify_spam_tags'][] = str_replace( array("\\", "'"), array("\\\\", "\\'"), $tag); // ' + } +} + +if ( count($set['notify_spam_tags']) < 1 ) +{ + $set['notify_skip_spam'] = 0; + $set['notify_spam_tags'] = array('Spam?}','***SPAM***','[SPAM]','SPAM-LOW:','SPAM-MED:'); +} + +$set['notify_spam_tags'] = count($set['notify_spam_tags']) ? "'" . implode("','", $set['notify_spam_tags']) . "'" : ''; + /* --> Other */ $set['strip_quoted'] = empty($_POST['s_strip_quoted']) ? 0 : 1; +$set['eml_req_msg'] = empty($_POST['s_eml_req_msg']) ? 0 : 1; $set['save_embedded'] = empty($_POST['s_save_embedded']) ? 0 : 1; $set['multi_eml'] = empty($_POST['s_multi_eml']) ? 0 : 1; $set['confirm_email'] = empty($_POST['s_confirm_email']) ? 0 : 1; $set['open_only'] = empty($_POST['s_open_only']) ? 0 : 1; +/*** TICKET LIST ***/ + +$set['ticket_list'] = array(); +foreach ($hesk_settings['possible_ticket_list'] as $key => $title) +{ + if ( hesk_POST('s_tl_'.$key, 0) == 1) + { + $set['ticket_list'][] = $key; + } +} + +// We need at least one of these: id, trackid, subject +if ( ! in_array('id', $set['ticket_list']) && ! in_array('trackid', $set['ticket_list']) && ! in_array('subject', $set['ticket_list']) ) +{ + $set['ticket_list'][] = 'trackid'; +} + +$set['ticket_list'] = count($set['ticket_list']) ? "'" . implode("','", $set['ticket_list']) . "'" : 'trackid'; + +/* --> Other */ +$set['updatedformat'] = hesk_checkMinMax( intval( hesk_POST('s_updatedformat') ) , 0, 2, 2); /*** MISC ***/ @@ -368,6 +443,19 @@ $set['daylight'] = empty($_POST['s_daylight']) ? 0 : 1; $set['timeformat'] = hesk_input( hesk_POST('s_timeformat') ) or $set['timeformat'] = 'Y-m-d H:i:s'; /* --> Other */ +$set['ip_whois'] = hesk_input( hesk_POST('s_ip_whois', 'http://whois.domaintools.com/{IP}') ); + +// If no {IP} tag append it to the end +if ( strlen($set['ip_whois']) == 0 ) +{ + $set['ip_whois'] = 'http://whois.domaintools.com/{IP}'; +} +elseif ( strpos($set['ip_whois'], '{IP}') === false ) +{ + $set['ip_whois'] .= '{IP}'; +} + +$set['maintenance_mode']= empty($_POST['s_maintenance_mode']) ? 0 : 1; $set['alink'] = empty($_POST['s_alink']) ? 0 : 1; $set['submit_notice'] = empty($_POST['s_submit_notice']) ? 0 : 1; $set['online'] = empty($_POST['s_online']) ? 0 : 1; @@ -599,19 +687,23 @@ $hesk_settings[\'reply_top\']=' . $set['reply_top'] . '; // --> Features $hesk_settings[\'autologin\']=' . $set['autologin'] . '; $hesk_settings[\'autoassign\']=' . $set['autoassign'] . '; +$hesk_settings[\'custclose\']=' . $set['custclose'] . '; $hesk_settings[\'custopen\']=' . $set['custopen'] . '; $hesk_settings[\'rating\']=' . $set['rating'] . '; $hesk_settings[\'cust_urgency\']=' . $set['cust_urgency'] . '; $hesk_settings[\'sequential\']=' . $set['sequential'] . '; +$hesk_settings[\'time_worked\']=' . $set['time_worked'] . '; +$hesk_settings[\'spam_notice\']=' . $set['spam_notice'] . '; $hesk_settings[\'list_users\']=' . $set['list_users'] . '; $hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . '; $hesk_settings[\'short_link\']=' . $set['short_link'] . '; +$hesk_settings[\'select_cat\']=' . $set['select_cat'] . '; +$hesk_settings[\'select_pri\']=' . $set['select_pri'] . '; // --> SPAM Prevention $hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . '; $hesk_settings[\'secimg_sum\']=\'' . $set['secimg_sum'] . '\'; $hesk_settings[\'recaptcha_use\']=' . $set['recaptcha_use'] . '; -$hesk_settings[\'recaptcha_ssl\']=' . $set['recaptcha_ssl'] . '; $hesk_settings[\'recaptcha_public_key\']=\'' . $set['recaptcha_public_key'] . '\'; $hesk_settings[\'recaptcha_private_key\']=\'' . $set['recaptcha_private_key'] . '\'; $hesk_settings[\'question_use\']=' . $set['question_use'] . '; @@ -621,6 +713,7 @@ $hesk_settings[\'question_ans\']=\'' . $set['question_ans'] . '\'; // --> Security $hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . '; $hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . '; +$hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . '; $hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . '; // --> Attachments @@ -650,6 +743,7 @@ $hesk_settings[\'kb_popart\']=' . $set['kb_popart'] . '; $hesk_settings[\'kb_latest\']=' . $set['kb_latest'] . '; $hesk_settings[\'kb_index_popart\']=' . $set['kb_index_popart'] . '; $hesk_settings[\'kb_index_latest\']=' . $set['kb_index_latest'] . '; +$hesk_settings[\'kb_related\']=' . $set['kb_related'] . '; // ==> EMAIL @@ -669,6 +763,7 @@ $hesk_settings[\'email_piping\']=' . $set['email_piping'] . '; // --> POP3 Fetching $hesk_settings[\'pop3\']=' . $set['pop3'] . '; +$hesk_settings[\'pop3_job_wait\']=' . $set['pop3_job_wait'] . '; $hesk_settings[\'pop3_host_name\']=\'' . $set['pop3_host_name'] . '\'; $hesk_settings[\'pop3_host_port\']=' . $set['pop3_host_port'] . '; $hesk_settings[\'pop3_tls\']=' . $set['pop3_tls'] . '; @@ -684,13 +779,27 @@ $hesk_settings[\'loop_time\']=' . $set['loop_time'] . '; $hesk_settings[\'detect_typos\']=' . $set['detect_typos'] . '; $hesk_settings[\'email_providers\']=array(' . $set['email_providers'] . '); +// --> Notify customer when +$hesk_settings[\'notify_new\']=' . $set['notify_new'] . '; +$hesk_settings[\'notify_skip_spam\']=' . $set['notify_skip_spam'] . '; +$hesk_settings[\'notify_spam_tags\']=array(' . $set['notify_spam_tags'] . '); +$hesk_settings[\'notify_closed\']=' . $set['notify_closed'] . '; + // --> Other $hesk_settings[\'strip_quoted\']=' . $set['strip_quoted'] . '; +$hesk_settings[\'eml_req_msg\']=' . $set['eml_req_msg'] . '; $hesk_settings[\'save_embedded\']=' . $set['save_embedded'] . '; $hesk_settings[\'multi_eml\']=' . $set['multi_eml'] . '; $hesk_settings[\'confirm_email\']=' . $set['confirm_email'] . '; $hesk_settings[\'open_only\']=' . $set['open_only'] . '; +// ==> TICKET LIST + +$hesk_settings[\'ticket_list\']=array(' . $set['ticket_list'] . '); + +// --> Other +$hesk_settings[\'updatedformat\']=\'' . $set['updatedformat'] . '\'; + // ==> MISC @@ -701,6 +810,8 @@ $hesk_settings[\'daylight\']=' . $set['daylight'] . '; $hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\'; // --> Other +$hesk_settings[\'ip_whois\']=\'' . $set['ip_whois'] . '\'; +$hesk_settings[\'maintenance_mode\']=' . $set['maintenance_mode'] . '; $hesk_settings[\'alink\']=' . $set['alink'] . '; $hesk_settings[\'submit_notice\']=' . $set['submit_notice'] . '; $hesk_settings[\'online\']=' . $set['online'] . '; @@ -835,7 +946,7 @@ function hesk_getLanguagesArray($returnArray=0) { $add = 0; } - elseif ( ! preg_match('/\$hesklang\[\'recaptcha_error\'\]/', $tmp) ) + elseif ( ! preg_match('/\$hesklang\[\'ms01\'\]/', $tmp) ) { $add = 0; } From 78e5d1138415f09b2d66c4e56ebd913465dcee93 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 10 Jan 2015 23:58:31 -0500 Subject: [PATCH 03/65] #92 Update admin_submit_ticket --- admin/admin_submit_ticket.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/admin/admin_submit_ticket.php b/admin/admin_submit_ticket.php index a0d347af..9adf7319 100644 --- a/admin/admin_submit_ticket.php +++ b/admin/admin_submit_ticket.php @@ -1,7 +1,7 @@ 3) { - $hesk_error_buffer['priority']=$hesklang['sel_app_priority']; + // If we are showing "Click to select" priority needs to be selected + if ($hesk_settings['select_pri']) + { + $tmpvar['priority'] = -1; + $hesk_error_buffer['priority'] = $hesklang['select_priority']; + } + else + { + $tmpvar['priority'] = 3; + } } $tmpvar['subject'] = hesk_input( hesk_POST('subject') ) or $hesk_error_buffer['subject']=$hesklang['enter_ticket_subject']; @@ -121,6 +131,7 @@ $tmpvar['trackid'] = hesk_createID(); // Log who submitted ticket $tmpvar['history'] = sprintf($hesklang['thist7'], hesk_date(), $_SESSION['name'].' ('.$_SESSION['user'].')'); +$tmpvar['openedby'] = $_SESSION['id']; // Owner $tmpvar['owner'] = 0; @@ -214,7 +225,7 @@ if (count($hesk_error_buffer)!=0) $_SESSION['as_name'] = hesk_POST('name'); $_SESSION['as_email'] = hesk_POST('email'); $_SESSION['as_category'] = hesk_POST('category'); - $_SESSION['as_priority'] = hesk_POST('priority'); + $_SESSION['as_priority'] = $tmpvar['priority']; $_SESSION['as_subject'] = hesk_POST('subject'); $_SESSION['as_message'] = hesk_POST('message'); $_SESSION['as_owner'] = $tmpvar['owner']; @@ -225,7 +236,7 @@ if (count($hesk_error_buffer)!=0) { if ($v['use']) { - $_SESSION["as_$k"] = hesk_POST($k); + $_SESSION["as_$k"] = ($v['type'] == 'checkbox') ? hesk_POST_array($k) : hesk_POST($k); } } From 8d5cfb9128b3c0744ed07f311c6f75bc97e6751d Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 11:45:56 -0500 Subject: [PATCH 04/65] #92 Mostly updated admin_ticket Still need to make some changes per issue #110 --- admin/admin_ticket.php | 442 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 387 insertions(+), 55 deletions(-) diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index ed4fd551..662b416d 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -1,7 +1,7 @@ $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['pcer'].'

    '; + hesk_process_messages($hesk_error_buffer,'admin_ticket.php?track='.$ticket['trackid'].'&Refresh='.rand(10000,99999)); + } + + // Process attachments + if ($hesk_settings['attachments']['use'] && ! empty($attachments) ) + { + foreach ($attachments as $myatt) + { + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`,`type`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."', '1')"); + $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] .','; + } + } + + // Add note to database + $msg = nl2br(hesk_makeURL($msg)); + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` (`ticket`,`who`,`dt`,`message`,`attachments`) VALUES ('".intval($ticket['id'])."','".intval($_SESSION['id'])."',NOW(),'".hesk_dbEscape($msg)."','".hesk_dbEscape($myattachments)."')"); /* Notify assigned staff that a note has been added if needed */ $users = hesk_dbQuery("SELECT `email`, `notify_note` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE (`id`='".intval($ticket['owner'])."' OR (`isadmin` = '1' AND `notify_note_unassigned` = '1')) AND `id` <> '".intval($_SESSION['id'])."'"); @@ -260,6 +406,8 @@ if (isset($_POST['notemsg']) && hesk_token_check('POST')) 'message' => stripslashes($msg), 'dt' => hesk_date($ticket['dt'], true), 'lastchange' => hesk_date($ticket['lastchange'], true), + 'attachments' => $myattachments, + 'id' => $ticket['id'], ); // 2. Add custom fields to the array @@ -289,7 +437,7 @@ if (isset($_POST['notemsg']) && hesk_token_check('POST')) } /* Update time worked */ -if ( ($can_reply || $can_edit) && isset($_POST['h']) && isset($_POST['m']) && isset($_POST['s']) && hesk_token_check('POST')) +if ($hesk_settings['time_worked'] && ($can_reply || $can_edit) && isset($_POST['h']) && isset($_POST['m']) && isset($_POST['s']) && hesk_token_check('POST')) { $h = intval( hesk_POST('h') ); $m = intval( hesk_POST('m') ); @@ -367,7 +515,13 @@ if (isset($_GET['delatt']) && hesk_token_check()) $reply = 0; } - /* Get attachment info */ + $note = intval( hesk_GET('note', 0) ); + if ($note < 1) + { + $note = 0; + } + + /* Get attachment info */ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id`='".intval($att_id)."' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { @@ -394,6 +548,10 @@ if (isset($_GET['delatt']) && hesk_token_check()) hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",','') WHERE `id`='".intval($reply)."' LIMIT 1"); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($ticket['id'])."' LIMIT 1"); } + elseif ($note) + { + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",','') WHERE `id`={$note} LIMIT 1"); + } else { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",',''), `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($ticket['id'])."' LIMIT 1"); @@ -417,7 +575,7 @@ while ($row=hesk_dbFetchAssoc($result)) /* List of users */ $admins = array(); -$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `active` = '1' ORDER BY `id` ASC"); +$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `active` = '1' ORDER BY `name` ASC"); while ($row=hesk_dbFetchAssoc($result)) { /* Is this an administrator? */ @@ -442,9 +600,15 @@ while ($row=hesk_dbFetchAssoc($result)) } /* Get replies */ -$reply = ''; -$result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` " . ($hesk_settings['new_top'] ? 'DESC' : 'ASC') ); -$replies = hesk_dbNumRows($result); +if ($ticket['replies']) +{ + $reply = ''; + $result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` " . ($hesk_settings['new_top'] ? 'DESC' : 'ASC') ); +} +else +{ + $reply = false; +} // Demo mode if ( defined('HESK_DEMO') ) @@ -475,7 +639,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');

  • - +

  • @@ -496,6 +660,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    • +

    • +

  • -

    Delete Note

    +

    <?php echo $hesklang['ednote']; ?> + <?php echo $hesklang['delnote']; ?>

    -

    -

    +
    ' : ''; + + $att = explode(',', substr($note['attachments'], 0, -1) ); + $num = count($att); + foreach ($att as $myatt) + { + list($att_id, $att_name) = explode('#', $myatt); + + // Can edit and delete note (attachments)? + if ($can_del_notes || $note['who'] == $_SESSION['id']) + { + // If this is the last attachment and no message, show "delete ticket" link + if ($num == 1 && strlen($note['message']) == 0) + { + echo ''.$hesklang['dela'].' '; + } + // Show "delete attachment" link + else + { + echo ''.$hesklang['dela'].' '; + } + } + + echo ' + '.$hesklang['dnl'].' '.$att_name.' + '.$att_name.'
    + '; + } + } + ?>
    - From 723170496e01130d3dd714447eef1ba9406a8cdf Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 17:32:42 -0500 Subject: [PATCH 11/65] #92 Update knowledgebase_private --- admin/knowledgebase_private.php | 57 +++++++++++++++++++++++++++++---- 1 file changed, 51 insertions(+), 6 deletions(-) diff --git a/admin/knowledgebase_private.php b/admin/knowledgebase_private.php index 24d23267..52c8759b 100644 --- a/admin/knowledgebase_private.php +++ b/admin/knowledgebase_private.php @@ -1,7 +1,7 @@ @@ -236,7 +236,7 @@ function hesk_show_kb_article($artid) hesk_kb_header($hesk_settings['kb_link'], $article['catid']); // Update views by 1 - hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `views`=`views`+1 WHERE `id`='".intval($artid)."' LIMIT 1"); + hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` SET `views`=`views`+1 WHERE `id`={$artid} LIMIT 1"); echo '

    '.$article['subject'].'

    @@ -258,6 +258,51 @@ function hesk_show_kb_article($artid) echo '

    '; } + // TODO Check how this looks + // Related articles + if ($hesk_settings['kb_related']) + { + require(HESK_PATH . 'inc/mail/email_parser.php'); + + $query = hesk_dbEscape( $article['subject'] . ' ' . convert_html_to_text($article['content']) ); + + // Get relevant articles from the database + $res = hesk_dbQuery("SELECT `id`, `subject`, MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') AS `score` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') LIMIT ".intval($hesk_settings['kb_related']+1)); + + // Array with related articles + $related_articles = array(); + + while ($related = hesk_dbFetchAssoc($res)) + { + // Get base match score from the first (this) article + if ( ! isset($base_score) ) + { + $base_score = $related['score']; + continue; + } + + // Stop when articles reach less than 10% of base score + if ($related['score'] / $base_score < 0.10) + { + break; + } + + // This is a valid related article + $related_articles[$related['id']] = $related['subject']; + } + + // Print related articles if we have any valid matches + if ( count($related_articles) ) + { + echo '
    '.$hesklang['relart'].''; + foreach ($related_articles as $id => $subject) + { + echo ' '.$subject.'
    '; + } + echo '
    '; + } + } + if ($article['catid']==1) { @@ -322,7 +367,7 @@ function hesk_show_kb_category($catid, $is_search = 0) { } } - $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."' LIMIT 1"); + $res = hesk_dbQuery("SELECT `name`,`parent` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."' LIMIT 1"); $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']); if ($thiscat['parent']) @@ -333,7 +378,7 @@ function hesk_show_kb_category($catid, $is_search = 0) {
    '; } - $result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='".intval($catid)."' ORDER BY `parent` ASC, `cat_order` ASC"); + $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='".intval($catid)."' ORDER BY `parent` ASC, `cat_order` ASC"); if (hesk_dbNumRows($result) > 0) { ?> @@ -442,7 +487,7 @@ function hesk_show_kb_category($catid, $is_search = 0) { '.$hesklang['noac'].'

    '; From aadfc573cdc75ab884c1e2b6c12f9e9bb59dd25d Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 17:36:05 -0500 Subject: [PATCH 12/65] #92 Update lock.php --- admin/lock.php | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/admin/lock.php b/admin/lock.php index 26c30c2a..ed03cf36 100644 --- a/admin/lock.php +++ b/admin/lock.php @@ -1,7 +1,7 @@ fetch_assoc(); $statusId = $statusRow['ID']; -hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `status`='{$statusId}',`locked`='{$status}', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `trackid`='".hesk_dbEscape($trackingID)."' LIMIT 1"); +hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `status`='{$statusId}',`locked`='{$status}' $closedby_sql , `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `trackid`='".hesk_dbEscape($trackingID)."' LIMIT 1"); /* Back to ticket page and show a success message */ hesk_process_messages($tmp,'admin_ticket.php?track='.$trackingID.'&Refresh='.rand(10000,99999),'SUCCESS'); From 30cd5b285ec1068c83f975b73375f0c8ea669dda Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 17:41:23 -0500 Subject: [PATCH 13/65] #92 Update mail.php --- admin/mail.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/mail.php b/admin/mail.php index ea056d11..6ff15c02 100644 --- a/admin/mail.php +++ b/admin/mail.php @@ -1,7 +1,7 @@ 1 // Get messages from the database - $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` WHERE `".hesk_dbEscape($hesk_settings['mailtmp']['this'])."`='".intval($_SESSION['id'])."' AND `deletedby`!='".intval($_SESSION['id'])."' ORDER BY `id` DESC LIMIT ".intval($limit_down)." , ".intval($maxresults)." "); + $res = hesk_dbQuery("SELECT `id`, `from`, `to`, `subject`, `dt`, `read` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` WHERE `".hesk_dbEscape($hesk_settings['mailtmp']['this'])."`='".intval($_SESSION['id'])."' AND `deletedby`!='".intval($_SESSION['id'])."' ORDER BY `id` DESC LIMIT ".intval($limit_down)." , ".intval($maxresults)." "); ?> From 73a160771a06c082e8e5c736ffa856f2288f7006 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 18:44:41 -0500 Subject: [PATCH 14/65] #92 Update manage_canned Will add a dropdown to the navigation for ticket templates, rather than tabs --- admin/manage_canned.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/admin/manage_canned.php b/admin/manage_canned.php index cb1a8958..3cd3d6f4 100644 --- a/admin/manage_canned.php +++ b/admin/manage_canned.php @@ -1,7 +1,7 @@ @@ -92,6 +101,7 @@ else {return false;}
      • +
    @@ -112,6 +122,28 @@ else {return false;} />
    +
    + +
    +

    [?]
    +

    + +
    +
    @@ -160,6 +192,41 @@ else {return false;}
    +
    +
    + +

    + + + + + + + + + + +
    :
    :
    + +

    + +

    +
    +
    + + +   + +
    + + + + + + + + +
    » ' . $hesklang['ticket_tpl_man'] . ')' : ''; ?>
    +
    + +     		+ :
    + +
    +
    + + + + +   + + + + ';} else {echo '
    ';} ?>
    - +
    ';} else {echo '
    ';} ?>
    - + + +
    @@ -472,12 +666,19 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); echo '
    />
    +

    From a83a32ec7797419d674f3b5ef77eaa713b4b89ac Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 11 Jan 2015 23:39:22 -0500 Subject: [PATCH 18/65] #92 Update options.php --- admin/options.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/admin/options.php b/admin/options.php index 95d05481..ba42c6ef 100644 --- a/admin/options.php +++ b/admin/options.php @@ -1,7 +1,7 @@ @@ -217,12 +219,18 @@ switch ($type) } text = unescape(text.replace(re_nlchar,\'#HESK#\')); + if (document.getElementById(\'show_select\').checked) + { + text = "{HESK_SELECT}" + text; + } + window.opener.document.getElementById(\'s_'.$id.'_val\').value = text; window.close(); }

    '.$hesklang['opt3'].'

    +

    '; From 688054c7ab21a0b2a6c71df360242fc6889d4c9d Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 00:02:02 -0500 Subject: [PATCH 19/65] #92 Update reports.php --- admin/reports.php | 190 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 143 insertions(+), 47 deletions(-) diff --git a/admin/reports.php b/admin/reports.php index 917b4134..1a111ece 100644 --- a/admin/reports.php +++ b/admin/reports.php @@ -1,7 +1,7 @@ 0" : "`t5`.`staffid` = '" . intval($_SESSION['id']) . "'" ) . " AND DATE(`t5`.`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `t1`.`category`) AS `t4` ON `t1`.`category`=`t4`.`category` - WHERE DATE(`t1`.`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "'" . - ( $can_run_reports_full ? "" : " AND `t1`.`owner` = '" . intval($_SESSION['id']) . "'" ) - ); + $res = hesk_dbQuery("SELECT `category`, COUNT(*) AS `num_tickets`, ".($hesk_settings['time_worked'] ? "SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`," : '')." SUM(`replies`) AS `all_replies`, SUM(staffreplies) AS `staff_replies` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE {$hesk_settings['dt_sql']} " . ( $can_run_reports_full ? "" : " AND `t1`.`owner` = '" . intval($_SESSION['id']) . "'" ) . " GROUP BY `category`"); /* Update ticket values */ while ($row = hesk_dbFetchAssoc($res)) { + if ( ! $hesk_settings['time_worked']) + { + $row['seconds_worked'] = 0; + } + if (isset($cat[$row['category']])) { $tickets[$row['category']]['num_tickets'] += $row['num_tickets']; $tickets[$row['category']]['all_replies'] += $row['all_replies']; $tickets[$row['category']]['staff_replies'] += $row['staff_replies']; - $tickets[$row['category']]['worked'] = hesk_SecondsToHHMMSS($row['seconds_worked']); + $tickets[$row['category']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0; } else { @@ -414,7 +415,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // Get number of resolved tickets - $res = hesk_dbQuery("SELECT COUNT(*) AS `num_tickets` , `category` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) " . ( $can_run_reports_full ? "" : " AND `owner` = '" . intval($_SESSION['id']) . "'" ) . " AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `category`"); + $res = hesk_dbQuery("SELECT COUNT(*) AS `num_tickets` , `category` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) " . ( $can_run_reports_full ? "" : " AND `owner` = '" . intval($_SESSION['id']) . "'" ) . " AND {$hesk_settings['dt_sql']} GROUP BY `category`"); // Update number of open and resolved tickets while ($row = hesk_dbFetchAssoc($res)) @@ -433,10 +434,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // Convert total seconds worked to HH:MM:SS - $totals['worked'] = hesk_SecondsToHHMMSS($totals['worked']); + $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0; if ( isset($tickets[9999]) ) { - $tickets[9999]['worked'] = hesk_SecondsToHHMMSS($tickets[9999]['worked']); + $tickets[9999]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($tickets[9999]['worked']) : 0; } ?> @@ -448,7 +449,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); - + '.$hesklang['ts'].''; + } + ?> - + '.$totals['worked'].''; + } + ?> - + '.$d['worked'].''; + } + ?> - + '.$totals['worked'].''; + } + ?> get list of users - $res = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `id` ASC"); + $res = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `name` ASC"); // -> populate $admins and $tickets arrays while ($row=hesk_dbFetchAssoc($res)) @@ -531,19 +552,24 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // -> get list of tickets - $res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt`, SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins) ) . "') AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `owner`"); + $res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt`".($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '')." FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins) ) . "') AND {$hesk_settings['dt_sql']} GROUP BY `owner`"); // -> update ticket list values while ($row = hesk_dbFetchAssoc($res)) { + if ( ! $hesk_settings['time_worked']) + { + $row['seconds_worked'] = 0; + } + $tickets[$row['owner']]['asstickets'] += $row['cnt']; $totals['asstickets'] += $row['cnt']; - $tickets[$row['owner']]['worked'] = hesk_SecondsToHHMMSS($row['seconds_worked']); + $tickets[$row['owner']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0; $totals['worked'] += $row['seconds_worked']; } // -> get list of resolved tickets - $res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins) ) . "') AND `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `owner`"); + $res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins) ) . "') AND `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) AND {$hesk_settings['dt_sql']} GROUP BY `owner`"); // -> update resolved ticket list values while ($row = hesk_dbFetchAssoc($res)) @@ -553,7 +579,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // -> get number of replies - $res = hesk_dbQuery("SELECT `staffid`, COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `staffid` IN ('" . implode("','", array_keys($admins) ) . "') AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `staffid`"); + $res = hesk_dbQuery("SELECT `staffid`, COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `staffid` IN ('" . implode("','", array_keys($admins) ) . "') AND {$hesk_settings['dt_sql']} GROUP BY `staffid`"); // -> update number of replies values while ($row = hesk_dbFetchAssoc($res)) @@ -571,17 +597,17 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $admins[$_SESSION['id']] = $_SESSION['name']; // -> get list of tickets - $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`, SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "'"); + $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`".($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '')." FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND {$hesk_settings['dt_sql']}"); $row = hesk_dbFetchAssoc($res); // -> update ticket values $tickets[$_SESSION['id']]['asstickets'] = $row['cnt']; $totals['asstickets'] = $row['cnt']; - $tickets[$_SESSION['id']]['worked'] = hesk_SecondsToHHMMSS($row['seconds_worked']); + $tickets[$_SESSION['id']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0; $totals['worked'] += $row['seconds_worked']; // -> get list of resolved tickets - $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND `status`='3' AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "'"); + $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) AND {$hesk_settings['dt_sql']}"); $row = hesk_dbFetchAssoc($res); // -> update resolved ticket values @@ -589,7 +615,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); $totals['resolved'] = $row['cnt']; // -> get number of replies - $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `staffid` = '" . intval($_SESSION['id']) . "' AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "'"); + $res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `staffid` = '" . intval($_SESSION['id']) . "' AND {$hesk_settings['dt_sql']}"); $row = hesk_dbFetchAssoc($res); $tickets[$_SESSION['id']]['tickets'] = $row['tcnt']; @@ -601,7 +627,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // Convert total seconds worked to HH:MM:SS - $totals['worked'] = hesk_SecondsToHHMMSS($totals['worked']); + $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0; ?> @@ -612,7 +638,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); - + '.$hesklang['ts'].''; + } + ?> - + '.$totals['worked'].''; + } + ?> - + '.$d['worked'].''; + } + ?> - + '.$totals['worked'].''; + } + ?>
    @@ -714,7 +765,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); - + '.$hesklang['ts'].''; + } + ?> - + '.$totals['worked'].''; + } + ?> - + '.$d['worked'].''; + } + ?> - + '.$d['worked'].''; + } + ?>
    @@ -778,19 +849,24 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // SQL query for all - $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt`, SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE " . ( $can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'" ) . " AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `mydt`"); + $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt`".($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '')." FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE " . ( $can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'" ) . " AND {$hesk_settings['dt_sql']} GROUP BY `mydt`"); // Update ticket values while ($row = hesk_dbFetchAssoc($res)) { + if ( ! $hesk_settings['time_worked']) + { + $row['seconds_worked'] = 0; + } + $tickets[$row['mydt']]['all'] += $row['cnt']; - $tickets[$row['mydt']]['worked'] = hesk_SecondsToHHMMSS($row['seconds_worked']); + $tickets[$row['mydt']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0; $totals['all'] += $row['cnt']; $totals['worked'] += $row['seconds_worked']; } // SQL query for resolved - $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE " . ( $can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'" ) . " AND `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) AND DATE(`dt`) BETWEEN '" . hesk_dbEscape($date_from) . "' AND '" . hesk_dbEscape($date_to) . "' GROUP BY `mydt`"); + $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE " . ( $can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'" ) . " AND `status` IN (SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsClosed` = 1) AND {$hesk_settings['dt_sql']} GROUP BY `mydt`"); // Update ticket values while ($row = hesk_dbFetchAssoc($res)) @@ -800,7 +876,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); } // Convert total seconds worked to HH:MM:SS - $totals['worked'] = hesk_SecondsToHHMMSS($totals['worked']); + $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0; ?> @@ -809,7 +885,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); - + '.$hesklang['ts'].''; + } + ?> - + '.$totals['worked'].''; + } + ?> - + '.$d['worked'].''; + } + ?> - + '.$totals['worked'].''; + } + ?>
    Date: Mon, 12 Jan 2015 12:48:48 -0500 Subject: [PATCH 20/65] #92 Update change_status.php --- change_status.php | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/change_status.php b/change_status.php index c3b480e6..c773c1d2 100644 --- a/change_status.php +++ b/change_status.php @@ -1,7 +1,7 @@ Date: Mon, 12 Jan 2015 12:49:00 -0500 Subject: [PATCH 21/65] #92 Update common.inc.php --- inc/common.inc.php | 184 ++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 172 insertions(+), 12 deletions(-) diff --git a/inc/common.inc.php b/inc/common.inc.php index 1ba32f78..21e399a7 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -1,7 +1,7 @@ +
    + '; ?> + +
    +
    + NOW( ) THEN 1 ELSE 0 END) AS `banned` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='".hesk_dbEscape($ip)."' LIMIT 1"); + $res = hesk_dbQuery("SELECT `number`, (CASE WHEN `last_attempt` IS NOT NULL AND DATE_ADD(`last_attempt`, INTERVAL ".intval($hesk_settings['attempt_banmin'])." MINUTE ) > NOW() THEN 1 ELSE 0 END) AS `banned` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='".hesk_dbEscape($ip)."' LIMIT 1"); /* Not in the database yet? Add first one and return false */ if (hesk_dbNumRows($res) != 1) @@ -702,6 +768,9 @@ function hesk_process_messages($message,$redirect_to,$type='ERROR') case 'NOTICE': $_SESSION['HESK_NOTICE'] = TRUE; break; + case 'INFO': + $_SESSION['HESK_INFO'] = TRUE; + break; default: $_SESSION['HESK_ERROR'] = TRUE; } @@ -741,6 +810,10 @@ function hesk_handle_messages() { hesk_show_notice($_SESSION['HESK_MESSAGE']); } + elseif ( isset($_SESSION['HESK_INFO']) ) + { + hesk_show_info($_SESSION['HESK_MESSAGE']); + } hesk_cleanSessionVars('HESK_MESSAGE'); } @@ -749,6 +822,7 @@ function hesk_handle_messages() hesk_cleanSessionVars('HESK_ERROR'); hesk_cleanSessionVars('HESK_SUCCESS'); hesk_cleanSessionVars('HESK_NOTICE'); + hesk_cleanSessionVars('HESK_INFO'); // Secondary message if ( isset($_SESSION['HESK_2ND_NOTICE']) && isset($_SESSION['HESK_2ND_MESSAGE']) ) @@ -762,39 +836,55 @@ function hesk_handle_messages() } // END hesk_handle_messages() -function hesk_show_error($message,$title='') { +function hesk_show_error($message,$title='',$append_colon=true) { global $hesk_settings, $hesklang; $title = $title ? $title : $hesklang['error']; + $title = $append_colon ? $title . ':' : $title; ?>
    - : +
    - : +
    - : +

    +
    + + +
    +
    + + + + + + + +
    + + + + - - + --- admin/banned_emails.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/admin/banned_emails.php b/admin/banned_emails.php index 0b9392b0..d6063edd 100644 --- a/admin/banned_emails.php +++ b/admin/banned_emails.php @@ -78,7 +78,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); { echo '
  • - '.$hesklang['banemail'].' + '.$hesklang['banip'].'
    • '; } // Show a link to status_message.php if user has permission to do so @@ -127,7 +127,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
    john@email.com
    - @domain.com + @domain.com
    From a185d1cf8e540a7e23936226b8e8e75a86085cb9 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 23:27:47 -0500 Subject: [PATCH 46/65] #110 Restyled banned_ips --- admin/banned_ips.php | 449 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 449 insertions(+) create mode 100644 admin/banned_ips.php diff --git a/admin/banned_ips.php b/admin/banned_ips.php new file mode 100644 index 00000000..55db2f73 --- /dev/null +++ b/admin/banned_ips.php @@ -0,0 +1,449 @@ + + +
    + +
    + +
    +
    + +
    +
    + +
    + + + +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + 123.0.0.0
    + 123.0.0.1 - 123.0.0.53
    + 123.0.0.0/24
    + 123.0.*.* +
    +
    +
    + = ".intval($hesk_settings['attempt_limit'])." AND `last_attempt` > (NOW() - INTERVAL ".intval($hesk_settings['attempt_banmin'])." MINUTE)"); + $num = hesk_dbNumRows($res); + + echo '

    '.$hesklang['iptemp'].'

    '; + + if ($num > 0) + { + ?> +
    + +

     

    + +
    + +

    +

    + +
    + +

     

    +

     

    +

     

    +

     

    +

     

    + + Date: Mon, 12 Jan 2015 12:49:09 -0500 Subject: [PATCH 22/65] #92 Update email_functions.inc.php --- inc/email_functions.inc.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php index 9470d819..173934ca 100644 --- a/inc/email_functions.inc.php +++ b/inc/email_functions.inc.php @@ -1,7 +1,7 @@ Verify email 'verify_email' => $hesklang['verify_email'], + // --> Ticket closed + 'ticket_closed' => $hesklang['ticket_closed'], + /*** Emails sent to STAFF ***/ @@ -265,6 +268,9 @@ function hesk_validEmails() // --> New note by someone to a ticket assigned to you 'new_note' => $hesklang['new_note'], + // --> Staff password reset email + 'reset_password' => $hesklang['reset_password'], + ); } // END hesk_validEmails() @@ -585,6 +591,7 @@ function hesk_getEmailMessage($eml_file, $ticket, $is_admin=0, $is_ticket=1, $ju $msg = str_replace('%%EMAIL%%', $ticket['email'] ,$msg); $msg = str_replace('%%CREATED%%', $ticket['dt'] ,$msg); $msg = str_replace('%%UPDATED%%', $ticket['lastchange'] ,$msg); + $msg = str_replace('%%ID%%', $ticket['id'] ,$msg); /* All custom fields */ foreach ($hesk_settings['custom_fields'] as $k=>$v) From 520fad4003ae5ccc3871000a29e756d11febf588 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 15:12:00 -0500 Subject: [PATCH 23/65] #92 Update header.inc.php --- inc/header.inc.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/inc/header.inc.php b/inc/header.inc.php index 6f440217..1f5c0364 100644 --- a/inc/header.inc.php +++ b/inc/header.inc.php @@ -1,7 +1,7 @@ - + <?php echo (isset($hesk_settings['tmp_title']) ? $hesk_settings['tmp_title'] : $hesk_settings['hesk_title']); ?> @@ -45,7 +45,7 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); - + @@ -59,7 +59,7 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); - + @@ -127,6 +127,12 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); $onload .= "ss();"; } } + + // Use ReCaptcha API v2? + if (defined('RECAPTCHA')) + { + echo ''; + } ?> From 53b86d2dbb175ee7df7b4373b44c610ca21af143 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 15:12:12 -0500 Subject: [PATCH 24/65] #92 Update knowledgebase_functions.inc.php --- inc/knowledgebase_functions.inc.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/inc/knowledgebase_functions.inc.php b/inc/knowledgebase_functions.inc.php index 1796c358..87068dca 100644 --- a/inc/knowledgebase_functions.inc.php +++ b/inc/knowledgebase_functions.inc.php @@ -1,7 +1,7 @@ Date: Mon, 12 Jan 2015 15:27:05 -0500 Subject: [PATCH 25/65] #92 Update print_tickets.inc.php --- inc/print_tickets.inc.php | 49 +++++++++++++++++++++++++++++++++++---- 1 file changed, 44 insertions(+), 5 deletions(-) diff --git a/inc/print_tickets.inc.php b/inc/print_tickets.inc.php index b6204a27..1605a249 100644 --- a/inc/print_tickets.inc.php +++ b/inc/print_tickets.inc.php @@ -1,7 +1,7 @@ $v) +{ + if ($v['use']) + { + $sql_final .= ", `".$k."`"; + } +} + +$sql_final.= " FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE "; // This code will be used to count number of results $sql_count = "SELECT COUNT(*) FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE "; @@ -87,11 +122,15 @@ while ($row = $results->fetch_assoc()) } $status = $possible_status; -foreach ($status as $k => $v) +// Process statuses unless overridden with "s_all" variable +if ( ! hesk_GET('s_all') ) { - if (empty($_GET['s'.$k])) + foreach ($status as $k => $v) { - unset($status[$k]); + if (empty($_GET['s' . $k])) + { + unset($status[$k]); + } } } From cd879f9898f168caae7cf94ccbd4c031b61eeaa5 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 15:27:31 -0500 Subject: [PATCH 26/65] #92 Update show_admin_nav.inc.php --- inc/show_admin_nav.inc.php | 58 ++++++++++++++++++++++++++++++++------ 1 file changed, 49 insertions(+), 9 deletions(-) diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php index 69b1546f..b85bc7a6 100644 --- a/inc/show_admin_nav.inc.php +++ b/inc/show_admin_nav.inc.php @@ -1,7 +1,7 @@     		- - - - - - - - - - + '; + + if ($column == 3) + { + echo ''; + $column = 1; + } + else + { + $column++; + } + } + + // End table if needed + if ($column == 3) + { + echo ''; + } + elseif ($column == 2) + { + echo ''; + } + ?>
     
    '; + } + else + { + echo ''; + } + + echo '
     
      
    :   + :   @@ -261,8 +307,8 @@ $more2 = empty($_GET['more2']) ? 0 : 1; - - + - - + + - - + - - + + + + + + + + + '; + + // Print sequential ID and link it to the ticket page + if ( hesk_show_column('id') ) + { + echo ''; + } + + // Print tracking ID and link it to the ticket page + if ( hesk_show_column('trackid') ) + { + echo ''; + } + + // Print date submitted + if ( hesk_show_column('dt') ) + { + switch ($hesk_settings['updatedformat']) + { + case 1: + $ticket['dt'] = hesk_formatDate($ticket['dt']); + break; + case 2: + $ticket['dt'] = hesk_time_lastchange($ticket['dt']); + break; + default: + $ticket['dt'] = hesk_time_since( strtotime($ticket['dt']) ); + } + echo ''; + } + + // Print last modified + if ( hesk_show_column('lastchange') ) { - $ticket['repliername'] = isset($admins[$ticket['replierid']]) ? $admins[$ticket['replierid']] : $hesklang['staff']; - } - else - { - $ticket['repliername'] = $ticket['name']; + switch ($hesk_settings['updatedformat']) + { + case 1: + $ticket['lastchange'] = hesk_formatDate($ticket['lastchange']); + break; + case 2: + $ticket['lastchange'] = hesk_time_lastchange($ticket['lastchange']); + break; + default: + $ticket['lastchange'] = hesk_time_since( strtotime($ticket['lastchange']) ); + } + echo ''; } - $ticket['archive'] = !($ticket['archive']) ? $hesklang['no'] : $hesklang['yes']; + // Print ticket category + if ( hesk_show_column('category') ) + { + $ticket['category'] = isset($hesk_settings['categories'][$ticket['category']]) ? $hesk_settings['categories'][$ticket['category']] : $hesklang['catd']; + echo ''; + } - $ticket['message'] = $first_line . substr(strip_tags($ticket['message']),0,200).'...'; - + // Print customer name + if ( hesk_show_column('name') ) + { + echo ''; + } - echo << - - - - - - - - - + // Print customer email + if ( hesk_show_column('email') ) + { + echo ''; + } -EOC; + // Print subject and link to the ticket page + if ( hesk_show_column('subject') ) + { + echo ''; + } + + // Print ticket status + if ( hesk_show_column('status') ) + { + $statusName = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ShortNameContentKey`, `TextColor` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE ID = ".$ticket['status'])); + $ticket['status']=''.$hesklang[$statusName['ShortNameContentKey']].''; + echo ''; + } + + // Print ticket owner + if ( hesk_show_column('owner') ) + { + if ($ticket['owner']) + { + $ticket['owner'] = isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : $hesklang['unas']; + } + else + { + $ticket['owner'] = $hesklang['unas']; + } + echo ''; + } + + // Print number of all replies + if ( hesk_show_column('replies') ) + { + echo ''; + } + + // Print number of staff replies + if ( hesk_show_column('staffreplies') ) + { + echo ''; + } + + // Print last replier + if ( hesk_show_column('lastreplier') ) + { + if ($ticket['lastreplier']) + { + $ticket['repliername'] = isset($admins[$ticket['replierid']]) ? $admins[$ticket['replierid']] : $hesklang['staff']; + } + else + { + $ticket['repliername'] = $ticket['name']; + } + echo ''; + } + + // Print time worked + if ( hesk_show_column('time_worked') ) + { + echo ''; + } + + // Print custom fields + foreach ($hesk_settings['custom_fields'] as $key => $value) + { + if ($value['use'] && hesk_show_column($key) ) + echo ''; + } + + // End ticket row + echo ' + + '; } // End while ?>
    :   + :  
    :  
    		:  
    :   + :   |
    :   + :  
    () @@ -386,6 +432,27 @@ $more2 = empty($_GET['more2']) ? 0 : 1;
    :   + +
    :   From 1c2e2cf483066d83941a981853be8a1372a486df Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 21:00:20 -0500 Subject: [PATCH 28/65] #92 Update ticket_list --- inc/ticket_list.inc.php | 242 +++++++++++++++++++++++++++++++++------- 1 file changed, 201 insertions(+), 41 deletions(-) diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php index 32c32b8e..0109dbf6 100644 --- a/inc/ticket_list.inc.php +++ b/inc/ticket_list.inc.php @@ -1,7 +1,7 @@ 0) while ($ticket=hesk_dbFetchAssoc($result)) { + // Are we grouping tickets? if ($group) { require(HESK_PATH . 'inc/print_group.inc.php'); @@ -284,15 +285,7 @@ if ($total > 0) $first_line = $hesklang['taso3'] . ' ' . $admins[$ticket['owner']] . " \n\n"; } - $tagged = ''; - if ($ticket['archive']) - { - $tagged = ' '; - } - - $statusName = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ShortNameContentKey`, `TextColor` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE ID = ".$ticket['status'])); - $ticket['status']=''.$hesklang[$statusName['ShortNameContentKey']].''; - + // Prepare ticket priority switch ($ticket['priority']) { case 0: @@ -310,35 +303,151 @@ if ($total > 0) $ticket['priority']=''; } - $ticket['lastchange']=hesk_time_since(strtotime($ticket['lastchange'])); + // Set message (needed for row title) + $ticket['message'] = $first_line . substr(strip_tags($ticket['message']),0,200).'...'; - if ($ticket['lastreplier']) + // Start ticket row + echo ' +
     '.$ticket['id'].''.$ticket['trackid'].''.$ticket['dt'].''.$ticket['lastchange'].''.$ticket['category'].''.$ticket['name'].' $ticket[trackid]$ticket[lastchange]$ticket[name]$tagged$owner$ticket[subject]$ticket[status] $ticket[repliername]$ticket[priority] 
    '.$hesklang['clickemail'].''.($ticket['archive'] ? ''.$hesklang['archived'].' ' : '').$owner.''.$ticket['subject'].''.$ticket['status'].' '.$ticket['owner'].''.$ticket['replies'].''.$ticket['staffreplies'].''.$ticket['repliername'].''.$ticket['time_worked'].''.$ticket[$key].''.$ticket['priority'].' 
    @@ -349,7 +458,11 @@ EOC;
    - - - - - - + ' . $hesk_settings['possible_ticket_list'][$field] . ''; + } + ?> @@ -492,3 +605,50 @@ function hesk_time_since($original) } return $print; } // END hesk_time_since() + + +function hesk_time_lastchange($original) +{ + global $hesk_settings, $hesklang; + + // Save time format setting so we can restore it later + $copy = $hesk_settings['timeformat']; + + // We need this time format for this function + $hesk_settings['timeformat'] = 'Y-m-d H:i:s'; + + // Get HESK time-adjusted start of today if not already + if ( ! defined('HESK_TIME_TODAY') ) + { + // Adjust for HESK time and define constants for alter use + define('HESK_TIME_TODAY', date('Y-m-d 00:00:00', hesk_date(NULL, false, false, false) ) ); + define('HESK_TIME_YESTERDAY', date('Y-m-d 00:00:00', strtotime(HESK_TIME_TODAY)-86400) ) ; + } + + // Adjust HESK time difference and get day name + $ticket_time = hesk_date($original, true); + + if ($ticket_time >= HESK_TIME_TODAY) + { + // For today show HH:MM + $day = substr($ticket_time, 11, 5); + } + elseif ($ticket_time >= HESK_TIME_YESTERDAY) + { + // For yesterday show word "Yesterday" + $day = $hesklang['r2']; + } + else + { + // For other days show DD MMM YY + list($y, $m, $d) = explode('-', substr($ticket_time, 0, 10) ); + $day = '' . $d . ' ' . $hesklang['ms'.$m] . ' ' . substr($y, 2) . ''; + } + + // Restore original time format setting + $hesk_settings['timeformat'] = $copy; + + // Return value to display + return $day; + +} // END hesk_time_lastchange() \ No newline at end of file From ff0ca2c99eeaa38524b2ea7a6081eb3f2420e1e7 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 21:44:27 -0500 Subject: [PATCH 29/65] #92 Update root index.php --- index.php | 156 ++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 135 insertions(+), 21 deletions(-) diff --git a/index.php b/index.php index 27d6349c..33d2862f 100644 --- a/index.php +++ b/index.php @@ -1,7 +1,7 @@ $v) + { + if ($v['use'] && isset($_REQUEST[$k]) ) + { + $_SESSION['c_'.$k] = $_REQUEST[$k]; + } + } + + + // Variables for coloring the fields in case of errors if ( ! isset($_SESSION['iserror'])) { $_SESSION['iserror'] = array(); @@ -82,13 +140,19 @@ function print_add_ticket() $_SESSION['isnotice'] = array(); } - if ( ! isset($_SESSION['c_category'])) +if ( ! isset($_SESSION['c_category']) && ! $hesk_settings['select_cat']) { $_SESSION['c_category'] = 0; } hesk_cleanSessionVars('already_submitted'); + // Tell header to load reCaptcha API if needed + if ($hesk_settings['recaptcha_use'] == 2) + { + define('RECAPTCHA',1); + } + // Print header $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['submit_ticket']; require_once(HESK_PATH . 'inc/header.inc.php'); @@ -135,7 +199,7 @@ function print_add_ticket()
    - placeholder="" /> + placeholder="" />
    - placeholder="" /> + placeholder="" />
    @@ -187,6 +245,12 @@ function print_add_ticket()
    > + '.$hesklang['select'].''; + } + ?> @@ -288,12 +359,19 @@ function print_add_ticket() echo '
    '; - $options = explode('#HESK#',$v['value']); + // Show "Click to select"? + $v['value'] = str_replace('{HESK_SELECT}', '', $v['value'], $num); + if ($num) + { + echo ''; + } + + + $options = explode('#HESK#',$v['value']); foreach ($options as $option) { - if (strlen($k_value) == 0 || $k_value == $option) + if ($k_value == $option) { $k_value = $option; $selected = 'selected="selected"'; @@ -598,7 +684,7 @@ function print_add_ticket() foreach ($options as $option) { - if (strlen($k_value) == 0 || $k_value == $option) + if ($k_value == $option) { $k_value = $option; $selected = 'selected="selected"'; @@ -715,7 +801,7 @@ function print_add_ticket() echo ' '.$hesklang['vrfy']; } // Not verified yet, should we use Recaptcha? - elseif ($hesk_settings['recaptcha_use']) + elseif ($hesk_settings['recaptcha_use'] == 1) { ?> +
    + + + + + +
    @@ -814,10 +914,12 @@ function print_start() if ($hesk_settings['kb_enable']) { require(HESK_PATH . 'inc/knowledgebase_functions.inc.php'); - hesk_load_database_functions(); - hesk_dbConnect(); } + // Connect to database + hesk_load_database_functions(); + hesk_dbConnect(); + /* Print header */ require_once(HESK_PATH . 'inc/header.inc.php'); @@ -861,6 +963,13 @@ function print_start()
    $hesklang['open'], From a09551cc751b08f2d1abc6f0c41018de973ceec0 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 22:11:13 -0500 Subject: [PATCH 30/65] #92 Update install.php --- install/install.php | 310 +++++++++++++++++++++++++++++--------------- 1 file changed, 205 insertions(+), 105 deletions(-) diff --git a/install/install.php b/install/install.php index bf31bbb1..f516c62b 100644 --- a/install/install.php +++ b/install/install.php @@ -1,7 +1,7 @@ Banned emails + hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_emails` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `email` varchar(255) NOT NULL, + `banned_by` smallint(5) unsigned NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (`id`), + KEY `email` (`email`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 +"); + +// -> Banned IPs + hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_ips` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `ip_from` int(10) unsigned NOT NULL DEFAULT '0', + `ip_to` int(10) unsigned NOT NULL DEFAULT '0', + `ip_display` varchar(100) NOT NULL, + `banned_by` smallint(5) unsigned NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 +"); + // -> Categories hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ( `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, - `name` varchar(60) NOT NULL DEFAULT '', + `name` varchar(60) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `cat_order` smallint(5) unsigned NOT NULL DEFAULT '0', - `autoassign` enum('0','1') NOT NULL DEFAULT '1', - `type` enum('0','1') NOT NULL DEFAULT '0', + `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3', PRIMARY KEY (`id`), KEY `type` (`type`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); // ---> Insert default category -hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` (`id`, `name`, `cat_order`, `autoassign`, `type`) VALUES (1, 'General', 10, '1', '0')"); +hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` (`id`, `name`, `cat_order`) VALUES (1, 'General', 10)"); // -> KB Articles hesk_dbQuery(" @@ -236,22 +269,22 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` ( `catid` smallint(5) unsigned NOT NULL, `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, `author` smallint(5) unsigned NOT NULL, - `subject` varchar(255) NOT NULL, - `content` mediumtext NOT NULL, - `keywords` mediumtext NOT NULL, + `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL, + `content` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `keywords` mediumtext COLLATE utf8_unicode_ci NOT NULL, `rating` float NOT NULL DEFAULT '0', `votes` mediumint(8) unsigned NOT NULL DEFAULT '0', `views` mediumint(8) unsigned NOT NULL DEFAULT '0', - `type` enum('0','1','2') NOT NULL DEFAULT '0', - `html` enum('0','1') NOT NULL DEFAULT '0', - `sticky` enum('0','1') NOT NULL DEFAULT '0', + `type` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `html` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `sticky` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', `art_order` smallint(5) unsigned NOT NULL DEFAULT '0', - `history` mediumtext NOT NULL, - `attachments` mediumtext NOT NULL, + `history` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`), KEY `catid` (`catid`), - KEY `type` (`type`), KEY `sticky` (`sticky`), + KEY `type` (`type`), FULLTEXT KEY `subject` (`subject`,`content`,`keywords`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); @@ -260,8 +293,8 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` ( hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_attachments` ( `att_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, - `saved_name` varchar(255) NOT NULL DEFAULT '', - `real_name` varchar(255) NOT NULL DEFAULT '', + `saved_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `real_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `size` int(10) unsigned NOT NULL DEFAULT '0', PRIMARY KEY (`att_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci @@ -271,13 +304,13 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_attachments` ( hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` ( `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, - `name` varchar(255) NOT NULL, + `name` varchar(255) COLLATE utf8_unicode_ci NOT NULL, `parent` smallint(5) unsigned NOT NULL, `articles` smallint(5) unsigned NOT NULL DEFAULT '0', `articles_private` smallint(5) unsigned NOT NULL DEFAULT '0', `articles_draft` smallint(5) unsigned NOT NULL DEFAULT '0', `cat_order` smallint(5) unsigned NOT NULL, - `type` enum('0','1') NOT NULL, + `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', PRIMARY KEY (`id`), KEY `type` (`type`), KEY `parent` (`parent`) @@ -285,12 +318,12 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` ( "); // ---> Insert default KB category -hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` (`id`, `name`, `parent`, `articles`, `cat_order`, `type`) VALUES (1, 'Knowledgebase', 0, 0, 10, '0')"); +hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` (`id`, `name`, `parent`, `cat_order`, `type`) VALUES (1, 'Knowledgebase', 0, 10, '0')"); // -> Login attempts hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` ( - `ip` varchar(46) NOT NULL, + `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL, `number` tinyint(3) unsigned NOT NULL DEFAULT '1', `last_attempt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, UNIQUE KEY `ip` (`ip`) @@ -303,14 +336,14 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `from` smallint(5) unsigned NOT NULL, `to` smallint(5) unsigned NOT NULL, - `subject` varchar(255) NOT NULL, - `message` mediumtext NOT NULL, - `dt` datetime NOT NULL, - `read` enum('0','1') NOT NULL DEFAULT '0', + `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL, + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', `deletedby` smallint(5) unsigned NOT NULL DEFAULT '0', PRIMARY KEY (`id`), - KEY `to` (`to`,`read`,`deletedby`), - KEY `from` (`from`) + KEY `from` (`from`), + KEY `to` (`to`,`read`,`deletedby`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); @@ -318,7 +351,7 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` ( hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (1, 9999, 1, 'Rate this script', '
    \r\n\r\n

    Enjoy using HESK? Please let others know!

    \r\n\r\n

    You are invited to rate HESK or even write a short review here:
     
    \"\" Rate this script @ Hot Scripts
     
    \"\" Rate this script @ The PHP Resource Index

    \r\n\r\n

    Thank you,
     
    Klemen,
    \r\nwww.hesk.com\r\n\r\n

     

    ', NOW(), '0', 9999)"); // ---> Insert welcome email -hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (2, 9999, 1, 'Welcome to HESK!', '
    \r\n\r\n

    Congratulations for installing HESK, a lightweight and easy-to-use ticket support system!

    \r\n\r\n

    I am sure you are eager to use your HESK™ helpdesk to improve your customer support and reduce your workload, so check the rest of this message for some quick "Getting Started" tips.

    \r\n\r\n

    Once you have learned the power of HESK™, please consider supporting its future enhancement by purchasing an inexpensive license. Having a site license will remove the "Powered by Help Desk Software HESK" links from the bottom of your screens to make it look even more professional.

    \r\n\r\n

    Enjoy using HESK™ - and I value receiving your constructive feedback and feature suggestions.

    \r\n\r\n

    Klemen Stirn,
    \r\nHESK owner and author
    \r\nwww.hesk.com\r\n\r\n

     

    \r\n\r\n

    *** Quick "Getting Started" Tips ***

    \r\n\r\n
      \r\n
    • Click the profile link to set your Profile name, e-mail, signature, and *CHANGE YOUR PASSWORD*.
       
      • \r\n
    • Click the settings link in the top menu to get to the Settings page. Take some time and get familiar with all the available settings. Most should be self-explanatory; for additional information about each setting, click the [?] link for help about the current setting.
       
      • \r\n
    • Create new staff accounts on the Users page. The default user (Administrator) cannot be deleted, but you can change the password on the Profile page.
       
      • \r\n
    • Add new categories (departments) on the Categories page. The default category cannot be deleted, but it can be renamed.
       
      • \r\n
    • Use the integrated Knowledgebase - it is one of the most powerful support tools as it gives self-help resources to your customers. A comprehensive and well-written knowledgebase can drastically reduce the number of support tickets you receive and save a lot of your time in the long run. Arrange answers to frequently asked questions and articles into categories.
       
      • \r\n
    • Create canned responses on the Canned Responses page. These are pre-written replies to common support questions. However, you should also contribute by adding answers to other typical questions in the Knowledgebase.
       
      • \r\n
    • Subscribe to the HESK Newsletter to be notified of updates and new versions.
       
      • \r\n
    • Buy a license to remove the "Powered by Help Desk Software HESK" links from the bottom of your help desk.
       
    \r\n\r\n
    ', NOW(), '0', 9999)"); +hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (2, 9999, 1, 'Welcome to HESK! Here are some quick tips...', '

    HESK quick "Getting Started" tips:
     

    \r\n\r\n
      \r\n
    1. Click the Profile link to set your name, email, signature and password.
       
      2. \r\n
    2. Click the Settings link in the top menu to get to the Settings page. For additional information about each setting, click the [?] link.
       
      3. \r\n
    3. Add new categories (departments) on the Categories page. The default category cannot be deleted, but it can be renamed.
       
      4. \r\n
    4. Create new staff accounts on the Users page. You can give them unlimited (Administrator) or restricted (Staff) access.
       
      5. \r\n
    5. Use the integrated Knowledgebase. A comprehensive and well-written knowledgebase can drastically reduce the number of support tickets you receive and save a lot of your time in the long run.
       
      6. \r\n
    6. You can create response and new ticket templates on the Canned page.
       
      7. \r\n
    7. Subscribe to the HESK Newsletter to be notified of updates and new versions.
       
      8. \r\n
    8. You should follow HESK on Twitter here.
       
      9. \r\n
    9. To remove the "Powered by Help Desk Software HESK" links from the bottom of your help desk buy a license here.
       
    \r\n\r\n

    Enjoy using HESK and please feel free to share your constructive feedback and feature suggestions.

    \r\n\r\n

    Klemen Stirn
    \r\nHESK owner and author
    \r\nwww.hesk.com', NOW(), '0', 9999)"); // -> Notes hesk_dbQuery(" @@ -326,8 +359,9 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, `ticket` mediumint(8) unsigned NOT NULL, `who` smallint(5) unsigned NOT NULL, - `dt` datetime NOT NULL, - `message` mediumtext NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`), KEY `ticketid` (`ticket`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci @@ -347,9 +381,9 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."online` ( // -> Pipe loops hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."pipe_loops` ( - `email` varchar(255) NOT NULL, + `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL, `hits` smallint(1) unsigned NOT NULL DEFAULT '0', - `message_hash` char(32) NOT NULL, + `message_hash` char(32) COLLATE utf8_unicode_ci NOT NULL, `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, KEY `email` (`email`,`hits`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci @@ -360,24 +394,67 @@ hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, `replyto` mediumint(8) unsigned NOT NULL DEFAULT '0', - `name` varchar(50) NOT NULL DEFAULT '', - `message` mediumtext NOT NULL, - `dt` datetime DEFAULT NULL, - `attachments` mediumtext, + `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `attachments` mediumtext COLLATE utf8_unicode_ci, `staffid` smallint(5) unsigned NOT NULL DEFAULT '0', - `rating` enum('0','1','5') NOT NULL DEFAULT '0', - `read` enum('0','1') NOT NULL DEFAULT '0', + `rating` enum('1','5') COLLATE utf8_unicode_ci DEFAULT NULL, + `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', PRIMARY KEY (`id`), - KEY `replyto` (`replyto`) + KEY `replyto` (`replyto`), + KEY `dt` (`dt`), + KEY `staffid` (`staffid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); +// -> Reply drafts +hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."reply_drafts` ( + `owner` smallint(5) unsigned NOT NULL, + `ticket` mediumint(8) unsigned NOT NULL, + `message` mediumtext CHARACTER SET utf8 NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + KEY `owner` (`owner`), + KEY `ticket` (`ticket`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci +"); + +// -> Reset password + hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` ( + `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, + `user` smallint(5) unsigned NOT NULL, + `hash` char(40) NOT NULL, + `ip` varchar(45) NOT NULL, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (`id`), + KEY `user` (`user`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8; +"); + +// -> Service messages + hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `author` smallint(5) unsigned NOT NULL, + `title` varchar(255) COLLATE utf8_unicode_ci NOT NULL, + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `style` enum('0','1','2','3','4') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `order` smallint(5) unsigned NOT NULL DEFAULT '0', + PRIMARY KEY (`id`), + KEY `type` (`type`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; +"); + // -> Canned Responses hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` ( `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, - `title` varchar(100) NOT NULL DEFAULT '', - `message` mediumtext NOT NULL, + `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, `reply_order` smallint(5) unsigned NOT NULL DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci @@ -387,80 +464,104 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` ( hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, - `trackid` varchar(13) NOT NULL, - `name` varchar(50) NOT NULL DEFAULT '', - `email` varchar(255) NOT NULL DEFAULT '', + `trackid` varchar(13) COLLATE utf8_unicode_ci NOT NULL, + `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `email` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `category` smallint(5) unsigned NOT NULL DEFAULT '1', - `priority` enum('0','1','2','3') NOT NULL DEFAULT '3', - `subject` varchar(70) NOT NULL DEFAULT '', - `message` mediumtext NOT NULL, - `dt` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3', + `subject` varchar(70) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `dt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00', `lastchange` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - `ip` varchar(46) NOT NULL DEFAULT '', - `language` varchar(50) DEFAULT NULL, - `status` enum('0','1','2','3','4','5') NOT NULL DEFAULT '0', + `firstreply` timestamp NULL DEFAULT NULL, + `closedat` timestamp NULL DEFAULT NULL, + `articles` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL, + `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL, + `status` enum('0','1','2','3','4','5') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `openedby` smallint(5) unsigned DEFAULT '0', + `firstreplyby` smallint(5) unsigned DEFAULT NULL, + `closedby` smallint(5) unsigned DEFAULT NULL, + `replies` smallint(5) unsigned NOT NULL DEFAULT '0', + `staffreplies` smallint(5) unsigned NOT NULL DEFAULT '0', `owner` smallint(5) unsigned NOT NULL DEFAULT '0', `time_worked` time NOT NULL DEFAULT '00:00:00', - `lastreplier` enum('0','1') NOT NULL DEFAULT '0', + `lastreplier` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', `replierid` smallint(5) unsigned DEFAULT NULL, - `archive` enum('0','1') NOT NULL DEFAULT '0', - `locked` enum('0','1') NOT NULL DEFAULT '0', - `attachments` mediumtext NOT NULL, - `merged` mediumtext NOT NULL, - `history` mediumtext NOT NULL, - `custom1` mediumtext NOT NULL, - `custom2` mediumtext NOT NULL, - `custom3` mediumtext NOT NULL, - `custom4` mediumtext NOT NULL, - `custom5` mediumtext NOT NULL, - `custom6` mediumtext NOT NULL, - `custom7` mediumtext NOT NULL, - `custom8` mediumtext NOT NULL, - `custom9` mediumtext NOT NULL, - `custom10` mediumtext NOT NULL, - `custom11` mediumtext NOT NULL, - `custom12` mediumtext NOT NULL, - `custom13` mediumtext NOT NULL, - `custom14` mediumtext NOT NULL, - `custom15` mediumtext NOT NULL, - `custom16` mediumtext NOT NULL, - `custom17` mediumtext NOT NULL, - `custom18` mediumtext NOT NULL, - `custom19` mediumtext NOT NULL, - `custom20` mediumtext NOT NULL, + `archive` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `locked` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `merged` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `history` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom1` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom2` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom3` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom4` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom5` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom6` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom7` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom8` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom9` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom10` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom11` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom12` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom13` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom14` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom15` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom16` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom17` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom18` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom19` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `custom20` mediumtext COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`), KEY `trackid` (`trackid`), KEY `archive` (`archive`), KEY `categories` (`category`), KEY `statuses` (`status`), - KEY `owner` (`owner`) + KEY `owner` (`owner`), + KEY `openedby` (`openedby`,`firstreplyby`,`closedby`), + KEY `dt` (`dt`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); +// -> Ticket templates + hesk_dbQuery(" +CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `message` mediumtext COLLATE utf8_unicode_ci NOT NULL, + `tpl_order` smallint(5) unsigned NOT NULL DEFAULT '0', + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci +"); + // -> Users hesk_dbQuery(" CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ( `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, - `user` varchar(20) NOT NULL DEFAULT '', - `pass` char(40) NOT NULL, - `isadmin` enum('0','1') NOT NULL DEFAULT '0', - `name` varchar(50) NOT NULL DEFAULT '', - `email` varchar(255) NOT NULL DEFAULT '', - `signature` varchar(255) NOT NULL DEFAULT '', - `language` varchar(50) DEFAULT NULL, - `categories` varchar(255) NOT NULL DEFAULT '', - `afterreply` enum('0','1','2') NOT NULL DEFAULT '0', - `autostart` enum('0','1') NOT NULL DEFAULT '1', - `notify_new_unassigned` enum('0','1') NOT NULL DEFAULT '1', - `notify_new_my` enum('0','1') NOT NULL DEFAULT '1', - `notify_reply_unassigned` enum('0','1') NOT NULL DEFAULT '1', - `notify_reply_my` enum('0','1') NOT NULL DEFAULT '1', - `notify_assigned` enum('0','1') NOT NULL DEFAULT '1', - `notify_pm` enum('0','1') NOT NULL DEFAULT '1', - `notify_note` enum('0','1') NOT NULL DEFAULT '1', - `default_list` varchar(255) NOT NULL DEFAULT '', - `autoassign` enum('0','1') NOT NULL DEFAULT '1', - `heskprivileges` mediumtext NOT NULL, + `user` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `pass` char(40) COLLATE utf8_unicode_ci NOT NULL, + `isadmin` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `signature` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL, + `categories` varchar(500) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `afterreply` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0', + `autostart` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_customer_new` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_customer_reply` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `show_suggested` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_new_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_new_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_reply_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_reply_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_assigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_pm` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `notify_note` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `default_list` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', + `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1', + `heskprivileges` varchar(1000) COLLATE utf8_unicode_ci DEFAULT NULL, `ratingneg` mediumint(8) unsigned NOT NULL DEFAULT '0', `ratingpos` mediumint(8) unsigned NOT NULL DEFAULT '0', `rating` float NOT NULL DEFAULT '0', @@ -470,7 +571,7 @@ CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ( ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci "); -hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."users` (`id`, `user`, `pass`, `isadmin`, `name`, `email`, `signature`, `heskprivileges`) VALUES (1, '".hesk_dbEscape($_SESSION['admin_user'])."', '".hesk_dbEscape($_SESSION['admin_hash'])."', '1', 'Your name', 'you@me.com', 'Sincerely,\r\n\r\nYour name\r\nYour website\r\nhttp://www.yourwebsite.com', '')"); + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."users` (`id`, `user`, `pass`, `isadmin`, `name`, `email`, `heskprivileges`) VALUES (1, '".hesk_dbEscape($_SESSION['admin_user'])."', '".hesk_dbEscape($_SESSION['admin_hash'])."', '1', 'Your name', 'you@me.com', '')"); return true; @@ -512,11 +613,10 @@ function hesk_iSaveSettings() } $set['debug_mode'] = 0; - $set['email_providers'] = count($set['email_providers']) ? "'" . implode("','", $set['email_providers']) . "'" : ''; + $set['notify_spam_tags'] = count($set['notify_spam_tags']) ? "'" . implode("','", $set['notify_spam_tags']) . "'" : ''; - // Check if PHP version is 5.2.3+ and MySQL is 5.0.7+ - $res = hesk_dbQuery('SELECT VERSION() AS version'); - $set['db_vrsn'] = (version_compare(PHP_VERSION, '5.2.3') >= 0 && version_compare( hesk_dbResult($res) , '5.0.7') >= 0) ? 1 : 0; + // Check if PHP version is 5.2.3+ + $set['db_vrsn'] = (version_compare(PHP_VERSION, '5.2.3') >= 0) ? 1 : 0; hesk_iSaveSettingsFile($set); From cf680463f38165c2086fc06128383e52e427bdb9 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 22:24:09 -0500 Subject: [PATCH 31/65] #92 Update install_functions --- install/install_functions.inc.php | 60 ++++++++++++++++++++++++++----- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/install/install_functions.inc.php b/install/install_functions.inc.php index 98704d30..3867d43c 100644 --- a/install/install_functions.inc.php +++ b/install/install_functions.inc.php @@ -1,7 +1,7 @@ Features $hesk_settings[\'autologin\']=' . $set['autologin'] . '; $hesk_settings[\'autoassign\']=' . $set['autoassign'] . '; +$hesk_settings[\'custclose\']=' . $set['custclose'] . '; $hesk_settings[\'custopen\']=' . $set['custopen'] . '; $hesk_settings[\'rating\']=' . $set['rating'] . '; $hesk_settings[\'cust_urgency\']=' . $set['cust_urgency'] . '; $hesk_settings[\'sequential\']=' . $set['sequential'] . '; +$hesk_settings[\'time_worked\']=' . $set['time_worked'] . '; +$hesk_settings[\'spam_notice\']=' . $set['spam_notice'] . '; $hesk_settings[\'list_users\']=' . $set['list_users'] . '; $hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . '; $hesk_settings[\'short_link\']=' . $set['short_link'] . '; +$hesk_settings[\'select_cat\']=' . $set['select_cat'] . '; +$hesk_settings[\'select_pri\']=' . $set['select_pri'] . '; // --> SPAM Prevention $hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . '; $hesk_settings[\'secimg_sum\']=\'' . $set['secimg_sum'] . '\'; $hesk_settings[\'recaptcha_use\']=' . $set['recaptcha_use'] . '; -$hesk_settings[\'recaptcha_ssl\']=' . $set['recaptcha_ssl'] . '; $hesk_settings[\'recaptcha_public_key\']=\'' . $set['recaptcha_public_key'] . '\'; $hesk_settings[\'recaptcha_private_key\']=\'' . $set['recaptcha_private_key'] . '\'; $hesk_settings[\'question_use\']=' . $set['question_use'] . '; @@ -209,6 +222,7 @@ $hesk_settings[\'question_ans\']=\'' . $set['question_ans'] . '\'; // --> Security $hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . '; $hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . '; +$hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . '; $hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . '; // --> Attachments @@ -238,6 +252,7 @@ $hesk_settings[\'kb_popart\']=' . $set['kb_popart'] . '; $hesk_settings[\'kb_latest\']=' . $set['kb_latest'] . '; $hesk_settings[\'kb_index_popart\']=' . $set['kb_index_popart'] . '; $hesk_settings[\'kb_index_latest\']=' . $set['kb_index_latest'] . '; +$hesk_settings[\'kb_related\']=' . $set['kb_related'] . '; // ==> EMAIL @@ -257,6 +272,7 @@ $hesk_settings[\'email_piping\']=' . $set['email_piping'] . '; // --> POP3 Fetching $hesk_settings[\'pop3\']=' . $set['pop3'] . '; +$hesk_settings[\'pop3_job_wait\']=' . $set['pop3_job_wait'] . '; $hesk_settings[\'pop3_host_name\']=\'' . $set['pop3_host_name'] . '\'; $hesk_settings[\'pop3_host_port\']=' . $set['pop3_host_port'] . '; $hesk_settings[\'pop3_tls\']=' . $set['pop3_tls'] . '; @@ -272,14 +288,29 @@ $hesk_settings[\'loop_time\']=' . $set['loop_time'] . '; $hesk_settings[\'detect_typos\']=' . $set['detect_typos'] . '; $hesk_settings[\'email_providers\']=array(' . $set['email_providers'] . '); +// --> Notify customer when +$hesk_settings[\'notify_new\']=' . $set['notify_new'] . '; +$hesk_settings[\'notify_skip_spam\']=' . $set['notify_skip_spam'] . '; +$hesk_settings[\'notify_spam_tags\']=array(' . $set['notify_spam_tags'] . '); +$hesk_settings[\'notify_closed\']=' . $set['notify_closed'] . '; + // --> Other $hesk_settings[\'strip_quoted\']=' . $set['strip_quoted'] . '; +$hesk_settings[\'eml_req_msg\']=' . $set['eml_req_msg'] . '; $hesk_settings[\'save_embedded\']=' . $set['save_embedded'] . '; $hesk_settings[\'multi_eml\']=' . $set['multi_eml'] . '; $hesk_settings[\'confirm_email\']=' . $set['confirm_email'] . '; $hesk_settings[\'open_only\']=' . $set['open_only'] . '; +// ==> TICKET LIST + +$hesk_settings[\'ticket_list\']=array(\'' . implode('\',\'',$set['ticket_list']) . '\'); + +// --> Other +$hesk_settings[\'updatedformat\']=\'' . $set['updatedformat'] . '\'; + + // ==> MISC // --> Date & Time @@ -289,6 +320,8 @@ $hesk_settings[\'daylight\']=' . $set['daylight'] . '; $hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\'; // --> Other +$hesk_settings[\'ip_whois\']=\'' . $set['ip_whois'] . '\'; +$hesk_settings[\'maintenance_mode\']=' . $set['maintenance_mode'] . '; $hesk_settings[\'alink\']=' . $set['alink'] . '; $hesk_settings[\'submit_notice\']=' . $set['submit_notice'] . '; $hesk_settings[\'online\']=' . $set['online'] . '; @@ -388,6 +421,12 @@ function hesk_iDatabase($problem=0) To install a new copy of HESK use the New install option instead.'; echo '

    '; } + elseif ($problem == 5) + { + hesk_show_error('MySQL version '.REQUIRE_MYSQL_VERSION.'+ required, you are using: ' . MYSQL_VERSION . '

    + You are using and old and insecure MySQL version with known bugs, security issues and outdated functionality.

    + Ask your hosting company to update your MySQL version.'); + } ?>
    @@ -446,10 +485,10 @@ function hesk_iCheckSetup() $correct_these = array(); // 1. PHP 5+ required - if ( function_exists('version_compare') && version_compare(PHP_VERSION,'5.0.0','<') ) + if ( function_exists('version_compare') && version_compare(PHP_VERSION,REQUIRE_PHP_VERSION,'<') ) { $correct_these[] = ' - PHP version 5.0+ required, you are using: ' . PHP_VERSION . '

    + PHP version '.REQUIRE_PHP_VERSION.'+ required, you are using: ' . PHP_VERSION . '

    You are using and old and insecure PHP version with known bugs, security issues and outdated functionality.

    Ask your hosting company to update your PHP version. '; @@ -548,16 +587,19 @@ function hesk_iCheckSetup() 'emails/','language/english.php', // pre-2.3 files - 'secimg.inc.php','hesk_style.css', + 'secimg.inc.php', // pre-2.4 files - 'hesk_style_v23.css','hesk_javascript.js','help_files/','TreeMenu.js', + 'hesk_style_v23.css','help_files/','TreeMenu.js', // malicious files that were found on some websites illegally redistributing HESK 'inc/tiny_mce/utils/r00t10.php', 'language/en/help_files/r00t10.php', // pre-2.5 files 'hesk_style_v24.css', 'hesk_javascript_v24.js', + + // pre-2.6 files + 'hesk_style_v25.css', 'hesk_javascript_v25.js', ); sort($old_files); @@ -782,11 +824,11 @@ function hesk_iHeader() - + - + From 841b0eddffb77d2d0beb073e5d0275c914defe69 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:05:12 -0500 Subject: [PATCH 32/65] #92 Update knowledgebase.php --- knowledgebase.php | 78 +++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 72 insertions(+), 6 deletions(-) diff --git a/knowledgebase.php b/knowledgebase.php index a192a293..22bea8b0 100644 --- a/knowledgebase.php +++ b/knowledgebase.php @@ -1,7 +1,7 @@ '.$article['subject'].' @@ -290,6 +295,7 @@ function hesk_show_kb_article($artid) echo '

    '; } + // Article rating if ($hesk_settings['kb_rating'] && strpos( hesk_COOKIE('hesk_kb_rate'),'a'.$artid.'%')===false ) { echo ' @@ -300,6 +306,55 @@ function hesk_show_kb_article($artid) '; } + // Related articles + if ($hesk_settings['kb_related']) + { + require(HESK_PATH . 'inc/mail/email_parser.php'); + + $query = hesk_dbEscape( $article['subject'] . ' ' . convert_html_to_text($article['content']) ); + + // Get relevant articles from the database + $res = hesk_dbQuery("SELECT t1.`id`, t1.`subject`, MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') AS `score` FROM `".hesk_dbEscape($hesk_settings['db_pfix']).'kb_articles` AS t1 LEFT JOIN `'.hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` AS t2 ON t1.`catid` = t2.`id` WHERE t1.`type`='0' AND t2.`type`='0' AND MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') LIMIT ".intval($hesk_settings['kb_related']+1)); + + // Array with related articles + $related_articles = array(); + + while ($related = hesk_dbFetchAssoc($res)) + { + // Get base match score from the first article + if ( ! isset($base_score) ) + { + $base_score = $related['score']; + } + + // Ignore this article + if ( $related['id'] == $artid ) + { + continue; + } + + // Stop when articles reach less than 10% of base score + if ($related['score'] / $base_score < 0.10) + { + break; + } + + // This is a valid related article + $related_articles[$related['id']] = $related['subject']; + } + + // Print related articles if we have any valid matches + if ( count($related_articles) ) + { + echo '
    '.$hesklang['relart'].''; + foreach ($related_articles as $id => $subject) + { + echo ' '.$subject.'
    '; + } + echo '
    '; + } + } + if ($article['catid']==1) { $link = 'knowledgebase.php'; @@ -361,7 +416,7 @@ function hesk_show_kb_article($artid) function hesk_show_kb_category($catid, $is_search = 0) { global $hesk_settings, $hesklang; - $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1"); + $res = hesk_dbQuery("SELECT `name`,`parent` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1"); $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']); if ($is_search == 0) @@ -372,6 +427,17 @@ function hesk_show_kb_category($catid, $is_search = 0) { hesk_kb_header($hesk_settings['kb_link']); } + // If we are in "Knowledgebase only" mode show system messages + if ($catid == 1 && hesk_check_kb_only(false) ) + { + // Service messages + $res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `'.hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `type`='0' ORDER BY `order` ASC"); + while ($sm=hesk_dbFetchAssoc($res)) + { + hesk_service_message($sm); + } + } + if ($thiscat['parent']) { $link = ($thiscat['parent'] == 1) ? 'knowledgebase.php' : 'knowledgebase.php?category='.$thiscat['parent']; @@ -382,7 +448,7 @@ function hesk_show_kb_category($catid, $is_search = 0) { '; } - $result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `parent` ASC, `cat_order` ASC"); + $result = hesk_dbQuery("SELECT `id`,`name`,`articles` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `cat_order` ASC"); if (hesk_dbNumRows($result) > 0) { ?> @@ -486,7 +552,7 @@ function hesk_show_kb_category($catid, $is_search = 0) {
    + + +
    + '.$hesklang['eperm'].''; + if ($num < 1) + { + echo '

    '.$hesklang['no_banemails'].'

    '; + } + else + { + // List of staff + if ( ! isset($admins) ) + { + $admins = array(); + $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users`"); + while ($row=hesk_dbFetchAssoc($res2)) + { + $admins[$row['id']]=$row['name']; + } + } + + ?> +
    '.$hesklang['noac'].'

    '; From 6ad5fc39b61b378a5f00dda8126381620bb0d728 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:07:20 -0500 Subject: [PATCH 33/65] #92 Update en text.php --- language/en/text.php | 213 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 204 insertions(+), 9 deletions(-) diff --git a/language/en/text.php b/language/en/text.php index 2cdbbcc9..3b757749 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -2,11 +2,11 @@ /* * Language file for Help Desk Software HESK (www.hesk.com) * Language: ENGLISH -* Version: 2.5.5 +* Version: 2.6.0 beta 1 from 30th December 2014 * Author: Klemen Stirn (http://www.hesk.com) * * !!! This file must be saved in UTF-8 encoding without byte order mark (BOM) !!! -* Test chars: àáâãäåæ +* Test chars: àáâãäåæ */ // Change "English" to the name of your language @@ -182,6 +182,7 @@ $hesklang['category_moved'] = '[#%%TRACK_ID%%] Ticket moved: %%SUBJECT%% $hesklang['new_note'] = '[#%%TRACK_ID%%] Note added to: %%SUBJECT%%'; $hesklang['new_pm'] = 'New private message: %%SUBJECT%%'; $hesklang['forgot_ticket_id'] = 'List of your support tickets'; +$hesklang['ticket_closed'] = '[#%%TRACK_ID%%] Ticket closed/resolved'; // New in 2.6.0 // ERROR MESSAGES $hesklang['cant_connect_db']='Can\'t connect to database!'; @@ -224,7 +225,6 @@ $hesklang['enter_real_name']='Please enter user real name'; $hesklang['enter_valid_email']='Please enter a valid email address'; $hesklang['enter_username']='Please enter username (login)'; $hesklang['asign_one_cat']='Please assign user to at least one category!'; -$hesklang['signature_long']='User signature is too long! Please limit the signature to 255 chars'; $hesklang['confirm_user_pass']='Please confirm password'; $hesklang['passwords_not_same']='The two passwords entered are not the same!'; $hesklang['cant_del_admin']='You cannot delete the default administrator!'; @@ -335,7 +335,6 @@ $hesklang['edit']='Edit'; $hesklang['add_user']='Add new user'; $hesklang['req_marked_with']='Required fields are marked with'; $hesklang['real_name']='Real name'; -$hesklang['signature_max']='Signature
    (max 255 chars)'; $hesklang['sign_extra']='HTML code is not allowed. Links will be clickable.'; $hesklang['create_user']='Create user'; $hesklang['editing_user']='Editing user'; @@ -656,7 +655,6 @@ $hesklang['t_m']='minutes'; $hesklang['day']='Daylight saving'; $hesklang['tfor']='Time format'; $hesklang['prefix']='Table prefix'; -$hesklang['s_ekb']='Knowledgebase (KB)'; $hesklang['s_kbs']='Enable KB search'; $hesklang['s_kbr']='Enable KB rating'; $hesklang['s_maxsr']='Max search results'; @@ -1266,10 +1264,6 @@ $hesklang['n2ex']='No tickets found matching your criteria, nothing to export!'; $hesklang['sp']='SPAM Prevention'; // For settings page $hesklang['sit']='-> Image Type'; $hesklang['sis']='Simple image'; -$hesklang['sir']='ReCaptcha'; -$hesklang['rcpb']='Public key'; -$hesklang['rcpv']='Private key'; -$hesklang['rcsl']='Use SSL'; $hesklang['pop3keep']='Keep a copy'; $hesklang['err_dbconn']='Could not connect to MySQL database using provided information!'; $hesklang['s_inle']='Testing the language folder for valid languages. Only languages that pass all tests are properly installed.'; @@ -1316,6 +1310,207 @@ $hesklang['incorrect_try_again']='Incorrect. Try again.'; $hesklang['image_alt_text']='reCAPTCHA challenge image'; $hesklang['recaptcha_error']='Incorrect SPAM Prevention answer, please try again.'; +// Added or modified in version 2.6.0 +$hesklang['ms01']='Jan'; +$hesklang['ms02']='Feb'; +$hesklang['ms03']='Mar'; +$hesklang['ms04']='Apr'; +$hesklang['ms05']='May'; +$hesklang['ms06']='Jun'; +$hesklang['ms07']='Jul'; +$hesklang['ms08']='Aug'; +$hesklang['ms09']='Sep'; +$hesklang['ms10']='Oct'; +$hesklang['ms11']='Nov'; +$hesklang['ms12']='Dec'; +$hesklang['lcf']='List date format'; +$hesklang['lcf0']='Short descriptive'; +$hesklang['lcf1']='Date and time'; +$hesklang['lcf2']='HESK style'; +$hesklang['ticket_tpl']='Ticket templates'; +$hesklang['can_man_ticket_tpl']='Manage ticket templates'; // Permission title +$hesklang['ticket_tpl_man']='Manage ticket templates'; // Page/link title +$hesklang['ticket_tpl_intro']='Create and edit ticket templates that you can use to quickly submit new tickets from the admin interface.'; +$hesklang['no_ticket_tpl']='No ticket templates'; +$hesklang['ticket_tpl_title']='Title'; +$hesklang['delete_tpl']='Are you sure you want to delete this template?'; +$hesklang['new_ticket_tpl']='Add or Edit a ticket template'; +$hesklang['ticket_tpl_add']='Create a new ticket template'; +$hesklang['ticket_tpl_edit']='Edit selected ticket template'; +$hesklang['save_ticket_tpl']='Save ticket template'; +$hesklang['ticket_tpl_saved']='Your ticket template has been saved for future use'; +$hesklang['ticket_tpl_removed']='Selected ticket template has been removed from the database'; +$hesklang['ticket_tpl_not_found']='Ticket template not found'; +$hesklang['sel_ticket_tpl']='Select the ticket template you would like to edit'; +$hesklang['ent_ticket_tpl_title']='Please enter reply title'; +$hesklang['ent_ticket_tpl_msg']='Please enter reply message'; +$hesklang['ticket_tpl_id']='Missing ticket template ID'; +$hesklang['select_ticket_tpl']='Select a ticket template'; +$hesklang['list_tickets_cat']='List all tickets in this category'; +$hesklang['def_msg']='[No message]'; +$hesklang['emlreqmsg']='Require message'; +$hesklang['emlreqmsg2']='Ignore piped/fetched emails with no message'; +$hesklang['relart']='Related articles'; // Title of related articles box +$hesklang['s_relart']='Related articles'; // On settings page +$hesklang['tab_7']='Ticket list'; +$hesklang['fitl']='Fields in ticket list'; +$hesklang['submitted']='Submitted'; +$hesklang['clickemail']='View'; +$hesklang['set_pri_to']='Set priority to:'; // Action below the ticket list +$hesklang['pri_set_to']='Priority has been set to:'; +$hesklang['cat_pri']='The category priority will be used when customers are not allowed to select priority and a ticket is submitted from the customer interface.'; +$hesklang['cat_pri_info']='Your customers are allowed to select priority, so category priority will be ignored.

    To use category priority instead, turn OFF the following feature in HESK settings:'; +$hesklang['def_pri']='Category priority:'; +$hesklang['ch_cat_pri']='Set category priority'; +$hesklang['cat_pri_ch']='Category priority has been set to:'; +$hesklang['err_dbversion']='Too old MySQL version:'; // %s will be replaced with MySQL version +$hesklang['signature_max']='Signature (max 1000 chars)'; +$hesklang['signature_long']='User signature is too long! Please limit the signature to 1000 chars'; +$hesklang['ip_whois']='IP whois'; +$hesklang['ednote']='Edit note message'; +$hesklang['ednote2']='Note message saved'; +$hesklang['perm_deny']='Permission denied'; +$hesklang['mis_note']='Missing note ID'; +$hesklang['no_note']='Note with this ID not found'; +$hesklang['save_reply']='Save and continue later'; +$hesklang['reply_saved']='Your reply message has been saved for later.'; +$hesklang['submit_as']='Submit as:'; +$hesklang['sasc']='Submit as Customer reply'; +$hesklang['creb']='Customer reply entered by:'; +$hesklang['show_select']='Show "Click to select" as default option'; +// Settings +$hesklang['mms']='Maintenance mode'; +$hesklang['mmd']='Enable maintenance mode'; +// Customer notice +$hesklang['mm1']='Maintenance in progress'; +$hesklang['mm2']='In order to perform scheduled maintenance, our help desk has shut down temporarily.'; +$hesklang['mm3']='We apologize for the inconvenience and ask that you please try again later.'; +// Staff notice +$hesklang['mma1']='Maintenance mode is active!'; +$hesklang['mma2']='Customers are not able to use the help desk.'; +$hesklang['tools']='Tools'; +$hesklang['banemail']='Banned Emails'; +$hesklang['banemail_intro']='Prevent certain email addresses from submitting tickets to your help desk.'; +$hesklang['no_banemails']='No emails are being banned.'; +$hesklang['eperm']='Permanent email bans:'; +$hesklang['bananemail']='Email address to ban'; +$hesklang['savebanemail']='Ban this email'; +$hesklang['enterbanemail']='Enter the email address you wish to ban.'; +$hesklang['validbanemail']='Enter a valid email address (john.doe@domain.com) or email domain (@domain.com)'; +$hesklang['email_banned']='The email address %s was banned and HESK will no longer accept tickets from this address.'; // %s will be replaced with email +$hesklang['emailbanexists']='The email address %s is already banned.'; // %s will be replaced with email +$hesklang['email_unbanned']='Email ban deleted'; +$hesklang['banby']='Banned by'; +$hesklang['delban']='Delete ban'; +$hesklang['delban_confirm']='Delete this ban?'; +$hesklang['baned_e']='You have been banned from submiting new support tickets.'; +$hesklang['baned_ip']='You have been banned from this help desk'; +$hesklang['can_ban_emails']='Can ban emails'; +$hesklang['can_unban_emails']='Can unban emails (enables Can ban emails)'; +$hesklang['eisban']='This email address is banned.'; +$hesklang['click_unban']='Click here to unban.'; +$hesklang['banip']='Banned IPs'; +$hesklang['banip_intro']='Visitors from banned IP addresses will not be able to view or submit tickets and login into the help desk.'; +$hesklang['ipperm']='Permanent IP bans:'; +$hesklang['iptemp']='Login failure bans:'; +$hesklang['savebanip']='Ban this IP'; +$hesklang['no_banips']='No IPs are being banned.'; +$hesklang['bananip']='IP address to ban'; +$hesklang['banex']='Examples:'; +$hesklang['iprange']='IP range'; +$hesklang['savebanip']='Ban this IP'; +$hesklang['ippermban']='Ban this IP permanently'; +$hesklang['enterbanip']='Enter the IP address or range you wish to ban.'; +$hesklang['validbanip']='Enter a valid IP address or IP range'; +$hesklang['ip_banned']='The IP address %s was banned and HESK will no longer accept tickets from this IP address.'; // %s will be replaced with ip +$hesklang['ip_rbanned']='The IP range %s was banned and HESK will no longer accept tickets from this IP range.'; // %s will be replaced with ip +$hesklang['ipbanexists']='The IP address %s is already banned.'; // %s will be replaced with ip +$hesklang['iprbanexists']='The IP range %s is already banned.'; // %s will be replaced with ip +$hesklang['ip_unbanned']='IP ban deleted'; +$hesklang['ip_tempun']='Temporary IP ban deleted'; +$hesklang['can_ban_ips']='Can ban ips'; +$hesklang['can_unban_ips']='Can unban ips (enables Can ban ips)'; +$hesklang['ipisban']='This IP address is banned.'; +$hesklang['m2e']='Expires in (minutes)'; +$hesklang['info']='Info'; +$hesklang['sm_title']='Service messages'; +$hesklang['sm_intro']='Display a service message in the customer area, for example to notify them about known issues and important news.'; +$hesklang['can_service_msg']='Edit service messages'; +$hesklang['new_sm']='New service message'; +$hesklang['edit_sm']='Edit service message'; +$hesklang['ex_sm']='Existing service messages'; +$hesklang['sm_author']='Author'; +$hesklang['sm_type']='Type'; +$hesklang['sm_published']='Published'; +$hesklang['sm_draft']='Draft'; +$hesklang['sm_style']='Style'; +$hesklang['sm_none']='None'; +$hesklang['sm_success']='Success'; +$hesklang['sm_info']='Info'; +$hesklang['sm_notice']='Notice'; +$hesklang['sm_error']='Error'; +$hesklang['sm_save']='Save service message'; +$hesklang['sm_preview']='Preview service message'; +$hesklang['sm_mtitle']='Title'; +$hesklang['sm_msg']='Message'; +$hesklang['sm_e_title']='Enter service message title'; +$hesklang['sm_e_msg']='Enter service message'; +$hesklang['sm_e_id']='Missing message ID'; +$hesklang['sm_added']='A new service message has been added'; +$hesklang['sm_deleted']='Service message deleted'; +$hesklang['sm_not_found']='This service message does not exist'; +$hesklang['no_sm']='No service messages'; +$hesklang['del_sm']='Delete this service message?'; +$hesklang['sm_mdf']='Service message has been saved'; +$hesklang['sska']='Show suggested articles'; +$hesklang['taws']='These articles were suggested:'; +$hesklang['defaults']='Defaults'; +$hesklang['pncn']='Select notify customer option in the new ticket form'; +$hesklang['pncr']='Select notify customer option in the ticket reply form'; +$hesklang['pssy']='Show what knowledgebase articles were suggested to customers'; +$hesklang['ccct']='Customer resolve'; +$hesklang['custnot']='Notify customers when'; +$hesklang['notnew']='A new support ticket is submitted'; +$hesklang['notclo']='A support ticket is marked Resolved'; +$hesklang['enn']='Except for Email piping/POP3 fetching if email subject contains:'; +$hesklang['spamn']='SPAM notice'; +$hesklang['spam_inbox']='No confirmation email?
    We sent a confirmation message to your email address. If you do not receive it within a few minutes, please check your Junk, Bulk or Spam folders. Mark the message as Not SPAM to avoid problems receiving our correspondence in the future.    '; +$hesklang['s_ekb']='Enable Knowledgebase'; +$hesklang['ekb_n']='NO, disable Knowledgebase'; +$hesklang['ekb_y']='YES, enable Knowledgebase'; +$hesklang['ekb_o']='YES, use HESK as a Knowledgebase only (disable help desk)'; +$hesklang['kb_set']='Knowledgebase settings'; +$hesklang['kbo1']='Knowledgebase-only mode'; +$hesklang['kbo2']='

    Visitors cannot submit new support tickets and are taken directly to the knowledgebase.'; +$hesklang['fpass']='Forgot your password?'; +$hesklang['passr']='Password reset'; +$hesklang['passa']='Allow users to reset a forgot password over email'; +$hesklang['passe']='Enter your email address'; +$hesklang['passs']='Send me password reset link'; +$hesklang['noace']='No account with that email address was found'; +$hesklang['pemls']='We sent you an email with instructions on how to reset your password'; +$hesklang['reset_password']='Reset your help desk password'; // Email subject +$hesklang['ehash']='Invalid or expired password reset link'; +$hesklang['ehaip']='Wrong IP address. Passwords may only be reset from the IP address that requested password reset.'; +$hesklang['resim']='Setup your new password in the form below!'; +$hesklang['permissions']='Permissions'; +$hesklang['atype']='Account type'; +$hesklang['astaff']='Staff'; +$hesklang['oon1']='Send me only open tickets'; +$hesklang['oon2']='Send me all my tickets'; +$hesklang['anyown']='Any owner'; +$hesklang['pfr']='Another POP3 fetching task is still in progress.'; +$hesklang['pjt']='Task timeout'; +$hesklang['pjt2']='minutes after start'; +$hesklang['sir']='ReCaptcha V1 API (old)'; +$hesklang['sir2']='ReCaptcha V2 API (recommended)'; +$hesklang['rcpb']='Site key (Public key)'; +$hesklang['rcpv']='Secret key (Private key)'; + +// Language for Google reCaptcha API version 2 +// Supported language codes: https://developers.google.com/recaptcha/docs/language +// If your language is NOT in the supported langauges, leave 'en' +$hesklang['RECAPTCHA']='en'; // DO NOT CHANGE BELOW if (!defined('IN_SCRIPT')) die('PHP syntax OK!'); From 9ce5698c2e1a365d0d06df256242a655c2cb53bf Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:08:32 -0500 Subject: [PATCH 34/65] #92 Update print.php --- print.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/print.php b/print.php index 4b0fb8f8..b66f6a91 100644 --- a/print.php +++ b/print.php @@ -1,7 +1,7 @@ Date: Mon, 12 Jan 2015 23:10:18 -0500 Subject: [PATCH 35/65] #92 Update reply_ticket.php --- reply_ticket.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/reply_ticket.php b/reply_ticket.php index 7c09275c..7bcec0da 100644 --- a/reply_ticket.php +++ b/reply_ticket.php @@ -1,7 +1,7 @@ fetch_asso $ticket['status'] = $ticket['status'] == $defaultNewTicketStatus['ID'] ? $defaultNewTicketStatus['ID'] : $newStatus['ID']; /* Update ticket as necessary */ -$res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `lastchange`=NOW(), `status`='{$ticket['status']}',`lastreplier`='0' WHERE `id`='{$ticket['id']}' LIMIT 1"); +$res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `lastchange`=NOW(), `status`='{$ticket['status']}', `replies`=`replies`+1, `lastreplier`='0' WHERE `id`='{$ticket['id']}' LIMIT 1"); // Insert reply into database hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`) VALUES ({$ticket['id']},'".hesk_dbEscape($ticket['name'])."','".hesk_dbEscape($message)."',NOW(),'".hesk_dbEscape($myattachments)."')"); @@ -194,6 +198,7 @@ $info = array( 'attachments' => $myattachments, 'dt' => hesk_date($ticket['dt'], true), 'lastchange' => hesk_date($ticket['lastchange'], true), +'id' => $ticket['id'], ); // 2. Add custom fields to the array From 12cc442b6bf9efe194c79e60d55a9bed6b5820a8 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:16:12 -0500 Subject: [PATCH 36/65] #92 Update submit_ticket.php --- submit_ticket.php | 104 +++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 93 insertions(+), 11 deletions(-) diff --git a/submit_ticket.php b/submit_ticket.php index b1cab6fa..51fd7a32 100644 --- a/submit_ticket.php +++ b/submit_ticket.php @@ -1,7 +1,7 @@ verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response") ); + } + + if ($resp != null && $resp->success) + { + $_SESSION['img_verified']=true; + } + else + { + $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error']; + } + } // Using PHP generated image else { @@ -167,12 +205,39 @@ if ($hesk_settings['confirm_email']) } $tmpvar['category'] = intval( hesk_POST('category') ) or $hesk_error_buffer['category']=$hesklang['sel_app_cat']; -$tmpvar['priority'] = $hesk_settings['cust_urgency'] ? intval( hesk_POST('priority') ) : 3; -// Is priority a valid choice? -if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3) +// Do we allow customer to select priority? +if ($hesk_settings['cust_urgency']) { - $hesk_error_buffer['priority'] = $hesklang['sel_app_priority']; + $tmpvar['priority'] = intval( hesk_POST('priority') ); + + // We don't allow customers select "Critical". If priority is not valid set it to "low". + if ($tmpvar['priority'] < 1 || $tmpvar['priority'] > 3) + { + // If we are showing "Click to select" priority needs to be selected + if ($hesk_settings['select_pri']) + { + $tmpvar['priority'] = -1; + $hesk_error_buffer['priority'] = $hesklang['select_priority']; + } + else + { + $tmpvar['priority'] = 3; + } + } +} +// Priority will be selected based on the category selected +else +{ + $res = hesk_dbQuery("SELECT `priority` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `id`=".intval($tmpvar['category'])); + if ( hesk_dbNumRows($res) == 1 ) + { + $tmpvar['priority'] = intval( hesk_dbResult($res) ); + } + else + { + $tmpvar['priority'] = 3; + } } $tmpvar['subject'] = hesk_input( hesk_POST('subject') ) or $hesk_error_buffer['subject']=$hesklang['enter_ticket_subject']; @@ -223,10 +288,13 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) } $_POST[$k] = ''; } + + $_SESSION["c_$k"]=hesk_POST_array($k); } elseif ($v['req']) { $tmpvar[$k]=hesk_makeURL(nl2br(hesk_input( hesk_POST($k) ))); + $_SESSION["c_$k"]=hesk_POST($k); if (!strlen($tmpvar[$k])) { $hesk_error_buffer[$k]=$hesklang['fill_all'].': '.$v['name']; @@ -247,7 +315,6 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input(hesk_POST($k)))); } } - $_SESSION["c_$k"]=hesk_POST($k); } else { @@ -255,6 +322,12 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) } } +// Check bans +if ( ! isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP($_SERVER['REMOTE_ADDR']) ) +{ + hesk_error($hesklang['baned_e']); +} + // Check maximum open tickets limit $below_limit = true; if ($hesk_settings['max_open'] && ! isset($hesk_error_buffer['email']) ) @@ -326,6 +399,12 @@ if (count($hesk_error_buffer)) $tmpvar['message']=hesk_makeURL($tmpvar['message']); $tmpvar['message']=nl2br($tmpvar['message']); +// Track suggested knowledgebase articles +if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'] && isset($_POST['suggested']) && is_array($_POST['suggested']) ) +{ + $tmpvar['articles'] = implode(',', array_unique( array_map('intval', $_POST['suggested']) ) ); +} + // All good now, continue with ticket creation $tmpvar['owner'] = 0; $tmpvar['history'] = sprintf($hesklang['thist15'], hesk_date(), $tmpvar['name']); @@ -378,7 +457,10 @@ if ($createTicket) $ticket = hesk_newTicket($tmpvar); // Notify the customer - hesk_notifyCustomer(); + if ($hesk_settings['notify_new']) + { + hesk_notifyCustomer(); + } // Need to notify staff? // --> From autoassign? @@ -431,9 +513,9 @@ require_once(HESK_PATH . 'inc/header.inc.php'); hesk_show_success( $hesklang['ticket_submitted'] . '

    ' . - $hesklang['ticket_submitted_success'] . ': ' . $ticket['trackid'] . '

    - ' . $hesklang['view_your_ticket'] . '' - + $hesklang['ticket_submitted_success'] . ': ' . $ticket['trackid'] . '

    ' . + ($hesk_settings['notify_new'] && $hesk_settings['spam_notice'] ? $hesklang['spam_inbox'] . '

    ' : '') . + '' . $hesklang['view_your_ticket'] . '' ); } else { From 03ed2f3bde5bc5b5eb243b4e88bea72867c7f362 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:18:00 -0500 Subject: [PATCH 37/65] #92 Update suggest_articles.php --- suggest_articles.php | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/suggest_articles.php b/suggest_articles.php index 09c7e8ed..37245fab 100644 --- a/suggest_articles.php +++ b/suggest_articles.php @@ -1,7 +1,7 @@ $max_score) + { + $max_score = $article['score']; + } + + if ($max_score && ($article['score'] / $max_score) < 0.25) + { + break; + } + + $txt = strip_tags($article['content']); if (strlen($txt) > $hesk_settings['kb_substrart']) { $txt = substr($txt, 0, $hesk_settings['kb_substrart']).'...'; @@ -79,6 +94,7 @@ if ( hesk_isREQUEST('p') ) echo ' '.$article['subject'].' +
    '.$txt.'

    '; } } From d363fbc04a0b5870fad140e40842a609366d6194 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:24:34 -0500 Subject: [PATCH 38/65] #92 Update ticket.php --- ticket.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/ticket.php b/ticket.php index 18c4c008..8b5c6ba5 100644 --- a/ticket.php +++ b/ticket.php @@ -1,7 +1,7 @@

    '.$hesklang['open_action'].'';} - else {echo ''.$hesklang['close_action'].'';} ?>

    + elseif ($hesk_settings['custclose']) {echo ''.$hesklang['close_action'].'';} ?>

    @@ -508,6 +512,20 @@ function print_form()
    +
    +
    +
    + +
    +
    + +
    +
    +
    From ae1d7fc19b0c529d657e4991aa71a5e05839f45e Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 12 Jan 2015 23:24:45 -0500 Subject: [PATCH 39/65] #92 Update files that are in MFH but didn't have any code changes --- admin/admin_main.php | 2 +- install/index.php | 2 +- suggest_email.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/admin_main.php b/admin/admin_main.php index 4b72cc43..4fe6e7c2 100644 --- a/admin/admin_main.php +++ b/admin/admin_main.php @@ -1,7 +1,7 @@ Date: Tue, 13 Jan 2015 16:52:00 -0500 Subject: [PATCH 40/65] #92 Update hesk_style.css --- hesk_style_v25.css => hesk_style.css | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) rename hesk_style_v25.css => hesk_style.css (97%) diff --git a/hesk_style_v25.css b/hesk_style.css similarity index 97% rename from hesk_style_v25.css rename to hesk_style.css index 4a13d368..56c11b6f 100644 --- a/hesk_style_v25.css +++ b/hesk_style.css @@ -14,7 +14,7 @@ table.enclosing { color : #4a5571; font-family : Verdana, Geneva, Arial, Helvetica, sans-serif; font-size: 12px; - width: 770px; + width: 960px; } @@ -216,7 +216,7 @@ fieldset { background-color:white; position:relative; display:block; - padding: 0px 10px 10px 10px; + padding: 15px 10px 10px 10px; margin:20px 0px 20px 0px; } @@ -232,10 +232,8 @@ legend { background-position: left top; display:block; width: auto; - padding:4px 5px; - margin:0px 0px 10px 0px; + padding:5px 5px; position:relative; - top: -12px; width:130px; } @@ -551,10 +549,25 @@ td.admin_critical { font-family : Verdana, Geneva, Arial, Helvetica, sans-serif; font-size: 11px; border: 1px solid #ff66ff; - border-top: 2px dashed #ff66ff; padding: 1px; } +/* New styles in HESK version 2.6 */ + +div.info { + border: 1px solid #9acfea; + background: #d9edf7; + color: #363636; + padding: 10px; + vertical-align: middle; +} + +div.none { + color: #363636; + padding: 10px; + vertical-align: middle; +} + .isError { color: black; background-color: #fff9f7; From c2303b1fea3b81a5086a8dabfe539d08bd27e64f Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 16:54:33 -0500 Subject: [PATCH 41/65] #92 Update hesk_style_RTL --- hesk_style_v25RTL.css => hesk_style_RTL.css | 25 ++++++++++++++++----- 1 file changed, 19 insertions(+), 6 deletions(-) rename hesk_style_v25RTL.css => hesk_style_RTL.css (97%) diff --git a/hesk_style_v25RTL.css b/hesk_style_RTL.css similarity index 97% rename from hesk_style_v25RTL.css rename to hesk_style_RTL.css index a22825b3..d866def8 100644 --- a/hesk_style_v25RTL.css +++ b/hesk_style_RTL.css @@ -14,7 +14,7 @@ table.enclosing { color : #4a5571; font-family : Verdana, Geneva, Arial, Helvetica, sans-serif; font-size: 12px; - width: 770px; + width: 960px; } @@ -216,7 +216,7 @@ fieldset { background-color:white; position:relative; display:block; - padding: 0px 10px 10px 10px; + padding: 15px 10px 10px 10px; margin:20px 0px 20px 0px; } @@ -232,10 +232,8 @@ legend { background-position: right top; display:block; width: auto; - padding:4px 5px; - margin:0px 0px 10px 0px; + padding:5px 5px; position:relative; - top: -12px; width:130px; } @@ -551,7 +549,6 @@ td.admin_critical { font-family : Verdana, Geneva, Arial, Helvetica, sans-serif; font-size: 11px; border: 1px solid #ff66ff; - border-top: 2px dashed #ff66ff; padding: 1px; } @@ -691,6 +688,22 @@ td.admin_yellow { padding: 1px; } +/* New styles in HESK version 2.6 */ + +div.info { + border: 1px solid #9acfea; + background: #d9edf7; + color: #363636; + padding: 10px; + vertical-align: middle; +} + +div.none { + color: #363636; + padding: 10px; + vertical-align: middle; +} + /* New styles in HESK version 2.5 */ .kb_published { From 45f41136b7f05f8094abd3af2e095325d9336278 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 17:02:37 -0500 Subject: [PATCH 42/65] Update .gitignore for HESK 2.6.0 --- .gitignore | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.gitignore b/.gitignore index 096135f6..49c4e5f7 100644 --- a/.gitignore +++ b/.gitignore @@ -268,3 +268,11 @@ robots.txt .idea/ attachments/__latest.txt attachments +img/ban.png +img/banned.png +img/ico_tools.png +inc/recaptcha/recaptchalib_v2.php +ip_whois.php +language/en/emails/reset_password.txt +language/en/help_files/ticket_list.html +hesk_javascript.js From 8401543f8a3dbe9fba79a630eef80e377955e3c5 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 19:29:47 -0500 Subject: [PATCH 43/65] #110 Update CSS and JS references --- inc/headerAdmin.inc.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php index 1088af73..e472fab1 100644 --- a/inc/headerAdmin.inc.php +++ b/inc/headerAdmin.inc.php @@ -43,9 +43,9 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); - + - + @@ -59,7 +59,7 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); - + From 02b6778c37334513bdcba86de8e0b4f94b7ca0ce Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 21:45:35 -0500 Subject: [PATCH 44/65] #110 Restyle banned_emails --- admin/banned_emails.php | 338 +++++++++++++++++++++++++++++++++++++++ css/hesk_newStyle.php | 1 + css/hesk_newStyleRTL.php | 1 + 3 files changed, 340 insertions(+) create mode 100644 admin/banned_emails.php diff --git a/admin/banned_emails.php b/admin/banned_emails.php new file mode 100644 index 00000000..0b9392b0 --- /dev/null +++ b/admin/banned_emails.php @@ -0,0 +1,338 @@ + + +
    + +
    + +
    +
    +

    + +
    +
    + +
    + + + +
    +
    +
    +
    + +
    +
    +
    +
    +
    +
    +
    + john@email.com
    + @domain.com
    + + + + + + + + + + + + + + + + '; + + if ($can_unban) + { + echo ' + + '; + } + + echo ''; + } // End while + ?> + +
    '.$ban['email'].''.(isset($admins[$ban['banned_by']]) ? $admins[$ban['banned_by']] : $hesklang['e_udel']).''.$ban['dt'].' + + + +
    +
    + + +
    +
    + + + + + + 254) + { + return false; + } + + // Check domain part characters + if ( ! preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain) ) + { + return false; + } + + // Domain part mustn't have two consecutive dots + if ( strpos($domain, '..') !== false ) + { + return false; + } + + // All OK + return true; + +} // END verify_email_domain() + +?> diff --git a/css/hesk_newStyle.php b/css/hesk_newStyle.php index ac673961..142ca8a2 100644 --- a/css/hesk_newStyle.php +++ b/css/hesk_newStyle.php @@ -123,6 +123,7 @@ .settingsquestionmark { color: ; font-size: 14px; + cursor: pointer; } .h3questionmark { color: ; diff --git a/css/hesk_newStyleRTL.php b/css/hesk_newStyleRTL.php index 3c699673..8d8778f9 100644 --- a/css/hesk_newStyleRTL.php +++ b/css/hesk_newStyleRTL.php @@ -123,6 +123,7 @@ .settingsquestionmark { color: ; font-size: 14px; + cursor: pointer; } .settingsquestionmark:hover { text-decoration: underline; From 4ecf5c8d4513ad09078d9933e011bd1659d3cbf8 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 13 Jan 2015 21:56:28 -0500 Subject: [PATCH 45/65] #110 Fix tab name and trailing
    + + + + + + + + + + + + + + '; + + if ($can_unban) + { + echo ' + + '; + } + + echo ''; + } // End while + + ?> + +
    '.$ban['ip'].''.$ban['minutes'].' + + + + +
    + '.$hesklang['no_banips'].'

    '; + } + + // Get banned ips from database + $res = hesk_dbQuery('SELECT * FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'banned_ips` ORDER BY `ip_from` ASC'); + $num = hesk_dbNumRows($res); + + echo '

    '.$hesklang['ipperm'].'

    '; + + if ($num < 1) + { + echo '

    '.$hesklang['no_banips'].'

    '; + } + else + { + // List of staff + if ( ! isset($admins) ) + { + $admins = array(); + $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users`"); + while ($row=hesk_dbFetchAssoc($res2)) + { + $admins[$row['id']]=$row['name']; + } + } + + ?> + + + + + + + + + + + + + + + + + + + '; + + if ($can_unban) + { + echo ' + + '; + } + + echo ''; + } // End while + ?> + +
    '.$ban['ip_display'].''.( ($ban['ip_to'] == $ban['ip_from']) ? long2ip($ban['ip_to']) : long2ip($ban['ip_from']).' - '.long2ip($ban['ip_to']) ).''.(isset($admins[$ban['banned_by']]) ? $admins[$ban['banned_by']] : $hesklang['e_udel']).''.$ban['dt'].' + + +
    + +
    + + + += 0 && $matches[4] <= 32) + { + list($ip_from, $ip_to) = hesk_cidr_to_range($ip); + } + // Not a valid input + else + { + hesk_process_messages($hesklang['validbanip'],'banned_ips.php'); + } + + // Make sure we have valid ranges + if ($ip_from < 0) + { + $ip_from += 4294967296; + } + elseif ($ip_from > 4294967296) + { + $ip_from = 4294967296; + } + if ($ip_to < 0) + { + $ip_to += 4294967296; + } + elseif ($ip_to > 4294967296) + { + $ip_to = 4294967296; + } + + // Make sure $ip_to is not lower that $ip_from + if ($ip_to < $ip_from) + { + $tmp = $ip_to; + $ip_to = $ip_from; + $ip_from = $tmp; + } + + // Is this IP address already banned? + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_ips` WHERE {$ip_from} BETWEEN `ip_from` AND `ip_to` AND {$ip_to} BETWEEN `ip_from` AND `ip_to` LIMIT 1"); + if ( hesk_dbNumRows($res) == 1 ) + { + $_SESSION['ban_ip']['id'] = hesk_dbResult($res); + $hesklang['ipbanexists'] = ($ip_to == $ip_from) ? sprintf($hesklang['ipbanexists'], long2ip($ip_to) ) : sprintf($hesklang['iprbanexists'], long2ip($ip_from).' - '.long2ip($ip_to) ); + hesk_process_messages($hesklang['ipbanexists'],'banned_ips.php','NOTICE'); + } + + // Delete any duplicate banned IP or ranges that are within the new banned range + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_ips` WHERE `ip_from` >= {$ip_from} AND `ip_to` <= {$ip_to}"); + + // Delete temporary bans from logins table + if ($ip_to == $ip_from) + { + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='".hesk_dbEscape($ip_display)."' LIMIT 1"); + } + + // Redirect either to banned ips or ticket page from now on + $redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999) : 'banned_ips.php'; + + // Insert the ip address into database + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_ips` (`ip_from`,`ip_to`,`ip_display`,`banned_by`) VALUES ({$ip_from}, {$ip_to},'".hesk_dbEscape($ip_display)."','".intval($_SESSION['id'])."')"); + + // Remember ip that got banned + $_SESSION['ban_ip']['id'] = hesk_dbInsertID(); + + // Generate success message + $hesklang['ip_banned'] = ($ip_to == $ip_from) ? sprintf($hesklang['ip_banned'], long2ip($ip_to) ) : sprintf($hesklang['ip_rbanned'], long2ip($ip_from).' - '.long2ip($ip_to) ); + + // Show success + hesk_process_messages( sprintf($hesklang['ip_banned'], $ip) ,$redirect_to,'SUCCESS'); + +} // End ban_ip() + + +function unban_temp_ip() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get the ip + $ip = preg_replace('/[^0-9\.\-\/\*]/', '', hesk_REQUEST('ip') ); + + // Delete from bans + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='" . hesk_dbEscape($ip) . "' LIMIT 1"); + + // Show success + hesk_process_messages($hesklang['ip_tempun'],'banned_ips.php','SUCCESS'); + +} // End unban_temp_ip() + + +function unban_ip() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Delete from bans + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."banned_ips` WHERE `id`=" . intval( hesk_GET('id') ) . " LIMIT 1"); + + // Redirect either to banned ips or ticket page from now on + $redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999) : 'banned_ips.php'; + + // Show success + hesk_process_messages($hesklang['ip_unbanned'],$redirect_to,'SUCCESS'); + +} // End unban_ip() + + +function hesk_cidr_to_range($cidr) +{ + $range = array(); + $cidr = explode('/', $cidr); + $range[0] = (ip2long($cidr[0])) & ((-1 << (32 - (int)$cidr[1]))); + $range[1] = (ip2long($cidr[0])) + pow(2, (32 - (int)$cidr[1])) - 1; + return $range; +} // END hesk_cidr_to_range() + +?> From dd958b694604037d10c5a0823a5bc94aacba957c Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 16:57:20 -0500 Subject: [PATCH 47/65] #110 Update Service Messages page --- admin/service_messages.php | 653 +++++++++++++++++++++++++++++++++++++ inc/common.inc.php | 17 +- inc/show_admin_nav.inc.php | 4 +- 3 files changed, 666 insertions(+), 8 deletions(-) create mode 100644 admin/service_messages.php diff --git a/admin/service_messages.php b/admin/service_messages.php new file mode 100644 index 00000000..40939492 --- /dev/null +++ b/admin/service_messages.php @@ -0,0 +1,653 @@ + + +
    + +
    + +
    + + + +
    +
    +

    +
    +
    + '.$hesklang['no_sm'].'

    '; + } + else + { + // List of staff + if ( ! isset($admins) ) + { + $admins = array(); + $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users`"); + while ($row=hesk_dbFetchAssoc($res2)) + { + $admins[$row['id']]=$row['name']; + } + } + + ?> + + + + + + + + + + + + + + + + + + + +
      
    +
    + + +
    +     		+ 1) + { + if ($k == 1) + { + ?> + + + + + + + + + + + + + + + + +  
    +
    + + + +
    +
    + +
    +
    + +
    +
    +

    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    +
    + +
    +
    +
    +
    + +
    +
    +
    +
    + +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    +
    + +
    + > +
    +
    +
    + +
    + +
    +
    +
    + ' : ''; ?> + +
    +
    + + +
    +
    +
    +
    +
    +
    +
    +
    +
    + + 4 || $style < 0) + { + $style = 0; + } + + $type = empty($_POST['type']) ? 0 : 1; + $title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title']; + $message = hesk_getHTML( hesk_POST('message') ); + + // Any errors? + if (count($hesk_error_buffer)) + { + $_SESSION['edit_sm'] = true; + $hesklang['new_sm'] = $hesklang['edit_sm']; + + $_SESSION['new_sm'] = array( + 'id' => $id, + 'style' => $style, + 'type' => $type, + 'title' => $title, + 'message' => hesk_input( hesk_POST('message') ), + ); + + $tmp = ''; + foreach ($hesk_error_buffer as $error) + { + $tmp .= "
  • $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

    '; + hesk_process_messages($hesk_error_buffer,'service_messages.php'); + } + + // Just preview the message? + if ( isset($_POST['sm_preview']) ) + { + $_SESSION['preview_sm'] = true; + $_SESSION['edit_sm'] = true; + $hesklang['new_sm'] = $hesklang['edit_sm']; + + $_SESSION['new_sm'] = array( + 'id' => $id, + 'style' => $style, + 'type' => $type, + 'title' => $title, + 'message' => $message, + ); + + header('Location: service_messages.php'); + exit; + } + + // Update the service message in the database + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET + `author` = '".intval($_SESSION['id'])."', + `title` = '".hesk_dbEscape($title)."', + `message` = '".hesk_dbEscape($message)."', + `style` = '{$style}', + `type` = '{$type}' + WHERE `id`={$id} LIMIT 1"); + + $_SESSION['smord'] = $id; + hesk_process_messages($hesklang['sm_mdf'],'service_messages.php','SUCCESS'); + +} // End save_sm() + + +function edit_sm() +{ + global $hesk_settings, $hesklang; + + // Get service messageID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']); + + // Get details from the database + $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id} LIMIT 1"); + if ( hesk_dbNumRows($res) != 1 ) + { + hesk_error($hesklang['sm_not_found']); + } + $sm = hesk_dbFetchAssoc($res); + + $_SESSION['new_sm'] = $sm; + $_SESSION['edit_sm'] = true; + + $hesklang['new_sm'] = $hesklang['edit_sm']; + +} // End edit_sm() + + +function order_sm() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID and move parameters + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']); + $move = intval( hesk_GET('move') ); + $_SESSION['smord'] = $id; + + // Update article details + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=`order`+".intval($move)." WHERE `id`={$id} LIMIT 1"); + + // Update order of all service messages + update_sm_order(); + + // Finish + header('Location: service_messages.php'); + exit(); + +} // End order_sm() + + +function update_sm_order() +{ + global $hesk_settings, $hesklang; + + // Get list of current service messages + $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` ASC"); + + // Update database + $i = 10; + while ( $sm = hesk_dbFetchAssoc($res) ) + { + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=".intval($i)." WHERE `id`='".intval($sm['id'])."' LIMIT 1"); + $i += 10; + } + + return true; + +} // END update_sm_order() + + +function remove_sm() +{ + global $hesk_settings, $hesklang; + + // A security check + hesk_token_check(); + + // Get ID + $id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']); + + // Delete the service message + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id} LIMIT 1"); + + // Were we successful? + if ( hesk_dbAffectedRows() == 1 ) + { + hesk_process_messages($hesklang['sm_deleted'],'./service_messages.php','SUCCESS'); + } + else + { + hesk_process_messages($hesklang['sm_not_found'],'./service_messages.php'); + } + +} // End remove_sm() + + +function new_sm() +{ + global $hesk_settings, $hesklang, $listBox; + global $hesk_error_buffer; + + // A security check + # hesk_token_check('POST'); + + $hesk_error_buffer = array(); + + $style = intval( hesk_POST('style', 0) ); + if ($style > 4 || $style < 0) + { + $style = 0; + } + + $type = empty($_POST['type']) ? 0 : 1; + $title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title']; + $message = hesk_getHTML( hesk_POST('message') ); + + // Any errors? + if (count($hesk_error_buffer)) + { + $_SESSION['new_sm'] = array( + 'style' => $style, + 'type' => $type, + 'title' => $title, + 'message' => hesk_input( hesk_POST('message') ), + ); + + $tmp = ''; + foreach ($hesk_error_buffer as $error) + { + $tmp .= "
  • $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['rfm'].'

    '; + hesk_process_messages($hesk_error_buffer,'service_messages.php'); + } + + // Just preview the message? + if ( isset($_POST['sm_preview']) ) + { + $_SESSION['preview_sm'] = true; + + $_SESSION['new_sm'] = array( + 'style' => $style, + 'type' => $type, + 'title' => $title, + 'message' => $message, + ); + + header('Location: service_messages.php'); + exit; + } + + // Get the latest service message order + $res = hesk_dbQuery("SELECT `order` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` DESC LIMIT 1"); + $row = hesk_dbFetchRow($res); + $my_order = intval($row[0]) + 10; + + // Insert service message into database + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` (`author`,`title`,`message`,`style`,`type`,`order`) VALUES ( + '".intval($_SESSION['id'])."', + '".hesk_dbEscape($title)."', + '".hesk_dbEscape($message)."', + '{$style}', + '{$type}', + '{$my_order}' + )"); + + $_SESSION['smord'] = hesk_dbInsertID(); + hesk_process_messages($hesklang['sm_added'],'service_messages.php','SUCCESS'); + +} // End new_sm() + +?> diff --git a/inc/common.inc.php b/inc/common.inc.php index 21e399a7..b68338d7 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -65,19 +65,24 @@ hesk_getLanguage(); function hesk_service_message($sm) { + $faIcon = ""; switch ($sm['style']) { case 1: - $style = "success"; + $style = "alert alert-success"; + $faIcon = "fa fa-check-circle"; break; case 2: - $style = "info"; + $style = "alert alert-info"; + $faIcon = "fa fa-comment"; break; case 3: - $style = "notice"; + $style = "alert alert-warning"; + $faIcon = "fa fa-exclamation-triangle"; break; case 4: - $style = "error"; + $style = "alert alert-danger"; + $faIcon = "fa fa-times-circle"; break; default: $style = "none"; @@ -85,8 +90,8 @@ function hesk_service_message($sm) ?>
    - '; ?> - + '; ?> +

    +
    '; hesk_show_notice($hesklang['mma2'], $hesklang['mma1'], false); } // Show a notice if we are in "Knowledgebase only" mode if ( hesk_check_kb_only(false) ) { - echo '
    '; hesk_show_notice($hesklang['kbo2'], $hesklang['kbo1'], false); } ?> +
    From b658af10982c14c4a1cbfaaafbb235d2b7af1caf Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 17:03:05 -0500 Subject: [PATCH 48/65] Fix some layout issues --- inc/show_admin_nav.inc.php | 6 ++++-- modsForHesk_settings.inc.php | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php index 87069a40..74475d0a 100644 --- a/inc/show_admin_nav.inc.php +++ b/inc/show_admin_nav.inc.php @@ -102,18 +102,20 @@ $num_mail = hesk_checkNewMail(); -
    '; hesk_show_notice($hesklang['mma2'], $hesklang['mma1'], false); + echo '
    '; } // Show a notice if we are in "Knowledgebase only" mode if ( hesk_check_kb_only(false) ) { + echo '
    '; hesk_show_notice($hesklang['kbo2'], $hesklang['kbo1'], false); + echo '
    '; } ?> - diff --git a/modsForHesk_settings.inc.php b/modsForHesk_settings.inc.php index 3335dc4e..2541aa65 100644 --- a/modsForHesk_settings.inc.php +++ b/modsForHesk_settings.inc.php @@ -23,4 +23,4 @@ $modsForHesk_settings['show_icons'] = 0; $modsForHesk_settings['custom_field_setting'] = 0; //-- Set this to 1 to enable email verification for new customers -$modsForHesk_settings['customer_email_verification_required'] = 0;$modsForHesk_settings['show_icons'] = 0; \ No newline at end of file +$modsForHesk_settings['customer_email_verification_required'] = 0; \ No newline at end of file From e8d0c9f901590b899b62319181bec15d584d19ca Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 17:08:33 -0500 Subject: [PATCH 49/65] Show maintenance mode / kb only above the navbar --- inc/common.inc.php | 1 - inc/show_admin_nav.inc.php | 34 ++++++++++++++++------------------ 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/inc/common.inc.php b/inc/common.inc.php index b68338d7..f8010ca3 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -873,7 +873,6 @@ function hesk_show_notice($message,$title='',$append_colon=true) {
    -
    +'; + hesk_show_notice($hesklang['mma2'], $hesklang['mma1'], false); + echo ''; +} +// Show a notice if we are in "Knowledgebase only" mode +if ( hesk_check_kb_only(false) ) +{ + echo '
    '; + hesk_show_notice($hesklang['kbo2'], $hesklang['kbo1'], false); + echo '
    '; +} +?>
    - - '; - hesk_show_notice($hesklang['mma2'], $hesklang['mma1'], false); - echo '
    '; - } - - // Show a notice if we are in "Knowledgebase only" mode - if ( hesk_check_kb_only(false) ) - { - echo '
    '; - hesk_show_notice($hesklang['kbo2'], $hesklang['kbo1'], false); - echo '
    '; - } - ?> From ed43191d6842770d8cdd49885b15fdaa3188108f Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 17:12:06 -0500 Subject: [PATCH 50/65] Update the maintenance message style --- inc/common.inc.php | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/inc/common.inc.php b/inc/common.inc.php index f8010ca3..54fad097 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -1767,33 +1767,13 @@ function hesk_check_maintenance($dodie = true) // Maintenance mode - show notice and exit require_once(HESK_PATH . 'inc/header.inc.php'); ?> - - - - - - -
    - - - - - - - - - - -
    - -

     

    - -
    - +
    +



    - -

     

    -

     

    -

     

    -

     

    -

     

    - Date: Wed, 14 Jan 2015 18:37:48 -0500 Subject: [PATCH 51/65] #110 Update password.php --- admin/password.php | 361 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 361 insertions(+) create mode 100644 admin/password.php diff --git a/admin/password.php b/admin/password.php new file mode 100644 index 00000000..79b745be --- /dev/null +++ b/admin/password.php @@ -0,0 +1,361 @@ +is_valid) + { + //$_SESSION['img_a_verified']=true; + } + else + { + $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error']; + } + } + // Using ReCaptcha API v2? + elseif ($hesk_settings['recaptcha_use'] == 2) + { + require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php'); + + $resp = null; + $reCaptcha = new ReCaptcha($hesk_settings['recaptcha_private_key']); + + // Was there a reCAPTCHA response? + if ( isset($_POST["g-recaptcha-response"]) ) + { + $resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response") ); + } + + if ($resp != null && $resp->success) + { + //$_SESSION['img_a_verified']=true; + } + else + { + $hesk_error_buffer['mysecnum']=$hesklang['recaptcha_error']; + } + } + // Using PHP generated image + else + { + $mysecnum = intval( hesk_POST('mysecnum', 0) ); + + if ( empty($mysecnum) ) + { + $hesk_error_buffer['mysecnum'] = $hesklang['sec_miss']; + } + else + { + require(HESK_PATH . 'inc/secimg.inc.php'); + $sc = new PJ_SecurityImage($hesk_settings['secimg_sum']); + if ( isset($_SESSION['checksum']) && $sc->checkCode($mysecnum, $_SESSION['checksum']) ) + { + //$_SESSION['img_a_verified'] = true; + } + else + { + $hesk_error_buffer['mysecnum'] = $hesklang['sec_wrng']; + } + } + } + } + + // Connect to database and check for brute force attempts + hesk_load_database_functions(); + hesk_dbConnect(); + hesk_limitBfAttempts(); + + // Get email + $email = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email']=$hesklang['enter_valid_email']; + + // Any errors? + if (count($hesk_error_buffer)!=0) + { + $_SESSION['a_iserror'] = array_keys($hesk_error_buffer); + + $tmp = ''; + foreach ($hesk_error_buffer as $error) + { + $tmp .= "
  • $error
    • \n"; + } + $hesk_error_buffer = $tmp; + + $hesk_error_buffer = $hesklang['pcer'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'NOREDIRECT'); + } + else + { + // Get user data from the database + $res = hesk_dbQuery("SELECT `id`, `name`, `pass` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($email)."' LIMIT 1"); + if (hesk_dbNumRows($res) != 1) + { + hesk_process_messages($hesklang['noace'],'NOREDIRECT'); + } + else + { + $row = hesk_dbFetchAssoc($res); + $hash = sha1(microtime() . $_SERVER['REMOTE_ADDR'] . mt_rand() . $row['id'] . $row['name'] . $row['pass']); + + // Insert the verification hash into the database + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` (`user`, `hash`, `ip`) VALUES (".intval($row['id']).", '{$hash}', '".hesk_dbEscape($_SERVER['REMOTE_ADDR'])."') "); + + // Prepare and send email + require(HESK_PATH . 'inc/email_functions.inc.php'); + + // Get the email message + $msg = hesk_getEmailMessage('reset_password',array(),1,0,1); + + // Replace message special tags + $msg = str_replace('%%NAME%%', hesk_msgToPlain($row['name'],1,1), $msg); + $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg); + $msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg); + $msg = str_replace('%%PASSWORD_RESET%%', $hesk_settings['hesk_url'].'/'.$hesk_settings['admin_dir'].'/password.php?h='.$hash, $msg); + + // Send email + hesk_mail($email, $hesklang['reset_password'], $msg); + + // Show success + hesk_process_messages($hesklang['pemls'],'NOREDIRECT','SUCCESS'); + } + } +} +// If the "h" parameter is set verify it and reset the password +elseif ( isset($_GET['h']) ) +{ + // Get the hash + $hash = preg_replace('/[^a-zA-Z0-9]/', '', $_GET['h']); + + // Connect to database + hesk_load_database_functions(); + hesk_dbConnect(); + + // Expire verification hashes older than 2 hours + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `dt` < (NOW() - INTERVAL 2 HOUR)"); + + // Verify the hash exists + $res = hesk_dbQuery("SELECT `user`, `ip` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `hash` = '{$hash}' LIMIT 1"); + if (hesk_dbNumRows($res) != 1) + { + // Not a valid hash + hesk_limitBfAttempts(); + hesk_process_messages($hesklang['ehash'],'NOREDIRECT'); + } + else + { + // Get info from database + $row = hesk_dbFetchAssoc($res); + + // Only allow resetting password from the same IP address that submitted password reset request + if ($row['ip'] != $_SERVER['REMOTE_ADDR']) + { + hesk_limitBfAttempts(); + hesk_process_messages($hesklang['ehaip'],'NOREDIRECT'); + } + else + { + // Expire all verification hashes for this user + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reset_password` WHERE `user`=".intval($row['user'])); + + // Get user details + $res = hesk_dbQuery('SELECT * FROM `'.$hesk_settings['db_pfix']."users` WHERE `id`=".intval($row['user'])." LIMIT 1"); + $row = hesk_dbFetchAssoc($res); + foreach ($row as $k=>$v) + { + $_SESSION[$k]=$v; + } + unset($_SESSION['pass']); + + // Clean brute force attempts + hesk_cleanBfAttempts(); + + // Regenerate session ID (security) + hesk_session_regenerate_id(); + + // Get allowed categories + if (empty($_SESSION['isadmin'])) + { + $_SESSION['categories']=explode(',',$_SESSION['categories']); + } + + // Redirect to the profile page + hesk_process_messages($hesklang['resim'],'profile.php','NOTICE'); + exit(); + + } // End IP matches + } +} + +// Tell header to load reCaptcha API if needed +if ($hesk_settings['recaptcha_use'] == 2) +{ + define('RECAPTCHA',1); +} + +$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' .$hesklang['passr']; +require_once(HESK_PATH . 'inc/header.inc.php'); +?> +
      +
      2. +
      3. +
      4. +
    + +
    +
    + +
    +
    + + From d603781334e20db2f5747ec04c787a63ed8c0979 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 18:51:10 -0500 Subject: [PATCH 52/65] #110 Show dropdown for ticket template / canned responses --- inc/show_admin_nav.inc.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php index 61c28940..7f9475c4 100644 --- a/inc/show_admin_nav.inc.php +++ b/inc/show_admin_nav.inc.php @@ -74,7 +74,17 @@ if ( hesk_check_kb_only(false) ) if (hesk_checkPermission('can_man_cat',0)) { echo '
  •  '.$hesklang['menu_cat'].'
    • '; } - if (hesk_checkPermission('can_man_canned',0)) { + if (hesk_checkPermission('can_man_canned', 0) && hesk_checkPermission('can_man_ticket_tpl',0)) { + echo '
  • + + +
    • '; + } elseif (hesk_checkPermission('can_man_canned',0)) { echo '
  •  '.$hesklang['menu_can'].'
    • '; } elseif (hesk_checkPermission('can_man_ticket_tpl',0)) { echo '
  •  '.$hesklang['menu_can'].'
    • '; From 81187235f83cf17e2c88ae9871e3b40e3d77afdf Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 20:38:23 -0500 Subject: [PATCH 53/65] #110 Fix manage_canned submit text --- admin/manage_canned.php | 2 +- language/en/text.php | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/admin/manage_canned.php b/admin/manage_canned.php index 3cd3d6f4..d0cc2a8a 100644 --- a/admin/manage_canned.php +++ b/admin/manage_canned.php @@ -299,7 +299,7 @@ myField.value += myValue;
    - +
    diff --git a/language/en/text.php b/language/en/text.php index 3b757749..bfc10fbc 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -21,6 +21,10 @@ $hesklang['_COLLATE']='utf8_unicode_ci'; // This is the email break line that will be used in email piping $hesklang['EMAIL_HR']='------ Reply above this line ------'; +// ADDED OR MODIFIED IN Mods For HESK 2.0.0 +$hesklang['saved_ticket_tpl'] = 'Saved Templates'; +$hesklang['new_ticket_tpl']='Add or Edit a Ticket Template'; + // ADDED OR MODIFIED IN Mods For HESK 1.7.0 $hesklang['date_custom_field'] = 'Date'; $hesklang['date_custom_field_text'] = 'No options for this custom field type.'; @@ -1334,7 +1338,6 @@ $hesklang['ticket_tpl_intro']='Create and edit ticket templates that you can use $hesklang['no_ticket_tpl']='No ticket templates'; $hesklang['ticket_tpl_title']='Title'; $hesklang['delete_tpl']='Are you sure you want to delete this template?'; -$hesklang['new_ticket_tpl']='Add or Edit a ticket template'; $hesklang['ticket_tpl_add']='Create a new ticket template'; $hesklang['ticket_tpl_edit']='Edit selected ticket template'; $hesklang['save_ticket_tpl']='Save ticket template'; From cc778262a6e225f00ac7b5d5036e4def4a82735a Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 20:38:39 -0500 Subject: [PATCH 54/65] #110 Update manage_ticket_templates --- admin/manage_ticket_templates.php | 417 ++++++++++++++++++++++++++++++ 1 file changed, 417 insertions(+) create mode 100644 admin/manage_ticket_templates.php diff --git a/admin/manage_ticket_templates.php b/admin/manage_ticket_templates.php new file mode 100644 index 00000000..c961022d --- /dev/null +++ b/admin/manage_ticket_templates.php @@ -0,0 +1,417 @@ + + +
    + +
    + + + + +
    +
    +
    +
    + +
    +
    + '.$hesklang['no_ticket_tpl'].'

    '; + } else { + ?> + + + + + + + + + '.$mysaved['title'].''; + + + $javascript_messages.='myMsgTxt['.$mysaved['id'].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", addslashes($mysaved['message']) )."';\n"; + $javascript_titles.='myTitle['.$mysaved['id'].']=\''.addslashes($mysaved['title'])."';\n"; + + echo ' + + + + + '; + } // End while + + ?> + +
    '.$mysaved['title'].' + '; + + if ($num > 1) + { + if ($j == 1) + { + echo' + + '; + } + elseif ($j == $num) + { + echo' '; + } + else + { + echo' + + + '; + } + } + else + { + echo ''; + } + + echo ' +
    + +
    +
    +
    +
    + +
    +

    +
    + 0) + { + ?> +
    +
    +
    + +
    +
    +
    +
    +
    + +
    +
    +
    + +
    +
    +
    + ' . $hesklang['ticket_tpl_add'] . '

    '; + } + ?> +
    + +
    + + > + +
    +
    +
    + +
    + + + +
    +
    +
    +
    + + +
    +
    +
    +
    +
    + + + +' . $hesklang['sel_ticket_tpl'] . ''; + $savename = hesk_input( hesk_POST('name') ) or $hesk_error_buffer .= '
  • ' . $hesklang['ent_ticket_tpl_title'] . '
    • '; + $msg = hesk_input( hesk_POST('msg') ) or $hesk_error_buffer .= '
  • ' . $hesklang['ent_ticket_tpl_msg'] . '
    • '; + + // Avoid problems with utf-8 newline chars in Javascript code, detect and remove them + $msg = preg_replace('/\R/u', "\r\n", $msg); + + $_SESSION['canned']['what'] = 'EDIT'; + $_SESSION['canned']['id'] = $id; + $_SESSION['canned']['name'] = $savename; + $_SESSION['canned']['msg'] = $msg; + + /* Any errors? */ + if (strlen($hesk_error_buffer)) + { + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'manage_ticket_templates.php?saved_replies='.$id); + } + + $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` SET `title`='".hesk_dbEscape($savename)."',`message`='".hesk_dbEscape($msg)."' WHERE `id`='".intval($id)."' LIMIT 1"); + + unset($_SESSION['canned']['what']); + unset($_SESSION['canned']['id']); + unset($_SESSION['canned']['name']); + unset($_SESSION['canned']['msg']); + + hesk_process_messages($hesklang['ticket_tpl_saved'],'manage_ticket_templates.php?saved_replies='.$id,'SUCCESS'); +} // End edit_saved() + + +function new_saved() +{ + global $hesk_settings, $hesklang; + + /* A security check */ + hesk_token_check('POST'); + + $hesk_error_buffer = ''; + $savename = hesk_input( hesk_POST('name') ) or $hesk_error_buffer .= '
  • ' . $hesklang['ent_ticket_tpl_title'] . '
    • '; + $msg = hesk_input( hesk_POST('msg') ) or $hesk_error_buffer .= '
  • ' . $hesklang['ent_ticket_tpl_msg'] . '
    • '; + + // Avoid problems with utf-8 newline chars in Javascript code, detect and remove them + $msg = preg_replace('/\R/u', "\r\n", $msg); + + $_SESSION['canned']['what'] = 'NEW'; + $_SESSION['canned']['name'] = $savename; + $_SESSION['canned']['msg'] = $msg; + + /* Any errors? */ + if (strlen($hesk_error_buffer)) + { + $hesk_error_buffer = $hesklang['rfm'].'

      '.$hesk_error_buffer.'
    '; + hesk_process_messages($hesk_error_buffer,'manage_ticket_templates.php'); + } + + /* Get the latest tpl_order */ + $result = hesk_dbQuery('SELECT `tpl_order` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'ticket_templates` ORDER BY `tpl_order` DESC LIMIT 1'); + $row = hesk_dbFetchRow($result); + $my_order = $row[0]+10; + + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` (`title`,`message`,`tpl_order`) VALUES ('".hesk_dbEscape($savename)."','".hesk_dbEscape($msg)."','".intval($my_order)."')"); + + unset($_SESSION['canned']['what']); + unset($_SESSION['canned']['name']); + unset($_SESSION['canned']['msg']); + + hesk_process_messages($hesklang['ticket_tpl_saved'],'manage_ticket_templates.php','SUCCESS'); +} // End new_saved() + + +function remove() +{ + global $hesk_settings, $hesklang; + + /* A security check */ + hesk_token_check(); + + $mysaved = intval( hesk_GET('id') ) or hesk_error($hesklang['id_not_valid']); + + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` WHERE `id`='".intval($mysaved)."' LIMIT 1"); + if (hesk_dbAffectedRows() != 1) + { + hesk_error("$hesklang[int_error]: $hesklang[ticket_tpl_not_found]."); + } + + hesk_process_messages($hesklang['ticket_tpl_removed'],'manage_ticket_templates.php','SUCCESS'); +} // End remove() + + +function order_saved() +{ + global $hesk_settings, $hesklang; + + /* A security check */ + hesk_token_check(); + + $tplid = intval( hesk_GET('replyid') ) or hesk_error($hesklang['ticket_tpl_id']); + $_SESSION['canned']['selcat2'] = $tplid; + + $tpl_move = intval( hesk_GET('move') ); + + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` SET `tpl_order`=`tpl_order`+".intval($tpl_move)." WHERE `id`='".intval($tplid)."' LIMIT 1"); + if (hesk_dbAffectedRows() != 1) {hesk_error("$hesklang[int_error]: $hesklang[ticket_tpl_not_found].");} + + /* Update all category fields with new order */ + $result = hesk_dbQuery('SELECT `id` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'ticket_templates` ORDER BY `tpl_order` ASC'); + + $i = 10; + while ($mytpl=hesk_dbFetchAssoc($result)) + { + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."ticket_templates` SET `tpl_order`=".intval($i)." WHERE `id`='".intval($mytpl['id'])."' LIMIT 1"); + $i += 10; + } + + header('Location: manage_ticket_templates.php'); + exit(); +} // End order_saved() + +?> From 91366130bcb59323b47e178a82d482355c39d31c Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Wed, 14 Jan 2015 21:10:48 -0500 Subject: [PATCH 55/65] #110 Update change priority style --- admin/manage_categories.php | 67 +++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 32 deletions(-) diff --git a/admin/manage_categories.php b/admin/manage_categories.php index 9af9e1e4..6b05aef5 100644 --- a/admin/manage_categories.php +++ b/admin/manage_categories.php @@ -123,9 +123,8 @@ else {return false;}
    - +
    -

    [?]
    +

    +
    +
    + +
    +
    :
    :
    - -

    - -

    + // List possible priorities + foreach ($priorities as $value => $info) + { + echo ''; + } + ?> + + + +
    +
    + + + +
    +
    @@ -252,8 +255,8 @@ else {return false;} - + From 5c3aea591bc6bf5e08e11135e80c0a0a4778a056 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 15 Jan 2015 16:33:15 -0500 Subject: [PATCH 56/65] #110 Update notes section and ban icons --- admin/admin_ticket.php | 114 +++++++++++++++++++++++++---------------- 1 file changed, 70 insertions(+), 44 deletions(-) diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index 662b416d..b5210f76 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -984,48 +984,66 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>
    -

    <?php echo $hesklang['ednote']; ?> - <?php echo $hesklang['delnote']; ?>

    -

    -

    - +
    +

    -

    +
    ' : ''; - - $att = explode(',', substr($note['attachments'], 0, -1) ); - $num = count($att); - foreach ($att as $myatt) - { - list($att_id, $att_name) = explode('#', $myatt); - - // Can edit and delete note (attachments)? - if ($can_del_notes || $note['who'] == $_SESSION['id']) + // Attachments + if ( $hesk_settings['attachments']['use'] && strlen($note['attachments']) ) { - // If this is the last attachment and no message, show "delete ticket" link - if ($num == 1 && strlen($note['message']) == 0) + echo strlen($note['message']) ? '

    ' : ''; + + $att = explode(',', substr($note['attachments'], 0, -1) ); + $num = count($att); + foreach ($att as $myatt) { - echo ''.$hesklang['dela'].' '; - } - // Show "delete attachment" link - else - { - echo ''.$hesklang['dela'].' '; + list($att_id, $att_name) = explode('#', $myatt); + + // Can edit and delete note (attachments)? + if ($can_del_notes || $note['who'] == $_SESSION['id']) + { + // If this is the last attachment and no message, show "delete ticket" link + if ($num == 1 && strlen($note['message']) == 0) + { + echo ' + + '; + } + // Show "delete attachment" link + else + { + echo ' + + '; + } + } + + echo ' + + + + '.$att_name.'
    + '; } } - - echo ' - '.$hesklang['dnl'].' '.$att_name.' - '.$att_name.'
    - '; - } - } - ?> + ?> +
    +
    + +
    + +   + + +   + +
    + +
    +
    '.$hesklang['eisban'].' '.$hesklang['click_unban'].' '; + echo ' + + '; } else { - echo ''.$hesklang['eisban'].' '; + echo ''; } } else { - echo ''.$hesklang['savebanemail'].' '; + echo ' + + '; } } ?> @@ -1133,16 +1155,20 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); { if ($can_unban_ips) { - echo ''.$hesklang['ipisban'].' '.$hesklang['click_unban'].' '; + echo ' + + '; } else { - echo ''.$hesklang['ipisban'].' '; + echo ''; } } else { - echo ''.$hesklang['savebanip'].' '; + echo ' + + '; } } From f00c386388f4024def565da92e4fcb63059f8567 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 15 Jan 2015 16:53:01 -0500 Subject: [PATCH 57/65] #110 Some admin_settings page tweaks to improve viewing --- admin/admin_settings.php | 66 +++++++++++++++++----------------------- 1 file changed, 28 insertions(+), 38 deletions(-) diff --git a/admin/admin_settings.php b/admin/admin_settings.php index bc9523c1..b474eb2b 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -767,35 +767,6 @@ if ( defined('HESK_DEMO') ) ?>
    -
    - -
    -
        -
    '; - ?> -
    - -
    - -
    -
    '; - ?> -
    - -
    -
    - -
    -
    -
    @@ -847,6 +818,29 @@ if ( defined('HESK_DEMO') ) ?>
    +
    + +
    +
        +
    '; + ?> +
    + +
    + +
    +
    + +
    +
    + +
    +
    +
    @@ -1078,11 +1072,11 @@ if ( defined('HESK_DEMO') )
    -
    +
    -
    -
    + +
    - -
    -
    @@ -1650,7 +1641,7 @@ if ( defined('HESK_DEMO') )
    -
    +
    @@ -1695,7 +1686,7 @@ if ( defined('HESK_DEMO') )
    - +
    @@ -1722,7 +1713,6 @@ if ( defined('HESK_DEMO') )
    -
    From 7bfe92747f44716f114a8a9007a197312959b596 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 15 Jan 2015 17:01:11 -0500 Subject: [PATCH 58/65] #110 Restyle edit_note --- admin/edit_note.php | 144 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 admin/edit_note.php diff --git a/admin/edit_note.php b/admin/edit_note.php new file mode 100644 index 00000000..739cc01d --- /dev/null +++ b/admin/edit_note.php @@ -0,0 +1,144 @@ + +
      +
      2. +
      3. +
    + +
    +
    +

    +
    + +
    +
    + +
    + +
    +
    +
    +
    + + + + + +
    +
    +
    +
    +
    + + From 756e60426dc9e100f89a8ba0189c116e04bd5e03 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 17 Jan 2015 10:32:57 -0500 Subject: [PATCH 59/65] #110 Update admin_ticket to submit as any status, as well as cust. reply --- admin/admin_reply_ticket.php | 155 +++++++++++++++++++++++++++++------ admin/admin_ticket.php | 73 ++++++++++++++--- css/hesk_newStyle.php | 9 ++ css/hesk_newStyleRTL.php | 11 +++ language/en/text.php | 2 + 5 files changed, 213 insertions(+), 37 deletions(-) diff --git a/admin/admin_reply_ticket.php b/admin/admin_reply_ticket.php index c4b11321..bb93285d 100644 --- a/admin/admin_reply_ticket.php +++ b/admin/admin_reply_ticket.php @@ -1,7 +1,7 @@
    '.$hesklang['rssn']; + header('Location: admin_ticket.php?track='.$row['trackid'].'&Refresh='.rand(10000,99999)); + } + else + { + header('Location: admin_main.php'); + } + } + else + { + header('Location: admin_ticket.php?track='.$ticket['trackid'].'&Refresh='.rand(10000,99999)); + } + exit(); + } + + // Attach signature to the message? + if ( ! $submit_as_customer && ! empty($_POST['signature'])) { $message .= "\n\n" . addslashes($_SESSION['signature']) . "\n"; } @@ -153,8 +197,15 @@ if ($hesk_settings['attachments']['use'] && !empty($attachments)) } } -/* Add reply */ -$result = hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`) VALUES ('".intval($replyto)."','".hesk_dbEscape(addslashes($_SESSION['name']))."','".hesk_dbEscape($message)."',NOW(),'".hesk_dbEscape($myattachments)."','".intval($_SESSION['id'])."')"); +// Add reply +if ($submit_as_customer) +{ + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`) VALUES ('".intval($replyto)."','".hesk_dbEscape(addslashes($ticket['name']))."','".hesk_dbEscape($message."

    {$hesklang['creb']} {$_SESSION['name']}")."',NOW(),'".hesk_dbEscape($myattachments)."')"); +} +else +{ + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`) VALUES ('".intval($replyto)."','".hesk_dbEscape(addslashes($_SESSION['name']))."','".hesk_dbEscape($message)."',NOW(),'".hesk_dbEscape($myattachments)."','".intval($_SESSION['id'])."')"); +} /* Track ticket status changes for history */ $revision = ''; @@ -189,15 +240,61 @@ $defaultStatusReplyStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClos $staffClosedCheckboxStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `IsStaffClosedOption` = 1 LIMIT 1")); $lockedTicketStatus = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."statuses` WHERE `LockedTicketStatus` = 1 LIMIT 1")); -$new_status = empty($_POST['close']) ? $defaultStatusReplyStatus['ID'] : $staffClosedCheckboxStatus['ID']; - -/* --> If a ticket is locked keep it closed */ +// Get new ticket status +$sql_status = ''; +// -> If locked, keep it resolved if ($ticket['locked']) { $new_status = $lockedTicketStatus['ID']; } +elseif (isset($_POST['submit_as_status'])) +{ + $new_status = $_POST['submit_as_status']; + + if ($ticket['status'] != $new_status) + { + // Does this status close the ticket? + $newStatusRs = hesk_dbQuery('SELECT `IsClosed`, `ShortNameContentKey` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'statuses` WHERE `ID` = '.hesk_dbEscape($new_status)); + $newStatus = hesk_dbFetchAssoc($newStatusRs); + + if ($newStatus['IsClosed']) + { + $revision = sprintf($hesklang['thist3'],hesk_date(),$_SESSION['name'].' ('.$_SESSION['user'].')'); + $sql_status = " , `closedat`=NOW(), `closedby`=".intval($_SESSION['id']).", `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') "; + + // Lock the ticket if customers are not allowed to reopen tickets + if ($hesk_settings['custopen'] != 1) + { + $sql_status .= " , `locked`='1' "; + } + } else + { + // Ticket isn't being closed, just add the history to the sql query + $revision = sprintf($hesklang['thist9'],hesk_date(),$hesklang[$newStatus['ShortNameContentKey']],$_SESSION['name'].' ('.$_SESSION['user'].')'); + $sql_status = " , `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') "; + } + } +} +// -> Submit as Customer reply +elseif ($submit_as_customer) +{ + //Get the status ID for customer replies + $customerReplyStatusRs = hesk_dbQuery('SELECT `ID` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'statuses` WHERE `IsCustomerReplyStatus` = 1 LIMIT 1'); + $customerReplyStatus = hesk_dbFetchAssoc($customerReplyStatusRs); + $new_status = $customerReplyStatus['ID']; +} +// -> Default: submit as "Replied by staff" +else +{ + //Get the status ID for staff replies + $staffReplyStatusRs = hesk_dbQuery('SELECT `ID` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'statuses` WHERE `IsDefaultStaffReplyStatus` = 1 LIMIT 1'); + $staffReplyStatus = hesk_dbFetchAssoc($staffReplyStatusRs); + $new_status = $staffReplyStatus['ID']; +} + +$sql = "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `status`='{$new_status}',"; +$sql.= $submit_as_customer ? "`lastreplier`='0', `replierid`='0' " : "`lastreplier`='1', `replierid`='".intval($_SESSION['id'])."' "; -$sql = "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `status`='{$new_status}', `lastreplier`='1', `replierid`='".intval($_SESSION['id'])."' "; /* Update time_worked or force update lastchange */ if ($time_worked == '00:00:00') @@ -216,19 +313,19 @@ if ( ! empty($_POST['assign_self']) && hesk_checkPermission('can_assign_self',0) } $sql .= " $priority_sql "; +$sql .= " $sql_status "; -$isNewStatusClosed = empty($_POST['close']) ? $defaultStatusReplyStatus['IsClosed'] : $staffClosedCheckboxStatus['IsClosed']; -if ($isNewStatusClosed) +if ( ! $ticket['firstreplyby'] ) { - $revision = sprintf($hesklang['thist3'],hesk_date(),$_SESSION['name'].' ('.$_SESSION['user'].')'); - $sql .= " , `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') "; - - if ($hesk_settings['custopen'] != 1) - { - $sql .= " , `locked`='1' "; - } + $sql .= " , `firstreply`=NOW(), `firstreplyby`=".intval($_SESSION['id'])." "; } + +// Keep track of replies to this ticket for easier reporting +$sql .= " , `replies`=`replies`+1 "; +$sql .= $submit_as_customer ? '' : " , `staffreplies`=`staffreplies`+1 "; + +// End and execute the query $sql .= " WHERE `id`='{$replyto}' LIMIT 1"; hesk_dbQuery($sql); unset($sql); @@ -247,12 +344,13 @@ $info = array( 'trackid' => $ticket['trackid'], 'status' => $new_status, 'name' => $ticket['name'], -'lastreplier' => $_SESSION['name'], +'lastreplier' => ($submit_as_customer ? $ticket['name'] : $_SESSION['name']), 'subject' => $ticket['subject'], 'message' => stripslashes($message), 'attachments' => $myattachments, 'dt' => hesk_date($ticket['dt'], true), 'lastchange' => hesk_date($ticket['lastchange'], true), +'id' => $ticket['id'], ); // 2. Add custom fields to the array @@ -264,19 +362,26 @@ foreach ($hesk_settings['custom_fields'] as $k => $v) // 3. Make sure all values are properly formatted for email $ticket = hesk_ticketToPlain($info, 1, 0); -// Notify the customer -if ( ! isset($_POST['no_notify']) || intval( hesk_POST('no_notify') ) != 1) +// Notify the assigned staff? +if ($submit_as_customer) +{ + if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id']) + { + hesk_notifyAssignedStaff(false, 'new_reply_by_customer', 'notify_reply_my'); + } +} +// Notify customer? +elseif ( ! isset($_POST['no_notify']) || intval( hesk_POST('no_notify') ) != 1) { hesk_notifyCustomer('new_reply_by_staff'); } +// Delete any existing drafts from this owner for this ticket +hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."reply_drafts` WHERE `owner`=".intval($_SESSION['id'])." AND `ticket`=".intval($ticket['id'])." LIMIT 1"); + /* Set reply submitted message */ $_SESSION['HESK_SUCCESS'] = TRUE; $_SESSION['HESK_MESSAGE'] = $hesklang['reply_submitted']; -if (!empty($_POST['close'])) -{ - $_SESSION['HESK_MESSAGE'] .= '

    '.$hesklang['ticket_marked'].' '.$hesklang['closed'].''; -} /* What to do after reply? */ if ($_SESSION['afterreply'] == 1) diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php index b5210f76..d44b4efe 100644 --- a/admin/admin_ticket.php +++ b/admin/admin_ticket.php @@ -220,6 +220,28 @@ if (isset($_GET['delete_post']) && $can_delete && hesk_token_check()) else { $closed_sql = ''; + $changeStatusRs = hesk_dbQuery('SELECT `id`, `LockedTicketStatus`, `IsCustomerReplyStatus`, `IsDefaultStaffReplyStatus`, `IsNewTicketStatus` + FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'statuses` + WHERE `LockedTicketStatus` = 1 + OR `IsCustomerReplyStatus` = 1 + OR `IsDefaultStaffReplyStatus` = 1 + OR `IsNewTicketStatus` = 1'); + $lockedTicketStatus = ''; + $customerReplyStatus = ''; + $defaultStaffReplyStatus = ''; + $newTicketStatus = ''; + while ($row = hesk_dbFetchAssoc($changeStatusRs)) + { + if ($row['LockedTicketStatus']) { + $lockedTicketStatus = $row['id']; + } elseif ($row['IsCustomerReplyStatus']) { + $customerReplyStatus = $row['id']; + } elseif ($row['IsDefaultStaffReplyStatus']) { + $defaultStaffReplyStatus = $row['id']; + } elseif ($row['IsNewTicketStatus']) { + $newTicketStatus = $row['id']; + } + } /* Reply deleted. Need to update status and last replier? */ $res = hesk_dbQuery("SELECT `dt`, `staffid` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` DESC LIMIT 1"); @@ -232,12 +254,11 @@ if (isset($_GET['delete_post']) && $can_delete && hesk_token_check()) $status_sql = ''; if ($last_reply_id == $n) { - //TODO Update this to MFH-compatible statuses - $status = $ticket['locked'] ? 3 : ($last_replier ? 2 : 1); + $status = $ticket['locked'] ? $lockedTicketStatus : ($last_replier ? $defaultStaffReplyStatus : $customerReplyStatus); $status_sql = " , `status`='".intval($status)."' "; // Update closedat and closedby columns as required - if ($status == 3) + if ($status == $lockedTicketStatus) { $closed_sql = " , `closedat`=NOW(), `closedby`=".intval($_SESSION['id'])." "; } @@ -250,12 +271,12 @@ if (isset($_GET['delete_post']) && $can_delete && hesk_token_check()) // Update status, closedat and closedby columns as required if ($ticket['locked']) { - $status = 3; + $status = $lockedTicketStatus; $closed_sql = " , `closedat`=NOW(), `closedby`=".intval($_SESSION['id'])." "; } else { - $status = 0; + $status = $newTicketStatus; $closed_sql = " , `closedat`=NULL, `closedby`=NULL "; } @@ -1686,8 +1707,8 @@ function hesk_printReplyForm() {
    - + ?>

    ()
    -

    +

    '; } ?> - - +
    + + + +
    diff --git a/css/hesk_newStyle.php b/css/hesk_newStyle.php index 142ca8a2..aecade8e 100644 --- a/css/hesk_newStyle.php +++ b/css/hesk_newStyle.php @@ -364,3 +364,12 @@ div.setupButtons { cursor: text !important; background-color: #fff !important; } + +button.btn.dropdown-toggle { + height: 34px; +} + +button.dropdown-submit { + background:none!important; + border:none; +} diff --git a/css/hesk_newStyleRTL.php b/css/hesk_newStyleRTL.php index 8d8778f9..d5a0e365 100644 --- a/css/hesk_newStyleRTL.php +++ b/css/hesk_newStyleRTL.php @@ -357,4 +357,15 @@ div.setupButtons { margin-right: auto; margin-left: auto; width: 90%; +} +.white-readonly { + cursor: text !important; + background-color: #fff !important; +} +button.btn.dropdown-toggle { + height: 34px; +} +button.dropdown-submit { + background:none!important; + border:none; } \ No newline at end of file diff --git a/language/en/text.php b/language/en/text.php index bfc10fbc..57304f8b 100644 --- a/language/en/text.php +++ b/language/en/text.php @@ -24,6 +24,8 @@ $hesklang['EMAIL_HR']='------ Reply above this line ------'; // ADDED OR MODIFIED IN Mods For HESK 2.0.0 $hesklang['saved_ticket_tpl'] = 'Saved Templates'; $hesklang['new_ticket_tpl']='Add or Edit a Ticket Template'; +$hesklang['and_change_status_to'] = 'and change status to'; // Used in combination with $hesklang['submit_reply'] (Reads as "Submit reply and change status to") + // ADDED OR MODIFIED IN Mods For HESK 1.7.0 $hesklang['date_custom_field'] = 'Date'; From f291aa4f67898a45f3bfdb51c9b6a510411bb1c7 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sat, 17 Jan 2015 15:41:38 -0500 Subject: [PATCH 60/65] #110 Use FontAwesome icon instead of .png --- inc/ticket_list.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php index 0109dbf6..41347dc1 100644 --- a/inc/ticket_list.inc.php +++ b/inc/ticket_list.inc.php @@ -380,7 +380,7 @@ if ($total > 0) // Print subject and link to the ticket page if ( hesk_show_column('subject') ) { - echo ''.($ticket['archive'] ? ''.$hesklang['archived'].' ' : '').$owner.''.$ticket['subject'].''; + echo ''.($ticket['archive'] ? ' ' : '').$owner.''.$ticket['subject'].''; } // Print ticket status From bdf44e0a166d79433c6f0c1fd7bbe603efc156d1 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Sun, 18 Jan 2015 23:58:14 -0500 Subject: [PATCH 61/65] #110 Update user management / profile pages --- .gitignore | 4 +- admin/manage_users.php | 463 ++++++++++------------------------ admin/profile.php | 176 +------------ hesk_javascript.js | 446 ++++++++++++++++++++++++++++++++ inc/profile_functions.inc.php | 382 ++++++++++++++++++++++++++++ 5 files changed, 967 insertions(+), 504 deletions(-) create mode 100644 hesk_javascript.js create mode 100644 inc/profile_functions.inc.php diff --git a/.gitignore b/.gitignore index 49c4e5f7..9fb24a33 100644 --- a/.gitignore +++ b/.gitignore @@ -15,7 +15,6 @@ download_attachment.php file_limits.php footer.txt header.txt -hesk_javascript_v25.js hesk_settings.inc.php img/add_article.png img/add_category.png @@ -274,5 +273,4 @@ img/ico_tools.png inc/recaptcha/recaptchalib_v2.php ip_whois.php language/en/emails/reset_password.txt -language/en/help_files/ticket_list.html -hesk_javascript.js +language/en/help_files/ticket_list.html \ No newline at end of file diff --git a/admin/manage_users.php b/admin/manage_users.php index f7cbea07..2df6b106 100644 --- a/admin/manage_users.php +++ b/admin/manage_users.php @@ -1,7 +1,7 @@ '', 'email' => '', - 'user' => '', + 'cleanpass' => '', + 'user' => '', + 'autoassign' => 'Y', + + // Signature 'signature' => '', + + // Permissions 'isadmin' => 1, 'active' => 1, 'categories' => array('1'), 'features' => array('can_view_tickets','can_reply_tickets','can_change_cat','can_assign_self','can_view_unassigned','can_view_online'), - 'signature' => '', - 'cleanpass' => '', + + // Preferences + 'afterreply' => 0, + 'autorefresh' => 0, + + // Defaults + 'autostart' => 1, + 'notify_customer_new' => 1, + 'notify_customer_reply' => 1, + 'show_suggested' => 1, + + // Notifications + 'notify_new_unassigned' => 1, + 'notify_new_my' => 1, + 'notify_reply_unassigned' => 1, + 'notify_reply_my' => 1, + 'notify_assigned' => 1, + 'notify_note' => 1, + 'notify_pm' => 1, + 'notify_note_unassigned' => 1, ); /* A list of all categories */ @@ -101,7 +134,10 @@ while ($row=hesk_dbFetchAssoc($res)) if ( ! $_SESSION['isadmin']) { /* Can't create admin users */ - $_POST['isadmin'] = 0; + if ( isset($_POST['isadmin']) ) + { + unset($_POST['isadmin']); + } /* Can only add features he/she has access to */ $hesk_settings['features'] = array_intersect( explode(',', $_SESSION['heskprivileges']) , $hesk_settings['features']); @@ -166,149 +202,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>
    -
    -
    -
    -
    -
    *
    -
    - -
    -
    - -
    - -
    -
    -
    - -
    - -
    -
    -
    - -
    - -
    -
    -
    - -
    - -
    -
    -
    - -
    - -
    -
    -
    - -
    -
    -
    -
    -
    -
    -
    -
    - -
    - -
    -
    - -
    -
    -
    -
    - -
    - $catname) - { - echo '
    '; - } - ?> -
    -
    -
    - -
    -
    '; - } - ?> -
    - -
    -
    -
    -
    -
    - -
    - -
    - -
    - -
    - -
    - -
    -
    -
    - - -
    - - -
    -
    -
    -
    - - - - -
    -
    - - -
    -
    -
    -
    +
    + + Date: Mon, 19 Jan 2015 00:13:39 -0500 Subject: [PATCH 62/65] #110 Use the new progress bar for categories --- admin/manage_categories.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/admin/manage_categories.php b/admin/manage_categories.php index 6b05aef5..ff017cdf 100644 --- a/admin/manage_categories.php +++ b/admin/manage_categories.php @@ -350,8 +350,10 @@ else {return false;} '.$priorities[$mycat['priority']]['formatted'].' '.$all.' -
    -
    +
    +
    + 40% Complete (success) +
    From 8fd8d2345b01c1c9a92ac8124762f95d1576cae6 Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 19 Jan 2015 00:13:49 -0500 Subject: [PATCH 63/65] #110 Miscellaneous UI tweaks --- admin/reports.php | 8 ++--- inc/show_search_form.inc.php | 60 +++++++++++++++++++----------------- inc/ticket_list.inc.php | 4 +-- index.php | 24 ++++++++++----- language/en/text.php | 1 + 5 files changed, 55 insertions(+), 42 deletions(-) diff --git a/admin/reports.php b/admin/reports.php index 1a111ece..33da6eb6 100644 --- a/admin/reports.php +++ b/admin/reports.php @@ -446,7 +446,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); - + - + - + - +
    -  
    - - -
     
    +
    + + +
    @@ -339,9 +339,11 @@ $more2 = empty($_GET['more2']) ? 0 : 1; -

    -

    - +
    + + +
    +
    @@ -369,26 +371,26 @@ $more2 = empty($_GET['more2']) ? 0 : 1; - -
    +
    - /> + />     		+
    - + - + - - - - + + + + $v) { @@ -401,21 +403,21 @@ $more2 = empty($_GET['more2']) ? 0 : 1; } $v['name'] = (strlen($v['name']) > 30) ? substr($v['name'],0,30) . '...' : $v['name']; - echo ''; + echo ''; } } ?> - +
    -  
    - - -
     
    +
    + + +
    @@ -439,7 +441,7 @@ $more2 = empty($_GET['more2']) ? 0 : 1; :   - $name) @@ -489,12 +491,12 @@ $more2 = empty($_GET['more2']) ? 0 : 1;
    - -

    -

    - +
    + + +
    +
    - diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php index 41347dc1..138a1472 100644 --- a/inc/ticket_list.inc.php +++ b/inc/ticket_list.inc.php @@ -519,11 +519,11 @@ else if (isset($is_search) || $href == 'find_tickets.php') { - hesk_show_notice($hesklang['no_tickets_crit'].''.$hesklang['nti'].''); + hesk_show_notice($hesklang['no_tickets_crit']); } else { - hesk_show_notice($hesklang['no_tickets_open'].''.$hesklang['nti'].''); + hesk_show_notice($hesklang['no_tickets_open']); } echo '
    '; diff --git a/index.php b/index.php index 33d2862f..0ab86966 100644 --- a/index.php +++ b/index.php @@ -929,6 +929,23 @@ function print_start()
    • + 0) + { + ?> +
    +
    + +
    +
    +
    @@ -963,13 +980,6 @@ function print_start()
    Date: Mon, 19 Jan 2015 00:29:23 -0500 Subject: [PATCH 64/65] Closes #114 Move hesk_dateToString to common --- .gitignore | 1 - inc/admin_functions.inc.php | 738 ++++++++++++++++++++++++++++++++++++ inc/common.inc.php | 52 +++ 3 files changed, 790 insertions(+), 1 deletion(-) create mode 100644 inc/admin_functions.inc.php diff --git a/.gitignore b/.gitignore index 9fb24a33..cc5bce11 100644 --- a/.gitignore +++ b/.gitignore @@ -146,7 +146,6 @@ img/tag_off.png img/unlock.png img/vertical.jpg img/view.png -inc/admin_functions.inc.php inc/assignment_search.inc.php inc/attachments.inc.php inc/calendar/img/cal.gif diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php new file mode 100644 index 00000000..18c60720 --- /dev/null +++ b/inc/admin_functions.inc.php @@ -0,0 +1,738 @@ + $hesklang['id'], +'trackid' => $hesklang['trackID'], +'dt' => $hesklang['submitted'], +'lastchange' => $hesklang['last_update'], +'category' => $hesklang['category'], +'name' => $hesklang['name'], +'email' => $hesklang['email'], +'subject' => $hesklang['subject'], +'status' => $hesklang['status'], +'owner' => $hesklang['owner'], +'replies' => $hesklang['replies'], +'staffreplies' => $hesklang['replies'] . ' (' . $hesklang['staff'] .')', +'lastreplier' => $hesklang['last_replier'], +'time_worked' => $hesklang['ts'], +); + +// Also possible to display all custom fields +for ($i=1;$i<=20;$i++) +{ + if ($hesk_settings['custom_fields']['custom'.$i]['use']) + { + $hesk_settings['possible_ticket_list']['custom'.$i] = $hesk_settings['custom_fields']['custom'.$i]['name']; + } +} + +/*** FUNCTIONS ***/ + + +function hesk_show_column($column) +{ + global $hesk_settings; + + return in_array($column, $hesk_settings['ticket_list']) ? true : false; + +} // END hesk_show_column() + + +function hesk_getHHMMSS($in) +{ + $in = hesk_getTime($in); + return explode(':', $in); +} // END hesk_getHHMMSS(); + + +function hesk_getTime($in) +{ + $in = trim($in); + + /* If everything is OK this simple check should return true */ + if ( preg_match('/^([0-9]{2,3}):([0-5][0-9]):([0-5][0-9])$/', $in) ) + { + return $in; + } + + /* No joy, let's try to figure out the correct values to use... */ + $h = 0; + $m = 0; + $s = 0; + + /* How many parts do we have? */ + $parts = substr_count($in, ':'); + + switch ($parts) + { + /* Only two parts, let's assume minutes and seconds */ + case 1: + list($m, $s) = explode(':', $in); + break; + + /* Three parts, so explode to hours, minutes and seconds */ + case 2: + list($h, $m, $s) = explode(':', $in); + break; + + /* Something other was entered, let's assume just minutes */ + default: + $m = $in; + } + + /* Make sure all inputs are integers */ + $h = intval($h); + $m = intval($m); + $s = intval($s); + + /* Convert seconds to minutes if 60 or more seconds */ + if ($s > 59) + { + $m = floor($s / 60) + $m; + $s = intval($s % 60); + } + + /* Convert minutes to hours if 60 or more minutes */ + if ($m > 59) + { + $h = floor($m / 60) + $h; + $m = intval($m % 60); + } + + /* MySQL accepts max time value of 838:59:59 */ + if ($h > 838) + { + return '838:59:59'; + } + + /* That's it, let's send out formatted time string */ + return str_pad($h, 2, "0", STR_PAD_LEFT) . ':' . str_pad($m, 2, "0", STR_PAD_LEFT) . ':' . str_pad($s, 2, "0", STR_PAD_LEFT); + +} // END hesk_getTime(); + + +function hesk_mergeTickets($merge_these, $merge_into) +{ + global $hesk_settings, $hesklang, $hesk_db_link; + + /* Target ticket must not be in the "merge these" list */ + if ( in_array($merge_into, $merge_these) ) + { + $merge_these = array_diff($merge_these, array( $merge_into ) ); + } + + /* At least 1 ticket needs to be merged with target ticket */ + if ( count($merge_these) < 1 ) + { + $_SESSION['error'] = $hesklang['merr1']; + return false; + } + + /* Make sure target ticket exists */ + $res = hesk_dbQuery("SELECT `id`,`trackid`,`category` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($merge_into)."' LIMIT 1"); + if (hesk_dbNumRows($res) != 1) + { + $_SESSION['error'] = $hesklang['merr2']; + return false; + } + $ticket = hesk_dbFetchAssoc($res); + + /* Make sure user has access to ticket category */ + if ( ! hesk_okCategory($ticket['category'], 0) ) + { + $_SESSION['error'] = $hesklang['merr3']; + return false; + } + + /* Set some variables for later */ + $merge['attachments'] = ''; + $merge['replies'] = array(); + $merge['notes'] = array(); + $sec_worked = 0; + $history = ''; + $merged = ''; + + /* Get messages, replies, notes and attachments of tickets that will be merged */ + foreach ($merge_these as $this_id) + { + /* Validate ID */ + if ( is_array($this_id) ) + { + continue; + } + $this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']); + + /* Get required ticket information */ + $res = hesk_dbQuery("SELECT `id`,`trackid`,`category`,`name`,`message`,`dt`,`time_worked`,`attachments` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($this_id)."' LIMIT 1"); + if (hesk_dbNumRows($res) != 1) + { + continue; + } + $row = hesk_dbFetchAssoc($res); + + /* Has this user access to the ticket category? */ + if ( ! hesk_okCategory($row['category'], 0) ) + { + continue; + } + + /* Insert ticket message as a new reply to target ticket */ + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`) VALUES ('".intval($ticket['id'])."','".hesk_dbEscape($row['name'])."','".hesk_dbEscape($row['message'])."','".hesk_dbEscape($row['dt'])."','".hesk_dbEscape($row['attachments'])."')"); + + /* Update attachments */ + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` SET `ticket_id`='".hesk_dbEscape($ticket['trackid'])."' WHERE `ticket_id`='".hesk_dbEscape($row['trackid'])."'"); + + /* Get old ticket replies and insert them as new replies */ + $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($row['id'])."' ORDER BY `id` ASC"); + while ( $reply = hesk_dbFetchAssoc($res) ) + { + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`,`rating`,`read`) VALUES ('".intval($ticket['id'])."','".hesk_dbEscape($reply['name'])."','".hesk_dbEscape($reply['message'])."','".hesk_dbEscape($reply['dt'])."','".hesk_dbEscape($reply['attachments'])."','".intval($reply['staffid'])."','".intval($reply['rating'])."','".intval($reply['read'])."')"); + } + + /* Delete replies to the old ticket */ + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($row['id'])."'"); + + /* Get old ticket notes and insert them as new notes */ + $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` WHERE `ticket`='".intval($row['id'])."' ORDER BY `id` ASC"); + while ( $note = hesk_dbFetchAssoc($res) ) + { + hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` (`ticket`,`who`,`dt`,`message`,`attachments`) VALUES ('".intval($ticket['id'])."','".intval($note['who'])."','".hesk_dbEscape($note['dt'])."','".hesk_dbEscape($note['message'])."','".hesk_dbEscape($note['attachments'])."')"); + } + + /* Delete replies to the old ticket */ + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` WHERE `ticket`='".intval($row['id'])."'"); + + /* Delete old ticket */ + hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($row['id'])."'"); + + /* Log that ticket has been merged */ + $history .= sprintf($hesklang['thist13'],hesk_date(),$row['trackid'],$_SESSION['name'].' ('.$_SESSION['user'].')'); + + /* Add old ticket ID to target ticket "merged" field */ + $merged .= '#' . $row['trackid']; + + /* Convert old ticket "time worked" to seconds and add to $sec_worked variable */ + list ($hr, $min, $sec) = explode(':', $row['time_worked']); + $sec_worked += (((int)$hr) * 3600) + (((int)$min) * 60) + ((int)$sec); + } + + /* Convert seconds to HHH:MM:SS */ + $sec_worked = hesk_getTime('0:'.$sec_worked); + + // Get number of replies + $total = 0; + $staffreplies = 0; + + $res = hesk_dbQuery("SELECT COUNT(*) as `cnt`, `staffid` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`=".intval($ticket['id'])." GROUP BY CASE WHEN `staffid` = 0 THEN 0 ELSE 1 END ASC"); + while ( $row = hesk_dbFetchAssoc($res) ) + { + $total += $row['cnt']; + $staffreplies += ($row['staffid'] ? $row['cnt'] : 0); + } + + $replies_sql = " `replies`={$total}, `staffreplies`={$staffreplies} , "; + + // Get first staff reply + if ($staffreplies) + { + $res = hesk_dbQuery("SELECT `dt`, `staffid` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`=".intval($ticket['id'])." AND `staffid`>0 ORDER BY `dt` ASC LIMIT 1"); + $reply = hesk_dbFetchAssoc($res); + $replies_sql = " `firstreply`='".hesk_dbEscape($reply['dt'])."', `firstreplyby`=".intval($reply['staffid'])." , "; + } + + /* Update history (log) and merged IDs of target ticket */ + hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET $replies_sql `time_worked`=ADDTIME(`time_worked`, '".hesk_dbEscape($sec_worked)."'), `merged`=CONCAT(`merged`,'".hesk_dbEscape($merged . '#')."'), `history`=CONCAT(`history`,'".hesk_dbEscape($history)."') WHERE `id`='".intval($merge_into)."' LIMIT 1"); + + return true; + +} // END hesk_mergeTickets() + + +function hesk_updateStaffDefaults() +{ + global $hesk_settings, $hesklang; + + // Demo mode + if ( defined('HESK_DEMO') ) + { + return true; + } + // Remove the part that forces saving as default - we don't need it every time + $default_list = str_replace('&def=1','',$_SERVER['QUERY_STRING']); + + // Update database + $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `default_list`='".hesk_dbEscape($default_list)."' WHERE `id`='".intval($_SESSION['id'])."'"); + + // Update session values so the changes take effect immediately + $_SESSION['default_list'] = $default_list; + + return true; + +} // END hesk_updateStaffDefaults() + + +function hesk_makeJsString($in) +{ + return addslashes(preg_replace("/\s+/",' ',$in)); +} // END hesk_makeJsString() + + +function hesk_checkNewMail() +{ + global $hesk_settings, $hesklang; + + $res = hesk_dbQuery("SELECT COUNT(*) FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` WHERE `to`='".intval($_SESSION['id'])."' AND `read`='0' AND `deletedby`!='".intval($_SESSION['id'])."' "); + $num = hesk_dbResult($res,0,0); + + return $num; +} // END hesk_checkNewMail() + + +function hesk_getCategoriesArray($kb = 0) { + global $hesk_settings, $hesklang, $hesk_db_link; + + $categories = array(); + if ($kb) + { + $result = hesk_dbQuery('SELECT `id`, `name` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'kb_categories` ORDER BY `cat_order` ASC'); + } + else + { + $result = hesk_dbQuery('SELECT `id`, `name` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` ORDER BY `cat_order` ASC'); + } + + while ($row=hesk_dbFetchAssoc($result)) + { + $categories[$row['id']] = $row['name']; + } + + return $categories; +} // END hesk_getCategoriesArray() + + +function hesk_getHTML($in) +{ + global $hesk_settings, $hesklang; + + $replace_from = array("\t","","$","<%","%>"); + $replace_to = array("","<?","?>","\$","<%","%>"); + + $in = trim($in); + $in = str_replace($replace_from,$replace_to,$in); + $in = preg_replace('/\(.*)\<\/script\>/Uis',"",$in); + $in = preg_replace('/\<\!\-\-(.*)\-\-\>/Uis',"",$in); + + if (HESK_SLASH === true) + { + $in = addslashes($in); + } + $in = str_replace('\"','"',$in); + + return $in; +} // END hesk_getHTML() + + +function hesk_autoLogin($noredirect=0) +{ + global $hesk_settings, $hesklang, $hesk_db_link; + + if (!$hesk_settings['autologin']) + { + return false; + } + + $user = hesk_htmlspecialchars( hesk_COOKIE('hesk_username') ); + $hash = hesk_htmlspecialchars( hesk_COOKIE('hesk_p') ); + define('HESK_USER', $user); + + if (empty($user) || empty($hash)) + { + return false; + } + + /* Login cookies exist, now lets limit brute force attempts */ + hesk_limitBfAttempts(); + + /* Check username */ + $result = hesk_dbQuery('SELECT * FROM `'.$hesk_settings['db_pfix']."users` WHERE `user` = '".hesk_dbEscape($user)."' LIMIT 1"); + if (hesk_dbNumRows($result) != 1) + { + setcookie('hesk_username', ''); + setcookie('hesk_p', ''); + header('Location: index.php?a=login¬ice=1'); + exit(); + } + + $res=hesk_dbFetchAssoc($result); + foreach ($res as $k=>$v) + { + $_SESSION[$k]=$v; + } + + /* Check password */ + if ($hash != hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass']) ) + { + setcookie('hesk_username', ''); + setcookie('hesk_p', ''); + header('Location: index.php?a=login¬ice=1'); + exit(); + } + + /* Check if default password */ + if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') + { + hesk_process_messages($hesklang['chdp'],'NOREDIRECT','NOTICE'); + } + + unset($_SESSION['pass']); + + /* Login successful, clean brute force attempts */ + hesk_cleanBfAttempts(); + + /* Regenerate session ID (security) */ + hesk_session_regenerate_id(); + + /* Get allowed categories */ + if (empty($_SESSION['isadmin'])) + { + $_SESSION['categories']=explode(',',$_SESSION['categories']); + } + + /* Renew cookies */ + setcookie('hesk_username', "$user", strtotime('+1 year')); + setcookie('hesk_p', "$hash", strtotime('+1 year')); + + /* Close any old tickets here so Cron jobs aren't necessary */ + if ($hesk_settings['autoclose']) + { + $revision = sprintf($hesklang['thist3'],hesk_date(),$hesklang['auto']); + $dt = date('Y-m-d H:i:s',time() - $hesk_settings['autoclose']*86400); + + // Notify customer of closed ticket? + if ($hesk_settings['notify_closed']) + { + // Get list of tickets + $result = hesk_dbQuery("SELECT * FROM `".$hesk_settings['db_pfix']."tickets` WHERE `status` = '2' AND `lastchange` <= '".hesk_dbEscape($dt)."' "); + if (hesk_dbNumRows($result) > 0) + { + global $ticket; + + // Load required functions? + if ( ! function_exists('hesk_notifyCustomer') ) + { + require(HESK_PATH . 'inc/email_functions.inc.php'); + } + + while ($ticket = hesk_dbFetchAssoc($result)) + { + $ticket['dt'] = hesk_date($ticket['dt'], true); + $ticket['lastchange'] = hesk_date($ticket['lastchange'], true); + hesk_notifyCustomer('ticket_closed'); + } + } + } + + // Update ticket statuses and history in database + hesk_dbQuery("UPDATE `".$hesk_settings['db_pfix']."tickets` SET `status`='3', `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `status` = '2' AND `lastchange` <= '".hesk_dbEscape($dt)."' "); + } + + /* If session expired while a HESK page is open just continue using it, don't redirect */ + if ($noredirect) + { + return true; + } + + /* Redirect to the destination page */ + header('Location: ' . hesk_verifyGoto() ); + exit(); +} // END hesk_autoLogin() + + +function hesk_isLoggedIn() +{ + global $hesk_settings; + + $referer = hesk_input($_SERVER['REQUEST_URI']); + $referer = str_replace('&','&',$referer); + + if (empty($_SESSION['id'])) + { + if ($hesk_settings['autologin'] && hesk_autoLogin(1) ) + { + // Users online + if ($hesk_settings['online']) + { + require(HESK_PATH . 'inc/users_online.inc.php'); + hesk_initOnline($_SESSION['id']); + } + + return true; + } + + $url = 'index.php?a=login¬ice=1&goto='.urlencode($referer); + header('Location: '.$url); + exit(); + } + else + { + hesk_session_regenerate_id(); + + // Need to update permissions? + if ( empty($_SESSION['isadmin']) ) + { + $res = hesk_dbQuery("SELECT `isadmin`, `categories`, `heskprivileges` FROM `".$hesk_settings['db_pfix']."users` WHERE `id` = '".intval($_SESSION['id'])."' LIMIT 1"); + if (hesk_dbNumRows($res) == 1) + { + $me = hesk_dbFetchAssoc($res); + foreach ($me as $k => $v) + { + $_SESSION[$k]=$v; + } + + // Get allowed categories + if (empty($_SESSION['isadmin']) ) + { + $_SESSION['categories']=explode(',',$_SESSION['categories']); + } + } + else + { + hesk_session_stop(); + $url = 'index.php?a=login¬ice=1&goto='.urlencode($referer); + header('Location: '.$url); + exit(); + } + } + + // Users online + if ($hesk_settings['online']) + { + require(HESK_PATH . 'inc/users_online.inc.php'); + hesk_initOnline($_SESSION['id']); + } + + return true; + } + +} // END hesk_isLoggedIn() + + +function hesk_verifyGoto() +{ + // Default redirect URL + $url_default = 'admin_main.php'; + + // If no "goto" parameter is set, redirect to the default page + if ( ! hesk_isREQUEST('goto') ) + { + return $url_default; + } + + // Get the "goto" parameter + $url = hesk_REQUEST('goto'); + + // Fix encoded "&" + $url = str_replace('&', '&', $url); + + // Parse the URL for verification + $url_parts = parse_url($url); + + // The "path" part is required + if ( ! isset($url_parts['path']) ) + { + return $url_default; + } + + // Extract the file name from path + $url = basename($url_parts['path']); + + // Allowed files for redirect + $OK_urls = array( + 'admin_main.php' => '', + 'admin_settings.php' => '', + 'admin_settings_save.php' => 'admin_settings.php', + 'admin_ticket.php' => '', + 'archive.php' => '', + 'assign_owner.php' => '', + 'change_status.php' => '', + 'edit_post.php' => '', + 'export.php' => '', + 'find_tickets.php' => '', + 'generate_spam_question.php' => '', + 'knowledgebase_private.php' => '', + 'lock.php' => '', + 'mail.php' => '', + 'manage_canned.php' => '', + 'manage_categories.php' => '', + 'manage_knowledgebase.php' => '', + 'manage_users.php' => '', + 'new_ticket.php' => '', + 'profile.php' => '', + 'reports.php' => '', + 'show_tickets.php' => '', + ); + + // URL must match one of the allowed ones + if ( ! isset($OK_urls[$url]) ) + { + return $url_default; + } + + // Modify redirect? + if ( strlen($OK_urls[$url]) ) + { + $url = $OK_urls[$url]; + } + + // All OK, return the URL with query if set + return isset($url_parts['query']) ? $url.'?'.$url_parts['query'] : $url; + +} // END hesk_verifyGoto() + + +function hesk_Pass2Hash($plaintext) { + $majorsalt = ''; + $len = strlen($plaintext); + for ($i=0;$i<$len;$i++) + { + $majorsalt .= sha1(substr($plaintext,$i,1)); + } + $corehash = sha1($majorsalt); + return $corehash; +} // END hesk_Pass2Hash() + + +function hesk_formatDate($dt, $from_database=true) +{ + $dt=hesk_date($dt, $from_database); + $dt=str_replace(' ','
    ',$dt); + return $dt; +} // End hesk_formatDate() + + +function hesk_jsString($str) +{ + $str = str_replace( array('\'','
    ') , array('\\\'','') ,$str); + $from = array("/\r\n|\n|\r/", '/\([^\<]*)\<\/a\>/i', '/\([^\<]*)\<\/a\>/i'); + $to = array("\\r\\n' + \r\n'", "$1", "$1"); + return preg_replace($from,$to,$str); +} // END hesk_jsString() + + +function hesk_myCategories($what='category') +{ + if ( ! empty($_SESSION['isadmin']) ) + { + return '1'; + } + else + { + return " `".hesk_dbEscape($what)."` IN ('" . implode("','", array_map('intval', $_SESSION['categories']) ) . "')"; + } +} // END hesk_myCategories() + + +function hesk_okCategory($cat,$error=1,$user_isadmin=false,$user_cat=false) +{ + global $hesklang; + + /* Checking for current user or someone else? */ + if ($user_isadmin === false) + { + $user_isadmin = $_SESSION['isadmin']; + } + + if ($user_cat === false) + { + $user_cat = $_SESSION['categories']; + } + + /* Is admin? */ + if ($user_isadmin) + { + return true; + } + /* Staff with access? */ + elseif (in_array($cat,$user_cat)) + { + return true; + } + /* No access */ + else + { + if ($error) + { + hesk_error($hesklang['not_authorized_tickets']); + } + else + { + return false; + } + } + +} // END hesk_okCategory() + + +function hesk_checkPermission($feature,$showerror=1) { + global $hesklang; + + /* Admins have full access to all features */ + if ($_SESSION['isadmin']) + { + return true; + } + + /* Check other staff for permissions */ + if (strpos($_SESSION['heskprivileges'], $feature) === false) + { + if ($showerror) + { + hesk_error($hesklang['no_permission'].'

     

    '.$hesklang['click_login'].''); + } + else + { + return false; + } + } + else + { + return true; + } + +} // END hesk_checkPermission() diff --git a/inc/common.inc.php b/inc/common.inc.php index 54fad097..f0548935 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -1853,3 +1853,55 @@ function hesk_round_to_half($num) return $half; } } // END hesk_round_to_half() + +function hesk_dateToString($dt, $returnName=1, $returnTime=0, $returnMonth=0, $from_database=false) +{ + global $hesk_settings, $hesklang; + + $dt = strtotime($dt); + + // Adjust MySQL time if different from PHP time + if ($from_database) + { + if ( ! defined('MYSQL_TIME_DIFF') ) + { + define('MYSQL_TIME_DIFF', time()-hesk_dbTime() ); + } + + if (MYSQL_TIME_DIFF != 0) + { + $dt += MYSQL_TIME_DIFF; + } + + // Add HESK set time difference + $dt += 3600*$hesk_settings['diff_hours'] + 60*$hesk_settings['diff_minutes']; + + // Daylight saving? + if ($hesk_settings['daylight'] && date('I', $dt)) + { + $dt += 3600; + } + } + + list($y,$m,$n,$d,$G,$i,$s) = explode('-', date('Y-n-j-w-G-i-s', $dt) ); + + $m = $hesklang['m'.$m]; + $d = $hesklang['d'.$d]; + + if ($returnName) + { + return "$d, $m $n, $y"; + } + + if ($returnTime) + { + return "$d, $m $n, $y $G:$i:$s"; + } + + if ($returnMonth) + { + return "$m $y"; + } + + return "$m $n, $y"; +} // End hesk_dateToString() From 5d351713324a9af204b0927e7d8c0fa6e7a7a27f Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Mon, 19 Jan 2015 10:37:57 -0500 Subject: [PATCH 65/65] Closes #113 Support Chrome v39's theme-color meta tag --- inc/header.inc.php | 1 + inc/headerAdmin.inc.php | 1 + 2 files changed, 2 insertions(+) diff --git a/inc/header.inc.php b/inc/header.inc.php index 1f5c0364..baa5fe71 100644 --- a/inc/header.inc.php +++ b/inc/header.inc.php @@ -42,6 +42,7 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); <?php echo (isset($hesk_settings['tmp_title']) ? $hesk_settings['tmp_title'] : $hesk_settings['hesk_title']); ?> + diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php index e472fab1..94fdb109 100644 --- a/inc/headerAdmin.inc.php +++ b/inc/headerAdmin.inc.php @@ -42,6 +42,7 @@ require(HESK_PATH . 'modsForHesk_settings.inc.php'); <?php echo (isset($hesk_settings['tmp_title']) ? $hesk_settings['tmp_title'] : $hesk_settings['hesk_title']); ?> +