From c241338fbef4c14cb18d81f20fac2fbc883dbeba Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 5 Nov 2017 12:00:41 -0500
Subject: [PATCH 01/74] Couple small QoL changes

---
 admin/calendar.php | 20 +++++++++++---------
 calendar.php       |  6 +++++-
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/admin/calendar.php b/admin/calendar.php
index a3256299..679bfd21 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -551,16 +551,18 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
         </div>
     </div>
 </div>
+<?php
+echo mfh_get_hidden_fields_for_language(array('error_loading_events',
+    'error_deleting_event',
+    'event_deleted',
+    'event_created',
+    'error_creating_event',
+    'event_updated',
+    'error_updating_event',
+    'ticket_due_date_updated',
+    'error_updating_ticket_due_date'));
+?>
 <div style="display: none">
-    <p id="lang_error_loading_events"><?php echo $hesklang['error_loading_events']; ?></p>
-    <p id="lang_error_deleting_event"><?php echo $hesklang['error_deleting_event']; ?></p>
-    <p id="lang_event_deleted"><?php echo $hesklang['event_deleted']; ?></p>
-    <p id="lang_event_created"><?php echo $hesklang['event_created']; ?></p>
-    <p id="lang_error_creating_event"><?php echo $hesklang['error_creating_event']; ?></p>
-    <p id="lang_event_updated"><?php echo $hesklang['event_updated']; ?></p>
-    <p id="lang_error_updating_event"><?php echo $hesklang['error_updating_event']; ?></p>
-    <p id="lang_ticket_due_date_updated"><?php echo $hesklang['ticket_due_date_updated']; ?></p>
-    <p id="lang_error_updating_ticket_due_date"><?php echo $hesklang['error_updating_ticket_due_date']; ?></p>
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
     <p id="setting_default_view">
         <?php
diff --git a/calendar.php b/calendar.php
index bb6a9ee0..2dcde8d3 100644
--- a/calendar.php
+++ b/calendar.php
@@ -111,8 +111,12 @@ require_once(HESK_PATH . 'inc/header.inc.php');
         </div>
     </div>
 </div>
+<?php
+echo mfh_get_hidden_fields_for_language(array(
+   'error_loading_events'
+));
+?>
 <div style="display: none">
-    <p id="lang_error_loading_events"><?php echo $hesklang['error_loading_events']; ?></p>
     <p id="setting_default_view"><?php echo $modsForHesk_settings['default_calendar_view']; ?></p>
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
 </div>
\ No newline at end of file

From c985f80452f62b485af56556acf9bc953364b767 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 9 Nov 2017 13:04:10 -0500
Subject: [PATCH 02/74] Working on moving service messages to an API endpoint

---
 admin/service_messages.php                    | 14 ------
 .../ServiceMessages/ServiceMessage.php        | 33 ++++++++++++++
 .../ServiceMessages/ServiceMessageHandler.php | 22 ++++++++++
 .../ServiceMessages/ServiceMessageStyle.php   | 44 +++++++++++++++++++
 .../ServiceMessagesController.php             | 38 ++++++++++++++++
 .../ServiceMessagesGateway.php                | 43 ++++++++++++++++++
 6 files changed, 180 insertions(+), 14 deletions(-)
 create mode 100644 api/BusinessLogic/ServiceMessages/ServiceMessage.php
 create mode 100644 api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
 create mode 100644 api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php
 create mode 100644 api/Controllers/ServiceMessages/ServiceMessagesController.php
 create mode 100644 api/DataAccess/ServiceMessages/ServiceMessagesGateway.php

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 580d0012..9ba0b9a9 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -687,21 +687,7 @@ function new_sm()
         exit;
     }
 
-    // Get the latest service message order
-    $res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1");
-    $row = hesk_dbFetchRow($res);
-    $my_order = intval($row[0]) + 10;
 
-    // Insert service message into database
-    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`, `icon`) VALUES (
-    '" . intval($_SESSION['id']) . "',
-    '" . hesk_dbEscape($title) . "',
-    '" . hesk_dbEscape($message) . "',
-    '{$style}',
-    '{$type}',
-    '{$my_order}',
-    '{$icon}'
-    )");
 
     $_SESSION['smord'] = hesk_dbInsertID();
     hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS');
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessage.php b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
new file mode 100644
index 00000000..1951b672
--- /dev/null
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace BusinessLogic\ServiceMessages;
+
+
+class ServiceMessage extends \BaseClass {
+    /* @var $id int */
+    public $id;
+
+    /* @var $dateCreated string */
+    public $dateCreated;
+
+    /* @var $createdBy int */
+    public $createdBy;
+
+    /* @var $title string */
+    public $title;
+
+    /* @var $message string */
+    public $message;
+
+    /* @var $style string */
+    public $style;
+
+    /* @var $published bool */
+    public $published;
+
+    /* @var $order int */
+    public $order;
+
+    /* @var $icon string */
+    public $icon;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
new file mode 100644
index 00000000..474beb51
--- /dev/null
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace BusinessLogic\ServiceMessages;
+
+
+// TODO Test
+use DataAccess\ServiceMessages\ServiceMessagesGateway;
+
+class ServiceMessageHandler extends \BaseClass {
+    /* @var $serviceMessageGateway ServiceMessagesGateway */
+    private $serviceMessageGateway;
+
+    function __construct(ServiceMessagesGateway $serviceMessagesGateway) {
+        $this->serviceMessageGateway = $serviceMessagesGateway;
+    }
+
+    function createServiceMessage($serviceMessage, $heskSettings) {
+        // TODO Validate
+
+        return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
+    }
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php b/api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php
new file mode 100644
index 00000000..4dc3e388
--- /dev/null
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace BusinessLogic\ServiceMessages;
+
+
+class ServiceMessageStyle {
+    const NONE = 'NONE'; // 0
+    const SUCCESS = 'SUCCESS'; // 1
+    const INFO = 'INFO'; // 2
+    const NOTICE = 'NOTICE'; // 3
+    const ERROR = 'ERROR'; // 4
+
+    static function getStyleById($id) {
+        $styles = array(
+            0 => self::NONE,
+            1 => self::SUCCESS,
+            2 => self::INFO,
+            3 => self::NOTICE,
+            4 => self::ERROR
+        );
+
+        if (!isset($styles[$id])) {
+            throw new \Exception("Style {$id} is not a valid service message style.");
+        }
+
+        return $styles[$id];
+    }
+
+    static function getIdForStyle($style) {
+        $styles = array(
+            self::NONE => 0,
+            self::SUCCESS => 1,
+            self::INFO => 2,
+            self::NOTICE => 3,
+            self::ERROR => 4
+        );
+
+        if (!isset($styles[$style])) {
+            throw new \Exception("Style {$style} is not a valid service message style.");
+        }
+
+        return $styles[$style];
+    }
+}
\ No newline at end of file
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
new file mode 100644
index 00000000..2e9e83c8
--- /dev/null
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -0,0 +1,38 @@
+<?php
+
+namespace Controllers\ServiceMessages;
+
+use BusinessLogic\Security\UserContext;
+use BusinessLogic\ServiceMessages\ServiceMessage;
+use BusinessLogic\ServiceMessages\ServiceMessageHandler;
+use Controllers\JsonRetriever;
+
+class ServiceMessagesController extends \BaseClass {
+    function post() {
+        global $applicationContext, $userContext, $hesk_settings;
+
+        /* @var $handler ServiceMessageHandler */
+        $handler = $applicationContext->get(ServiceMessageHandler::clazz());
+
+        $data = JsonRetriever::getJsonData();
+        $element = $handler->createServiceMessage($this->buildElementModel($data, $userContext), $hesk_settings);
+
+        return output($element, 201);
+    }
+
+    /**
+     * @param $data array
+     * @param $userContext UserContext
+     * @return ServiceMessage
+     */
+    private function buildElementModel($data, $userContext) {
+        $serviceMessage = new ServiceMessage();
+        $serviceMessage->createdBy = $userContext->id;
+        $serviceMessage->icon = $data['icon'];
+        $serviceMessage->message = $data['message'];
+        $serviceMessage->published = $data['published'];
+        $serviceMessage->style = $data['style'];
+
+        return $serviceMessage;
+    }
+}
\ No newline at end of file
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
new file mode 100644
index 00000000..9e6adc39
--- /dev/null
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace DataAccess\ServiceMessages;
+
+
+use BusinessLogic\ServiceMessages\ServiceMessage;
+use BusinessLogic\ServiceMessages\ServiceMessageStyle;
+use DataAccess\CommonDao;
+
+class ServiceMessagesGateway extends CommonDao {
+    /**
+     * @param $serviceMessage ServiceMessage
+     * @return ServiceMessage
+     */
+    function createServiceMessage($serviceMessage, $heskSettings) {
+        $this->init();
+
+        // Get the latest service message order
+        $res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1");
+        $row = hesk_dbFetchRow($res);
+        $myOrder = intval($row[0]) + 10;
+
+        $style = ServiceMessageStyle::getIdForStyle($serviceMessage->style);
+        $type = $serviceMessage->published ? 0 : 1;
+
+        // Insert service message into database
+        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`, `icon`) VALUES (
+            '" . intval($serviceMessage->createdBy) . "',
+            '" . hesk_dbEscape($serviceMessage->title) . "',
+            '" . hesk_dbEscape($serviceMessage->message) . "',
+            '" . hesk_dbEscape($style) . "',
+            '{$type}',
+            '{$myOrder}',
+            '" . hesk_dbEscape($serviceMessage->icon) . "'
+            )");
+
+        $serviceMessage->id = hesk_dbInsertID();
+
+        $this->close();
+
+        return $serviceMessage;
+    }
+}
\ No newline at end of file

From d305ccf9b3a162210ac68ab09a7108acf334ad87 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 9 Nov 2017 22:02:26 -0500
Subject: [PATCH 03/74] Add POST endpoint for creating service messages

---
 .../ServiceMessages/ServiceMessageHandler.php | 37 ++++++++++++++++++-
 api/index.php                                 |  2 +
 2 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index 474beb51..a1563807 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -4,6 +4,8 @@ namespace BusinessLogic\ServiceMessages;
 
 
 // TODO Test
+use BusinessLogic\Exceptions\ValidationException;
+use BusinessLogic\ValidationModel;
 use DataAccess\ServiceMessages\ServiceMessagesGateway;
 
 class ServiceMessageHandler extends \BaseClass {
@@ -15,8 +17,41 @@ class ServiceMessageHandler extends \BaseClass {
     }
 
     function createServiceMessage($serviceMessage, $heskSettings) {
-        // TODO Validate
+        $this->validate($serviceMessage);
 
         return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
     }
+
+    /**
+     * @param $serviceMessage ServiceMessage
+     * @throws ValidationException
+     */
+    private function validate($serviceMessage) {
+        $validationModel = new ValidationModel();
+        if ($serviceMessage->createdBy < 1) {
+            $validationModel->errorKeys[] = 'MISSING_CREATOR';
+        }
+        if ($serviceMessage->icon === null || trim($serviceMessage->icon) === '') {
+            $validationModel->errorKeys[] = 'MISSING_ICON';
+        }
+        if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
+            $validationModel->errorKeys[] = 'MISSING_MESSAGE';
+        }
+        if ($serviceMessage->title === null || trim($serviceMessage->title) === '') {
+            $validationModel->errorKeys[] = 'MISSING_TITLE';
+        }
+        if ($serviceMessage->style === null || trim($serviceMessage->style) === '') {
+            $validationModel->errorKeys[] = 'MISSING_STYLE';
+        }
+        try {
+            ServiceMessageStyle::getIdForStyle($serviceMessage->style);
+        } catch (\Exception $e) {
+            $validationModel->errorKeys[] = 'INVALID_STYLE';
+        }
+
+        if (count($validationModel->errorKeys) > 0) {
+            // Validation failed
+            throw new ValidationException($validationModel);
+        }
+    }
 }
\ No newline at end of file
diff --git a/api/index.php b/api/index.php
index 4766701c..6700fa56 100644
--- a/api/index.php
+++ b/api/index.php
@@ -202,6 +202,8 @@ Link::all(array(
     '/v1/statuses' => action(\Controllers\Statuses\StatusController::clazz(), RequestMethod::all()),
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
+    // Service Messages
+    '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(), array(RequestMethod::POST)),
 
     /* Internal use only routes */
     // Resend email response

From 311a48487d1081a5b20eb7c14bddca043882dbfa Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sat, 11 Nov 2017 16:33:43 -0500
Subject: [PATCH 04/74] Add POST service-messages endpoint

---
 .../ServiceMessages/ServiceMessageHandler.php | 23 ++++++++++++++++---
 .../ServiceMessagesController.php             |  1 +
 .../ServiceMessagesGateway.php                |  8 +++++++
 inc/common.inc.php                            |  3 ++-
 4 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index a1563807..88bcd978 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -19,6 +19,26 @@ class ServiceMessageHandler extends \BaseClass {
     function createServiceMessage($serviceMessage, $heskSettings) {
         $this->validate($serviceMessage);
 
+        if ($serviceMessage->icon === null) {
+            switch ($serviceMessage->style) {
+                case ServiceMessageStyle::NONE:
+                    $serviceMessage->icon = '';
+                    break;
+                case ServiceMessageStyle::INFO:
+                    $serviceMessage->icon = 'fa fa-comment';
+                    break;
+                case ServiceMessageStyle::NOTICE:
+                    $serviceMessage->icon = 'fa fa-exclamation-triangle';
+                    break;
+                case ServiceMessageStyle::ERROR:
+                    $serviceMessage->icon = 'fa fa-times-circle';
+                    break;
+                case ServiceMessageStyle::SUCCESS:
+                    $serviceMessage->icon = 'fa fa-check-circle';
+                    break;
+            }
+        }
+
         return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
     }
 
@@ -31,9 +51,6 @@ class ServiceMessageHandler extends \BaseClass {
         if ($serviceMessage->createdBy < 1) {
             $validationModel->errorKeys[] = 'MISSING_CREATOR';
         }
-        if ($serviceMessage->icon === null || trim($serviceMessage->icon) === '') {
-            $validationModel->errorKeys[] = 'MISSING_ICON';
-        }
         if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
             $validationModel->errorKeys[] = 'MISSING_MESSAGE';
         }
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index 2e9e83c8..d6960764 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -28,6 +28,7 @@ class ServiceMessagesController extends \BaseClass {
     private function buildElementModel($data, $userContext) {
         $serviceMessage = new ServiceMessage();
         $serviceMessage->createdBy = $userContext->id;
+        $serviceMessage->title = $data['title'];
         $serviceMessage->icon = $data['icon'];
         $serviceMessage->message = $data['message'];
         $serviceMessage->published = $data['published'];
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 9e6adc39..82d9e6b8 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -3,6 +3,7 @@
 namespace DataAccess\ServiceMessages;
 
 
+use BusinessLogic\DateTimeHelpers;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageStyle;
 use DataAccess\CommonDao;
@@ -36,6 +37,13 @@ class ServiceMessagesGateway extends CommonDao {
 
         $serviceMessage->id = hesk_dbInsertID();
 
+        // Get the autogenerated fields
+        $rs = hesk_dbQuery("SELECT `dt`, `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` 
+            WHERE `id` = " . intval($serviceMessage->id));
+        $row = hesk_dbFetchAssoc($rs);
+        $serviceMessage->dateCreated = $row['dt'];
+        $serviceMessage->order = $row['order'];
+
         $this->close();
 
         return $serviceMessage;
diff --git a/inc/common.inc.php b/inc/common.inc.php
index be8f07eb..802e44da 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -185,7 +185,8 @@ function hesk_service_message($sm)
     ?>
     <div class="<?php echo $style; ?>">
         <?php echo $faIcon == '' ? '' : '<i class="' . $faIcon . '"></i> '; ?>
-        <b><?php echo $sm['title']; ?></b><?php echo $sm['message']; ?>
+        <b><?php echo $sm['title']; ?></b><br>
+        <?php echo $sm['message']; ?>
     </div>
     <br/>
     <?php

From 6bef518ffa95f9d950ee3dbc27fb723c0346acc6 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sat, 11 Nov 2017 22:16:25 -0500
Subject: [PATCH 05/74] Add more endpoints for service messages

---
 .../ServiceMessages/ServiceMessageHandler.php | 35 +++++++++++-
 .../ServiceMessagesController.php             | 34 +++++++++++-
 .../ServiceMessagesGateway.php                | 54 ++++++++++++++++++-
 api/index.php                                 |  2 +-
 4 files changed, 119 insertions(+), 6 deletions(-)

diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index 88bcd978..d70f142f 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -42,13 +42,44 @@ class ServiceMessageHandler extends \BaseClass {
         return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
     }
 
+    function getServiceMessages($heskSettings) {
+        return $this->serviceMessageGateway->getServiceMessages($heskSettings);
+    }
+
+    function editServiceMessage($serviceMessage, $heskSettings) {
+        $this->validate($serviceMessage, false);
+
+        if ($serviceMessage->icon === null) {
+            switch ($serviceMessage->style) {
+                case ServiceMessageStyle::NONE:
+                    $serviceMessage->icon = '';
+                    break;
+                case ServiceMessageStyle::INFO:
+                    $serviceMessage->icon = 'fa fa-comment';
+                    break;
+                case ServiceMessageStyle::NOTICE:
+                    $serviceMessage->icon = 'fa fa-exclamation-triangle';
+                    break;
+                case ServiceMessageStyle::ERROR:
+                    $serviceMessage->icon = 'fa fa-times-circle';
+                    break;
+                case ServiceMessageStyle::SUCCESS:
+                    $serviceMessage->icon = 'fa fa-check-circle';
+                    break;
+            }
+        }
+
+        return $this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
+    }
+
     /**
      * @param $serviceMessage ServiceMessage
+     * @param bool $isNew
      * @throws ValidationException
      */
-    private function validate($serviceMessage) {
+    private function validate($serviceMessage, $isNew = true) {
         $validationModel = new ValidationModel();
-        if ($serviceMessage->createdBy < 1) {
+        if ($isNew && $serviceMessage->createdBy < 1) {
             $validationModel->errorKeys[] = 'MISSING_CREATOR';
         }
         if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index d6960764..f17d6e14 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -8,6 +8,15 @@ use BusinessLogic\ServiceMessages\ServiceMessageHandler;
 use Controllers\JsonRetriever;
 
 class ServiceMessagesController extends \BaseClass {
+    function get() {
+        global $applicationContext, $hesk_settings;
+
+        /* @var $handler ServiceMessageHandler */
+        $handler = $applicationContext->get(ServiceMessageHandler::clazz());
+
+        return output($handler->getServiceMessages($hesk_settings));
+    }
+
     function post() {
         global $applicationContext, $userContext, $hesk_settings;
 
@@ -20,14 +29,35 @@ class ServiceMessagesController extends \BaseClass {
         return output($element, 201);
     }
 
+    function put() {
+        global $applicationContext, $hesk_settings;
+
+        /* @var $handler ServiceMessageHandler */
+        $handler = $applicationContext->get(ServiceMessageHandler::clazz());
+
+        $data = JsonRetriever::getJsonData();
+        $element = $handler->editServiceMessage($this->buildElementModel($data, null, false), $hesk_settings);
+
+        return output($element);
+    }
+
     /**
      * @param $data array
      * @param $userContext UserContext
      * @return ServiceMessage
      */
-    private function buildElementModel($data, $userContext) {
+    private function buildElementModel($data, $userContext, $creating = true) {
         $serviceMessage = new ServiceMessage();
-        $serviceMessage->createdBy = $userContext->id;
+
+        if (!$creating) {
+            $serviceMessage->id = $data['id'];
+            $serviceMessage->order = $data['order'];
+        }
+
+        if ($creating) {
+            $serviceMessage->createdBy = $userContext->id;
+        }
+
         $serviceMessage->title = $data['title'];
         $serviceMessage->icon = $data['icon'];
         $serviceMessage->message = $data['message'];
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 82d9e6b8..9dfb1796 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -42,7 +42,59 @@ class ServiceMessagesGateway extends CommonDao {
             WHERE `id` = " . intval($serviceMessage->id));
         $row = hesk_dbFetchAssoc($rs);
         $serviceMessage->dateCreated = $row['dt'];
-        $serviceMessage->order = $row['order'];
+        $serviceMessage->order = intval($row['order']);
+
+        $this->close();
+
+        return $serviceMessage;
+    }
+
+    function getServiceMessages($heskSettings) {
+        $this->init();
+
+        $serviceMessages = array();
+
+        $rs = hesk_dbQuery("SELECT * FROM `". hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` ORDER BY `id`");
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            $serviceMessage = new ServiceMessage();
+            $serviceMessage->id = $row['id'];
+            $serviceMessage->published = intval($row['type']) !== 1;
+            $serviceMessage->createdBy = intval($row['author']);
+            $serviceMessage->order = intval($row['order']);
+            $serviceMessage->dateCreated = $row['dt'];
+            $serviceMessage->title = $row['title'];
+            $serviceMessage->message = $row['message'];
+            $serviceMessage->style = ServiceMessageStyle::getStyleById($row['style']);
+            $serviceMessage->icon = $row['icon'];
+            $serviceMessages[] = $serviceMessage;
+        }
+
+        $this->close();
+
+        return $serviceMessages;
+    }
+
+    function updateServiceMessage($serviceMessage, $heskSettings) {
+        $this->init();
+
+        $style = ServiceMessageStyle::getIdForStyle($serviceMessage->style);
+        $type = $serviceMessage->published ? 0 : 1;
+
+        hesk_dbQuery("UPDATE `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
+            SET `title` = '" . hesk_dbEscape($serviceMessage->title) . "', 
+                `message` = '" . hesk_dbEscape($serviceMessage->message) . "', 
+                `style` = '" . intval($style) . "', 
+                `type` = " . intval($type) . ",
+                `icon` = '" . hesk_dbEscape($serviceMessage->icon) . "'
+            WHERE `id` = " . intval($serviceMessage->id));
+
+        $otherFieldsRs = hesk_dbQuery("SELECT `dt`, `author`, `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
+            WHERE `id` = " . intval($serviceMessage->id));
+        $otherFields = hesk_dbFetchAssoc($otherFieldsRs);
+
+        $serviceMessage->order = intval($otherFields['order']);
+        $serviceMessage->createdBy = intval($otherFields['author']);
+        $serviceMessage->dateCreated = $otherFields['dt'];
 
         $this->close();
 
diff --git a/api/index.php b/api/index.php
index 6700fa56..afa70f70 100644
--- a/api/index.php
+++ b/api/index.php
@@ -203,7 +203,7 @@ Link::all(array(
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Service Messages
-    '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(), array(RequestMethod::POST)),
+    '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(), array(RequestMethod::GET, RequestMethod::POST, RequestMethod::PUT)),
 
     /* Internal use only routes */
     // Resend email response

From c00d5641e426b37145135bbe60e5121018917297 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 12 Nov 2017 22:22:28 -0500
Subject: [PATCH 06/74] Service messages page can now retrieve service messages
 via AJAX

---
 admin/service_messages.php                    | 872 +++++-------------
 .../ServiceMessages/ServiceMessageHandler.php |  40 +-
 .../ServiceMessagesController.php             |  12 +
 .../ServiceMessagesGateway.php                |  32 +-
 api/autoload.php                              |   1 +
 api/index.php                                 |  10 +-
 internal-api/js/service-messages.js           | 362 ++++++++
 7 files changed, 707 insertions(+), 622 deletions(-)
 create mode 100644 internal-api/js/service-messages.js

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 9ba0b9a9..b83d9378 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -15,6 +15,7 @@ define('IN_SCRIPT', 1);
 define('HESK_PATH', '../');
 define('PAGE_TITLE', 'ADMIN_SERVICE_MESSAGES');
 define('MFH_PAGE_LAYOUT', 'TOP_ONLY');
+define('EXTRA_JS', '<script src="'.HESK_PATH.'internal-api/js/service-messages.js"></script>');
 
 /* Get all the required files and functions */
 require(HESK_PATH . 'hesk_settings.inc.php');
@@ -31,26 +32,8 @@ hesk_isLoggedIn();
 hesk_checkPermission('can_service_msg');
 
 // Define required constants
-define('LOAD_TABS', 1);
 define('WYSIWYG', 1);
 
-// What should we do?
-if ($action = hesk_REQUEST('a')) {
-    if ($action == 'edit_sm') {
-        edit_sm();
-    } elseif (defined('HESK_DEMO')) {
-        hesk_process_messages($hesklang['ddemo'], 'service_messages.php', 'NOTICE');
-    } elseif ($action == 'new_sm') {
-        new_sm();
-    } elseif ($action == 'save_sm') {
-        save_sm();
-    } elseif ($action == 'order_sm') {
-        order_sm();
-    } elseif ($action == 'remove_sm') {
-        remove_sm();
-    }
-}
-
 /* Print header */
 require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
 
@@ -60,638 +43,293 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 <div class="content-wrapper">
     <section class="content">
     <div class="box">
+        <div class="box-header with-border">
+            <h1 class="box-title">
+                <?php echo $hesklang['manage_service_messages']; ?> <a href="javascript:void(0)"
+                                                          onclick="alert('<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>')"><i
+                            class="fa fa-question-circle settingsquestionmark"></i></a>
+            </h1>
+            <div class="box-tools pull-right">
+                <button type="button" class="btn btn-box-tool" data-widget="collapse">
+                    <i class="fa fa-minus"></i>
+                </button>
+            </div>
+        </div>
         <div class="box-body">
-            <div class="nav-tabs-custom">
-                <ul class="nav nav-tabs" role="tablist">
+            <div class="row">
+                <div class="col-sm-12">
                     <?php
-                    // Show a link to banned_emails.php if user has permission to do so
-                    if (hesk_checkPermission('can_ban_emails', 0)) {
-                        echo '
-            <li role="presentation">
-                <a title="' . $hesklang['banemail'] . '" href="banned_emails.php">' . $hesklang['banemail'] . '</a>
-            </li>';
-                    }
-                    if (hesk_checkPermission('can_ban_ips', 0)) {
-                        echo '
-            <li role="presentation">
-                <a title="' . $hesklang['banip'] . '" href="banned_ips.php">' . $hesklang['banip'] . '</a>
-            </li>';
+
+                    if ($hesk_settings['kb_wysiwyg']) {
+                        ?>
+                        <script type="text/javascript">
+                            tinyMCE.init({
+                                mode: "exact",
+                                elements: "content",
+                                theme: "advanced",
+                                convert_urls: false,
+                                gecko_spellcheck: true,
+                                plugins: "autolink",
+
+                                theme_advanced_buttons1: "cut,copy,paste,|,undo,redo,|,formatselect,fontselect,fontsizeselect,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull",
+                                theme_advanced_buttons2: "sub,sup,|,charmap,|,bullist,numlist,|,outdent,indent,insertdate,inserttime,preview,|,forecolor,backcolor,|,hr,removeformat,visualaid,|,link,unlink,anchor,image,cleanup,code",
+                                theme_advanced_buttons3: "",
+
+                                theme_advanced_toolbar_location: "top",
+                                theme_advanced_toolbar_align: "left",
+                                theme_advanced_statusbar_location: "bottom",
+                                theme_advanced_resizing: true
+                            });
+                        </script>
+                        <?php
                     }
                     ?>
-                    <li role="presentation" class="active">
-                        <a href="#"><?php echo $hesklang['sm_title']; ?> <i class="fa fa-question-circle settingsquestionmark"
-                                                                            onclick="javascript:alert('<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>')"></i></a>
-                    </li>
-                    <?php
-                    // Show a link to email tpl management if user has permission to do so
-                    if (hesk_checkPermission('can_man_email_tpl', 0)) {
-                        echo '
-            <li role="presentation">
-                <a title="' . $hesklang['email_templates'] . '" href="manage_email_templates.php">' . $hesklang['email_templates'] . '</a>
-            </li>
-            ';
-                    }
-                    if (hesk_checkPermission('can_man_ticket_statuses', 0)) {
-                        echo '
-            <li role="presentation">
-                <a title="' . $hesklang['statuses'] . '" href="manage_statuses.php">' . $hesklang['statuses'] . '</a>
-            </li>
-            ';
-                    }
-                    // Show a link to custom_fields.php if user has permission to do so
-                    if ( hesk_checkPermission('can_man_settings',0) ) {
-                        echo '
-            <li role="presentation">
-                <a title="' . $hesklang['tab_4'] . '" href="custom_fields.php">' . $hesklang['tab_4'] . '</a>
-            </li>
-            ';
-                    }
-                    ?>
-                </ul>
-                <div class="tab-content summaryList tabPadding">
-                    <div class="row">
-                        <div class="col-sm-12">
-                            <?php
-                            /* This will handle error, success and notice messages */
-                            hesk_handle_messages();
+                    <table class="table table-hover">
+                        <thead>
+                        <tr>
+                            <th><?php echo $hesklang['sm_mtitle']; ?></th>
+                            <th><?php echo $hesklang['sm_author']; ?></th>
+                            <th><?php echo $hesklang['sm_type']; ?></th>
+                            <th><?php echo $hesklang['opt']; ?></th>
+                        </tr>
+                        </thead>
+                        <tbody id="table-body">
+                        </tbody>
+                    </table>
+                    <div class="panel panel-default">
+                        <div class="panel-heading">
+                            <h4><a name="new_article"></a><?php echo hesk_SESSION('edit_sm') ? $hesklang['edit_sm'] : $hesklang['new_sm']; ?></h4>
+                        </div>
+                        <div class="panel-body">
+                            <form action="service_messages.php" method="post" name="form1" role="form" class="form-horizontal" data-toggle="validator">
+                                <div class="form-group">
+                                    <label for="style"
+                                           class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
 
-                            if (isset($_SESSION['new_sm']) && !isset($_SESSION['edit_sm'])) {
-                                $_SESSION['new_sm'] = hesk_stripArray($_SESSION['new_sm']);
-                            }
-
-                            if (isset($_SESSION['preview_sm'])) {
-                                hesk_service_message($_SESSION['new_sm']);
-                            }
-
-                            if ($hesk_settings['kb_wysiwyg']) {
-                                ?>
-                                <script type="text/javascript">
-                                    tinyMCE.init({
-                                        mode: "exact",
-                                        elements: "content",
-                                        theme: "advanced",
-                                        convert_urls: false,
-                                        gecko_spellcheck: true,
-                                        plugins: "autolink",
-
-                                        theme_advanced_buttons1: "cut,copy,paste,|,undo,redo,|,formatselect,fontselect,fontsizeselect,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull",
-                                        theme_advanced_buttons2: "sub,sup,|,charmap,|,bullist,numlist,|,outdent,indent,insertdate,inserttime,preview,|,forecolor,backcolor,|,hr,removeformat,visualaid,|,link,unlink,anchor,image,cleanup,code",
-                                        theme_advanced_buttons3: "",
-
-                                        theme_advanced_toolbar_location: "top",
-                                        theme_advanced_toolbar_align: "left",
-                                        theme_advanced_statusbar_location: "bottom",
-                                        theme_advanced_resizing: true
-                                    });
-                                </script>
-                                <?php
-                            }
-                            ?>
-                            <div class="panel panel-default">
-                                <div class="panel-heading">
-                                    <h4><?php echo $hesklang['ex_sm']; ?></h4>
+                                    <div class="col-md-2">
+                                        <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
+                                            <label>
+                                                <input type="radio" name="style" value="0" onclick="setIcon('')"
+                                                    <?php if (!isset($_SESSION['new_sm']['style']) || (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 0)) {
+                                                        echo 'checked';
+                                                    } ?>>
+                                                <?php echo $hesklang['sm_none']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-2">
+                                        <div class="radio alert alert-success pad-5">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="1"
+                                                       onclick="setIcon('fa fa-check-circle')"
+                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 1) {
+                                                        echo 'checked';
+                                                    } ?>>
+                                                <?php echo $hesklang['sm_success']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-2">
+                                        <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="2"
+                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 2) {
+                                                        echo 'checked';
+                                                    } ?>>
+                                                <?php echo $hesklang['sm_info']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-2">
+                                        <div class="radio alert alert-warning pad-5"
+                                             onclick="setIcon('fa fa-exclamation-triangle')">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="3"
+                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 3) {
+                                                        echo 'checked';
+                                                    } ?>>
+                                                <?php echo $hesklang['sm_notice']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-2">
+                                        <div class="radio alert alert-danger pad-5" onclick="setIcon('fa fa-times-circle')">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="4"
+                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 4) {
+                                                        echo 'checked';
+                                                    } ?> >
+                                                <?php echo $hesklang['sm_error']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
                                 </div>
-                                <div class="panel-body">
+                                <div class="form-group">
+                                    <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
                                     <?php
-
-                                    // Get service messages from database
-                                    $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'service_messages` ORDER BY `order` ASC');
-                                    $num = hesk_dbNumRows($res);
-
-                                    if ($num < 1) {
-                                        echo '<p>' . $hesklang['no_sm'] . '</p>';
-                                    } else {
-                                        // List of staff
-                                        if (!isset($admins)) {
-                                            $admins = array();
-                                            $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`");
-                                            while ($row = hesk_dbFetchAssoc($res2)) {
-                                                $admins[$row['id']] = $row['name'];
-                                            }
-                                        }
-
-                                        ?>
-                                        <table class="table table-hover">
-                                            <thead>
-                                            <tr>
-                                                <th><?php echo $hesklang['sm_mtitle']; ?></th>
-                                                <th><?php echo $hesklang['sm_author']; ?></th>
-                                                <th><?php echo $hesklang['sm_type']; ?></th>
-                                                <th>&nbsp;<?php echo $hesklang['opt']; ?>&nbsp;</th>
-                                            </tr>
-                                            </thead>
-                                            <tbody>
-                                            <?php
-                                            $j = 1;
-                                            $k = 1;
-
-                                            while ($sm = hesk_dbFetchAssoc($res)) {
-                                                $faIcon = $sm['icon'];
-                                                switch ($sm['style']) {
-                                                    case 1:
-                                                        $sm_style = "alert alert-success";
-                                                        break;
-                                                    case 2:
-                                                        $sm_style = "alert alert-info";
-                                                        break;
-                                                    case 3:
-                                                        $sm_style = "alert alert-warning";
-                                                        break;
-                                                    case 4:
-                                                        $sm_style = "alert alert-danger";
-                                                        break;
-                                                    default:
-                                                        $sm_style = "none";
-                                                }
-
-                                                $type = $sm['type'] ? $hesklang['sm_draft'] : $hesklang['sm_published'];
-
-                                                ?>
-                                                <tr>
-                                                    <td>
-                                                        <div class="<?php echo $sm_style; ?>">
-                                                            <i class="<?php echo $faIcon; ?>"></i>
-                                                            <b><?php echo $sm['title']; ?></b>
-                                                        </div>
-                                                    </td>
-                                                    <td><?php echo(isset($admins[$sm['author']]) ? $admins[$sm['author']] : $hesklang['e_udel']); ?></td>
-                                                    <td><?php echo $type; ?></td>
-                                                    <td>
-                                                        <?php
-                                                        if ($num > 1) {
-                                                            if ($k == 1) {
-                                                                ?>
-                                                                <img src="../img/blank.gif" width="16" height="16" alt=""
-                                                                     style="padding:3px;border:none;"/>
-                                                                <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
-                                                                    <i class="fa fa-arrow-down font-size-16p green"
-                                                                       data-toggle="tooltip" data-placement="top"
-                                                                       data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
-                                                                <?php
-                                                            } elseif ($k == $num) {
-                                                                ?>
-                                                                <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
-                                                                    <i class="fa fa-arrow-up font-size-16p green" data-toggle="tooltip"
-                                                                       data-placement="top"
-                                                                       data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
-                                                                <img src="../img/blank.gif" width="16" height="16" alt=""
-                                                                     style="padding:3px;border:none;"/>
-                                                                <?php
-                                                            } else {
-                                                                ?>
-                                                                <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=-15&amp;token=<?php hesk_token_echo(); ?>">
-                                                                    <i class="fa fa-arrow-up font-size-16p green" data-toggle="tooltip"
-                                                                       data-placement="top"
-                                                                       data-original-title="<?php echo $hesklang['move_up']; ?>"></i></a>
-                                                                <a href="service_messages.php?a=order_sm&amp;id=<?php echo $sm['id']; ?>&amp;move=15&amp;token=<?php hesk_token_echo(); ?>">
-                                                                    <i class="fa fa-arrow-down font-size-16p green"
-                                                                       data-toggle="tooltip" data-placement="top"
-                                                                       data-original-title="<?php echo $hesklang['move_dn']; ?>"></i></a>
-                                                                <?php
-                                                            }
-                                                        }
-                                                        ?>
-                                                        <a href="service_messages.php?a=edit_sm&amp;id=<?php echo $sm['id']; ?>">
-                                                            <i class="fa fa-pencil font-size-16p orange" data-toggle="tooltip"
-                                                               data-placement="top"
-                                                               data-original-title="<?php echo $hesklang['edit']; ?>"></i></a>
-                                                        <a href="service_messages.php?a=remove_sm&amp;id=<?php echo $sm['id']; ?>&amp;token=<?php hesk_token_echo(); ?>"
-                                                           onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_sm']); ?>');">
-                                                            <i class="fa fa-times font-size-16p red" data-toggle="tooltip"
-                                                               data-placement="top"
-                                                               data-original-title="<?php echo $hesklang['delete']; ?>"></i></a>&nbsp;
-                                                    </td>
-                                                </tr>
-                                                <?php
-                                                $j++;
-                                                $k++;
-                                            } // End while
-
-                                            ?>
-                                            </tbody>
-                                        </table>
-                                        <?php
+                                    $icon = '';
+                                    if (isset($_SESSION['new_sm']['icon'])) {
+                                        $icon = $_SESSION['new_sm']['icon'];
                                     }
-
                                     ?>
+                                    <div class="col-md-10">
+                                        <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
+
+                                        <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
+
+                                        <p style="display:none"
+                                           id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
+
+                                        <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
+                                             data-icon="<?php echo $icon; ?>"></div>
+                                    </div>
                                 </div>
-                            </div>
+                                <div class="form-group">
+                                    <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
 
-                            <div class="panel panel-default">
-                                <div class="panel-heading">
-                                    <h4><a name="new_article"></a><?php echo hesk_SESSION('edit_sm') ? $hesklang['edit_sm'] : $hesklang['new_sm']; ?></h4>
+                                    <div class="col-md-2">
+                                        <div class="radio pad-5">
+                                            <label>
+                                                <input type="radio" name="type" value="0"
+                                                    <?php if (!isset($_SESSION['new_sm']['type']) || (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 0)) {
+                                                        echo 'checked';
+                                                    } ?> >
+                                                <?php echo $hesklang['sm_published']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-2">
+                                        <div class="radio pad-5">
+                                            <label>
+                                                <input type="radio" name="type" value="1"
+                                                    <?php if (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 1) {
+                                                        echo 'checked';
+                                                    } ?> >
+                                                <?php echo $hesklang['sm_draft']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
                                 </div>
-                                <div class="panel-body">
-                                    <form action="service_messages.php" method="post" name="form1" role="form" class="form-horizontal" data-toggle="validator">
-                                        <div class="form-group">
-                                            <label for="style"
-                                                   class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
+                                <div class="form-group">
+                                    <label for="title"
+                                           class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
 
-                                            <div class="col-md-2">
-                                                <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
-                                                    <label>
-                                                        <input type="radio" name="style" value="0" onclick="setIcon('')"
-                                                            <?php if (!isset($_SESSION['new_sm']['style']) || (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 0)) {
-                                                                echo 'checked';
-                                                            } ?>>
-                                                        <?php echo $hesklang['sm_none']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                            <div class="col-md-2">
-                                                <div class="radio alert alert-success pad-5">
-                                                    <label style="margin-top: -5px">
-                                                        <input type="radio" name="style" value="1"
-                                                               onclick="setIcon('fa fa-check-circle')"
-                                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 1) {
-                                                                echo 'checked';
-                                                            } ?>>
-                                                        <?php echo $hesklang['sm_success']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                            <div class="col-md-2">
-                                                <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
-                                                    <label style="margin-top: -5px">
-                                                        <input type="radio" name="style" value="2"
-                                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 2) {
-                                                                echo 'checked';
-                                                            } ?>>
-                                                        <?php echo $hesklang['sm_info']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                            <div class="col-md-2">
-                                                <div class="radio alert alert-warning pad-5"
-                                                     onclick="setIcon('fa fa-exclamation-triangle')">
-                                                    <label style="margin-top: -5px">
-                                                        <input type="radio" name="style" value="3"
-                                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 3) {
-                                                                echo 'checked';
-                                                            } ?>>
-                                                        <?php echo $hesklang['sm_notice']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                            <div class="col-md-2">
-                                                <div class="radio alert alert-danger pad-5" onclick="setIcon('fa fa-times-circle')">
-                                                    <label style="margin-top: -5px">
-                                                        <input type="radio" name="style" value="4"
-                                                            <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 4) {
-                                                                echo 'checked';
-                                                            } ?> >
-                                                        <?php echo $hesklang['sm_error']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                        </div>
-                                        <div class="form-group">
-                                            <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
-                                            <?php
-                                            $icon = '';
-                                            if (isset($_SESSION['new_sm']['icon'])) {
-                                                $icon = $_SESSION['new_sm']['icon'];
-                                            }
-                                            ?>
-                                            <div class="col-md-10">
-                                                <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
+                                    <div class="col-md-10">
+                                        <input class="form-control"
+                                               placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
+                                               type="text" name="title" size="70" maxlength="255"
+                                            <?php if (isset($_SESSION['new_sm']['title'])) {
+                                                echo 'value="' . $_SESSION['new_sm']['title'] . '"';
+                                            } ?> data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
+                                        <div class="help-block with-errors"></div>
+                                    </div>
+                                </div>
+                                <div class="form-group">
+                                    <label for="message"
+                                           class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
 
-                                                <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
-
-                                                <p style="display:none"
-                                                   id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
-
-                                                <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
-                                                     data-icon="<?php echo $icon; ?>"></div>
-                                            </div>
-                                        </div>
-                                        <div class="form-group">
-                                            <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
-
-                                            <div class="col-md-2">
-                                                <div class="radio pad-5">
-                                                    <label>
-                                                        <input type="radio" name="type" value="0"
-                                                            <?php if (!isset($_SESSION['new_sm']['type']) || (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 0)) {
-                                                                echo 'checked';
-                                                            } ?> >
-                                                        <?php echo $hesklang['sm_published']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                            <div class="col-md-2">
-                                                <div class="radio pad-5">
-                                                    <label>
-                                                        <input type="radio" name="type" value="1"
-                                                            <?php if (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 1) {
-                                                                echo 'checked';
-                                                            } ?> >
-                                                        <?php echo $hesklang['sm_draft']; ?>
-                                                    </label>
-                                                </div>
-                                            </div>
-                                        </div>
-                                        <div class="form-group">
-                                            <label for="title"
-                                                   class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
-
-                                            <div class="col-md-10">
-                                                <input class="form-control"
-                                                       placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
-                                                       type="text" name="title" size="70" maxlength="255"
-                                                    <?php if (isset($_SESSION['new_sm']['title'])) {
-                                                        echo 'value="' . $_SESSION['new_sm']['title'] . '"';
-                                                    } ?> data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
-                                                <div class="help-block with-errors"></div>
-                                            </div>
-                                        </div>
-                                        <div class="form-group">
-                                            <label for="message"
-                                                   class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
-
-                                            <div class="col-md-10">
+                                    <div class="col-md-10">
                                     <textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
                                               class="form-control" name="message" rows="25" cols="70" id="content">
                                         <?php if (isset($_SESSION['new_sm']['message'])) {
                                             echo $_SESSION['new_sm']['message'];
                                         } ?>
                                     </textarea>
-                                            </div>
-                                        </div>
-                                        <div class="form-group">
-                                            <?php echo isset($_SESSION['edit_sm']) ? '<input type="hidden" name="a" value="save_sm" /><input type="hidden" name="id" value="' . intval($_SESSION['new_sm']['id']) . '" />' : '<input type="hidden" name="a" value="new_sm" />'; ?>
-                                            <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
-
-                                            <div class="col-md-10 col-md-offset-2">
-                                                <div class="btn-group" role="group">
-                                                    <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
-                                                           class="btn btn-primary">
-                                                    <input type="submit" name="sm_preview"
-                                                           value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
-                                                </div>
-                                            </div>
-                                        </div>
-                                    </form>
+                                    </div>
                                 </div>
-                            </div>
+                                <div class="form-group">
+                                    <?php echo isset($_SESSION['edit_sm']) ? '<input type="hidden" name="a" value="save_sm" /><input type="hidden" name="id" value="' . intval($_SESSION['new_sm']['id']) . '" />' : '<input type="hidden" name="a" value="new_sm" />'; ?>
+                                    <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
+
+                                    <div class="col-md-10 col-md-offset-2">
+                                        <div class="btn-group" role="group">
+                                            <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
+                                                   class="btn btn-primary">
+                                            <input type="submit" name="sm_preview"
+                                                   value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
+                                        </div>
+                                    </div>
+                                </div>
+                            </form>
                         </div>
                     </div>
                 </div>
             </div>
         </div>
+        <div class="overlay" id="overlay">
+            <i class="fa fa-spinner fa-spin"></i>
+        </div>
     </div>
 </section>
 </div>
+<?php
+echo mfh_get_hidden_fields_for_language(array(
+    'sm_published',
+    'sm_draft',
+));
+
+echo '<script>var users = [];';
+$usersRs = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1'");
+$users = array();
+while ($row = hesk_dbFetchAssoc($usersRs)) {
+    $users[] = $row;
+    echo "users[" . $row['id'] . "] = {
+        id: ".$row['id'].",
+        name: '".$row['name']."'
+    }\n";
+}
+echo '</script>';
+?>
+<script type="text/html" id="service-message-title-template">
+<div class="{{CLASS}}">
+    <i data-property="icon"></i>
+    <b data-property="title"></b>
+</div>
+</script>
+<script type="text/html" id="service-message-preview-template">
+    <?php
+    $sm = array(
+        'icon' => 'fa',
+        'style' => 0,
+        'title' => '{{TITLE}}',
+        'message' => '{{MESSAGE}}'
+    );
+    hesk_service_message($sm);
+    ?>
+</script>
+<script type="text/html" id="service-message-template">
+<tr data-property="id" data-value="x">
+    <td><span data-property="title"></span></td>
+    <td><span data-property="author"></span></td>
+    <td><span data-property="type"></span></td>
+    <td>
+        <span class="sort-arrows">
+            <a href="#" data-action="sort"
+               data-direction="up">
+                <i class="fa fa-fw fa-arrow-up icon-link green"
+                   data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
+            </a>
+            <a href="#" data-action="sort"
+               data-direction="down">
+                <i class="fa fa-fw fa-arrow-down icon-link green"
+                   data-toggle="tooltip" title="<?php echo $hesklang['move_dn'] ?>"></i>
+            </a>
+        </span>
+        <a href="#" data-action="edit">
+            <i class="fa fa-fw fa-pencil icon-link orange"
+               data-toggle="tooltip" title="<?php echo $hesklang['edit']; ?>"></i>
+        </a>
+        <a href="#" data-action="delete">
+            <i class="fa fa-fw fa-times icon-link red"
+               data-toggle="tooltip" title="<?php echo $hesklang['delete']; ?>"></i>
+        </a>
+    </td>
+</tr>
+</script>
 
 <?php
 
-hesk_cleanSessionVars(array('new_sm', 'preview_sm', 'edit_sm'));
-
 require_once(HESK_PATH . 'inc/footer.inc.php');
 exit();
 
-
-/*** START FUNCTIONS ***/
-
-
-function save_sm()
-{
-    global $hesk_settings, $hesklang, $listBox;
-    global $hesk_error_buffer;
-
-    // A security check
-    # hesk_token_check('POST');
-
-    $hesk_error_buffer = array();
-
-    // Get service messageID
-    $id = intval(hesk_POST('id')) or hesk_error($hesklang['sm_e_id']);
-
-    $style = intval(hesk_POST('style', 0));
-    if ($style > 4 || $style < 0) {
-        $style = 0;
-    }
-
-    $type = empty($_POST['type']) ? 0 : 1;
-    $icon = hesk_POST('icon');
-    $title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
-    $message = hesk_getHTML(hesk_POST('message'));
-	
-	// Clean the HTML code
-	require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
-	$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
-	$message = $purifier->heskPurify($message);
-
-    // Any errors?
-    if (count($hesk_error_buffer)) {
-        $_SESSION['edit_sm'] = true;
-
-        $_SESSION['new_sm'] = array(
-            'id' => $id,
-            'style' => $style,
-            'type' => $type,
-            'title' => $title,
-            'icon' => $icon,
-            'message' => hesk_input(hesk_POST('message')),
-        );
-
-        $tmp = '';
-        foreach ($hesk_error_buffer as $error) {
-            $tmp .= "<li>$error</li>\n";
-        }
-        $hesk_error_buffer = $tmp;
-
-        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
-        hesk_process_messages($hesk_error_buffer, 'service_messages.php');
-    }
-
-    // Just preview the message?
-    if (isset($_POST['sm_preview'])) {
-        $_SESSION['preview_sm'] = true;
-        $_SESSION['edit_sm'] = true;
-
-        $_SESSION['new_sm'] = array(
-            'id' => $id,
-            'style' => $style,
-            'type' => $type,
-            'title' => $title,
-            'message' => $message,
-            'icon' => $icon,
-        );
-
-        header('Location: service_messages.php');
-        exit;
-    }
-
-    // Update the service message in the database
-    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET
-	`author` = '" . intval($_SESSION['id']) . "',
-	`title` = '" . hesk_dbEscape($title) . "',
-	`message` = '" . hesk_dbEscape($message) . "',
-	`style` = '{$style}',
-	`type` = '{$type}',
-	`icon` = '{$icon}'
-	WHERE `id`={$id}");
-
-    $_SESSION['smord'] = $id;
-    hesk_process_messages($hesklang['sm_mdf'], 'service_messages.php', 'SUCCESS');
-
-} // End save_sm()
-
-
-function edit_sm()
-{
-    global $hesk_settings, $hesklang;
-
-    // Get service messageID
-    $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
-
-    // Get details from the database
-    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
-    if (hesk_dbNumRows($res) != 1) {
-        hesk_error($hesklang['sm_not_found']);
-    }
-    $sm = hesk_dbFetchAssoc($res);
-
-    $_SESSION['new_sm'] = $sm;
-    $_SESSION['edit_sm'] = true;
-
-} // End edit_sm()
-
-
-function order_sm()
-{
-    global $hesk_settings, $hesklang;
-
-    // A security check
-    hesk_token_check();
-
-    // Get ID and move parameters
-    $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
-    $move = intval(hesk_GET('move'));
-    $_SESSION['smord'] = $id;
-
-    // Update article details
-    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id}");
-
-    // Update order of all service messages
-    update_sm_order();
-
-    // Finish
-    header('Location: service_messages.php');
-    exit();
-
-} // End order_sm()
-
-
-function update_sm_order()
-{
-    global $hesk_settings, $hesklang;
-
-    // Get list of current service messages
-    $res = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` ASC");
-
-    // Update database
-    $i = 10;
-    while ($sm = hesk_dbFetchAssoc($res)) {
-        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "'");
-        $i += 10;
-    }
-
-    return true;
-
-} // END update_sm_order()
-
-
-function remove_sm()
-{
-    global $hesk_settings, $hesklang;
-
-    // A security check
-    hesk_token_check();
-
-    // Get ID
-    $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
-
-    // Delete the service message
-    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id}");
-
-    // Were we successful?
-    if (hesk_dbAffectedRows() == 1) {
-        hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS');
-    } else {
-        hesk_process_messages($hesklang['sm_not_found'], './service_messages.php');
-    }
-
-} // End remove_sm()
-
-
-function new_sm()
-{
-    global $hesk_settings, $hesklang, $listBox;
-    global $hesk_error_buffer;
-
-    // A security check
-    # hesk_token_check('POST');
-
-    $hesk_error_buffer = array();
-
-    $style = intval(hesk_POST('style', 0));
-    if ($style > 4 || $style < 0) {
-        $style = 0;
-    }
-
-    $type = empty($_POST['type']) ? 0 : 1;
-    $icon = hesk_POST('icon');
-    $title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
-    $message = hesk_getHTML(hesk_POST('message'));
-	
-	// Clean the HTML code
-	require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
-	$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
-	$message = $purifier->heskPurify($message);
-
-    // Any errors?
-    if (count($hesk_error_buffer)) {
-        $_SESSION['new_sm'] = array(
-            'style' => $style,
-            'type' => $type,
-            'title' => $title,
-            'icon' => $icon,
-            'message' => hesk_input(hesk_POST('message')),
-        );
-
-        $tmp = '';
-        foreach ($hesk_error_buffer as $error) {
-            $tmp .= "<li>$error</li>\n";
-        }
-        $hesk_error_buffer = $tmp;
-
-        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
-        hesk_process_messages($hesk_error_buffer, 'service_messages.php');
-    }
-
-    // Just preview the message?
-    if (isset($_POST['sm_preview'])) {
-        $_SESSION['preview_sm'] = true;
-
-        $_SESSION['new_sm'] = array(
-            'style' => $style,
-            'type' => $type,
-            'title' => $title,
-            'icon' => $icon,
-            'message' => $message,
-        );
-
-        header('Location: service_messages.php');
-        exit;
-    }
-
-
-
-    $_SESSION['smord'] = hesk_dbInsertID();
-    hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS');
-
-} // End new_sm()
-
 ?>
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index d70f142f..9e70ceda 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -5,6 +5,7 @@ namespace BusinessLogic\ServiceMessages;
 
 // TODO Test
 use BusinessLogic\Exceptions\ValidationException;
+use BusinessLogic\Navigation\Direction;
 use BusinessLogic\ValidationModel;
 use DataAccess\ServiceMessages\ServiceMessagesGateway;
 
@@ -17,7 +18,7 @@ class ServiceMessageHandler extends \BaseClass {
     }
 
     function createServiceMessage($serviceMessage, $heskSettings) {
-        $this->validate($serviceMessage);
+        $this->validate($serviceMessage, $heskSettings);
 
         if ($serviceMessage->icon === null) {
             switch ($serviceMessage->style) {
@@ -47,7 +48,7 @@ class ServiceMessageHandler extends \BaseClass {
     }
 
     function editServiceMessage($serviceMessage, $heskSettings) {
-        $this->validate($serviceMessage, false);
+        $this->validate($serviceMessage, $heskSettings, false);
 
         if ($serviceMessage->icon === null) {
             switch ($serviceMessage->style) {
@@ -72,19 +73,52 @@ class ServiceMessageHandler extends \BaseClass {
         return $this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
     }
 
+    function deleteServiceMessage($id, $heskSettings) {
+        $this->serviceMessageGateway->deleteServiceMessage($id, $heskSettings);
+    }
+
+    function sortServiceMessage($id, $direction, $heskSettings) {
+        $serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings);
+        $serviceMessage = null;
+        foreach ($serviceMessages as $innerServiceMessage) {
+            if ($innerServiceMessage->id === intval($id)) {
+                $serviceMessage = $innerServiceMessage;
+                break;
+            }
+        }
+
+        if ($serviceMessage === null) {
+            throw new \BaseException("Could not find category with ID {$id}!");
+        }
+
+        if ($direction === Direction::UP) {
+            $serviceMessage->order -= 15;
+        } else {
+            $serviceMessage->order += 15;
+        }
+
+        $this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
+        $this->serviceMessageGateway->resortAllServiceMessages($heskSettings);
+    }
+
     /**
      * @param $serviceMessage ServiceMessage
      * @param bool $isNew
      * @throws ValidationException
      */
-    private function validate($serviceMessage, $isNew = true) {
+    private function validate($serviceMessage, $heskSettings, $isNew = true) {
         $validationModel = new ValidationModel();
         if ($isNew && $serviceMessage->createdBy < 1) {
             $validationModel->errorKeys[] = 'MISSING_CREATOR';
         }
+
         if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
             $validationModel->errorKeys[] = 'MISSING_MESSAGE';
+        } else {
+            $htmlPurifier = new \HeskHTMLPurifier($heskSettings['cache_dir']);
+            $serviceMessage->message = $htmlPurifier->heskPurify($serviceMessage->message);
         }
+
         if ($serviceMessage->title === null || trim($serviceMessage->title) === '') {
             $validationModel->errorKeys[] = 'MISSING_TITLE';
         }
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index f17d6e14..94ff9776 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -6,6 +6,7 @@ use BusinessLogic\Security\UserContext;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageHandler;
 use Controllers\JsonRetriever;
+use Symfony\Component\EventDispatcher\Tests\Service;
 
 class ServiceMessagesController extends \BaseClass {
     function get() {
@@ -41,6 +42,17 @@ class ServiceMessagesController extends \BaseClass {
         return output($element);
     }
 
+    function delete($id) {
+        global $applicationContext, $hesk_settings;
+
+        /* @var $handler ServiceMessageHandler */
+        $handler = $applicationContext->get(ServiceMessageHandler::clazz());
+
+        $handler->deleteServiceMessage($id, $hesk_settings);
+
+        return http_response_code(204);
+    }
+
     /**
      * @param $data array
      * @param $userContext UserContext
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 9dfb1796..b2539d12 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -3,7 +3,6 @@
 namespace DataAccess\ServiceMessages;
 
 
-use BusinessLogic\DateTimeHelpers;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageStyle;
 use DataAccess\CommonDao;
@@ -49,6 +48,10 @@ class ServiceMessagesGateway extends CommonDao {
         return $serviceMessage;
     }
 
+    /**
+     * @param $heskSettings
+     * @return ServiceMessage[]
+     */
     function getServiceMessages($heskSettings) {
         $this->init();
 
@@ -100,4 +103,31 @@ class ServiceMessagesGateway extends CommonDao {
 
         return $serviceMessage;
     }
+
+    function deleteServiceMessage($id, $heskSettings) {
+        $this->init();
+
+        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
+            WHERE `id` = " . intval($id));
+
+        $this->close();
+    }
+
+    function resortAllServiceMessages($heskSettings) {
+        $this->init();
+
+        $rs = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
+            ORDER BY `order` ASC");
+
+        $sortValue = 10;
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            hesk_dbQuery("UPDATE `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
+                SET `order` = " . intval($sortValue) . "
+                WHERE `id` = " . intval($row['id']));
+
+            $sortValue += 10;
+        }
+
+        $this->close();
+    }
 }
\ No newline at end of file
diff --git a/api/autoload.php b/api/autoload.php
index 0f14ff20..cf548485 100644
--- a/api/autoload.php
+++ b/api/autoload.php
@@ -12,6 +12,7 @@ require_once(__DIR__ . '/Core/output.php');
 require_once(__DIR__ . '/../hesk_settings.inc.php');
 require_once(__DIR__ . '/http_response_code.php');
 require_once(__DIR__ . '/../inc/admin_functions.inc.php');
+require_once(__DIR__ . '/../inc/htmlpurifier/HeskHTMLPurifier.php');
 
 hesk_load_api_database_functions();
 
diff --git a/api/index.php b/api/index.php
index afa70f70..9c4b3e35 100644
--- a/api/index.php
+++ b/api/index.php
@@ -203,7 +203,15 @@ Link::all(array(
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Service Messages
-    '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(), array(RequestMethod::GET, RequestMethod::POST, RequestMethod::PUT)),
+    '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
+        array(RequestMethod::GET, RequestMethod::POST, RequestMethod::PUT),
+        SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+    '/v1/service-messages/{i}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
+        array(RequestMethod::DELETE),
+        SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+    '/v1/service-messages/{i}/sort/{s}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz() . '::sort',
+        array(RequestMethod::POST),
+        SecurityHandler::INTERNAL),
 
     /* Internal use only routes */
     // Resend email response
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
new file mode 100644
index 00000000..a2c3f950
--- /dev/null
+++ b/internal-api/js/service-messages.js
@@ -0,0 +1,362 @@
+var serviceMessages = [];
+
+$(document).ready(function() {
+    loadTable();
+    bindEditModal();
+    bindModalCancelCallback();
+    bindFormSubmit();
+    bindDeleteButton();
+    bindCreateModal();
+    bindSortButtons();
+});
+
+
+function loadTable() {
+    $('#overlay').show();
+    var heskUrl = $('p#hesk-path').text();
+    var $tableBody = $('#table-body');
+
+    $.ajax({
+        method: 'GET',
+        url: heskUrl + 'api/index.php/v1/service-messages',
+        headers: { 'X-Internal-Call': true },
+        success: function(data) {
+            $tableBody.html('');
+
+            if (data.length === 0) {
+                // TODO "No Service Messages Found"
+                $('#overlay').hide();
+                return;
+            }
+
+            var first = true;
+            var lastElement = null;
+            $.each(data, function() {
+                var $template = $($('#service-message-template').html());
+
+                $template.find('span[data-property="id"]').attr('data-value', this.id);
+                $template.find('span[data-property="title"]').html(
+                    getFormattedTitle(this.icon, this.title, this.style));
+                $template.find('span[data-property="author"]').text(users[this.createdBy].name);
+                if (this.published) {
+                    $template.find('span[data-property="type"]').text(mfhLang.text('sm_published'));
+                } else {
+                    $template.find('span[data-property="type"]').text(mfhLang.text('sm_draft'));
+                }
+
+                $tableBody.append($template);
+
+                serviceMessages[this.id] = this;
+
+                lastElement = this;
+
+                if (first) {
+                    $template.find('[data-direction="up"]').css('visibility', 'hidden');
+                    first = false;
+                }
+            });
+
+            if (lastElement) {
+                //-- Hide the down arrow on the last element
+                $('[data-value="' + lastElement.id + '"]').parent().parent()
+                    .find('[data-direction="down"]').css('visibility', 'hidden');
+            }
+        },
+        error: function(data) {
+            mfhAlert.errorWithLog(mfhLang.text('error_retrieving_categories'), data.responseJSON);
+            console.error(data);
+        },
+        complete: function() {
+            refreshBackgroundVolatileItems();
+            $('[data-toggle="popover"]').popover({
+                trigger: 'hover',
+                container: 'body'
+            });
+            $('#overlay').hide();
+        }
+    });
+}
+
+function getFormattedTitle(icon, title, style) {
+    var $template = $($('#service-message-title-template').html());
+
+    var alertClass = 'none';
+    switch (style) {
+        case 'ERROR':
+            alertClass = 'alert alert-danger';
+            break;
+        case 'NOTICE':
+            alertClass = 'alert alert-warning';
+            break;
+        case 'INFO':
+            alertClass = 'alert alert-info';
+            break;
+        case 'SUCCESS':
+            alertClass = 'alert alert-success';
+            break;
+    }
+    $template.addClass(alertClass)
+        .find('[data-property="icon"]').addClass(icon).end()
+        .find('[data-property="title"]').text(title);
+
+    return $template;
+}
+
+function getServiceMessagePreview(icon, title, message, style) {
+    var $template = $('#service-message-preview-template').html();
+
+    var alertClass = 'none';
+    switch (style) {
+        case 'ERROR':
+            alertClass = 'alert alert-danger';
+            break;
+        case 'NOTICE':
+            alertClass = 'alert alert-warning';
+            break;
+        case 'INFO':
+            alertClass = 'alert alert-info';
+            break;
+        case 'SUCCESS':
+            alertClass = 'alert alert-success';
+            break;
+    }
+    $template = $template.replace('none', alertClass)
+        .replace('{{TITLE}}', title)
+        .replace('{{MESSAGE}}', message);
+    $template = $($template);
+    if (icon !== '') {
+        $template.find('i.fa').removeClass('fa').addClass(icon);
+    }
+
+    return $template;
+}
+
+function bindEditModal() {
+    $(document).on('click', '[data-action="edit"]', function() {
+        var element = categories[$(this).parent().parent().find('[data-property="id"]').text()];
+        var $modal = $('#category-modal');
+
+        $modal.find('#edit-label').show();
+        $modal.find('#create-label').hide();
+
+        $modal.find('input[name="name"]').val(element.name).end()
+            .find('select[name="priority"]').val(element.priority).end()
+            .find('select[name="manager"]').val(element.manager === null ? 0 : element.manager).end()
+            .find('input[name="id"]').val(element.id).end()
+            .find('select[name="usage"]').val(element.usage).end()
+            .find('input[name="display-border"][value="' + (element.displayBorder ? 1 : 0) + '"]')
+            .prop('checked', 'checked').end();
+
+        var backgroundColor = element.backgroundColor;
+        var foregroundColor = element.foregroundColor;
+        var colorpickerOptions = {
+            format: 'hex',
+            color: backgroundColor
+        };
+        $modal.find('input[name="background-color"]')
+            .colorpicker(colorpickerOptions).end().modal('show');
+
+        colorpickerOptions = {
+            format: 'hex'
+        };
+        if (foregroundColor != '' && foregroundColor !== 'AUTO') {
+            colorpickerOptions.color = foregroundColor;
+        }
+
+        $modal.find('input[name="foreground-color"]')
+            .colorpicker(colorpickerOptions).end().modal('show');
+
+        if (foregroundColor === '' || foregroundColor === 'AUTO') {
+            $modal.find('input[name="foreground-color"]').colorpicker('setValue', '#fff');
+            $modal.find('input[name="foreground-color"]').val('');
+        }
+
+        $modal.find('input[name="cat-order"]').val(element.catOrder);
+        $modal.find('input[name="autoassign"][value="' + (element.autoAssign ? 1 : 0) + '"]')
+            .prop('checked', 'checked');
+        $modal.find('input[name="type"][value="' + (element.type ? 1 : 0) + '"]')
+            .prop('checked', 'checked');
+        $modal.find('textarea[name="description"]').val(element.description === null ? '' : element.description);
+
+        $modal.modal('show');
+    });
+}
+
+function bindCreateModal() {
+    $('#create-button').click(function() {
+        var $modal = $('#category-modal');
+        $modal.find('#edit-label').hide();
+        $modal.find('#create-label').show();
+
+        $modal.find('input[name="name"]').val('');
+        $modal.find('select[name="priority"]').val(3); // Low priority
+        $modal.find('select[name="usage"]').val(0); // Tickets and events
+        $modal.find('input[name="id"]').val(-1);
+        $modal.find('textarea[name="description"]').val('');
+        $modal.find('input[name="cat-order"]').val('');
+        $modal.find('input[name="type"][value="0"]').prop('checked', 'checked');
+        $modal.find('input[name="autoassign"][value="0"]').prop('checked', 'checked');
+        $modal.find('input[name="display-border"][value="0"]')
+            .prop('checked', 'checked');
+
+        var colorpickerOptions = {
+            format: 'hex',
+            color: '#fff'
+        };
+        $modal.find('input[name="background-color"]')
+            .colorpicker(colorpickerOptions).end().modal('show');
+        $modal.find('input[name="background-color"]').val('');
+        $modal.find('input[name="foreground-color"]')
+            .colorpicker(colorpickerOptions).end().modal('show');
+        $modal.find('input[name="foreground-color"]').val('');
+
+        $modal.modal('show');
+    });
+}
+
+function bindModalCancelCallback() {
+    $('.cancel-callback').click(function() {
+        var $editCategoryModal = $('#category-modal');
+
+        $editCategoryModal.find('input[name="background-color"]').val('').colorpicker('destroy').end();
+        $editCategoryModal.find('input[name="foreground-color"]').val('').colorpicker('destroy').end();
+        $editCategoryModal.find('input[name="display-border"][value="1"]').prop('checked');
+        $editCategoryModal.find('input[name="display-border"][value="0"]').prop('checked');
+        $editCategoryModal.find('input[name="autoassign"][value="1"]').prop('checked');
+        $editCategoryModal.find('input[name="autoassign"][value="0"]').prop('checked');
+    });
+}
+
+function bindFormSubmit() {
+    $('form#manage-category').submit(function(e) {
+        e.preventDefault();
+        var heskUrl = $('p#hesk-path').text();
+
+        var $modal = $('#category-modal');
+
+        var foregroundColor = $modal.find('input[name="foreground-color"]').val();
+        var manager = parseInt($modal.find('select[name="manager"]').val());
+        var data = {
+            autoassign: $modal.find('input[name="autoassign"]').val() === 'true',
+            backgroundColor: $modal.find('input[name="background-color"]').val(),
+            description: $modal.find('textarea[name="description"]').val(),
+            displayBorder: $modal.find('input[name="display-border"]:checked').val() === '1',
+            foregroundColor: foregroundColor === '' ? 'AUTO' : foregroundColor,
+            name: $modal.find('input[name="name"]').val(),
+            priority: parseInt($modal.find('select[name="priority"]').val()),
+            manager: manager === 0 ? null : manager,
+            type: parseInt($modal.find('input[name="type"]:checked').val()),
+            usage: parseInt($modal.find('select[name="usage"]').val()),
+            catOrder: parseInt($modal.find('input[name="cat-order"]').val())
+        };
+
+        var url = heskUrl + 'api/index.php/v1/categories/';
+        var method = 'POST';
+
+        var categoryId = parseInt($modal.find('input[name="id"]').val());
+        if (categoryId !== -1) {
+            url += categoryId;
+            method = 'PUT';
+        }
+
+        $modal.find('#action-buttons').find('.cancel-button').attr('disabled', 'disabled');
+        $modal.find('#action-buttons').find('.save-button').attr('disabled', 'disabled');
+
+        $.ajax({
+            method: 'POST',
+            url: url,
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': method
+            },
+            data: JSON.stringify(data),
+            success: function(data) {
+                var format = undefined;
+                if (categoryId === -1) {
+                    format = mfhLang.html('cat_name_added');
+                    mfhAlert.success(format.replace('%s', data.name));
+                } else {
+                    format = mfhLang.html('category_updated');
+                    mfhAlert.success(format.replace('%s', data.name));
+                }
+                $modal.modal('hide');
+                loadTable();
+            },
+            error: function(data) {
+                mfhAlert.errorWithLog(mfhLang.text('error_saving_updating_category'), data.responseJSON);
+                console.error(data);
+            },
+            complete: function(data) {
+                $modal.find('#action-buttons').find('.cancel-button').removeAttr('disabled');
+                $modal.find('#action-buttons').find('.save-button').removeAttr('disabled');
+            }
+        });
+    });
+}
+
+function bindDeleteButton() {
+    $(document).on('click', '[data-action="delete"]', function() {
+        $('#overlay').show();
+
+        var heskUrl = $('p#hesk-path').text();
+        var element = categories[$(this).parent().parent().find('[data-property="id"]').text()];
+
+        $.ajax({
+            method: 'POST',
+            url: heskUrl + 'api/index.php/v1/categories/' + element.id,
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': 'DELETE'
+            },
+            success: function() {
+                mfhAlert.success(mfhLang.text('cat_removed'));
+                loadTable();
+            },
+            error: function(data) {
+                $('#overlay').hide();
+                mfhAlert.errorWithLog(mfhLang.text('error_deleting_category'), data.responseJSON);
+                console.error(data);
+            }
+        });
+    });
+}
+
+function bindGenerateLinkModal() {
+    var $modal = $('#generate-link-modal');
+
+    $modal.find('.input-group-addon').click(function() {
+        clipboard.copy($modal.find('input[type="text"]').val());
+        mfhAlert.success(mfhLang.text('copied_to_clipboard'));
+    });
+
+    $(document).on('click', '[data-property="generate-link"] i.fa-code', function () {
+        var heskUrl = $('p#hesk-url').text();
+
+        var url = heskUrl + '/index.php?a=add&catid=' + $(this).parent().data('category-id');
+
+        $modal.find('input[type="text"]').val(url).end().modal('show');
+    });
+}
+
+function bindSortButtons() {
+    $(document).on('click', '[data-action="sort"]', function() {
+        $('#overlay').show();
+        var heskUrl = $('p#hesk-path').text();
+        var direction = $(this).data('direction');
+        var element = categories[$(this).parent().parent().parent().find('[data-property="id"]').text()];
+
+        $.ajax({
+            method: 'POST',
+            url: heskUrl + 'api/index.php/v1-internal/categories/' + element.id + '/sort/' + direction,
+            headers: { 'X-Internal-Call': true },
+            success: function() {
+                loadTable();
+            },
+            error: function(data) {
+                mfhAlert.errorWithLog(mfhLang.text('error_sorting_categories'), data.responseJSON);
+                console.error(data);
+                $('#overlay').hide();
+            }
+        })
+    });
+}
\ No newline at end of file

From a8abfcd4a11216a3af59e205c3398a7b7e69338d Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 13 Nov 2017 13:07:19 -0500
Subject: [PATCH 07/74] More progress on service messages

---
 admin/service_messages.php                    | 309 +++++++++---------
 .../ServiceMessagesController.php             |   1 -
 internal-api/js/service-messages.js           |  56 +---
 language/en/text.php                          |   3 +
 4 files changed, 165 insertions(+), 204 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index b83d9378..6368b572 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -57,6 +57,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
         </div>
         <div class="box-body">
             <div class="row">
+                <div class="col-md-12 text-right">
+                    <button id="create-button" class="btn btn-success">
+                        <i class="fa fa-plus-circle"></i>&nbsp;
+                        <?php echo $hesklang['create_new']; ?>
+                    </button>
+                </div>
                 <div class="col-sm-12">
                     <?php
 
@@ -96,163 +102,6 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                         <tbody id="table-body">
                         </tbody>
                     </table>
-                    <div class="panel panel-default">
-                        <div class="panel-heading">
-                            <h4><a name="new_article"></a><?php echo hesk_SESSION('edit_sm') ? $hesklang['edit_sm'] : $hesklang['new_sm']; ?></h4>
-                        </div>
-                        <div class="panel-body">
-                            <form action="service_messages.php" method="post" name="form1" role="form" class="form-horizontal" data-toggle="validator">
-                                <div class="form-group">
-                                    <label for="style"
-                                           class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
-
-                                    <div class="col-md-2">
-                                        <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
-                                            <label>
-                                                <input type="radio" name="style" value="0" onclick="setIcon('')"
-                                                    <?php if (!isset($_SESSION['new_sm']['style']) || (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 0)) {
-                                                        echo 'checked';
-                                                    } ?>>
-                                                <?php echo $hesklang['sm_none']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="col-md-2">
-                                        <div class="radio alert alert-success pad-5">
-                                            <label style="margin-top: -5px">
-                                                <input type="radio" name="style" value="1"
-                                                       onclick="setIcon('fa fa-check-circle')"
-                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 1) {
-                                                        echo 'checked';
-                                                    } ?>>
-                                                <?php echo $hesklang['sm_success']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="col-md-2">
-                                        <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
-                                            <label style="margin-top: -5px">
-                                                <input type="radio" name="style" value="2"
-                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 2) {
-                                                        echo 'checked';
-                                                    } ?>>
-                                                <?php echo $hesklang['sm_info']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="col-md-2">
-                                        <div class="radio alert alert-warning pad-5"
-                                             onclick="setIcon('fa fa-exclamation-triangle')">
-                                            <label style="margin-top: -5px">
-                                                <input type="radio" name="style" value="3"
-                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 3) {
-                                                        echo 'checked';
-                                                    } ?>>
-                                                <?php echo $hesklang['sm_notice']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="col-md-2">
-                                        <div class="radio alert alert-danger pad-5" onclick="setIcon('fa fa-times-circle')">
-                                            <label style="margin-top: -5px">
-                                                <input type="radio" name="style" value="4"
-                                                    <?php if (isset($_SESSION['new_sm']['style']) && $_SESSION['new_sm']['style'] == 4) {
-                                                        echo 'checked';
-                                                    } ?> >
-                                                <?php echo $hesklang['sm_error']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                </div>
-                                <div class="form-group">
-                                    <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
-                                    <?php
-                                    $icon = '';
-                                    if (isset($_SESSION['new_sm']['icon'])) {
-                                        $icon = $_SESSION['new_sm']['icon'];
-                                    }
-                                    ?>
-                                    <div class="col-md-10">
-                                        <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
-
-                                        <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
-
-                                        <p style="display:none"
-                                           id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
-
-                                        <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
-                                             data-icon="<?php echo $icon; ?>"></div>
-                                    </div>
-                                </div>
-                                <div class="form-group">
-                                    <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
-
-                                    <div class="col-md-2">
-                                        <div class="radio pad-5">
-                                            <label>
-                                                <input type="radio" name="type" value="0"
-                                                    <?php if (!isset($_SESSION['new_sm']['type']) || (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 0)) {
-                                                        echo 'checked';
-                                                    } ?> >
-                                                <?php echo $hesklang['sm_published']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="col-md-2">
-                                        <div class="radio pad-5">
-                                            <label>
-                                                <input type="radio" name="type" value="1"
-                                                    <?php if (isset($_SESSION['new_sm']['type']) && $_SESSION['new_sm']['type'] == 1) {
-                                                        echo 'checked';
-                                                    } ?> >
-                                                <?php echo $hesklang['sm_draft']; ?>
-                                            </label>
-                                        </div>
-                                    </div>
-                                </div>
-                                <div class="form-group">
-                                    <label for="title"
-                                           class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
-
-                                    <div class="col-md-10">
-                                        <input class="form-control"
-                                               placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
-                                               type="text" name="title" size="70" maxlength="255"
-                                            <?php if (isset($_SESSION['new_sm']['title'])) {
-                                                echo 'value="' . $_SESSION['new_sm']['title'] . '"';
-                                            } ?> data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
-                                        <div class="help-block with-errors"></div>
-                                    </div>
-                                </div>
-                                <div class="form-group">
-                                    <label for="message"
-                                           class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
-
-                                    <div class="col-md-10">
-                                    <textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
-                                              class="form-control" name="message" rows="25" cols="70" id="content">
-                                        <?php if (isset($_SESSION['new_sm']['message'])) {
-                                            echo $_SESSION['new_sm']['message'];
-                                        } ?>
-                                    </textarea>
-                                    </div>
-                                </div>
-                                <div class="form-group">
-                                    <?php echo isset($_SESSION['edit_sm']) ? '<input type="hidden" name="a" value="save_sm" /><input type="hidden" name="id" value="' . intval($_SESSION['new_sm']['id']) . '" />' : '<input type="hidden" name="a" value="new_sm" />'; ?>
-                                    <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
-
-                                    <div class="col-md-10 col-md-offset-2">
-                                        <div class="btn-group" role="group">
-                                            <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
-                                                   class="btn btn-primary">
-                                            <input type="submit" name="sm_preview"
-                                                   value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
-                                        </div>
-                                    </div>
-                                </div>
-                            </form>
-                        </div>
-                    </div>
                 </div>
             </div>
         </div>
@@ -262,10 +111,156 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
     </div>
 </section>
 </div>
+<div class="modal fade" id="service-message-modal" tabindex="-1" role="dialog" style="overflow: hidden">
+    <div class="modal-dialog modal-lg" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close cancel-callback" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="myModalLabel">
+                    <span id="edit-label"><?php echo $hesklang['edit_sm']; ?></span>
+                    <span id="create-label"><?php echo $hesklang['new_sm']; ?></span>
+                </h4>
+            </div>
+            <form id="manage-category" class="form-horizontal" data-toggle="validator" method="post">
+                <div class="modal-body">
+                    <div class="form-group">
+                        <div class="row" style="padding-bottom: 10px;">
+                            <label for="style"
+                                   class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
+
+                            <div class="col-md-3">
+                                <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
+                                    <label>
+                                        <input type="radio" name="style" value="0" onclick="setIcon('')">
+                                        <?php echo $hesklang['sm_none']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-3">
+                                <div class="radio alert alert-success pad-5">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="1" onclick="setIcon('fa fa-check-circle')">
+                                        <?php echo $hesklang['sm_success']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-3">
+                                <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="2">
+                                        <?php echo $hesklang['sm_info']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="row">
+                            <div class="col-md-3 col-md-offset-2">
+                                <div class="radio alert alert-warning pad-5">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="3"
+                                               onclick="setIcon('fa fa-exclamation-triangle')">
+                                        <?php echo $hesklang['sm_notice']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="col-md-3">
+                                <div class="radio alert alert-danger pad-5">
+                                    <label style="margin-top: -5px">
+                                        <input type="radio" name="style" value="4" onclick="setIcon('fa fa-times-circle')">
+                                        <?php echo $hesklang['sm_error']; ?>
+                                    </label>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
+                        <div class="col-md-10">
+                            <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
+
+                            <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
+
+                            <p style="display:none"
+                               id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
+
+                            <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
+                                 data-search="false" data-icon=""></div>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
+
+                        <div class="col-md-2">
+                            <div class="radio pad-5">
+                                <label>
+                                    <input type="radio" name="type" value="0">
+                                    <?php echo $hesklang['sm_published']; ?>
+                                </label>
+                            </div>
+                        </div>
+                        <div class="col-md-2">
+                            <div class="radio pad-5">
+                                <label>
+                                    <input type="radio" name="type" value="1">
+                                    <?php echo $hesklang['sm_draft']; ?>
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label for="title"
+                               class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
+                        <div class="col-md-10">
+                            <input class="form-control"
+                                   placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
+                                   type="text" name="title" size="70" maxlength="255"
+                                   data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
+                            <div class="help-block with-errors"></div>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label for="message"
+                               class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
+
+                        <div class="col-md-10">
+                            <textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
+                                      class="form-control" name="message" rows="25" cols="70" id="content"></textarea>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <div class="col-md-10 col-md-offset-2">
+                            <div class="btn-group" role="group">
+                                <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
+                                       class="btn btn-primary">
+                                <input type="submit" name="sm_preview"
+                                       value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
+                            </div>
+                        </div>
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <input type="hidden" name="id">
+                    <input type="hidden" name="cat-order">
+                    <div id="action-buttons" class="btn-group">
+                        <button type="button" class="btn btn-default cancel-button cancel-callback" data-dismiss="modal">
+                            <i class="fa fa-times-circle"></i>
+                            <span><?php echo $hesklang['cancel']; ?></span>
+                        </button>
+                        <button type="submit" class="btn btn-success save-button">
+                            <i class="fa fa-check-circle"></i>
+                            <span><?php echo $hesklang['save']; ?></span>
+                        </button>
+                    </div>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
 <?php
 echo mfh_get_hidden_fields_for_language(array(
     'sm_published',
     'sm_draft',
+    'no_sm',
 ));
 
 echo '<script>var users = [];';
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index 94ff9776..faf9f568 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -6,7 +6,6 @@ use BusinessLogic\Security\UserContext;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageHandler;
 use Controllers\JsonRetriever;
-use Symfony\Component\EventDispatcher\Tests\Service;
 
 class ServiceMessagesController extends \BaseClass {
     function get() {
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index a2c3f950..fc3754af 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -3,7 +3,6 @@ var serviceMessages = [];
 $(document).ready(function() {
     loadTable();
     bindEditModal();
-    bindModalCancelCallback();
     bindFormSubmit();
     bindDeleteButton();
     bindCreateModal();
@@ -24,7 +23,7 @@ function loadTable() {
             $tableBody.html('');
 
             if (data.length === 0) {
-                // TODO "No Service Messages Found"
+                $tableBody.append('<tr><td colspan="4">' + mfhLang.text('no_sm') + '</td></tr>');
                 $('#overlay').hide();
                 return;
             }
@@ -63,15 +62,10 @@ function loadTable() {
             }
         },
         error: function(data) {
-            mfhAlert.errorWithLog(mfhLang.text('error_retrieving_categories'), data.responseJSON);
+            mfhAlert.errorWithLog(mfhLang.text('error_retrieving_sm'), data.responseJSON);
             console.error(data);
         },
         complete: function() {
-            refreshBackgroundVolatileItems();
-            $('[data-toggle="popover"]').popover({
-                trigger: 'hover',
-                container: 'body'
-            });
             $('#overlay').hide();
         }
     });
@@ -184,49 +178,19 @@ function bindEditModal() {
 
 function bindCreateModal() {
     $('#create-button').click(function() {
-        var $modal = $('#category-modal');
-        $modal.find('#edit-label').hide();
-        $modal.find('#create-label').show();
-
-        $modal.find('input[name="name"]').val('');
-        $modal.find('select[name="priority"]').val(3); // Low priority
-        $modal.find('select[name="usage"]').val(0); // Tickets and events
-        $modal.find('input[name="id"]').val(-1);
-        $modal.find('textarea[name="description"]').val('');
-        $modal.find('input[name="cat-order"]').val('');
-        $modal.find('input[name="type"][value="0"]').prop('checked', 'checked');
-        $modal.find('input[name="autoassign"][value="0"]').prop('checked', 'checked');
-        $modal.find('input[name="display-border"][value="0"]')
-            .prop('checked', 'checked');
-
-        var colorpickerOptions = {
-            format: 'hex',
-            color: '#fff'
-        };
-        $modal.find('input[name="background-color"]')
-            .colorpicker(colorpickerOptions).end().modal('show');
-        $modal.find('input[name="background-color"]').val('');
-        $modal.find('input[name="foreground-color"]')
-            .colorpicker(colorpickerOptions).end().modal('show');
-        $modal.find('input[name="foreground-color"]').val('');
+        var $modal = $('#service-message-modal');
+        $modal.find('#edit-label').hide().end()
+            .find('#create-label').show().end()
+            .find('input[name="style"][value="0"]').prop('checked', 'checked').end() // "None" style
+            .find('input[name="type"][value="0"]').prop('checked', 'checked').end() // Published
+            .find('input[name="title"]').val('').end();
+        setIcon('');
+        tinyMCE.get('content').setContent('');
 
         $modal.modal('show');
     });
 }
 
-function bindModalCancelCallback() {
-    $('.cancel-callback').click(function() {
-        var $editCategoryModal = $('#category-modal');
-
-        $editCategoryModal.find('input[name="background-color"]').val('').colorpicker('destroy').end();
-        $editCategoryModal.find('input[name="foreground-color"]').val('').colorpicker('destroy').end();
-        $editCategoryModal.find('input[name="display-border"][value="1"]').prop('checked');
-        $editCategoryModal.find('input[name="display-border"][value="0"]').prop('checked');
-        $editCategoryModal.find('input[name="autoassign"][value="1"]').prop('checked');
-        $editCategoryModal.find('input[name="autoassign"][value="0"]').prop('checked');
-    });
-}
-
 function bindFormSubmit() {
     $('form#manage-category').submit(function(e) {
         e.preventDefault();
diff --git a/language/en/text.php b/language/en/text.php
index d543ccd3..833551f5 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2215,5 +2215,8 @@ $hesklang['audit_due_date_changed'] = '%s changed due date to %s';
 $hesklang['audit_linked_ticket'] = '%s linked ticket %s to this ticket';
 $hesklang['audit_unlinked_ticket'] = '%s unlinked ticket %s';
 
+// Added or modified in Mods for HESK 3.3.0
+$hesklang['error_retrieving_sm'] = 'An error occurred retrieving service messages!';
+
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From d897fa2a4bacb07d310d73c4a709f4af0826ebbd Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 13 Nov 2017 22:13:55 -0500
Subject: [PATCH 08/74] More progress'

---
 admin/service_messages.php          |  10 +--
 internal-api/js/service-messages.js | 100 +++++++++++-----------------
 2 files changed, 46 insertions(+), 64 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 6368b572..8602f3ee 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -93,6 +93,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                     <table class="table table-hover">
                         <thead>
                         <tr>
+                            <th style="display: none"><?php echo $hesklang['id']; ?></th>
                             <th><?php echo $hesklang['sm_mtitle']; ?></th>
                             <th><?php echo $hesklang['sm_author']; ?></th>
                             <th><?php echo $hesklang['sm_type']; ?></th>
@@ -121,7 +122,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                     <span id="create-label"><?php echo $hesklang['new_sm']; ?></span>
                 </h4>
             </div>
-            <form id="manage-category" class="form-horizontal" data-toggle="validator" method="post">
+            <form id="service-message" class="form-horizontal" data-toggle="validator" method="post">
                 <div class="modal-body">
                     <div class="form-group">
                         <div class="row" style="padding-bottom: 10px;">
@@ -224,7 +225,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 
                         <div class="col-md-10">
                             <textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
-                                      class="form-control" name="message" rows="25" cols="70" id="content"></textarea>
+                                      class="form-control" name="message" id="content"></textarea>
                         </div>
                     </div>
                     <div class="form-group">
@@ -240,7 +241,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                 </div>
                 <div class="modal-footer">
                     <input type="hidden" name="id">
-                    <input type="hidden" name="cat-order">
+                    <input type="hidden" name="order">
                     <div id="action-buttons" class="btn-group">
                         <button type="button" class="btn btn-default cancel-button cancel-callback" data-dismiss="modal">
                             <i class="fa fa-times-circle"></i>
@@ -293,7 +294,8 @@ echo '</script>';
     ?>
 </script>
 <script type="text/html" id="service-message-template">
-<tr data-property="id" data-value="x">
+<tr>
+    <td style="display: none"><span data-property="id" data-value="x"></span></td>
     <td><span data-property="title"></span></td>
     <td><span data-property="author"></span></td>
     <td><span data-property="type"></span></td>
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index fc3754af..fdb9f207 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -1,5 +1,12 @@
 var serviceMessages = [];
 
+var g_styles = [];
+g_styles["ERROR"] = 4;
+g_styles["NOTICE"] = 3;
+g_styles["INFO"] = 2;
+g_styles["SUCCESS"] = 1;
+g_styles["NONE"] = 0;
+
 $(document).ready(function() {
     loadTable();
     bindEditModal();
@@ -33,7 +40,7 @@ function loadTable() {
             $.each(data, function() {
                 var $template = $($('#service-message-template').html());
 
-                $template.find('span[data-property="id"]').attr('data-value', this.id);
+                $template.find('[data-property="id"]').attr('data-value', this.id);
                 $template.find('span[data-property="title"]').html(
                     getFormattedTitle(this.icon, this.title, this.style));
                 $template.find('span[data-property="author"]').text(users[this.createdBy].name);
@@ -127,50 +134,21 @@ function getServiceMessagePreview(icon, title, message, style) {
 
 function bindEditModal() {
     $(document).on('click', '[data-action="edit"]', function() {
-        var element = categories[$(this).parent().parent().find('[data-property="id"]').text()];
-        var $modal = $('#category-modal');
+        console.log(serviceMessages);
+        var element = serviceMessages[$(this).parent().parent().find('[data-property="id"]').data('value')];
+        var $modal = $('#service-message-modal');
 
         $modal.find('#edit-label').show();
         $modal.find('#create-label').hide();
 
-        $modal.find('input[name="name"]').val(element.name).end()
-            .find('select[name="priority"]').val(element.priority).end()
-            .find('select[name="manager"]').val(element.manager === null ? 0 : element.manager).end()
+        $modal.find('input[name="style"][value="' + (g_styles[element.style]) + '"]').prop('checked', 'checked').end()
+            .find('input[name="type"][value="' + (element.published ? 0 : 1) + '"]')
+                .prop('checked', 'checked').end()
+            .find('input[name="title"]').val(element.title).end()
             .find('input[name="id"]').val(element.id).end()
-            .find('select[name="usage"]').val(element.usage).end()
-            .find('input[name="display-border"][value="' + (element.displayBorder ? 1 : 0) + '"]')
-            .prop('checked', 'checked').end();
-
-        var backgroundColor = element.backgroundColor;
-        var foregroundColor = element.foregroundColor;
-        var colorpickerOptions = {
-            format: 'hex',
-            color: backgroundColor
-        };
-        $modal.find('input[name="background-color"]')
-            .colorpicker(colorpickerOptions).end().modal('show');
-
-        colorpickerOptions = {
-            format: 'hex'
-        };
-        if (foregroundColor != '' && foregroundColor !== 'AUTO') {
-            colorpickerOptions.color = foregroundColor;
-        }
-
-        $modal.find('input[name="foreground-color"]')
-            .colorpicker(colorpickerOptions).end().modal('show');
-
-        if (foregroundColor === '' || foregroundColor === 'AUTO') {
-            $modal.find('input[name="foreground-color"]').colorpicker('setValue', '#fff');
-            $modal.find('input[name="foreground-color"]').val('');
-        }
-
-        $modal.find('input[name="cat-order"]').val(element.catOrder);
-        $modal.find('input[name="autoassign"][value="' + (element.autoAssign ? 1 : 0) + '"]')
-            .prop('checked', 'checked');
-        $modal.find('input[name="type"][value="' + (element.type ? 1 : 0) + '"]')
-            .prop('checked', 'checked');
-        $modal.find('textarea[name="description"]').val(element.description === null ? '' : element.description);
+            .find('input[name="order"]').val(element.order).end();
+        setIcon(element.icon);
+        tinyMCE.get('content').setContent(element.message);
 
         $modal.modal('show');
     });
@@ -183,7 +161,9 @@ function bindCreateModal() {
             .find('#create-label').show().end()
             .find('input[name="style"][value="0"]').prop('checked', 'checked').end() // "None" style
             .find('input[name="type"][value="0"]').prop('checked', 'checked').end() // Published
-            .find('input[name="title"]').val('').end();
+            .find('input[name="title"]').val('').end()
+            .find('input[name="id"]').val(-1).end()
+            .find('input[name="order"]').val('').end();
         setIcon('');
         tinyMCE.get('content').setContent('');
 
@@ -192,34 +172,34 @@ function bindCreateModal() {
 }
 
 function bindFormSubmit() {
-    $('form#manage-category').submit(function(e) {
+    $('form#service-message').submit(function(e) {
         e.preventDefault();
         var heskUrl = $('p#hesk-path').text();
 
-        var $modal = $('#category-modal');
+        var $modal = $('#service-message-modal');
+
+        var styles = [];
+        styles[0] = "NONE";
+        styles[1] = "SUCCESS";
+        styles[2] = "INFO";
+        styles[3] = "NOTICE";
+        styles[4] = "ERROR";
 
-        var foregroundColor = $modal.find('input[name="foreground-color"]').val();
-        var manager = parseInt($modal.find('select[name="manager"]').val());
         var data = {
-            autoassign: $modal.find('input[name="autoassign"]').val() === 'true',
-            backgroundColor: $modal.find('input[name="background-color"]').val(),
-            description: $modal.find('textarea[name="description"]').val(),
-            displayBorder: $modal.find('input[name="display-border"]:checked').val() === '1',
-            foregroundColor: foregroundColor === '' ? 'AUTO' : foregroundColor,
-            name: $modal.find('input[name="name"]').val(),
-            priority: parseInt($modal.find('select[name="priority"]').val()),
-            manager: manager === 0 ? null : manager,
-            type: parseInt($modal.find('input[name="type"]:checked').val()),
-            usage: parseInt($modal.find('select[name="usage"]').val()),
-            catOrder: parseInt($modal.find('input[name="cat-order"]').val())
+            icon: $modal.find('input[name="icon"]').val(),
+            title: $modal.find('input[name="title"]').val(),
+            message: tinyMCE.get('content').getContent(),
+            published: $modal.find('input[name="type"]:checked').val() === "0",
+            style: styles[$modal.find('input[name="style"]:checked').val()],
+            order: $modal.find('input[name="order"]').val()
         };
 
-        var url = heskUrl + 'api/index.php/v1/categories/';
+        var url = heskUrl + 'api/index.php/v1/service-messages/';
         var method = 'POST';
 
-        var categoryId = parseInt($modal.find('input[name="id"]').val());
-        if (categoryId !== -1) {
-            url += categoryId;
+        var serviceMessageId = parseInt($modal.find('input[name="id"]').val());
+        if (serviceMessageId !== -1) {
+            url += serviceMessageId;
             method = 'PUT';
         }
 

From 3e7f000630e9135e6c3acb1523638a9112ba2888 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 14 Nov 2017 13:04:20 -0500
Subject: [PATCH 09/74] All operations except for preview are working

---
 admin/service_messages.php                    | 11 ++++
 .../ServiceMessages/ServiceMessageHandler.php |  4 +-
 .../ServiceMessagesController.php             | 16 +++++-
 .../ServiceMessagesGateway.php                |  6 +-
 api/index.php                                 |  6 +-
 internal-api/js/service-messages.js           | 57 +++++++++----------
 language/en/text.php                          |  3 +
 7 files changed, 62 insertions(+), 41 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 8602f3ee..280ecdc5 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -247,6 +247,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                             <i class="fa fa-times-circle"></i>
                             <span><?php echo $hesklang['cancel']; ?></span>
                         </button>
+                        <button type="button" class="btn btn-primary preview-button">
+                            <i class="fa fa-search"></i>
+                            <span><?php echo $hesklang['sm_preview']; ?></span>
+                        </button>
                         <button type="submit" class="btn btn-success save-button">
                             <i class="fa fa-check-circle"></i>
                             <span><?php echo $hesklang['save']; ?></span>
@@ -262,6 +266,13 @@ echo mfh_get_hidden_fields_for_language(array(
     'sm_published',
     'sm_draft',
     'no_sm',
+    'sm_added',
+    'sm_mdf',
+    'error_saving_updating_sm',
+    'sm_deleted',
+    'error_deleting_sm',
+    'error_sorting_categories',
+    'error_retrieving_sm',
 ));
 
 echo '<script>var users = [];';
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index 9e70ceda..7d7ffd59 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -81,14 +81,14 @@ class ServiceMessageHandler extends \BaseClass {
         $serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings);
         $serviceMessage = null;
         foreach ($serviceMessages as $innerServiceMessage) {
-            if ($innerServiceMessage->id === intval($id)) {
+            if (intval($innerServiceMessage->id) === intval($id)) {
                 $serviceMessage = $innerServiceMessage;
                 break;
             }
         }
 
         if ($serviceMessage === null) {
-            throw new \BaseException("Could not find category with ID {$id}!");
+            throw new \BaseException("Could not find service message with ID {$id}!");
         }
 
         if ($direction === Direction::UP) {
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index faf9f568..f3247917 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -29,14 +29,16 @@ class ServiceMessagesController extends \BaseClass {
         return output($element, 201);
     }
 
-    function put() {
+    function put($id) {
         global $applicationContext, $hesk_settings;
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
 
         $data = JsonRetriever::getJsonData();
-        $element = $handler->editServiceMessage($this->buildElementModel($data, null, false), $hesk_settings);
+        $serviceMessage = $this->buildElementModel($data, null, false);
+        $serviceMessage->id = $id;
+        $element = $handler->editServiceMessage($serviceMessage, $hesk_settings);
 
         return output($element);
     }
@@ -61,7 +63,6 @@ class ServiceMessagesController extends \BaseClass {
         $serviceMessage = new ServiceMessage();
 
         if (!$creating) {
-            $serviceMessage->id = $data['id'];
             $serviceMessage->order = $data['order'];
         }
 
@@ -77,4 +78,13 @@ class ServiceMessagesController extends \BaseClass {
 
         return $serviceMessage;
     }
+
+    static function sort($id, $direction) {
+        global $applicationContext, $hesk_settings;
+
+        /* @var $handler ServiceMessageHandler */
+        $handler = $applicationContext->get(ServiceMessageHandler::clazz());
+
+        $handler->sortServiceMessage(intval($id), $direction, $hesk_settings);
+    }
 }
\ No newline at end of file
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index b2539d12..0f15c333 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -57,7 +57,7 @@ class ServiceMessagesGateway extends CommonDao {
 
         $serviceMessages = array();
 
-        $rs = hesk_dbQuery("SELECT * FROM `". hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` ORDER BY `id`");
+        $rs = hesk_dbQuery("SELECT * FROM `". hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` ORDER BY `order`");
         while ($row = hesk_dbFetchAssoc($rs)) {
             $serviceMessage = new ServiceMessage();
             $serviceMessage->id = $row['id'];
@@ -88,14 +88,14 @@ class ServiceMessagesGateway extends CommonDao {
                 `message` = '" . hesk_dbEscape($serviceMessage->message) . "', 
                 `style` = '" . intval($style) . "', 
                 `type` = " . intval($type) . ",
-                `icon` = '" . hesk_dbEscape($serviceMessage->icon) . "'
+                `icon` = '" . hesk_dbEscape($serviceMessage->icon) . "',
+                `order` = " . intval($serviceMessage->order) . "
             WHERE `id` = " . intval($serviceMessage->id));
 
         $otherFieldsRs = hesk_dbQuery("SELECT `dt`, `author`, `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
             WHERE `id` = " . intval($serviceMessage->id));
         $otherFields = hesk_dbFetchAssoc($otherFieldsRs);
 
-        $serviceMessage->order = intval($otherFields['order']);
         $serviceMessage->createdBy = intval($otherFields['author']);
         $serviceMessage->dateCreated = $otherFields['dt'];
 
diff --git a/api/index.php b/api/index.php
index 9c4b3e35..d7fa3656 100644
--- a/api/index.php
+++ b/api/index.php
@@ -204,12 +204,12 @@ Link::all(array(
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Service Messages
     '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
-        array(RequestMethod::GET, RequestMethod::POST, RequestMethod::PUT),
+        array(RequestMethod::GET, RequestMethod::POST),
         SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
     '/v1/service-messages/{i}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
-        array(RequestMethod::DELETE),
+        array(RequestMethod::PUT, RequestMethod::DELETE),
         SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
-    '/v1/service-messages/{i}/sort/{s}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz() . '::sort',
+    '/v1-internal/service-messages/{i}/sort/{s}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz() . '::sort',
         array(RequestMethod::POST),
         SecurityHandler::INTERNAL),
 
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index fdb9f207..1e413ab5 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -14,6 +14,7 @@ $(document).ready(function() {
     bindDeleteButton();
     bindCreateModal();
     bindSortButtons();
+    bindPreview();
 });
 
 
@@ -215,19 +216,16 @@ function bindFormSubmit() {
             },
             data: JSON.stringify(data),
             success: function(data) {
-                var format = undefined;
-                if (categoryId === -1) {
-                    format = mfhLang.html('cat_name_added');
-                    mfhAlert.success(format.replace('%s', data.name));
+                if (serviceMessageId === -1) {
+                    mfhAlert.success(mfhLang.text('sm_added'));
                 } else {
-                    format = mfhLang.html('category_updated');
-                    mfhAlert.success(format.replace('%s', data.name));
+                    mfhAlert.success(mfhLang.text('sm_mdf'));
                 }
                 $modal.modal('hide');
                 loadTable();
             },
             error: function(data) {
-                mfhAlert.errorWithLog(mfhLang.text('error_saving_updating_category'), data.responseJSON);
+                mfhAlert.errorWithLog(mfhLang.text('error_saving_updating_sm'), data.responseJSON);
                 console.error(data);
             },
             complete: function(data) {
@@ -243,55 +241,38 @@ function bindDeleteButton() {
         $('#overlay').show();
 
         var heskUrl = $('p#hesk-path').text();
-        var element = categories[$(this).parent().parent().find('[data-property="id"]').text()];
+        var element = serviceMessages[$(this).parent().parent().find('[data-property="id"]').data('value')];
 
         $.ajax({
             method: 'POST',
-            url: heskUrl + 'api/index.php/v1/categories/' + element.id,
+            url: heskUrl + 'api/index.php/v1/service-messages/' + element.id,
             headers: {
                 'X-Internal-Call': true,
                 'X-HTTP-Method-Override': 'DELETE'
             },
             success: function() {
-                mfhAlert.success(mfhLang.text('cat_removed'));
+                mfhAlert.success(mfhLang.text('sm_deleted'));
                 loadTable();
             },
             error: function(data) {
                 $('#overlay').hide();
-                mfhAlert.errorWithLog(mfhLang.text('error_deleting_category'), data.responseJSON);
+                mfhAlert.errorWithLog(mfhLang.text('error_deleting_sm'), data.responseJSON);
                 console.error(data);
             }
         });
     });
 }
 
-function bindGenerateLinkModal() {
-    var $modal = $('#generate-link-modal');
-
-    $modal.find('.input-group-addon').click(function() {
-        clipboard.copy($modal.find('input[type="text"]').val());
-        mfhAlert.success(mfhLang.text('copied_to_clipboard'));
-    });
-
-    $(document).on('click', '[data-property="generate-link"] i.fa-code', function () {
-        var heskUrl = $('p#hesk-url').text();
-
-        var url = heskUrl + '/index.php?a=add&catid=' + $(this).parent().data('category-id');
-
-        $modal.find('input[type="text"]').val(url).end().modal('show');
-    });
-}
-
 function bindSortButtons() {
     $(document).on('click', '[data-action="sort"]', function() {
         $('#overlay').show();
         var heskUrl = $('p#hesk-path').text();
         var direction = $(this).data('direction');
-        var element = categories[$(this).parent().parent().parent().find('[data-property="id"]').text()];
+        var element = serviceMessages[$(this).parent().parent().parent().find('[data-property="id"]').data('value')];
 
         $.ajax({
             method: 'POST',
-            url: heskUrl + 'api/index.php/v1-internal/categories/' + element.id + '/sort/' + direction,
+            url: heskUrl + 'api/index.php/v1-internal/service-messages/' + element.id + '/sort/' + direction,
             headers: { 'X-Internal-Call': true },
             success: function() {
                 loadTable();
@@ -303,4 +284,20 @@ function bindSortButtons() {
             }
         })
     });
+}
+
+function bindPreview() {
+    $('#preview-button').click(function() {
+        var $modal = $('#service-message-modal');
+        var data = {
+            icon: $modal.find('input[name="icon"]').val(),
+            title: $modal.find('input[name="title"]').val(),
+            message: tinyMCE.get('content').getContent(),
+            published: $modal.find('input[name="type"]:checked').val() === "0",
+            style: styles[$modal.find('input[name="style"]:checked').val()],
+            order: $modal.find('input[name="order"]').val()
+        };
+
+        getServiceMessagePreview(data.icon, data.title, data.message, data.style);
+    });
 }
\ No newline at end of file
diff --git a/language/en/text.php b/language/en/text.php
index 833551f5..2254a97c 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2217,6 +2217,9 @@ $hesklang['audit_unlinked_ticket'] = '%s unlinked ticket %s';
 
 // Added or modified in Mods for HESK 3.3.0
 $hesklang['error_retrieving_sm'] = 'An error occurred retrieving service messages!';
+$hesklang['error_saving_updating_sm'] = 'An error occurred creating / saving the service message!';
+$hesklang['error_deleting_sm'] = 'An error occurred when trying to delete the service message.';
+$hesklang['error_sorting_sm'] = 'An error occurred sorting service messages!';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 79e34ce8cc14743768f6e3b9562d3e3611e578c8 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 15 Nov 2017 12:55:16 -0500
Subject: [PATCH 10/74] Service messages now use the API

---
 admin/service_messages.php          | 11 +----------
 internal-api/js/service-messages.js | 17 +++++++++++++----
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 280ecdc5..de634413 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -228,16 +228,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                       class="form-control" name="message" id="content"></textarea>
                         </div>
                     </div>
-                    <div class="form-group">
-                        <div class="col-md-10 col-md-offset-2">
-                            <div class="btn-group" role="group">
-                                <input type="submit" name="sm_save" value="<?php echo $hesklang['sm_save']; ?>"
-                                       class="btn btn-primary">
-                                <input type="submit" name="sm_preview"
-                                       value="<?php echo $hesklang['sm_preview']; ?>" class="btn btn-default">
-                            </div>
-                        </div>
-                    </div>
+                    <div id="preview-pane"></div>
                 </div>
                 <div class="modal-footer">
                     <input type="hidden" name="id">
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index 1e413ab5..43008335 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -135,9 +135,9 @@ function getServiceMessagePreview(icon, title, message, style) {
 
 function bindEditModal() {
     $(document).on('click', '[data-action="edit"]', function() {
-        console.log(serviceMessages);
         var element = serviceMessages[$(this).parent().parent().find('[data-property="id"]').data('value')];
         var $modal = $('#service-message-modal');
+        $modal.find('#preview-pane').html('');
 
         $modal.find('#edit-label').show();
         $modal.find('#create-label').hide();
@@ -164,7 +164,8 @@ function bindCreateModal() {
             .find('input[name="type"][value="0"]').prop('checked', 'checked').end() // Published
             .find('input[name="title"]').val('').end()
             .find('input[name="id"]').val(-1).end()
-            .find('input[name="order"]').val('').end();
+            .find('input[name="order"]').val('').end()
+            .find('#preview-pane').html('').end();
         setIcon('');
         tinyMCE.get('content').setContent('');
 
@@ -287,7 +288,14 @@ function bindSortButtons() {
 }
 
 function bindPreview() {
-    $('#preview-button').click(function() {
+    $('.preview-button').click(function() {
+        var styles = [];
+        styles[0] = "NONE";
+        styles[1] = "SUCCESS";
+        styles[2] = "INFO";
+        styles[3] = "NOTICE";
+        styles[4] = "ERROR";
+
         var $modal = $('#service-message-modal');
         var data = {
             icon: $modal.find('input[name="icon"]').val(),
@@ -298,6 +306,7 @@ function bindPreview() {
             order: $modal.find('input[name="order"]').val()
         };
 
-        getServiceMessagePreview(data.icon, data.title, data.message, data.style);
+        var preview = getServiceMessagePreview(data.icon, data.title, data.message, data.style);
+        $('#preview-pane').html(preview);
     });
 }
\ No newline at end of file

From ac5f9309c8737466a3fb6797727e1b1054461589 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 15 Nov 2017 13:05:41 -0500
Subject: [PATCH 11/74] Starting to introduce sweetalert

---
 admin/service_messages.php |    2 +-
 css/sweetalert.css         |  686 +++++++++++++++++++++
 inc/headerAdmin.inc.php    |    2 +
 js/sweetalert.js           | 1196 ++++++++++++++++++++++++++++++++++++
 4 files changed, 1885 insertions(+), 1 deletion(-)
 create mode 100644 css/sweetalert.css
 create mode 100644 js/sweetalert.js

diff --git a/admin/service_messages.php b/admin/service_messages.php
index de634413..b445e70f 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -46,7 +46,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
         <div class="box-header with-border">
             <h1 class="box-title">
                 <?php echo $hesklang['manage_service_messages']; ?> <a href="javascript:void(0)"
-                                                          onclick="alert('<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>')"><i
+                                                          onclick="swal('', '<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>', 'info'); return false;"><i
                             class="fa fa-question-circle settingsquestionmark"></i></a>
             </h1>
             <div class="box-tools pull-right">
diff --git a/css/sweetalert.css b/css/sweetalert.css
new file mode 100644
index 00000000..c6d21f66
--- /dev/null
+++ b/css/sweetalert.css
@@ -0,0 +1,686 @@
+@keyframes showSweetAlert {
+  0% {
+    transform: scale(0.7);
+  }
+  45% {
+    transform: scale(1.05);
+  }
+  80% {
+    transform: scale(0.95);
+  }
+  100% {
+    transform: scale(1);
+  }
+}
+@keyframes hideSweetAlert {
+  0% {
+    transform: scale(1);
+  }
+  100% {
+    transform: scale(0.5);
+  }
+}
+@keyframes slideFromTop {
+  0% {
+    top: 0%;
+  }
+  100% {
+    top: 50%;
+  }
+}
+@keyframes slideToTop {
+  0% {
+    top: 50%;
+  }
+  100% {
+    top: 0%;
+  }
+}
+@keyframes slideFromBottom {
+  0% {
+    top: 70%;
+  }
+  100% {
+    top: 50%;
+  }
+}
+@keyframes slideToBottom {
+  0% {
+    top: 50%;
+  }
+  100% {
+    top: 70%;
+  }
+}
+.showSweetAlert {
+  animation: showSweetAlert 0.3s;
+}
+.showSweetAlert[data-animation=none] {
+  animation: none;
+}
+.showSweetAlert[data-animation=slide-from-top] {
+  animation: slideFromTop 0.3s;
+}
+.showSweetAlert[data-animation=slide-from-bottom] {
+  animation: slideFromBottom 0.3s;
+}
+.hideSweetAlert {
+  animation: hideSweetAlert 0.3s;
+}
+.hideSweetAlert[data-animation=none] {
+  animation: none;
+}
+.hideSweetAlert[data-animation=slide-from-top] {
+  animation: slideToTop 0.3s;
+}
+.hideSweetAlert[data-animation=slide-from-bottom] {
+  animation: slideToBottom 0.3s;
+}
+@keyframes animateSuccessTip {
+  0% {
+    width: 0;
+    left: 1px;
+    top: 19px;
+  }
+  54% {
+    width: 0;
+    left: 1px;
+    top: 19px;
+  }
+  70% {
+    width: 50px;
+    left: -8px;
+    top: 37px;
+  }
+  84% {
+    width: 17px;
+    left: 21px;
+    top: 48px;
+  }
+  100% {
+    width: 25px;
+    left: 14px;
+    top: 45px;
+  }
+}
+@keyframes animateSuccessLong {
+  0% {
+    width: 0;
+    right: 46px;
+    top: 54px;
+  }
+  65% {
+    width: 0;
+    right: 46px;
+    top: 54px;
+  }
+  84% {
+    width: 55px;
+    right: 0px;
+    top: 35px;
+  }
+  100% {
+    width: 47px;
+    right: 8px;
+    top: 38px;
+  }
+}
+@keyframes rotatePlaceholder {
+  0% {
+    transform: rotate(-45deg);
+  }
+  5% {
+    transform: rotate(-45deg);
+  }
+  12% {
+    transform: rotate(-405deg);
+  }
+  100% {
+    transform: rotate(-405deg);
+  }
+}
+.animateSuccessTip {
+  animation: animateSuccessTip 0.75s;
+}
+.animateSuccessLong {
+  animation: animateSuccessLong 0.75s;
+}
+.sa-icon.sa-success.animate::after {
+  animation: rotatePlaceholder 4.25s ease-in;
+}
+@keyframes animateErrorIcon {
+  0% {
+    transform: rotateX(100deg);
+    opacity: 0;
+  }
+  100% {
+    transform: rotateX(0deg);
+    opacity: 1;
+  }
+}
+.animateErrorIcon {
+  animation: animateErrorIcon 0.5s;
+}
+@keyframes animateXMark {
+  0% {
+    transform: scale(0.4);
+    margin-top: 26px;
+    opacity: 0;
+  }
+  50% {
+    transform: scale(0.4);
+    margin-top: 26px;
+    opacity: 0;
+  }
+  80% {
+    transform: scale(1.15);
+    margin-top: -6px;
+  }
+  100% {
+    transform: scale(1);
+    margin-top: 0;
+    opacity: 1;
+  }
+}
+.animateXMark {
+  animation: animateXMark 0.5s;
+}
+@keyframes pulseWarning {
+  0% {
+    border-color: #F8D486;
+  }
+  100% {
+    border-color: #F8BB86;
+  }
+}
+.pulseWarning {
+  animation: pulseWarning 0.75s infinite alternate;
+}
+@keyframes pulseWarningIns {
+  0% {
+    background-color: #F8D486;
+  }
+  100% {
+    background-color: #F8BB86;
+  }
+}
+.pulseWarningIns {
+  animation: pulseWarningIns 0.75s infinite alternate;
+}
+@keyframes rotate-loading {
+  0% {
+    transform: rotate(0deg);
+  }
+  100% {
+    transform: rotate(360deg);
+  }
+}
+body.stop-scrolling {
+  height: 100%;
+  overflow: hidden;
+}
+.sweet-overlay {
+  background-color: rgba(0, 0, 0, 0.4);
+  position: fixed;
+  left: 0;
+  right: 0;
+  top: 0;
+  bottom: 0;
+  display: none;
+  z-index: 1040;
+}
+.sweet-alert {
+  background-color: #ffffff;
+  width: 478px;
+  padding: 17px;
+  border-radius: 5px;
+  text-align: center;
+  position: fixed;
+  left: 50%;
+  top: 50%;
+  margin-left: -256px;
+  margin-top: -200px;
+  overflow: hidden;
+  display: none;
+  z-index: 2000;
+}
+@media all and (max-width: 767px) {
+  .sweet-alert {
+    width: auto;
+    margin-left: 0;
+    margin-right: 0;
+    left: 15px;
+    right: 15px;
+  }
+}
+.sweet-alert .form-group {
+  display: none;
+}
+.sweet-alert .form-group .sa-input-error {
+  display: none;
+}
+.sweet-alert.show-input .form-group {
+  display: block;
+}
+.sweet-alert .sa-confirm-button-container {
+  display: inline-block;
+  position: relative;
+}
+.sweet-alert .la-ball-fall {
+  position: absolute;
+  left: 50%;
+  top: 50%;
+  margin-left: -27px;
+  margin-top: -9px;
+  opacity: 0;
+  visibility: hidden;
+}
+.sweet-alert button[disabled] {
+  opacity: .6;
+  cursor: default;
+}
+.sweet-alert button.confirm[disabled] {
+  color: transparent;
+}
+.sweet-alert button.confirm[disabled] ~ .la-ball-fall {
+  opacity: 1;
+  visibility: visible;
+  transition-delay: 0s;
+}
+.sweet-alert .sa-icon {
+  width: 80px;
+  height: 80px;
+  border: 4px solid gray;
+  border-radius: 50%;
+  margin: 20px auto;
+  position: relative;
+  box-sizing: content-box;
+}
+.sweet-alert .sa-icon.sa-error {
+  border-color: #d43f3a;
+}
+.sweet-alert .sa-icon.sa-error .sa-x-mark {
+  position: relative;
+  display: block;
+}
+.sweet-alert .sa-icon.sa-error .sa-line {
+  position: absolute;
+  height: 5px;
+  width: 47px;
+  background-color: #d9534f;
+  display: block;
+  top: 37px;
+  border-radius: 2px;
+}
+.sweet-alert .sa-icon.sa-error .sa-line.sa-left {
+  transform: rotate(45deg);
+  left: 17px;
+}
+.sweet-alert .sa-icon.sa-error .sa-line.sa-right {
+  transform: rotate(-45deg);
+  right: 16px;
+}
+.sweet-alert .sa-icon.sa-warning {
+  border-color: #eea236;
+}
+.sweet-alert .sa-icon.sa-warning .sa-body {
+  position: absolute;
+  width: 5px;
+  height: 47px;
+  left: 50%;
+  top: 10px;
+  border-radius: 2px;
+  margin-left: -2px;
+  background-color: #f0ad4e;
+}
+.sweet-alert .sa-icon.sa-warning .sa-dot {
+  position: absolute;
+  width: 7px;
+  height: 7px;
+  border-radius: 50%;
+  margin-left: -3px;
+  left: 50%;
+  bottom: 10px;
+  background-color: #f0ad4e;
+}
+.sweet-alert .sa-icon.sa-info {
+  border-color: #46b8da;
+}
+.sweet-alert .sa-icon.sa-info::before {
+  content: "";
+  position: absolute;
+  width: 5px;
+  height: 29px;
+  left: 50%;
+  bottom: 17px;
+  border-radius: 2px;
+  margin-left: -2px;
+  background-color: #5bc0de;
+}
+.sweet-alert .sa-icon.sa-info::after {
+  content: "";
+  position: absolute;
+  width: 7px;
+  height: 7px;
+  border-radius: 50%;
+  margin-left: -3px;
+  top: 19px;
+  background-color: #5bc0de;
+}
+.sweet-alert .sa-icon.sa-success {
+  border-color: #4cae4c;
+}
+.sweet-alert .sa-icon.sa-success::before,
+.sweet-alert .sa-icon.sa-success::after {
+  content: '';
+  border-radius: 50%;
+  position: absolute;
+  width: 60px;
+  height: 120px;
+  background: #ffffff;
+  transform: rotate(45deg);
+}
+.sweet-alert .sa-icon.sa-success::before {
+  border-radius: 120px 0 0 120px;
+  top: -7px;
+  left: -33px;
+  transform: rotate(-45deg);
+  transform-origin: 60px 60px;
+}
+.sweet-alert .sa-icon.sa-success::after {
+  border-radius: 0 120px 120px 0;
+  top: -11px;
+  left: 30px;
+  transform: rotate(-45deg);
+  transform-origin: 0px 60px;
+}
+.sweet-alert .sa-icon.sa-success .sa-placeholder {
+  width: 80px;
+  height: 80px;
+  border: 4px solid rgba(92, 184, 92, 0.2);
+  border-radius: 50%;
+  box-sizing: content-box;
+  position: absolute;
+  left: -4px;
+  top: -4px;
+  z-index: 2;
+}
+.sweet-alert .sa-icon.sa-success .sa-fix {
+  width: 5px;
+  height: 90px;
+  background-color: #ffffff;
+  position: absolute;
+  left: 28px;
+  top: 8px;
+  z-index: 1;
+  transform: rotate(-45deg);
+}
+.sweet-alert .sa-icon.sa-success .sa-line {
+  height: 5px;
+  background-color: #5cb85c;
+  display: block;
+  border-radius: 2px;
+  position: absolute;
+  z-index: 2;
+}
+.sweet-alert .sa-icon.sa-success .sa-line.sa-tip {
+  width: 25px;
+  left: 14px;
+  top: 46px;
+  transform: rotate(45deg);
+}
+.sweet-alert .sa-icon.sa-success .sa-line.sa-long {
+  width: 47px;
+  right: 8px;
+  top: 38px;
+  transform: rotate(-45deg);
+}
+.sweet-alert .sa-icon.sa-custom {
+  background-size: contain;
+  border-radius: 0;
+  border: none;
+  background-position: center center;
+  background-repeat: no-repeat;
+}
+.sweet-alert .btn-default:focus {
+  border-color: #cccccc;
+  outline: 0;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(204, 204, 204, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(204, 204, 204, 0.6);
+}
+.sweet-alert .btn-success:focus {
+  border-color: #4cae4c;
+  outline: 0;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(76, 174, 76, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(76, 174, 76, 0.6);
+}
+.sweet-alert .btn-info:focus {
+  border-color: #46b8da;
+  outline: 0;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(70, 184, 218, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(70, 184, 218, 0.6);
+}
+.sweet-alert .btn-danger:focus {
+  border-color: #d43f3a;
+  outline: 0;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(212, 63, 58, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(212, 63, 58, 0.6);
+}
+.sweet-alert .btn-warning:focus {
+  border-color: #eea236;
+  outline: 0;
+  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(238, 162, 54, 0.6);
+  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(238, 162, 54, 0.6);
+}
+.sweet-alert button::-moz-focus-inner {
+  border: 0;
+}
+/*!
+ * Load Awesome v1.1.0 (http://github.danielcardoso.net/load-awesome/)
+ * Copyright 2015 Daniel Cardoso <@DanielCardoso>
+ * Licensed under MIT
+ */
+.la-ball-fall,
+.la-ball-fall > div {
+  position: relative;
+  -webkit-box-sizing: border-box;
+  -moz-box-sizing: border-box;
+  box-sizing: border-box;
+}
+.la-ball-fall {
+  display: block;
+  font-size: 0;
+  color: #fff;
+}
+.la-ball-fall.la-dark {
+  color: #333;
+}
+.la-ball-fall > div {
+  display: inline-block;
+  float: none;
+  background-color: currentColor;
+  border: 0 solid currentColor;
+}
+.la-ball-fall {
+  width: 54px;
+  height: 18px;
+}
+.la-ball-fall > div {
+  width: 10px;
+  height: 10px;
+  margin: 4px;
+  border-radius: 100%;
+  opacity: 0;
+  -webkit-animation: ball-fall 1s ease-in-out infinite;
+  -moz-animation: ball-fall 1s ease-in-out infinite;
+  -o-animation: ball-fall 1s ease-in-out infinite;
+  animation: ball-fall 1s ease-in-out infinite;
+}
+.la-ball-fall > div:nth-child(1) {
+  -webkit-animation-delay: -200ms;
+  -moz-animation-delay: -200ms;
+  -o-animation-delay: -200ms;
+  animation-delay: -200ms;
+}
+.la-ball-fall > div:nth-child(2) {
+  -webkit-animation-delay: -100ms;
+  -moz-animation-delay: -100ms;
+  -o-animation-delay: -100ms;
+  animation-delay: -100ms;
+}
+.la-ball-fall > div:nth-child(3) {
+  -webkit-animation-delay: 0ms;
+  -moz-animation-delay: 0ms;
+  -o-animation-delay: 0ms;
+  animation-delay: 0ms;
+}
+.la-ball-fall.la-sm {
+  width: 26px;
+  height: 8px;
+}
+.la-ball-fall.la-sm > div {
+  width: 4px;
+  height: 4px;
+  margin: 2px;
+}
+.la-ball-fall.la-2x {
+  width: 108px;
+  height: 36px;
+}
+.la-ball-fall.la-2x > div {
+  width: 20px;
+  height: 20px;
+  margin: 8px;
+}
+.la-ball-fall.la-3x {
+  width: 162px;
+  height: 54px;
+}
+.la-ball-fall.la-3x > div {
+  width: 30px;
+  height: 30px;
+  margin: 12px;
+}
+/*
+ * Animation
+ */
+@-webkit-keyframes ball-fall {
+  0% {
+    opacity: 0;
+    -webkit-transform: translateY(-145%);
+    transform: translateY(-145%);
+  }
+  10% {
+    opacity: .5;
+  }
+  20% {
+    opacity: 1;
+    -webkit-transform: translateY(0);
+    transform: translateY(0);
+  }
+  80% {
+    opacity: 1;
+    -webkit-transform: translateY(0);
+    transform: translateY(0);
+  }
+  90% {
+    opacity: .5;
+  }
+  100% {
+    opacity: 0;
+    -webkit-transform: translateY(145%);
+    transform: translateY(145%);
+  }
+}
+@-moz-keyframes ball-fall {
+  0% {
+    opacity: 0;
+    -moz-transform: translateY(-145%);
+    transform: translateY(-145%);
+  }
+  10% {
+    opacity: .5;
+  }
+  20% {
+    opacity: 1;
+    -moz-transform: translateY(0);
+    transform: translateY(0);
+  }
+  80% {
+    opacity: 1;
+    -moz-transform: translateY(0);
+    transform: translateY(0);
+  }
+  90% {
+    opacity: .5;
+  }
+  100% {
+    opacity: 0;
+    -moz-transform: translateY(145%);
+    transform: translateY(145%);
+  }
+}
+@-o-keyframes ball-fall {
+  0% {
+    opacity: 0;
+    -o-transform: translateY(-145%);
+    transform: translateY(-145%);
+  }
+  10% {
+    opacity: .5;
+  }
+  20% {
+    opacity: 1;
+    -o-transform: translateY(0);
+    transform: translateY(0);
+  }
+  80% {
+    opacity: 1;
+    -o-transform: translateY(0);
+    transform: translateY(0);
+  }
+  90% {
+    opacity: .5;
+  }
+  100% {
+    opacity: 0;
+    -o-transform: translateY(145%);
+    transform: translateY(145%);
+  }
+}
+@keyframes ball-fall {
+  0% {
+    opacity: 0;
+    -webkit-transform: translateY(-145%);
+    -moz-transform: translateY(-145%);
+    -o-transform: translateY(-145%);
+    transform: translateY(-145%);
+  }
+  10% {
+    opacity: .5;
+  }
+  20% {
+    opacity: 1;
+    -webkit-transform: translateY(0);
+    -moz-transform: translateY(0);
+    -o-transform: translateY(0);
+    transform: translateY(0);
+  }
+  80% {
+    opacity: 1;
+    -webkit-transform: translateY(0);
+    -moz-transform: translateY(0);
+    -o-transform: translateY(0);
+    transform: translateY(0);
+  }
+  90% {
+    opacity: .5;
+  }
+  100% {
+    opacity: 0;
+    -webkit-transform: translateY(145%);
+    -moz-transform: translateY(145%);
+    -o-transform: translateY(145%);
+    transform: translateY(145%);
+  }
+}
diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php
index 3f7df57d..09d1787b 100644
--- a/inc/headerAdmin.inc.php
+++ b/inc/headerAdmin.inc.php
@@ -50,6 +50,7 @@ header('X-UA-Compatible: IE=edge');
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/displays.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/bootstrap-select.min.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/mods-for-hesk-new.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
+    <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/sweetalert.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <?php if (defined('USE_JQUERY_2')): ?>
         <script src="<?php echo HESK_PATH; ?>js/jquery-2.2.4.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <?php else: ?>
@@ -78,6 +79,7 @@ header('X-UA-Compatible: IE=edge');
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>internal-api/js/lang.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/clipboard.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/bootstrap-select.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
+    <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/sweetalert.js"></script>
     <?php
     if (defined('EXTRA_JS')) {
         echo EXTRA_JS;
diff --git a/js/sweetalert.js b/js/sweetalert.js
new file mode 100644
index 00000000..d9dc2a31
--- /dev/null
+++ b/js/sweetalert.js
@@ -0,0 +1,1196 @@
+;(function(window, document, undefined) {
+"use strict";
+
+(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var defaultParams = {
+  title: '',
+  text: '',
+  type: null,
+  allowOutsideClick: false,
+  showConfirmButton: true,
+  showCancelButton: false,
+  closeOnConfirm: true,
+  closeOnCancel: true,
+  confirmButtonText: 'OK',
+  confirmButtonClass: 'btn-primary',
+  cancelButtonText: 'Cancel',
+  cancelButtonClass: 'btn-default',
+  containerClass: '',
+  titleClass: '',
+  textClass: '',
+  imageUrl: null,
+  imageSize: null,
+  timer: null,
+  customClass: '',
+  html: false,
+  animation: true,
+  allowEscapeKey: true,
+  inputType: 'text',
+  inputPlaceholder: '',
+  inputValue: '',
+  showLoaderOnConfirm: false
+};
+
+exports.default = defaultParams;
+
+},{}],2:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.handleCancel = exports.handleConfirm = exports.handleButton = undefined;
+
+var _handleSwalDom = require('./handle-swal-dom');
+
+var _handleDom = require('./handle-dom');
+
+/*
+ * User clicked on "Confirm"/"OK" or "Cancel"
+ */
+var handleButton = function handleButton(event, params, modal) {
+  var e = event || window.event;
+  var target = e.target || e.srcElement;
+
+  var targetedConfirm = target.className.indexOf('confirm') !== -1;
+  var targetedOverlay = target.className.indexOf('sweet-overlay') !== -1;
+  var modalIsVisible = (0, _handleDom.hasClass)(modal, 'visible');
+  var doneFunctionExists = params.doneFunction && modal.getAttribute('data-has-done-function') === 'true';
+
+  // Since the user can change the background-color of the confirm button programmatically,
+  // we must calculate what the color should be on hover/active
+  var normalColor, hoverColor, activeColor;
+  if (targetedConfirm && params.confirmButtonColor) {
+    normalColor = params.confirmButtonColor;
+    hoverColor = colorLuminance(normalColor, -0.04);
+    activeColor = colorLuminance(normalColor, -0.14);
+  }
+
+  function shouldSetConfirmButtonColor(color) {
+    if (targetedConfirm && params.confirmButtonColor) {
+      target.style.backgroundColor = color;
+    }
+  }
+
+  switch (e.type) {
+    case 'click':
+      var clickedOnModal = modal === target;
+      var clickedOnModalChild = (0, _handleDom.isDescendant)(modal, target);
+
+      // Ignore click outside if allowOutsideClick is false
+      if (!clickedOnModal && !clickedOnModalChild && modalIsVisible && !params.allowOutsideClick) {
+        break;
+      }
+
+      if (targetedConfirm && doneFunctionExists && modalIsVisible) {
+        handleConfirm(modal, params);
+      } else if (doneFunctionExists && modalIsVisible || targetedOverlay) {
+        handleCancel(modal, params);
+      } else if ((0, _handleDom.isDescendant)(modal, target) && target.tagName === 'BUTTON') {
+        sweetAlert.close();
+      }
+      break;
+  }
+};
+
+/*
+ *  User clicked on "Confirm"/"OK"
+ */
+var handleConfirm = function handleConfirm(modal, params) {
+  var callbackValue = true;
+
+  if ((0, _handleDom.hasClass)(modal, 'show-input')) {
+    callbackValue = modal.querySelector('input').value;
+
+    if (!callbackValue) {
+      callbackValue = '';
+    }
+  }
+
+  params.doneFunction(callbackValue);
+
+  if (params.closeOnConfirm) {
+    sweetAlert.close();
+  }
+  // Disable cancel and confirm button if the parameter is true
+  if (params.showLoaderOnConfirm) {
+    sweetAlert.disableButtons();
+  }
+};
+
+/*
+ *  User clicked on "Cancel"
+ */
+var handleCancel = function handleCancel(modal, params) {
+  // Check if callback function expects a parameter (to track cancel actions)
+  var functionAsStr = String(params.doneFunction).replace(/\s/g, '');
+  var functionHandlesCancel = functionAsStr.substring(0, 9) === 'function(' && functionAsStr.substring(9, 10) !== ')';
+
+  if (functionHandlesCancel) {
+    params.doneFunction(false);
+  }
+
+  if (params.closeOnCancel) {
+    sweetAlert.close();
+  }
+};
+
+exports.handleButton = handleButton;
+exports.handleConfirm = handleConfirm;
+exports.handleCancel = handleCancel;
+
+},{"./handle-dom":3,"./handle-swal-dom":5}],3:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var hasClass = function hasClass(elem, className) {
+  return new RegExp(' ' + className + ' ').test(' ' + elem.className + ' ');
+};
+
+var addClass = function addClass(elem, className) {
+  if (!hasClass(elem, className)) {
+    elem.className += ' ' + className;
+  }
+};
+
+var removeClass = function removeClass(elem, className) {
+  var newClass = ' ' + elem.className.replace(/[\t\r\n]/g, ' ') + ' ';
+  if (hasClass(elem, className)) {
+    while (newClass.indexOf(' ' + className + ' ') >= 0) {
+      newClass = newClass.replace(' ' + className + ' ', ' ');
+    }
+    elem.className = newClass.replace(/^\s+|\s+$/g, '');
+  }
+};
+
+var escapeHtml = function escapeHtml(str) {
+  var div = document.createElement('div');
+  div.appendChild(document.createTextNode(str));
+  return div.innerHTML;
+};
+
+var _show = function _show(elem) {
+  elem.style.opacity = '';
+  elem.style.display = 'block';
+};
+
+var show = function show(elems) {
+  if (elems && !elems.length) {
+    return _show(elems);
+  }
+  for (var i = 0; i < elems.length; ++i) {
+    _show(elems[i]);
+  }
+};
+
+var _hide = function _hide(elem) {
+  elem.style.opacity = '';
+  elem.style.display = 'none';
+};
+
+var hide = function hide(elems) {
+  if (elems && !elems.length) {
+    return _hide(elems);
+  }
+  for (var i = 0; i < elems.length; ++i) {
+    _hide(elems[i]);
+  }
+};
+
+var isDescendant = function isDescendant(parent, child) {
+  var node = child.parentNode;
+  while (node !== null) {
+    if (node === parent) {
+      return true;
+    }
+    node = node.parentNode;
+  }
+  return false;
+};
+
+var getTopMargin = function getTopMargin(elem) {
+  elem.style.left = '-9999px';
+  elem.style.display = 'block';
+
+  var height = elem.clientHeight,
+      padding;
+  if (typeof getComputedStyle !== "undefined") {
+    // IE 8
+    padding = parseInt(getComputedStyle(elem).getPropertyValue('padding-top'), 10);
+  } else {
+    padding = parseInt(elem.currentStyle.padding);
+  }
+
+  elem.style.left = '';
+  elem.style.display = 'none';
+  return '-' + parseInt((height + padding) / 2) + 'px';
+};
+
+var fadeIn = function fadeIn(elem, interval) {
+  if (+elem.style.opacity < 1) {
+    interval = interval || 16;
+    elem.style.opacity = 0;
+    elem.style.display = 'block';
+    var last = +new Date();
+    var tick = function tick() {
+      elem.style.opacity = +elem.style.opacity + (new Date() - last) / 100;
+      last = +new Date();
+
+      if (+elem.style.opacity < 1) {
+        setTimeout(tick, interval);
+      }
+    };
+    tick();
+  }
+  elem.style.display = 'block'; //fallback IE8
+};
+
+var fadeOut = function fadeOut(elem, interval) {
+  interval = interval || 16;
+  elem.style.opacity = 1;
+  var last = +new Date();
+  var tick = function tick() {
+    elem.style.opacity = +elem.style.opacity - (new Date() - last) / 100;
+    last = +new Date();
+
+    if (+elem.style.opacity > 0) {
+      setTimeout(tick, interval);
+    } else {
+      elem.style.display = 'none';
+    }
+  };
+  tick();
+};
+
+var fireClick = function fireClick(node) {
+  // Taken from http://www.nonobtrusive.com/2011/11/29/programatically-fire-crossbrowser-click-event-with-javascript/
+  // Then fixed for today's Chrome browser.
+  if (typeof MouseEvent === 'function') {
+    // Up-to-date approach
+    var mevt = new MouseEvent('click', {
+      view: window,
+      bubbles: false,
+      cancelable: true
+    });
+    node.dispatchEvent(mevt);
+  } else if (document.createEvent) {
+    // Fallback
+    var evt = document.createEvent('MouseEvents');
+    evt.initEvent('click', false, false);
+    node.dispatchEvent(evt);
+  } else if (document.createEventObject) {
+    node.fireEvent('onclick');
+  } else if (typeof node.onclick === 'function') {
+    node.onclick();
+  }
+};
+
+var stopEventPropagation = function stopEventPropagation(e) {
+  // In particular, make sure the space bar doesn't scroll the main window.
+  if (typeof e.stopPropagation === 'function') {
+    e.stopPropagation();
+    e.preventDefault();
+  } else if (window.event && window.event.hasOwnProperty('cancelBubble')) {
+    window.event.cancelBubble = true;
+  }
+};
+
+exports.hasClass = hasClass;
+exports.addClass = addClass;
+exports.removeClass = removeClass;
+exports.escapeHtml = escapeHtml;
+exports._show = _show;
+exports.show = show;
+exports._hide = _hide;
+exports.hide = hide;
+exports.isDescendant = isDescendant;
+exports.getTopMargin = getTopMargin;
+exports.fadeIn = fadeIn;
+exports.fadeOut = fadeOut;
+exports.fireClick = fireClick;
+exports.stopEventPropagation = stopEventPropagation;
+
+},{}],4:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+
+var _handleDom = require('./handle-dom');
+
+var _handleSwalDom = require('./handle-swal-dom');
+
+var handleKeyDown = function handleKeyDown(event, params, modal) {
+  var e = event || window.event;
+  var keyCode = e.keyCode || e.which;
+
+  var $okButton = modal.querySelector('button.confirm');
+  var $cancelButton = modal.querySelector('button.cancel');
+  var $modalButtons = modal.querySelectorAll('button[tabindex]');
+
+  if ([9, 13, 32, 27].indexOf(keyCode) === -1) {
+    // Don't do work on keys we don't care about.
+    return;
+  }
+
+  var $targetElement = e.target || e.srcElement;
+
+  var btnIndex = -1; // Find the button - note, this is a nodelist, not an array.
+  for (var i = 0; i < $modalButtons.length; i++) {
+    if ($targetElement === $modalButtons[i]) {
+      btnIndex = i;
+      break;
+    }
+  }
+
+  if (keyCode === 9) {
+    // TAB
+    if (btnIndex === -1) {
+      // No button focused. Jump to the confirm button.
+      $targetElement = $okButton;
+    } else {
+      // Cycle to the next button
+      if (btnIndex === $modalButtons.length - 1) {
+        $targetElement = $modalButtons[0];
+      } else {
+        $targetElement = $modalButtons[btnIndex + 1];
+      }
+    }
+
+    (0, _handleDom.stopEventPropagation)(e);
+    $targetElement.focus();
+
+    if (params.confirmButtonColor) {
+      (0, _handleSwalDom.setFocusStyle)($targetElement, params.confirmButtonColor);
+    }
+  } else {
+    if (keyCode === 13) {
+      if ($targetElement.tagName === 'INPUT') {
+        $targetElement = $okButton;
+        $okButton.focus();
+      }
+
+      if (btnIndex === -1) {
+        // ENTER/SPACE clicked outside of a button.
+        $targetElement = $okButton;
+      } else {
+        // Do nothing - let the browser handle it.
+        $targetElement = undefined;
+      }
+    } else if (keyCode === 27 && params.allowEscapeKey === true) {
+      $targetElement = $cancelButton;
+      (0, _handleDom.fireClick)($targetElement, e);
+    } else {
+      // Fallback - let the browser handle it.
+      $targetElement = undefined;
+    }
+  }
+};
+
+exports.default = handleKeyDown;
+
+},{"./handle-dom":3,"./handle-swal-dom":5}],5:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.fixVerticalPosition = exports.resetInputError = exports.resetInput = exports.openModal = exports.getInput = exports.getOverlay = exports.getModal = exports.sweetAlertInitialize = undefined;
+
+var _handleDom = require('./handle-dom');
+
+var _defaultParams = require('./default-params');
+
+var _defaultParams2 = _interopRequireDefault(_defaultParams);
+
+var _injectedHtml = require('./injected-html');
+
+var _injectedHtml2 = _interopRequireDefault(_injectedHtml);
+
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+
+var modalClass = '.sweet-alert';
+var overlayClass = '.sweet-overlay';
+
+/*
+ * Add modal + overlay to DOM
+ */
+
+
+var sweetAlertInitialize = function sweetAlertInitialize() {
+  var sweetWrap = document.createElement('div');
+  sweetWrap.innerHTML = _injectedHtml2.default;
+
+  // Append elements to body
+  while (sweetWrap.firstChild) {
+    document.body.appendChild(sweetWrap.firstChild);
+  }
+};
+
+/*
+ * Get DOM element of modal
+ */
+var getModal = function getModal() {
+  var $modal = document.querySelector(modalClass);
+
+  if (!$modal) {
+    sweetAlertInitialize();
+    $modal = getModal();
+  }
+
+  return $modal;
+};
+
+/*
+ * Get DOM element of input (in modal)
+ */
+var getInput = function getInput() {
+  var $modal = getModal();
+  if ($modal) {
+    return $modal.querySelector('input');
+  }
+};
+
+/*
+ * Get DOM element of overlay
+ */
+var getOverlay = function getOverlay() {
+  return document.querySelector(overlayClass);
+};
+
+/*
+ * Animation when opening modal
+ */
+var openModal = function openModal(callback) {
+  var $modal = getModal();
+  (0, _handleDom.fadeIn)(getOverlay(), 10);
+  (0, _handleDom.show)($modal);
+  (0, _handleDom.addClass)($modal, 'showSweetAlert');
+  (0, _handleDom.removeClass)($modal, 'hideSweetAlert');
+
+  window.previousActiveElement = document.activeElement;
+  var $okButton = $modal.querySelector('button.confirm');
+  $okButton.focus();
+
+  setTimeout(function () {
+    (0, _handleDom.addClass)($modal, 'visible');
+  }, 500);
+
+  var timer = $modal.getAttribute('data-timer');
+
+  if (timer !== 'null' && timer !== '') {
+    var timerCallback = callback;
+    $modal.timeout = setTimeout(function () {
+      var doneFunctionExists = (timerCallback || null) && $modal.getAttribute('data-has-done-function') === 'true';
+      if (doneFunctionExists) {
+        timerCallback(null);
+      } else {
+        sweetAlert.close();
+      }
+    }, timer);
+  }
+};
+
+/*
+ * Reset the styling of the input
+ * (for example if errors have been shown)
+ */
+var resetInput = function resetInput() {
+  var $modal = getModal();
+  var $input = getInput();
+
+  (0, _handleDom.removeClass)($modal, 'show-input');
+  $input.value = _defaultParams2.default.inputValue;
+  $input.setAttribute('type', _defaultParams2.default.inputType);
+  $input.setAttribute('placeholder', _defaultParams2.default.inputPlaceholder);
+
+  resetInputError();
+};
+
+var resetInputError = function resetInputError(event) {
+  // If press enter => ignore
+  if (event && event.keyCode === 13) {
+    return false;
+  }
+
+  var $modal = getModal();
+
+  var $errorIcon = $modal.querySelector('.sa-input-error');
+  (0, _handleDom.removeClass)($errorIcon, 'show');
+
+  var $errorContainer = $modal.querySelector('.form-group');
+  (0, _handleDom.removeClass)($errorContainer, 'has-error');
+};
+
+/*
+ * Set "margin-top"-property on modal based on its computed height
+ */
+var fixVerticalPosition = function fixVerticalPosition() {
+  var $modal = getModal();
+  $modal.style.marginTop = (0, _handleDom.getTopMargin)(getModal());
+};
+
+exports.sweetAlertInitialize = sweetAlertInitialize;
+exports.getModal = getModal;
+exports.getOverlay = getOverlay;
+exports.getInput = getInput;
+exports.openModal = openModal;
+exports.resetInput = resetInput;
+exports.resetInputError = resetInputError;
+exports.fixVerticalPosition = fixVerticalPosition;
+
+},{"./default-params":1,"./handle-dom":3,"./injected-html":6}],6:[function(require,module,exports){
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var injectedHTML =
+
+// Dark overlay
+"<div class=\"sweet-overlay\" tabIndex=\"-1\"></div>" +
+
+// Modal
+"<div class=\"sweet-alert\" tabIndex=\"-1\">" +
+
+// Error icon
+"<div class=\"sa-icon sa-error\">\n      <span class=\"sa-x-mark\">\n        <span class=\"sa-line sa-left\"></span>\n        <span class=\"sa-line sa-right\"></span>\n      </span>\n    </div>" +
+
+// Warning icon
+"<div class=\"sa-icon sa-warning\">\n      <span class=\"sa-body\"></span>\n      <span class=\"sa-dot\"></span>\n    </div>" +
+
+// Info icon
+"<div class=\"sa-icon sa-info\"></div>" +
+
+// Success icon
+"<div class=\"sa-icon sa-success\">\n      <span class=\"sa-line sa-tip\"></span>\n      <span class=\"sa-line sa-long\"></span>\n\n      <div class=\"sa-placeholder\"></div>\n      <div class=\"sa-fix\"></div>\n    </div>" + "<div class=\"sa-icon sa-custom\"></div>" +
+
+// Title, text and input
+"<h2>Title</h2>\n    <p class=\"lead text-muted\">Text</p>\n    <div class=\"form-group\">\n      <input type=\"text\" class=\"form-control\" tabIndex=\"3\" />\n      <span class=\"sa-input-error help-block\">\n        <span class=\"glyphicon glyphicon-exclamation-sign\"></span> <span class=\"sa-help-text\">Not valid</span>\n      </span>\n    </div>" +
+
+// Cancel and confirm buttons
+"<div class=\"sa-button-container\">\n      <button class=\"cancel btn btn-lg\" tabIndex=\"2\">Cancel</button>\n      <div class=\"sa-confirm-button-container\">\n        <button class=\"confirm btn btn-lg\" tabIndex=\"1\">OK</button>" +
+
+// Loading animation
+"<div class=\"la-ball-fall\">\n          <div></div>\n          <div></div>\n          <div></div>\n        </div>\n      </div>\n    </div>" +
+
+// End of modal
+"</div>";
+
+exports.default = injectedHTML;
+
+},{}],7:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+
+var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol ? "symbol" : typeof obj; };
+
+var _utils = require('./utils');
+
+var _handleSwalDom = require('./handle-swal-dom');
+
+var _handleDom = require('./handle-dom');
+
+var alertTypes = ['error', 'warning', 'info', 'success', 'input', 'prompt'];
+
+/*
+ * Set type, text and actions on modal
+ */
+var setParameters = function setParameters(params) {
+  var modal = (0, _handleSwalDom.getModal)();
+
+  var $title = modal.querySelector('h2');
+  var $text = modal.querySelector('p');
+  var $cancelBtn = modal.querySelector('button.cancel');
+  var $confirmBtn = modal.querySelector('button.confirm');
+
+  /*
+   * Title
+   */
+  $title.innerHTML = params.html ? params.title : (0, _handleDom.escapeHtml)(params.title).split('\n').join('<br>');
+
+  /*
+   * Text
+   */
+  $text.innerHTML = params.html ? params.text : (0, _handleDom.escapeHtml)(params.text || '').split('\n').join('<br>');
+  if (params.text) (0, _handleDom.show)($text);
+
+  /*
+   * Custom class
+   */
+  if (params.customClass) {
+    (0, _handleDom.addClass)(modal, params.customClass);
+    modal.setAttribute('data-custom-class', params.customClass);
+  } else {
+    // Find previously set classes and remove them
+    var customClass = modal.getAttribute('data-custom-class');
+    (0, _handleDom.removeClass)(modal, customClass);
+    modal.setAttribute('data-custom-class', '');
+  }
+
+  /*
+   * Icon
+   */
+  (0, _handleDom.hide)(modal.querySelectorAll('.sa-icon'));
+
+  if (params.type && !(0, _utils.isIE8)()) {
+    var _ret = function () {
+
+      var validType = false;
+
+      for (var i = 0; i < alertTypes.length; i++) {
+        if (params.type === alertTypes[i]) {
+          validType = true;
+          break;
+        }
+      }
+
+      if (!validType) {
+        logStr('Unknown alert type: ' + params.type);
+        return {
+          v: false
+        };
+      }
+
+      var typesWithIcons = ['success', 'error', 'warning', 'info'];
+      var $icon = void 0;
+
+      if (typesWithIcons.indexOf(params.type) !== -1) {
+        $icon = modal.querySelector('.sa-icon.' + 'sa-' + params.type);
+        (0, _handleDom.show)($icon);
+      }
+
+      var $input = (0, _handleSwalDom.getInput)();
+
+      // Animate icon
+      switch (params.type) {
+
+        case 'success':
+          (0, _handleDom.addClass)($icon, 'animate');
+          (0, _handleDom.addClass)($icon.querySelector('.sa-tip'), 'animateSuccessTip');
+          (0, _handleDom.addClass)($icon.querySelector('.sa-long'), 'animateSuccessLong');
+          break;
+
+        case 'error':
+          (0, _handleDom.addClass)($icon, 'animateErrorIcon');
+          (0, _handleDom.addClass)($icon.querySelector('.sa-x-mark'), 'animateXMark');
+          break;
+
+        case 'warning':
+          (0, _handleDom.addClass)($icon, 'pulseWarning');
+          (0, _handleDom.addClass)($icon.querySelector('.sa-body'), 'pulseWarningIns');
+          (0, _handleDom.addClass)($icon.querySelector('.sa-dot'), 'pulseWarningIns');
+          break;
+
+        case 'input':
+        case 'prompt':
+          $input.setAttribute('type', params.inputType);
+          $input.value = params.inputValue;
+          $input.setAttribute('placeholder', params.inputPlaceholder);
+          (0, _handleDom.addClass)(modal, 'show-input');
+          setTimeout(function () {
+            $input.focus();
+            $input.addEventListener('keyup', swal.resetInputError);
+          }, 400);
+          break;
+      }
+    }();
+
+    if ((typeof _ret === 'undefined' ? 'undefined' : _typeof(_ret)) === "object") return _ret.v;
+  }
+
+  /*
+   * Custom image
+   */
+  if (params.imageUrl) {
+    var $customIcon = modal.querySelector('.sa-icon.sa-custom');
+
+    $customIcon.style.backgroundImage = 'url(' + params.imageUrl + ')';
+    (0, _handleDom.show)($customIcon);
+
+    var _imgWidth = 80;
+    var _imgHeight = 80;
+
+    if (params.imageSize) {
+      var dimensions = params.imageSize.toString().split('x');
+      var imgWidth = dimensions[0];
+      var imgHeight = dimensions[1];
+
+      if (!imgWidth || !imgHeight) {
+        logStr('Parameter imageSize expects value with format WIDTHxHEIGHT, got ' + params.imageSize);
+      } else {
+        _imgWidth = imgWidth;
+        _imgHeight = imgHeight;
+      }
+    }
+
+    $customIcon.setAttribute('style', $customIcon.getAttribute('style') + 'width:' + _imgWidth + 'px; height:' + _imgHeight + 'px');
+  }
+
+  /*
+   * Show cancel button?
+   */
+  modal.setAttribute('data-has-cancel-button', params.showCancelButton);
+  if (params.showCancelButton) {
+    $cancelBtn.style.display = 'inline-block';
+  } else {
+    (0, _handleDom.hide)($cancelBtn);
+  }
+
+  /*
+   * Show confirm button?
+   */
+  modal.setAttribute('data-has-confirm-button', params.showConfirmButton);
+  if (params.showConfirmButton) {
+    $confirmBtn.style.display = 'inline-block';
+  } else {
+    (0, _handleDom.hide)($confirmBtn);
+  }
+
+  /*
+   * Custom text on cancel/confirm buttons
+   */
+  if (params.cancelButtonText) {
+    $cancelBtn.innerHTML = (0, _handleDom.escapeHtml)(params.cancelButtonText);
+  }
+  if (params.confirmButtonText) {
+    $confirmBtn.innerHTML = (0, _handleDom.escapeHtml)(params.confirmButtonText);
+  }
+
+  /*
+   * Reset confirm buttons to default class (Ugly fix)
+   */
+  $confirmBtn.className = 'confirm btn btn-lg';
+
+  /*
+   * Attach selected class to the sweet alert modal
+   */
+  (0, _handleDom.addClass)(modal, params.containerClass);
+
+  /*
+   * Set confirm button to selected class
+   */
+  (0, _handleDom.addClass)($confirmBtn, params.confirmButtonClass);
+
+  /*
+   * Set cancel button to selected class
+   */
+  (0, _handleDom.addClass)($cancelBtn, params.cancelButtonClass);
+
+  /*
+   * Set title to selected class
+   */
+  (0, _handleDom.addClass)($title, params.titleClass);
+
+  /*
+   * Set text to selected class
+   */
+  (0, _handleDom.addClass)($text, params.textClass);
+
+  /*
+   * Allow outside click
+   */
+  modal.setAttribute('data-allow-outside-click', params.allowOutsideClick);
+
+  /*
+   * Callback function
+   */
+  var hasDoneFunction = params.doneFunction ? true : false;
+  modal.setAttribute('data-has-done-function', hasDoneFunction);
+
+  /*
+   * Animation
+   */
+  if (!params.animation) {
+    modal.setAttribute('data-animation', 'none');
+  } else if (typeof params.animation === 'string') {
+    modal.setAttribute('data-animation', params.animation); // Custom animation
+  } else {
+      modal.setAttribute('data-animation', 'pop');
+    }
+
+  /*
+   * Timer
+   */
+  modal.setAttribute('data-timer', params.timer);
+};
+
+exports.default = setParameters;
+
+},{"./handle-dom":3,"./handle-swal-dom":5,"./utils":8}],8:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+/*
+ * Allow user to pass their own params
+ */
+var extend = function extend(a, b) {
+  for (var key in b) {
+    if (b.hasOwnProperty(key)) {
+      a[key] = b[key];
+    }
+  }
+  return a;
+};
+
+/*
+ * Check if the user is using Internet Explorer 8 (for fallbacks)
+ */
+var isIE8 = function isIE8() {
+  return window.attachEvent && !window.addEventListener;
+};
+
+/*
+ * IE compatible logging for developers
+ */
+var logStr = function logStr(string) {
+  if (window.console) {
+    // IE...
+    window.console.log('SweetAlert: ' + string);
+  }
+};
+
+exports.extend = extend;
+exports.isIE8 = isIE8;
+exports.logStr = logStr;
+
+},{}],9:[function(require,module,exports){
+'use strict';
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+
+var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol ? "symbol" : typeof obj; }; // SweetAlert
+// 2014-2015 (c) - Tristan Edwards
+// github.com/t4t5/sweetalert
+
+/*
+ * jQuery-like functions for manipulating the DOM
+ */
+
+
+/*
+ * Handy utilities
+ */
+
+
+/*
+ *  Handle sweetAlert's DOM elements
+ */
+
+
+// Handle button events and keyboard events
+
+
+// Default values
+
+
+var _handleDom = require('./modules/handle-dom');
+
+var _utils = require('./modules/utils');
+
+var _handleSwalDom = require('./modules/handle-swal-dom');
+
+var _handleClick = require('./modules/handle-click');
+
+var _handleKey = require('./modules/handle-key');
+
+var _handleKey2 = _interopRequireDefault(_handleKey);
+
+var _defaultParams = require('./modules/default-params');
+
+var _defaultParams2 = _interopRequireDefault(_defaultParams);
+
+var _setParams = require('./modules/set-params');
+
+var _setParams2 = _interopRequireDefault(_setParams);
+
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+
+/*
+ * Remember state in cases where opening and handling a modal will fiddle with it.
+ * (We also use window.previousActiveElement as a global variable)
+ */
+var previousWindowKeyDown;
+var lastFocusedButton;
+
+/*
+ * Global sweetAlert function
+ * (this is what the user calls)
+ */
+var sweetAlert, _swal;
+
+exports.default = sweetAlert = _swal = function swal() {
+  var customizations = arguments[0];
+
+  (0, _handleDom.addClass)(document.body, 'stop-scrolling');
+  (0, _handleSwalDom.resetInput)();
+
+  /*
+   * Use argument if defined or default value from params object otherwise.
+   * Supports the case where a default value is boolean true and should be
+   * overridden by a corresponding explicit argument which is boolean false.
+   */
+  function argumentOrDefault(key) {
+    var args = customizations;
+    return args[key] === undefined ? _defaultParams2.default[key] : args[key];
+  }
+
+  if (customizations === undefined) {
+    (0, _utils.logStr)('SweetAlert expects at least 1 attribute!');
+    return false;
+  }
+
+  var params = (0, _utils.extend)({}, _defaultParams2.default);
+
+  switch (typeof customizations === 'undefined' ? 'undefined' : _typeof(customizations)) {
+
+    // Ex: swal("Hello", "Just testing", "info");
+    case 'string':
+      params.title = customizations;
+      params.text = arguments[1] || '';
+      params.type = arguments[2] || '';
+      break;
+
+    // Ex: swal({ title:"Hello", text: "Just testing", type: "info" });
+    case 'object':
+      if (customizations.title === undefined) {
+        (0, _utils.logStr)('Missing "title" argument!');
+        return false;
+      }
+
+      params.title = customizations.title;
+
+      for (var customName in _defaultParams2.default) {
+        params[customName] = argumentOrDefault(customName);
+      }
+
+      // Show "Confirm" instead of "OK" if cancel button is visible
+      params.confirmButtonText = params.showCancelButton ? 'Confirm' : _defaultParams2.default.confirmButtonText;
+      params.confirmButtonText = argumentOrDefault('confirmButtonText');
+
+      // Callback function when clicking on "OK"/"Cancel"
+      params.doneFunction = arguments[1] || null;
+
+      break;
+
+    default:
+      (0, _utils.logStr)('Unexpected type of argument! Expected "string" or "object", got ' + (typeof customizations === 'undefined' ? 'undefined' : _typeof(customizations)));
+      return false;
+
+  }
+
+  (0, _setParams2.default)(params);
+  (0, _handleSwalDom.fixVerticalPosition)();
+  (0, _handleSwalDom.openModal)(arguments[1]);
+
+  // Modal interactions
+  var modal = (0, _handleSwalDom.getModal)();
+
+  /*
+   * Make sure all modal buttons respond to all events
+   */
+  var $buttons = modal.querySelectorAll('button');
+  var buttonEvents = ['onclick'];
+  var onButtonEvent = function onButtonEvent(e) {
+    return (0, _handleClick.handleButton)(e, params, modal);
+  };
+
+  for (var btnIndex = 0; btnIndex < $buttons.length; btnIndex++) {
+    for (var evtIndex = 0; evtIndex < buttonEvents.length; evtIndex++) {
+      var btnEvt = buttonEvents[evtIndex];
+      $buttons[btnIndex][btnEvt] = onButtonEvent;
+    }
+  }
+
+  // Clicking outside the modal dismisses it (if allowed by user)
+  (0, _handleSwalDom.getOverlay)().onclick = onButtonEvent;
+
+  previousWindowKeyDown = window.onkeydown;
+
+  var onKeyEvent = function onKeyEvent(e) {
+    return (0, _handleKey2.default)(e, params, modal);
+  };
+  window.onkeydown = onKeyEvent;
+
+  window.onfocus = function () {
+    // When the user has focused away and focused back from the whole window.
+    setTimeout(function () {
+      // Put in a timeout to jump out of the event sequence.
+      // Calling focus() in the event sequence confuses things.
+      if (lastFocusedButton !== undefined) {
+        lastFocusedButton.focus();
+        lastFocusedButton = undefined;
+      }
+    }, 0);
+  };
+
+  // Show alert with enabled buttons always
+  _swal.enableButtons();
+};
+
+/*
+ * Set default params for each popup
+ * @param {Object} userParams
+ */
+
+
+sweetAlert.setDefaults = _swal.setDefaults = function (userParams) {
+  if (!userParams) {
+    throw new Error('userParams is required');
+  }
+  if ((typeof userParams === 'undefined' ? 'undefined' : _typeof(userParams)) !== 'object') {
+    throw new Error('userParams has to be a object');
+  }
+
+  (0, _utils.extend)(_defaultParams2.default, userParams);
+};
+
+/*
+ * Animation when closing modal
+ */
+sweetAlert.close = _swal.close = function () {
+  var modal = (0, _handleSwalDom.getModal)();
+
+  (0, _handleDom.fadeOut)((0, _handleSwalDom.getOverlay)(), 5);
+  (0, _handleDom.fadeOut)(modal, 5);
+  (0, _handleDom.removeClass)(modal, 'showSweetAlert');
+  (0, _handleDom.addClass)(modal, 'hideSweetAlert');
+  (0, _handleDom.removeClass)(modal, 'visible');
+
+  /*
+   * Reset icon animations
+   */
+  var $successIcon = modal.querySelector('.sa-icon.sa-success');
+  (0, _handleDom.removeClass)($successIcon, 'animate');
+  (0, _handleDom.removeClass)($successIcon.querySelector('.sa-tip'), 'animateSuccessTip');
+  (0, _handleDom.removeClass)($successIcon.querySelector('.sa-long'), 'animateSuccessLong');
+
+  var $errorIcon = modal.querySelector('.sa-icon.sa-error');
+  (0, _handleDom.removeClass)($errorIcon, 'animateErrorIcon');
+  (0, _handleDom.removeClass)($errorIcon.querySelector('.sa-x-mark'), 'animateXMark');
+
+  var $warningIcon = modal.querySelector('.sa-icon.sa-warning');
+  (0, _handleDom.removeClass)($warningIcon, 'pulseWarning');
+  (0, _handleDom.removeClass)($warningIcon.querySelector('.sa-body'), 'pulseWarningIns');
+  (0, _handleDom.removeClass)($warningIcon.querySelector('.sa-dot'), 'pulseWarningIns');
+
+  // Reset custom class (delay so that UI changes aren't visible)
+  setTimeout(function () {
+    var customClass = modal.getAttribute('data-custom-class');
+    (0, _handleDom.removeClass)(modal, customClass);
+  }, 300);
+
+  // Make page scrollable again
+  (0, _handleDom.removeClass)(document.body, 'stop-scrolling');
+
+  // Reset the page to its previous state
+  window.onkeydown = previousWindowKeyDown;
+  if (window.previousActiveElement) {
+    window.previousActiveElement.focus();
+  }
+  lastFocusedButton = undefined;
+  clearTimeout(modal.timeout);
+
+  return true;
+};
+
+/*
+ * Validation of the input field is done by user
+ * If something is wrong => call showInputError with errorMessage
+ */
+sweetAlert.showInputError = _swal.showInputError = function (errorMessage) {
+  var modal = (0, _handleSwalDom.getModal)();
+
+  var $errorIcon = modal.querySelector('.sa-input-error');
+  (0, _handleDom.addClass)($errorIcon, 'show');
+
+  var $errorContainer = modal.querySelector('.form-group');
+  (0, _handleDom.addClass)($errorContainer, 'has-error');
+
+  $errorContainer.querySelector('.sa-help-text').innerHTML = errorMessage;
+
+  setTimeout(function () {
+    sweetAlert.enableButtons();
+  }, 1);
+
+  modal.querySelector('input').focus();
+};
+
+/*
+ * Reset input error DOM elements
+ */
+sweetAlert.resetInputError = _swal.resetInputError = function (event) {
+  // If press enter => ignore
+  if (event && event.keyCode === 13) {
+    return false;
+  }
+
+  var $modal = (0, _handleSwalDom.getModal)();
+
+  var $errorIcon = $modal.querySelector('.sa-input-error');
+  (0, _handleDom.removeClass)($errorIcon, 'show');
+
+  var $errorContainer = $modal.querySelector('.form-group');
+  (0, _handleDom.removeClass)($errorContainer, 'has-error');
+};
+
+/*
+ * Disable confirm and cancel buttons
+ */
+sweetAlert.disableButtons = _swal.disableButtons = function (event) {
+  var modal = (0, _handleSwalDom.getModal)();
+  var $confirmButton = modal.querySelector('button.confirm');
+  var $cancelButton = modal.querySelector('button.cancel');
+  $confirmButton.disabled = true;
+  $cancelButton.disabled = true;
+};
+
+/*
+ * Enable confirm and cancel buttons
+ */
+sweetAlert.enableButtons = _swal.enableButtons = function (event) {
+  var modal = (0, _handleSwalDom.getModal)();
+  var $confirmButton = modal.querySelector('button.confirm');
+  var $cancelButton = modal.querySelector('button.cancel');
+  $confirmButton.disabled = false;
+  $cancelButton.disabled = false;
+};
+
+if (typeof window !== 'undefined') {
+  // The 'handle-click' module requires
+  // that 'sweetAlert' was set as global.
+  window.sweetAlert = window.swal = sweetAlert;
+} else {
+  (0, _utils.logStr)('SweetAlert is a frontend module!');
+}
+
+},{"./modules/default-params":1,"./modules/handle-click":2,"./modules/handle-dom":3,"./modules/handle-key":4,"./modules/handle-swal-dom":5,"./modules/set-params":7,"./modules/utils":8}]},{},[9]);
+
+/*
+ * Use SweetAlert with RequireJS
+ */
+
+if (typeof define === 'function' && define.amd) {
+  define(function () {
+    return sweetAlert;
+  });
+} else if (typeof module !== 'undefined' && module.exports) {
+  module.exports = sweetAlert;
+}
+
+})(window, document);
\ No newline at end of file

From f5ff322c33e38291321fc486e78cbb371ea178b5 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 15 Nov 2017 21:27:45 -0500
Subject: [PATCH 12/74] Remove sweetalert, use a tooltip instead

---
 admin/service_messages.php          |   12 +-
 css/sweetalert.css                  |  686 ---------------
 inc/headerAdmin.inc.php             |    2 -
 internal-api/js/service-messages.js |   27 +-
 js/sweetalert.js                    | 1196 ---------------------------
 5 files changed, 32 insertions(+), 1891 deletions(-)
 delete mode 100644 css/sweetalert.css
 delete mode 100644 js/sweetalert.js

diff --git a/admin/service_messages.php b/admin/service_messages.php
index b445e70f..c60d7b58 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -45,9 +45,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
     <div class="box">
         <div class="box-header with-border">
             <h1 class="box-title">
-                <?php echo $hesklang['manage_service_messages']; ?> <a href="javascript:void(0)"
-                                                          onclick="swal('', '<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>', 'info'); return false;"><i
-                            class="fa fa-question-circle settingsquestionmark"></i></a>
+                <?php echo $hesklang['manage_service_messages']; ?>
+                <i class="fa fa-question-circle settingsquestionmark" data-toggle="tooltip"
+                   title="<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>"
+                    data-placement="bottom"></i>
             </h1>
             <div class="box-tools pull-right">
                 <button type="button" class="btn btn-box-tool" data-widget="collapse">
@@ -87,6 +88,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                 theme_advanced_resizing: true
                             });
                         </script>
+                        <input type="hidden" name="kb_wysiwyg" value="1">
+                        <?php
+                    } else {
+                        ?>
+                        <input type="hidden" name="kb_wysiwyg" value="0">
                         <?php
                     }
                     ?>
diff --git a/css/sweetalert.css b/css/sweetalert.css
deleted file mode 100644
index c6d21f66..00000000
--- a/css/sweetalert.css
+++ /dev/null
@@ -1,686 +0,0 @@
-@keyframes showSweetAlert {
-  0% {
-    transform: scale(0.7);
-  }
-  45% {
-    transform: scale(1.05);
-  }
-  80% {
-    transform: scale(0.95);
-  }
-  100% {
-    transform: scale(1);
-  }
-}
-@keyframes hideSweetAlert {
-  0% {
-    transform: scale(1);
-  }
-  100% {
-    transform: scale(0.5);
-  }
-}
-@keyframes slideFromTop {
-  0% {
-    top: 0%;
-  }
-  100% {
-    top: 50%;
-  }
-}
-@keyframes slideToTop {
-  0% {
-    top: 50%;
-  }
-  100% {
-    top: 0%;
-  }
-}
-@keyframes slideFromBottom {
-  0% {
-    top: 70%;
-  }
-  100% {
-    top: 50%;
-  }
-}
-@keyframes slideToBottom {
-  0% {
-    top: 50%;
-  }
-  100% {
-    top: 70%;
-  }
-}
-.showSweetAlert {
-  animation: showSweetAlert 0.3s;
-}
-.showSweetAlert[data-animation=none] {
-  animation: none;
-}
-.showSweetAlert[data-animation=slide-from-top] {
-  animation: slideFromTop 0.3s;
-}
-.showSweetAlert[data-animation=slide-from-bottom] {
-  animation: slideFromBottom 0.3s;
-}
-.hideSweetAlert {
-  animation: hideSweetAlert 0.3s;
-}
-.hideSweetAlert[data-animation=none] {
-  animation: none;
-}
-.hideSweetAlert[data-animation=slide-from-top] {
-  animation: slideToTop 0.3s;
-}
-.hideSweetAlert[data-animation=slide-from-bottom] {
-  animation: slideToBottom 0.3s;
-}
-@keyframes animateSuccessTip {
-  0% {
-    width: 0;
-    left: 1px;
-    top: 19px;
-  }
-  54% {
-    width: 0;
-    left: 1px;
-    top: 19px;
-  }
-  70% {
-    width: 50px;
-    left: -8px;
-    top: 37px;
-  }
-  84% {
-    width: 17px;
-    left: 21px;
-    top: 48px;
-  }
-  100% {
-    width: 25px;
-    left: 14px;
-    top: 45px;
-  }
-}
-@keyframes animateSuccessLong {
-  0% {
-    width: 0;
-    right: 46px;
-    top: 54px;
-  }
-  65% {
-    width: 0;
-    right: 46px;
-    top: 54px;
-  }
-  84% {
-    width: 55px;
-    right: 0px;
-    top: 35px;
-  }
-  100% {
-    width: 47px;
-    right: 8px;
-    top: 38px;
-  }
-}
-@keyframes rotatePlaceholder {
-  0% {
-    transform: rotate(-45deg);
-  }
-  5% {
-    transform: rotate(-45deg);
-  }
-  12% {
-    transform: rotate(-405deg);
-  }
-  100% {
-    transform: rotate(-405deg);
-  }
-}
-.animateSuccessTip {
-  animation: animateSuccessTip 0.75s;
-}
-.animateSuccessLong {
-  animation: animateSuccessLong 0.75s;
-}
-.sa-icon.sa-success.animate::after {
-  animation: rotatePlaceholder 4.25s ease-in;
-}
-@keyframes animateErrorIcon {
-  0% {
-    transform: rotateX(100deg);
-    opacity: 0;
-  }
-  100% {
-    transform: rotateX(0deg);
-    opacity: 1;
-  }
-}
-.animateErrorIcon {
-  animation: animateErrorIcon 0.5s;
-}
-@keyframes animateXMark {
-  0% {
-    transform: scale(0.4);
-    margin-top: 26px;
-    opacity: 0;
-  }
-  50% {
-    transform: scale(0.4);
-    margin-top: 26px;
-    opacity: 0;
-  }
-  80% {
-    transform: scale(1.15);
-    margin-top: -6px;
-  }
-  100% {
-    transform: scale(1);
-    margin-top: 0;
-    opacity: 1;
-  }
-}
-.animateXMark {
-  animation: animateXMark 0.5s;
-}
-@keyframes pulseWarning {
-  0% {
-    border-color: #F8D486;
-  }
-  100% {
-    border-color: #F8BB86;
-  }
-}
-.pulseWarning {
-  animation: pulseWarning 0.75s infinite alternate;
-}
-@keyframes pulseWarningIns {
-  0% {
-    background-color: #F8D486;
-  }
-  100% {
-    background-color: #F8BB86;
-  }
-}
-.pulseWarningIns {
-  animation: pulseWarningIns 0.75s infinite alternate;
-}
-@keyframes rotate-loading {
-  0% {
-    transform: rotate(0deg);
-  }
-  100% {
-    transform: rotate(360deg);
-  }
-}
-body.stop-scrolling {
-  height: 100%;
-  overflow: hidden;
-}
-.sweet-overlay {
-  background-color: rgba(0, 0, 0, 0.4);
-  position: fixed;
-  left: 0;
-  right: 0;
-  top: 0;
-  bottom: 0;
-  display: none;
-  z-index: 1040;
-}
-.sweet-alert {
-  background-color: #ffffff;
-  width: 478px;
-  padding: 17px;
-  border-radius: 5px;
-  text-align: center;
-  position: fixed;
-  left: 50%;
-  top: 50%;
-  margin-left: -256px;
-  margin-top: -200px;
-  overflow: hidden;
-  display: none;
-  z-index: 2000;
-}
-@media all and (max-width: 767px) {
-  .sweet-alert {
-    width: auto;
-    margin-left: 0;
-    margin-right: 0;
-    left: 15px;
-    right: 15px;
-  }
-}
-.sweet-alert .form-group {
-  display: none;
-}
-.sweet-alert .form-group .sa-input-error {
-  display: none;
-}
-.sweet-alert.show-input .form-group {
-  display: block;
-}
-.sweet-alert .sa-confirm-button-container {
-  display: inline-block;
-  position: relative;
-}
-.sweet-alert .la-ball-fall {
-  position: absolute;
-  left: 50%;
-  top: 50%;
-  margin-left: -27px;
-  margin-top: -9px;
-  opacity: 0;
-  visibility: hidden;
-}
-.sweet-alert button[disabled] {
-  opacity: .6;
-  cursor: default;
-}
-.sweet-alert button.confirm[disabled] {
-  color: transparent;
-}
-.sweet-alert button.confirm[disabled] ~ .la-ball-fall {
-  opacity: 1;
-  visibility: visible;
-  transition-delay: 0s;
-}
-.sweet-alert .sa-icon {
-  width: 80px;
-  height: 80px;
-  border: 4px solid gray;
-  border-radius: 50%;
-  margin: 20px auto;
-  position: relative;
-  box-sizing: content-box;
-}
-.sweet-alert .sa-icon.sa-error {
-  border-color: #d43f3a;
-}
-.sweet-alert .sa-icon.sa-error .sa-x-mark {
-  position: relative;
-  display: block;
-}
-.sweet-alert .sa-icon.sa-error .sa-line {
-  position: absolute;
-  height: 5px;
-  width: 47px;
-  background-color: #d9534f;
-  display: block;
-  top: 37px;
-  border-radius: 2px;
-}
-.sweet-alert .sa-icon.sa-error .sa-line.sa-left {
-  transform: rotate(45deg);
-  left: 17px;
-}
-.sweet-alert .sa-icon.sa-error .sa-line.sa-right {
-  transform: rotate(-45deg);
-  right: 16px;
-}
-.sweet-alert .sa-icon.sa-warning {
-  border-color: #eea236;
-}
-.sweet-alert .sa-icon.sa-warning .sa-body {
-  position: absolute;
-  width: 5px;
-  height: 47px;
-  left: 50%;
-  top: 10px;
-  border-radius: 2px;
-  margin-left: -2px;
-  background-color: #f0ad4e;
-}
-.sweet-alert .sa-icon.sa-warning .sa-dot {
-  position: absolute;
-  width: 7px;
-  height: 7px;
-  border-radius: 50%;
-  margin-left: -3px;
-  left: 50%;
-  bottom: 10px;
-  background-color: #f0ad4e;
-}
-.sweet-alert .sa-icon.sa-info {
-  border-color: #46b8da;
-}
-.sweet-alert .sa-icon.sa-info::before {
-  content: "";
-  position: absolute;
-  width: 5px;
-  height: 29px;
-  left: 50%;
-  bottom: 17px;
-  border-radius: 2px;
-  margin-left: -2px;
-  background-color: #5bc0de;
-}
-.sweet-alert .sa-icon.sa-info::after {
-  content: "";
-  position: absolute;
-  width: 7px;
-  height: 7px;
-  border-radius: 50%;
-  margin-left: -3px;
-  top: 19px;
-  background-color: #5bc0de;
-}
-.sweet-alert .sa-icon.sa-success {
-  border-color: #4cae4c;
-}
-.sweet-alert .sa-icon.sa-success::before,
-.sweet-alert .sa-icon.sa-success::after {
-  content: '';
-  border-radius: 50%;
-  position: absolute;
-  width: 60px;
-  height: 120px;
-  background: #ffffff;
-  transform: rotate(45deg);
-}
-.sweet-alert .sa-icon.sa-success::before {
-  border-radius: 120px 0 0 120px;
-  top: -7px;
-  left: -33px;
-  transform: rotate(-45deg);
-  transform-origin: 60px 60px;
-}
-.sweet-alert .sa-icon.sa-success::after {
-  border-radius: 0 120px 120px 0;
-  top: -11px;
-  left: 30px;
-  transform: rotate(-45deg);
-  transform-origin: 0px 60px;
-}
-.sweet-alert .sa-icon.sa-success .sa-placeholder {
-  width: 80px;
-  height: 80px;
-  border: 4px solid rgba(92, 184, 92, 0.2);
-  border-radius: 50%;
-  box-sizing: content-box;
-  position: absolute;
-  left: -4px;
-  top: -4px;
-  z-index: 2;
-}
-.sweet-alert .sa-icon.sa-success .sa-fix {
-  width: 5px;
-  height: 90px;
-  background-color: #ffffff;
-  position: absolute;
-  left: 28px;
-  top: 8px;
-  z-index: 1;
-  transform: rotate(-45deg);
-}
-.sweet-alert .sa-icon.sa-success .sa-line {
-  height: 5px;
-  background-color: #5cb85c;
-  display: block;
-  border-radius: 2px;
-  position: absolute;
-  z-index: 2;
-}
-.sweet-alert .sa-icon.sa-success .sa-line.sa-tip {
-  width: 25px;
-  left: 14px;
-  top: 46px;
-  transform: rotate(45deg);
-}
-.sweet-alert .sa-icon.sa-success .sa-line.sa-long {
-  width: 47px;
-  right: 8px;
-  top: 38px;
-  transform: rotate(-45deg);
-}
-.sweet-alert .sa-icon.sa-custom {
-  background-size: contain;
-  border-radius: 0;
-  border: none;
-  background-position: center center;
-  background-repeat: no-repeat;
-}
-.sweet-alert .btn-default:focus {
-  border-color: #cccccc;
-  outline: 0;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(204, 204, 204, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(204, 204, 204, 0.6);
-}
-.sweet-alert .btn-success:focus {
-  border-color: #4cae4c;
-  outline: 0;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(76, 174, 76, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(76, 174, 76, 0.6);
-}
-.sweet-alert .btn-info:focus {
-  border-color: #46b8da;
-  outline: 0;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(70, 184, 218, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(70, 184, 218, 0.6);
-}
-.sweet-alert .btn-danger:focus {
-  border-color: #d43f3a;
-  outline: 0;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(212, 63, 58, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(212, 63, 58, 0.6);
-}
-.sweet-alert .btn-warning:focus {
-  border-color: #eea236;
-  outline: 0;
-  -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(238, 162, 54, 0.6);
-  box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(238, 162, 54, 0.6);
-}
-.sweet-alert button::-moz-focus-inner {
-  border: 0;
-}
-/*!
- * Load Awesome v1.1.0 (http://github.danielcardoso.net/load-awesome/)
- * Copyright 2015 Daniel Cardoso <@DanielCardoso>
- * Licensed under MIT
- */
-.la-ball-fall,
-.la-ball-fall > div {
-  position: relative;
-  -webkit-box-sizing: border-box;
-  -moz-box-sizing: border-box;
-  box-sizing: border-box;
-}
-.la-ball-fall {
-  display: block;
-  font-size: 0;
-  color: #fff;
-}
-.la-ball-fall.la-dark {
-  color: #333;
-}
-.la-ball-fall > div {
-  display: inline-block;
-  float: none;
-  background-color: currentColor;
-  border: 0 solid currentColor;
-}
-.la-ball-fall {
-  width: 54px;
-  height: 18px;
-}
-.la-ball-fall > div {
-  width: 10px;
-  height: 10px;
-  margin: 4px;
-  border-radius: 100%;
-  opacity: 0;
-  -webkit-animation: ball-fall 1s ease-in-out infinite;
-  -moz-animation: ball-fall 1s ease-in-out infinite;
-  -o-animation: ball-fall 1s ease-in-out infinite;
-  animation: ball-fall 1s ease-in-out infinite;
-}
-.la-ball-fall > div:nth-child(1) {
-  -webkit-animation-delay: -200ms;
-  -moz-animation-delay: -200ms;
-  -o-animation-delay: -200ms;
-  animation-delay: -200ms;
-}
-.la-ball-fall > div:nth-child(2) {
-  -webkit-animation-delay: -100ms;
-  -moz-animation-delay: -100ms;
-  -o-animation-delay: -100ms;
-  animation-delay: -100ms;
-}
-.la-ball-fall > div:nth-child(3) {
-  -webkit-animation-delay: 0ms;
-  -moz-animation-delay: 0ms;
-  -o-animation-delay: 0ms;
-  animation-delay: 0ms;
-}
-.la-ball-fall.la-sm {
-  width: 26px;
-  height: 8px;
-}
-.la-ball-fall.la-sm > div {
-  width: 4px;
-  height: 4px;
-  margin: 2px;
-}
-.la-ball-fall.la-2x {
-  width: 108px;
-  height: 36px;
-}
-.la-ball-fall.la-2x > div {
-  width: 20px;
-  height: 20px;
-  margin: 8px;
-}
-.la-ball-fall.la-3x {
-  width: 162px;
-  height: 54px;
-}
-.la-ball-fall.la-3x > div {
-  width: 30px;
-  height: 30px;
-  margin: 12px;
-}
-/*
- * Animation
- */
-@-webkit-keyframes ball-fall {
-  0% {
-    opacity: 0;
-    -webkit-transform: translateY(-145%);
-    transform: translateY(-145%);
-  }
-  10% {
-    opacity: .5;
-  }
-  20% {
-    opacity: 1;
-    -webkit-transform: translateY(0);
-    transform: translateY(0);
-  }
-  80% {
-    opacity: 1;
-    -webkit-transform: translateY(0);
-    transform: translateY(0);
-  }
-  90% {
-    opacity: .5;
-  }
-  100% {
-    opacity: 0;
-    -webkit-transform: translateY(145%);
-    transform: translateY(145%);
-  }
-}
-@-moz-keyframes ball-fall {
-  0% {
-    opacity: 0;
-    -moz-transform: translateY(-145%);
-    transform: translateY(-145%);
-  }
-  10% {
-    opacity: .5;
-  }
-  20% {
-    opacity: 1;
-    -moz-transform: translateY(0);
-    transform: translateY(0);
-  }
-  80% {
-    opacity: 1;
-    -moz-transform: translateY(0);
-    transform: translateY(0);
-  }
-  90% {
-    opacity: .5;
-  }
-  100% {
-    opacity: 0;
-    -moz-transform: translateY(145%);
-    transform: translateY(145%);
-  }
-}
-@-o-keyframes ball-fall {
-  0% {
-    opacity: 0;
-    -o-transform: translateY(-145%);
-    transform: translateY(-145%);
-  }
-  10% {
-    opacity: .5;
-  }
-  20% {
-    opacity: 1;
-    -o-transform: translateY(0);
-    transform: translateY(0);
-  }
-  80% {
-    opacity: 1;
-    -o-transform: translateY(0);
-    transform: translateY(0);
-  }
-  90% {
-    opacity: .5;
-  }
-  100% {
-    opacity: 0;
-    -o-transform: translateY(145%);
-    transform: translateY(145%);
-  }
-}
-@keyframes ball-fall {
-  0% {
-    opacity: 0;
-    -webkit-transform: translateY(-145%);
-    -moz-transform: translateY(-145%);
-    -o-transform: translateY(-145%);
-    transform: translateY(-145%);
-  }
-  10% {
-    opacity: .5;
-  }
-  20% {
-    opacity: 1;
-    -webkit-transform: translateY(0);
-    -moz-transform: translateY(0);
-    -o-transform: translateY(0);
-    transform: translateY(0);
-  }
-  80% {
-    opacity: 1;
-    -webkit-transform: translateY(0);
-    -moz-transform: translateY(0);
-    -o-transform: translateY(0);
-    transform: translateY(0);
-  }
-  90% {
-    opacity: .5;
-  }
-  100% {
-    opacity: 0;
-    -webkit-transform: translateY(145%);
-    -moz-transform: translateY(145%);
-    -o-transform: translateY(145%);
-    transform: translateY(145%);
-  }
-}
diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php
index 09d1787b..3f7df57d 100644
--- a/inc/headerAdmin.inc.php
+++ b/inc/headerAdmin.inc.php
@@ -50,7 +50,6 @@ header('X-UA-Compatible: IE=edge');
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/displays.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/bootstrap-select.min.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/mods-for-hesk-new.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
-    <link rel="stylesheet" href="<?php echo HESK_PATH; ?>css/sweetalert.css?v=<?php echo MODS_FOR_HESK_BUILD; ?>">
     <?php if (defined('USE_JQUERY_2')): ?>
         <script src="<?php echo HESK_PATH; ?>js/jquery-2.2.4.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <?php else: ?>
@@ -79,7 +78,6 @@ header('X-UA-Compatible: IE=edge');
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>internal-api/js/lang.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/clipboard.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/bootstrap-select.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
-    <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/sweetalert.js"></script>
     <?php
     if (defined('EXTRA_JS')) {
         echo EXTRA_JS;
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index 43008335..050c864a 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -149,7 +149,13 @@ function bindEditModal() {
             .find('input[name="id"]').val(element.id).end()
             .find('input[name="order"]').val(element.order).end();
         setIcon(element.icon);
-        tinyMCE.get('content').setContent(element.message);
+
+        if ($('input[name="kb_wysiwyg"]').val() === "1") {
+            tinyMCE.get('content').setContent(element.message);
+        } else {
+            $('textarea[name="message"]').val(element.message);
+        }
+
 
         $modal.modal('show');
     });
@@ -167,7 +173,12 @@ function bindCreateModal() {
             .find('input[name="order"]').val('').end()
             .find('#preview-pane').html('').end();
         setIcon('');
-        tinyMCE.get('content').setContent('');
+
+        if ($('input[name="kb_wysiwyg"]').val() === "1") {
+            tinyMCE.get('content').setContent('');
+        } else {
+            $('textarea[name="message"]').val('');
+        }
 
         $modal.modal('show');
     });
@@ -190,7 +201,7 @@ function bindFormSubmit() {
         var data = {
             icon: $modal.find('input[name="icon"]').val(),
             title: $modal.find('input[name="title"]').val(),
-            message: tinyMCE.get('content').getContent(),
+            message: getMessage(),
             published: $modal.find('input[name="type"]:checked').val() === "0",
             style: styles[$modal.find('input[name="style"]:checked').val()],
             order: $modal.find('input[name="order"]').val()
@@ -300,7 +311,7 @@ function bindPreview() {
         var data = {
             icon: $modal.find('input[name="icon"]').val(),
             title: $modal.find('input[name="title"]').val(),
-            message: tinyMCE.get('content').getContent(),
+            message: getMessage(),
             published: $modal.find('input[name="type"]:checked').val() === "0",
             style: styles[$modal.find('input[name="style"]:checked').val()],
             order: $modal.find('input[name="order"]').val()
@@ -309,4 +320,12 @@ function bindPreview() {
         var preview = getServiceMessagePreview(data.icon, data.title, data.message, data.style);
         $('#preview-pane').html(preview);
     });
+}
+
+function getMessage() {
+    if ($('input[name="kb_wysiwyg"]').val() === "1") {
+        return tinyMCE.get('content').getContent();
+    }
+
+    return $('textarea[name="message"]').val();
 }
\ No newline at end of file
diff --git a/js/sweetalert.js b/js/sweetalert.js
deleted file mode 100644
index d9dc2a31..00000000
--- a/js/sweetalert.js
+++ /dev/null
@@ -1,1196 +0,0 @@
-;(function(window, document, undefined) {
-"use strict";
-
-(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-var defaultParams = {
-  title: '',
-  text: '',
-  type: null,
-  allowOutsideClick: false,
-  showConfirmButton: true,
-  showCancelButton: false,
-  closeOnConfirm: true,
-  closeOnCancel: true,
-  confirmButtonText: 'OK',
-  confirmButtonClass: 'btn-primary',
-  cancelButtonText: 'Cancel',
-  cancelButtonClass: 'btn-default',
-  containerClass: '',
-  titleClass: '',
-  textClass: '',
-  imageUrl: null,
-  imageSize: null,
-  timer: null,
-  customClass: '',
-  html: false,
-  animation: true,
-  allowEscapeKey: true,
-  inputType: 'text',
-  inputPlaceholder: '',
-  inputValue: '',
-  showLoaderOnConfirm: false
-};
-
-exports.default = defaultParams;
-
-},{}],2:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.handleCancel = exports.handleConfirm = exports.handleButton = undefined;
-
-var _handleSwalDom = require('./handle-swal-dom');
-
-var _handleDom = require('./handle-dom');
-
-/*
- * User clicked on "Confirm"/"OK" or "Cancel"
- */
-var handleButton = function handleButton(event, params, modal) {
-  var e = event || window.event;
-  var target = e.target || e.srcElement;
-
-  var targetedConfirm = target.className.indexOf('confirm') !== -1;
-  var targetedOverlay = target.className.indexOf('sweet-overlay') !== -1;
-  var modalIsVisible = (0, _handleDom.hasClass)(modal, 'visible');
-  var doneFunctionExists = params.doneFunction && modal.getAttribute('data-has-done-function') === 'true';
-
-  // Since the user can change the background-color of the confirm button programmatically,
-  // we must calculate what the color should be on hover/active
-  var normalColor, hoverColor, activeColor;
-  if (targetedConfirm && params.confirmButtonColor) {
-    normalColor = params.confirmButtonColor;
-    hoverColor = colorLuminance(normalColor, -0.04);
-    activeColor = colorLuminance(normalColor, -0.14);
-  }
-
-  function shouldSetConfirmButtonColor(color) {
-    if (targetedConfirm && params.confirmButtonColor) {
-      target.style.backgroundColor = color;
-    }
-  }
-
-  switch (e.type) {
-    case 'click':
-      var clickedOnModal = modal === target;
-      var clickedOnModalChild = (0, _handleDom.isDescendant)(modal, target);
-
-      // Ignore click outside if allowOutsideClick is false
-      if (!clickedOnModal && !clickedOnModalChild && modalIsVisible && !params.allowOutsideClick) {
-        break;
-      }
-
-      if (targetedConfirm && doneFunctionExists && modalIsVisible) {
-        handleConfirm(modal, params);
-      } else if (doneFunctionExists && modalIsVisible || targetedOverlay) {
-        handleCancel(modal, params);
-      } else if ((0, _handleDom.isDescendant)(modal, target) && target.tagName === 'BUTTON') {
-        sweetAlert.close();
-      }
-      break;
-  }
-};
-
-/*
- *  User clicked on "Confirm"/"OK"
- */
-var handleConfirm = function handleConfirm(modal, params) {
-  var callbackValue = true;
-
-  if ((0, _handleDom.hasClass)(modal, 'show-input')) {
-    callbackValue = modal.querySelector('input').value;
-
-    if (!callbackValue) {
-      callbackValue = '';
-    }
-  }
-
-  params.doneFunction(callbackValue);
-
-  if (params.closeOnConfirm) {
-    sweetAlert.close();
-  }
-  // Disable cancel and confirm button if the parameter is true
-  if (params.showLoaderOnConfirm) {
-    sweetAlert.disableButtons();
-  }
-};
-
-/*
- *  User clicked on "Cancel"
- */
-var handleCancel = function handleCancel(modal, params) {
-  // Check if callback function expects a parameter (to track cancel actions)
-  var functionAsStr = String(params.doneFunction).replace(/\s/g, '');
-  var functionHandlesCancel = functionAsStr.substring(0, 9) === 'function(' && functionAsStr.substring(9, 10) !== ')';
-
-  if (functionHandlesCancel) {
-    params.doneFunction(false);
-  }
-
-  if (params.closeOnCancel) {
-    sweetAlert.close();
-  }
-};
-
-exports.handleButton = handleButton;
-exports.handleConfirm = handleConfirm;
-exports.handleCancel = handleCancel;
-
-},{"./handle-dom":3,"./handle-swal-dom":5}],3:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-var hasClass = function hasClass(elem, className) {
-  return new RegExp(' ' + className + ' ').test(' ' + elem.className + ' ');
-};
-
-var addClass = function addClass(elem, className) {
-  if (!hasClass(elem, className)) {
-    elem.className += ' ' + className;
-  }
-};
-
-var removeClass = function removeClass(elem, className) {
-  var newClass = ' ' + elem.className.replace(/[\t\r\n]/g, ' ') + ' ';
-  if (hasClass(elem, className)) {
-    while (newClass.indexOf(' ' + className + ' ') >= 0) {
-      newClass = newClass.replace(' ' + className + ' ', ' ');
-    }
-    elem.className = newClass.replace(/^\s+|\s+$/g, '');
-  }
-};
-
-var escapeHtml = function escapeHtml(str) {
-  var div = document.createElement('div');
-  div.appendChild(document.createTextNode(str));
-  return div.innerHTML;
-};
-
-var _show = function _show(elem) {
-  elem.style.opacity = '';
-  elem.style.display = 'block';
-};
-
-var show = function show(elems) {
-  if (elems && !elems.length) {
-    return _show(elems);
-  }
-  for (var i = 0; i < elems.length; ++i) {
-    _show(elems[i]);
-  }
-};
-
-var _hide = function _hide(elem) {
-  elem.style.opacity = '';
-  elem.style.display = 'none';
-};
-
-var hide = function hide(elems) {
-  if (elems && !elems.length) {
-    return _hide(elems);
-  }
-  for (var i = 0; i < elems.length; ++i) {
-    _hide(elems[i]);
-  }
-};
-
-var isDescendant = function isDescendant(parent, child) {
-  var node = child.parentNode;
-  while (node !== null) {
-    if (node === parent) {
-      return true;
-    }
-    node = node.parentNode;
-  }
-  return false;
-};
-
-var getTopMargin = function getTopMargin(elem) {
-  elem.style.left = '-9999px';
-  elem.style.display = 'block';
-
-  var height = elem.clientHeight,
-      padding;
-  if (typeof getComputedStyle !== "undefined") {
-    // IE 8
-    padding = parseInt(getComputedStyle(elem).getPropertyValue('padding-top'), 10);
-  } else {
-    padding = parseInt(elem.currentStyle.padding);
-  }
-
-  elem.style.left = '';
-  elem.style.display = 'none';
-  return '-' + parseInt((height + padding) / 2) + 'px';
-};
-
-var fadeIn = function fadeIn(elem, interval) {
-  if (+elem.style.opacity < 1) {
-    interval = interval || 16;
-    elem.style.opacity = 0;
-    elem.style.display = 'block';
-    var last = +new Date();
-    var tick = function tick() {
-      elem.style.opacity = +elem.style.opacity + (new Date() - last) / 100;
-      last = +new Date();
-
-      if (+elem.style.opacity < 1) {
-        setTimeout(tick, interval);
-      }
-    };
-    tick();
-  }
-  elem.style.display = 'block'; //fallback IE8
-};
-
-var fadeOut = function fadeOut(elem, interval) {
-  interval = interval || 16;
-  elem.style.opacity = 1;
-  var last = +new Date();
-  var tick = function tick() {
-    elem.style.opacity = +elem.style.opacity - (new Date() - last) / 100;
-    last = +new Date();
-
-    if (+elem.style.opacity > 0) {
-      setTimeout(tick, interval);
-    } else {
-      elem.style.display = 'none';
-    }
-  };
-  tick();
-};
-
-var fireClick = function fireClick(node) {
-  // Taken from http://www.nonobtrusive.com/2011/11/29/programatically-fire-crossbrowser-click-event-with-javascript/
-  // Then fixed for today's Chrome browser.
-  if (typeof MouseEvent === 'function') {
-    // Up-to-date approach
-    var mevt = new MouseEvent('click', {
-      view: window,
-      bubbles: false,
-      cancelable: true
-    });
-    node.dispatchEvent(mevt);
-  } else if (document.createEvent) {
-    // Fallback
-    var evt = document.createEvent('MouseEvents');
-    evt.initEvent('click', false, false);
-    node.dispatchEvent(evt);
-  } else if (document.createEventObject) {
-    node.fireEvent('onclick');
-  } else if (typeof node.onclick === 'function') {
-    node.onclick();
-  }
-};
-
-var stopEventPropagation = function stopEventPropagation(e) {
-  // In particular, make sure the space bar doesn't scroll the main window.
-  if (typeof e.stopPropagation === 'function') {
-    e.stopPropagation();
-    e.preventDefault();
-  } else if (window.event && window.event.hasOwnProperty('cancelBubble')) {
-    window.event.cancelBubble = true;
-  }
-};
-
-exports.hasClass = hasClass;
-exports.addClass = addClass;
-exports.removeClass = removeClass;
-exports.escapeHtml = escapeHtml;
-exports._show = _show;
-exports.show = show;
-exports._hide = _hide;
-exports.hide = hide;
-exports.isDescendant = isDescendant;
-exports.getTopMargin = getTopMargin;
-exports.fadeIn = fadeIn;
-exports.fadeOut = fadeOut;
-exports.fireClick = fireClick;
-exports.stopEventPropagation = stopEventPropagation;
-
-},{}],4:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-
-var _handleDom = require('./handle-dom');
-
-var _handleSwalDom = require('./handle-swal-dom');
-
-var handleKeyDown = function handleKeyDown(event, params, modal) {
-  var e = event || window.event;
-  var keyCode = e.keyCode || e.which;
-
-  var $okButton = modal.querySelector('button.confirm');
-  var $cancelButton = modal.querySelector('button.cancel');
-  var $modalButtons = modal.querySelectorAll('button[tabindex]');
-
-  if ([9, 13, 32, 27].indexOf(keyCode) === -1) {
-    // Don't do work on keys we don't care about.
-    return;
-  }
-
-  var $targetElement = e.target || e.srcElement;
-
-  var btnIndex = -1; // Find the button - note, this is a nodelist, not an array.
-  for (var i = 0; i < $modalButtons.length; i++) {
-    if ($targetElement === $modalButtons[i]) {
-      btnIndex = i;
-      break;
-    }
-  }
-
-  if (keyCode === 9) {
-    // TAB
-    if (btnIndex === -1) {
-      // No button focused. Jump to the confirm button.
-      $targetElement = $okButton;
-    } else {
-      // Cycle to the next button
-      if (btnIndex === $modalButtons.length - 1) {
-        $targetElement = $modalButtons[0];
-      } else {
-        $targetElement = $modalButtons[btnIndex + 1];
-      }
-    }
-
-    (0, _handleDom.stopEventPropagation)(e);
-    $targetElement.focus();
-
-    if (params.confirmButtonColor) {
-      (0, _handleSwalDom.setFocusStyle)($targetElement, params.confirmButtonColor);
-    }
-  } else {
-    if (keyCode === 13) {
-      if ($targetElement.tagName === 'INPUT') {
-        $targetElement = $okButton;
-        $okButton.focus();
-      }
-
-      if (btnIndex === -1) {
-        // ENTER/SPACE clicked outside of a button.
-        $targetElement = $okButton;
-      } else {
-        // Do nothing - let the browser handle it.
-        $targetElement = undefined;
-      }
-    } else if (keyCode === 27 && params.allowEscapeKey === true) {
-      $targetElement = $cancelButton;
-      (0, _handleDom.fireClick)($targetElement, e);
-    } else {
-      // Fallback - let the browser handle it.
-      $targetElement = undefined;
-    }
-  }
-};
-
-exports.default = handleKeyDown;
-
-},{"./handle-dom":3,"./handle-swal-dom":5}],5:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.fixVerticalPosition = exports.resetInputError = exports.resetInput = exports.openModal = exports.getInput = exports.getOverlay = exports.getModal = exports.sweetAlertInitialize = undefined;
-
-var _handleDom = require('./handle-dom');
-
-var _defaultParams = require('./default-params');
-
-var _defaultParams2 = _interopRequireDefault(_defaultParams);
-
-var _injectedHtml = require('./injected-html');
-
-var _injectedHtml2 = _interopRequireDefault(_injectedHtml);
-
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-
-var modalClass = '.sweet-alert';
-var overlayClass = '.sweet-overlay';
-
-/*
- * Add modal + overlay to DOM
- */
-
-
-var sweetAlertInitialize = function sweetAlertInitialize() {
-  var sweetWrap = document.createElement('div');
-  sweetWrap.innerHTML = _injectedHtml2.default;
-
-  // Append elements to body
-  while (sweetWrap.firstChild) {
-    document.body.appendChild(sweetWrap.firstChild);
-  }
-};
-
-/*
- * Get DOM element of modal
- */
-var getModal = function getModal() {
-  var $modal = document.querySelector(modalClass);
-
-  if (!$modal) {
-    sweetAlertInitialize();
-    $modal = getModal();
-  }
-
-  return $modal;
-};
-
-/*
- * Get DOM element of input (in modal)
- */
-var getInput = function getInput() {
-  var $modal = getModal();
-  if ($modal) {
-    return $modal.querySelector('input');
-  }
-};
-
-/*
- * Get DOM element of overlay
- */
-var getOverlay = function getOverlay() {
-  return document.querySelector(overlayClass);
-};
-
-/*
- * Animation when opening modal
- */
-var openModal = function openModal(callback) {
-  var $modal = getModal();
-  (0, _handleDom.fadeIn)(getOverlay(), 10);
-  (0, _handleDom.show)($modal);
-  (0, _handleDom.addClass)($modal, 'showSweetAlert');
-  (0, _handleDom.removeClass)($modal, 'hideSweetAlert');
-
-  window.previousActiveElement = document.activeElement;
-  var $okButton = $modal.querySelector('button.confirm');
-  $okButton.focus();
-
-  setTimeout(function () {
-    (0, _handleDom.addClass)($modal, 'visible');
-  }, 500);
-
-  var timer = $modal.getAttribute('data-timer');
-
-  if (timer !== 'null' && timer !== '') {
-    var timerCallback = callback;
-    $modal.timeout = setTimeout(function () {
-      var doneFunctionExists = (timerCallback || null) && $modal.getAttribute('data-has-done-function') === 'true';
-      if (doneFunctionExists) {
-        timerCallback(null);
-      } else {
-        sweetAlert.close();
-      }
-    }, timer);
-  }
-};
-
-/*
- * Reset the styling of the input
- * (for example if errors have been shown)
- */
-var resetInput = function resetInput() {
-  var $modal = getModal();
-  var $input = getInput();
-
-  (0, _handleDom.removeClass)($modal, 'show-input');
-  $input.value = _defaultParams2.default.inputValue;
-  $input.setAttribute('type', _defaultParams2.default.inputType);
-  $input.setAttribute('placeholder', _defaultParams2.default.inputPlaceholder);
-
-  resetInputError();
-};
-
-var resetInputError = function resetInputError(event) {
-  // If press enter => ignore
-  if (event && event.keyCode === 13) {
-    return false;
-  }
-
-  var $modal = getModal();
-
-  var $errorIcon = $modal.querySelector('.sa-input-error');
-  (0, _handleDom.removeClass)($errorIcon, 'show');
-
-  var $errorContainer = $modal.querySelector('.form-group');
-  (0, _handleDom.removeClass)($errorContainer, 'has-error');
-};
-
-/*
- * Set "margin-top"-property on modal based on its computed height
- */
-var fixVerticalPosition = function fixVerticalPosition() {
-  var $modal = getModal();
-  $modal.style.marginTop = (0, _handleDom.getTopMargin)(getModal());
-};
-
-exports.sweetAlertInitialize = sweetAlertInitialize;
-exports.getModal = getModal;
-exports.getOverlay = getOverlay;
-exports.getInput = getInput;
-exports.openModal = openModal;
-exports.resetInput = resetInput;
-exports.resetInputError = resetInputError;
-exports.fixVerticalPosition = fixVerticalPosition;
-
-},{"./default-params":1,"./handle-dom":3,"./injected-html":6}],6:[function(require,module,exports){
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-var injectedHTML =
-
-// Dark overlay
-"<div class=\"sweet-overlay\" tabIndex=\"-1\"></div>" +
-
-// Modal
-"<div class=\"sweet-alert\" tabIndex=\"-1\">" +
-
-// Error icon
-"<div class=\"sa-icon sa-error\">\n      <span class=\"sa-x-mark\">\n        <span class=\"sa-line sa-left\"></span>\n        <span class=\"sa-line sa-right\"></span>\n      </span>\n    </div>" +
-
-// Warning icon
-"<div class=\"sa-icon sa-warning\">\n      <span class=\"sa-body\"></span>\n      <span class=\"sa-dot\"></span>\n    </div>" +
-
-// Info icon
-"<div class=\"sa-icon sa-info\"></div>" +
-
-// Success icon
-"<div class=\"sa-icon sa-success\">\n      <span class=\"sa-line sa-tip\"></span>\n      <span class=\"sa-line sa-long\"></span>\n\n      <div class=\"sa-placeholder\"></div>\n      <div class=\"sa-fix\"></div>\n    </div>" + "<div class=\"sa-icon sa-custom\"></div>" +
-
-// Title, text and input
-"<h2>Title</h2>\n    <p class=\"lead text-muted\">Text</p>\n    <div class=\"form-group\">\n      <input type=\"text\" class=\"form-control\" tabIndex=\"3\" />\n      <span class=\"sa-input-error help-block\">\n        <span class=\"glyphicon glyphicon-exclamation-sign\"></span> <span class=\"sa-help-text\">Not valid</span>\n      </span>\n    </div>" +
-
-// Cancel and confirm buttons
-"<div class=\"sa-button-container\">\n      <button class=\"cancel btn btn-lg\" tabIndex=\"2\">Cancel</button>\n      <div class=\"sa-confirm-button-container\">\n        <button class=\"confirm btn btn-lg\" tabIndex=\"1\">OK</button>" +
-
-// Loading animation
-"<div class=\"la-ball-fall\">\n          <div></div>\n          <div></div>\n          <div></div>\n        </div>\n      </div>\n    </div>" +
-
-// End of modal
-"</div>";
-
-exports.default = injectedHTML;
-
-},{}],7:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-
-var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol ? "symbol" : typeof obj; };
-
-var _utils = require('./utils');
-
-var _handleSwalDom = require('./handle-swal-dom');
-
-var _handleDom = require('./handle-dom');
-
-var alertTypes = ['error', 'warning', 'info', 'success', 'input', 'prompt'];
-
-/*
- * Set type, text and actions on modal
- */
-var setParameters = function setParameters(params) {
-  var modal = (0, _handleSwalDom.getModal)();
-
-  var $title = modal.querySelector('h2');
-  var $text = modal.querySelector('p');
-  var $cancelBtn = modal.querySelector('button.cancel');
-  var $confirmBtn = modal.querySelector('button.confirm');
-
-  /*
-   * Title
-   */
-  $title.innerHTML = params.html ? params.title : (0, _handleDom.escapeHtml)(params.title).split('\n').join('<br>');
-
-  /*
-   * Text
-   */
-  $text.innerHTML = params.html ? params.text : (0, _handleDom.escapeHtml)(params.text || '').split('\n').join('<br>');
-  if (params.text) (0, _handleDom.show)($text);
-
-  /*
-   * Custom class
-   */
-  if (params.customClass) {
-    (0, _handleDom.addClass)(modal, params.customClass);
-    modal.setAttribute('data-custom-class', params.customClass);
-  } else {
-    // Find previously set classes and remove them
-    var customClass = modal.getAttribute('data-custom-class');
-    (0, _handleDom.removeClass)(modal, customClass);
-    modal.setAttribute('data-custom-class', '');
-  }
-
-  /*
-   * Icon
-   */
-  (0, _handleDom.hide)(modal.querySelectorAll('.sa-icon'));
-
-  if (params.type && !(0, _utils.isIE8)()) {
-    var _ret = function () {
-
-      var validType = false;
-
-      for (var i = 0; i < alertTypes.length; i++) {
-        if (params.type === alertTypes[i]) {
-          validType = true;
-          break;
-        }
-      }
-
-      if (!validType) {
-        logStr('Unknown alert type: ' + params.type);
-        return {
-          v: false
-        };
-      }
-
-      var typesWithIcons = ['success', 'error', 'warning', 'info'];
-      var $icon = void 0;
-
-      if (typesWithIcons.indexOf(params.type) !== -1) {
-        $icon = modal.querySelector('.sa-icon.' + 'sa-' + params.type);
-        (0, _handleDom.show)($icon);
-      }
-
-      var $input = (0, _handleSwalDom.getInput)();
-
-      // Animate icon
-      switch (params.type) {
-
-        case 'success':
-          (0, _handleDom.addClass)($icon, 'animate');
-          (0, _handleDom.addClass)($icon.querySelector('.sa-tip'), 'animateSuccessTip');
-          (0, _handleDom.addClass)($icon.querySelector('.sa-long'), 'animateSuccessLong');
-          break;
-
-        case 'error':
-          (0, _handleDom.addClass)($icon, 'animateErrorIcon');
-          (0, _handleDom.addClass)($icon.querySelector('.sa-x-mark'), 'animateXMark');
-          break;
-
-        case 'warning':
-          (0, _handleDom.addClass)($icon, 'pulseWarning');
-          (0, _handleDom.addClass)($icon.querySelector('.sa-body'), 'pulseWarningIns');
-          (0, _handleDom.addClass)($icon.querySelector('.sa-dot'), 'pulseWarningIns');
-          break;
-
-        case 'input':
-        case 'prompt':
-          $input.setAttribute('type', params.inputType);
-          $input.value = params.inputValue;
-          $input.setAttribute('placeholder', params.inputPlaceholder);
-          (0, _handleDom.addClass)(modal, 'show-input');
-          setTimeout(function () {
-            $input.focus();
-            $input.addEventListener('keyup', swal.resetInputError);
-          }, 400);
-          break;
-      }
-    }();
-
-    if ((typeof _ret === 'undefined' ? 'undefined' : _typeof(_ret)) === "object") return _ret.v;
-  }
-
-  /*
-   * Custom image
-   */
-  if (params.imageUrl) {
-    var $customIcon = modal.querySelector('.sa-icon.sa-custom');
-
-    $customIcon.style.backgroundImage = 'url(' + params.imageUrl + ')';
-    (0, _handleDom.show)($customIcon);
-
-    var _imgWidth = 80;
-    var _imgHeight = 80;
-
-    if (params.imageSize) {
-      var dimensions = params.imageSize.toString().split('x');
-      var imgWidth = dimensions[0];
-      var imgHeight = dimensions[1];
-
-      if (!imgWidth || !imgHeight) {
-        logStr('Parameter imageSize expects value with format WIDTHxHEIGHT, got ' + params.imageSize);
-      } else {
-        _imgWidth = imgWidth;
-        _imgHeight = imgHeight;
-      }
-    }
-
-    $customIcon.setAttribute('style', $customIcon.getAttribute('style') + 'width:' + _imgWidth + 'px; height:' + _imgHeight + 'px');
-  }
-
-  /*
-   * Show cancel button?
-   */
-  modal.setAttribute('data-has-cancel-button', params.showCancelButton);
-  if (params.showCancelButton) {
-    $cancelBtn.style.display = 'inline-block';
-  } else {
-    (0, _handleDom.hide)($cancelBtn);
-  }
-
-  /*
-   * Show confirm button?
-   */
-  modal.setAttribute('data-has-confirm-button', params.showConfirmButton);
-  if (params.showConfirmButton) {
-    $confirmBtn.style.display = 'inline-block';
-  } else {
-    (0, _handleDom.hide)($confirmBtn);
-  }
-
-  /*
-   * Custom text on cancel/confirm buttons
-   */
-  if (params.cancelButtonText) {
-    $cancelBtn.innerHTML = (0, _handleDom.escapeHtml)(params.cancelButtonText);
-  }
-  if (params.confirmButtonText) {
-    $confirmBtn.innerHTML = (0, _handleDom.escapeHtml)(params.confirmButtonText);
-  }
-
-  /*
-   * Reset confirm buttons to default class (Ugly fix)
-   */
-  $confirmBtn.className = 'confirm btn btn-lg';
-
-  /*
-   * Attach selected class to the sweet alert modal
-   */
-  (0, _handleDom.addClass)(modal, params.containerClass);
-
-  /*
-   * Set confirm button to selected class
-   */
-  (0, _handleDom.addClass)($confirmBtn, params.confirmButtonClass);
-
-  /*
-   * Set cancel button to selected class
-   */
-  (0, _handleDom.addClass)($cancelBtn, params.cancelButtonClass);
-
-  /*
-   * Set title to selected class
-   */
-  (0, _handleDom.addClass)($title, params.titleClass);
-
-  /*
-   * Set text to selected class
-   */
-  (0, _handleDom.addClass)($text, params.textClass);
-
-  /*
-   * Allow outside click
-   */
-  modal.setAttribute('data-allow-outside-click', params.allowOutsideClick);
-
-  /*
-   * Callback function
-   */
-  var hasDoneFunction = params.doneFunction ? true : false;
-  modal.setAttribute('data-has-done-function', hasDoneFunction);
-
-  /*
-   * Animation
-   */
-  if (!params.animation) {
-    modal.setAttribute('data-animation', 'none');
-  } else if (typeof params.animation === 'string') {
-    modal.setAttribute('data-animation', params.animation); // Custom animation
-  } else {
-      modal.setAttribute('data-animation', 'pop');
-    }
-
-  /*
-   * Timer
-   */
-  modal.setAttribute('data-timer', params.timer);
-};
-
-exports.default = setParameters;
-
-},{"./handle-dom":3,"./handle-swal-dom":5,"./utils":8}],8:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-/*
- * Allow user to pass their own params
- */
-var extend = function extend(a, b) {
-  for (var key in b) {
-    if (b.hasOwnProperty(key)) {
-      a[key] = b[key];
-    }
-  }
-  return a;
-};
-
-/*
- * Check if the user is using Internet Explorer 8 (for fallbacks)
- */
-var isIE8 = function isIE8() {
-  return window.attachEvent && !window.addEventListener;
-};
-
-/*
- * IE compatible logging for developers
- */
-var logStr = function logStr(string) {
-  if (window.console) {
-    // IE...
-    window.console.log('SweetAlert: ' + string);
-  }
-};
-
-exports.extend = extend;
-exports.isIE8 = isIE8;
-exports.logStr = logStr;
-
-},{}],9:[function(require,module,exports){
-'use strict';
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-
-var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol ? "symbol" : typeof obj; }; // SweetAlert
-// 2014-2015 (c) - Tristan Edwards
-// github.com/t4t5/sweetalert
-
-/*
- * jQuery-like functions for manipulating the DOM
- */
-
-
-/*
- * Handy utilities
- */
-
-
-/*
- *  Handle sweetAlert's DOM elements
- */
-
-
-// Handle button events and keyboard events
-
-
-// Default values
-
-
-var _handleDom = require('./modules/handle-dom');
-
-var _utils = require('./modules/utils');
-
-var _handleSwalDom = require('./modules/handle-swal-dom');
-
-var _handleClick = require('./modules/handle-click');
-
-var _handleKey = require('./modules/handle-key');
-
-var _handleKey2 = _interopRequireDefault(_handleKey);
-
-var _defaultParams = require('./modules/default-params');
-
-var _defaultParams2 = _interopRequireDefault(_defaultParams);
-
-var _setParams = require('./modules/set-params');
-
-var _setParams2 = _interopRequireDefault(_setParams);
-
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-
-/*
- * Remember state in cases where opening and handling a modal will fiddle with it.
- * (We also use window.previousActiveElement as a global variable)
- */
-var previousWindowKeyDown;
-var lastFocusedButton;
-
-/*
- * Global sweetAlert function
- * (this is what the user calls)
- */
-var sweetAlert, _swal;
-
-exports.default = sweetAlert = _swal = function swal() {
-  var customizations = arguments[0];
-
-  (0, _handleDom.addClass)(document.body, 'stop-scrolling');
-  (0, _handleSwalDom.resetInput)();
-
-  /*
-   * Use argument if defined or default value from params object otherwise.
-   * Supports the case where a default value is boolean true and should be
-   * overridden by a corresponding explicit argument which is boolean false.
-   */
-  function argumentOrDefault(key) {
-    var args = customizations;
-    return args[key] === undefined ? _defaultParams2.default[key] : args[key];
-  }
-
-  if (customizations === undefined) {
-    (0, _utils.logStr)('SweetAlert expects at least 1 attribute!');
-    return false;
-  }
-
-  var params = (0, _utils.extend)({}, _defaultParams2.default);
-
-  switch (typeof customizations === 'undefined' ? 'undefined' : _typeof(customizations)) {
-
-    // Ex: swal("Hello", "Just testing", "info");
-    case 'string':
-      params.title = customizations;
-      params.text = arguments[1] || '';
-      params.type = arguments[2] || '';
-      break;
-
-    // Ex: swal({ title:"Hello", text: "Just testing", type: "info" });
-    case 'object':
-      if (customizations.title === undefined) {
-        (0, _utils.logStr)('Missing "title" argument!');
-        return false;
-      }
-
-      params.title = customizations.title;
-
-      for (var customName in _defaultParams2.default) {
-        params[customName] = argumentOrDefault(customName);
-      }
-
-      // Show "Confirm" instead of "OK" if cancel button is visible
-      params.confirmButtonText = params.showCancelButton ? 'Confirm' : _defaultParams2.default.confirmButtonText;
-      params.confirmButtonText = argumentOrDefault('confirmButtonText');
-
-      // Callback function when clicking on "OK"/"Cancel"
-      params.doneFunction = arguments[1] || null;
-
-      break;
-
-    default:
-      (0, _utils.logStr)('Unexpected type of argument! Expected "string" or "object", got ' + (typeof customizations === 'undefined' ? 'undefined' : _typeof(customizations)));
-      return false;
-
-  }
-
-  (0, _setParams2.default)(params);
-  (0, _handleSwalDom.fixVerticalPosition)();
-  (0, _handleSwalDom.openModal)(arguments[1]);
-
-  // Modal interactions
-  var modal = (0, _handleSwalDom.getModal)();
-
-  /*
-   * Make sure all modal buttons respond to all events
-   */
-  var $buttons = modal.querySelectorAll('button');
-  var buttonEvents = ['onclick'];
-  var onButtonEvent = function onButtonEvent(e) {
-    return (0, _handleClick.handleButton)(e, params, modal);
-  };
-
-  for (var btnIndex = 0; btnIndex < $buttons.length; btnIndex++) {
-    for (var evtIndex = 0; evtIndex < buttonEvents.length; evtIndex++) {
-      var btnEvt = buttonEvents[evtIndex];
-      $buttons[btnIndex][btnEvt] = onButtonEvent;
-    }
-  }
-
-  // Clicking outside the modal dismisses it (if allowed by user)
-  (0, _handleSwalDom.getOverlay)().onclick = onButtonEvent;
-
-  previousWindowKeyDown = window.onkeydown;
-
-  var onKeyEvent = function onKeyEvent(e) {
-    return (0, _handleKey2.default)(e, params, modal);
-  };
-  window.onkeydown = onKeyEvent;
-
-  window.onfocus = function () {
-    // When the user has focused away and focused back from the whole window.
-    setTimeout(function () {
-      // Put in a timeout to jump out of the event sequence.
-      // Calling focus() in the event sequence confuses things.
-      if (lastFocusedButton !== undefined) {
-        lastFocusedButton.focus();
-        lastFocusedButton = undefined;
-      }
-    }, 0);
-  };
-
-  // Show alert with enabled buttons always
-  _swal.enableButtons();
-};
-
-/*
- * Set default params for each popup
- * @param {Object} userParams
- */
-
-
-sweetAlert.setDefaults = _swal.setDefaults = function (userParams) {
-  if (!userParams) {
-    throw new Error('userParams is required');
-  }
-  if ((typeof userParams === 'undefined' ? 'undefined' : _typeof(userParams)) !== 'object') {
-    throw new Error('userParams has to be a object');
-  }
-
-  (0, _utils.extend)(_defaultParams2.default, userParams);
-};
-
-/*
- * Animation when closing modal
- */
-sweetAlert.close = _swal.close = function () {
-  var modal = (0, _handleSwalDom.getModal)();
-
-  (0, _handleDom.fadeOut)((0, _handleSwalDom.getOverlay)(), 5);
-  (0, _handleDom.fadeOut)(modal, 5);
-  (0, _handleDom.removeClass)(modal, 'showSweetAlert');
-  (0, _handleDom.addClass)(modal, 'hideSweetAlert');
-  (0, _handleDom.removeClass)(modal, 'visible');
-
-  /*
-   * Reset icon animations
-   */
-  var $successIcon = modal.querySelector('.sa-icon.sa-success');
-  (0, _handleDom.removeClass)($successIcon, 'animate');
-  (0, _handleDom.removeClass)($successIcon.querySelector('.sa-tip'), 'animateSuccessTip');
-  (0, _handleDom.removeClass)($successIcon.querySelector('.sa-long'), 'animateSuccessLong');
-
-  var $errorIcon = modal.querySelector('.sa-icon.sa-error');
-  (0, _handleDom.removeClass)($errorIcon, 'animateErrorIcon');
-  (0, _handleDom.removeClass)($errorIcon.querySelector('.sa-x-mark'), 'animateXMark');
-
-  var $warningIcon = modal.querySelector('.sa-icon.sa-warning');
-  (0, _handleDom.removeClass)($warningIcon, 'pulseWarning');
-  (0, _handleDom.removeClass)($warningIcon.querySelector('.sa-body'), 'pulseWarningIns');
-  (0, _handleDom.removeClass)($warningIcon.querySelector('.sa-dot'), 'pulseWarningIns');
-
-  // Reset custom class (delay so that UI changes aren't visible)
-  setTimeout(function () {
-    var customClass = modal.getAttribute('data-custom-class');
-    (0, _handleDom.removeClass)(modal, customClass);
-  }, 300);
-
-  // Make page scrollable again
-  (0, _handleDom.removeClass)(document.body, 'stop-scrolling');
-
-  // Reset the page to its previous state
-  window.onkeydown = previousWindowKeyDown;
-  if (window.previousActiveElement) {
-    window.previousActiveElement.focus();
-  }
-  lastFocusedButton = undefined;
-  clearTimeout(modal.timeout);
-
-  return true;
-};
-
-/*
- * Validation of the input field is done by user
- * If something is wrong => call showInputError with errorMessage
- */
-sweetAlert.showInputError = _swal.showInputError = function (errorMessage) {
-  var modal = (0, _handleSwalDom.getModal)();
-
-  var $errorIcon = modal.querySelector('.sa-input-error');
-  (0, _handleDom.addClass)($errorIcon, 'show');
-
-  var $errorContainer = modal.querySelector('.form-group');
-  (0, _handleDom.addClass)($errorContainer, 'has-error');
-
-  $errorContainer.querySelector('.sa-help-text').innerHTML = errorMessage;
-
-  setTimeout(function () {
-    sweetAlert.enableButtons();
-  }, 1);
-
-  modal.querySelector('input').focus();
-};
-
-/*
- * Reset input error DOM elements
- */
-sweetAlert.resetInputError = _swal.resetInputError = function (event) {
-  // If press enter => ignore
-  if (event && event.keyCode === 13) {
-    return false;
-  }
-
-  var $modal = (0, _handleSwalDom.getModal)();
-
-  var $errorIcon = $modal.querySelector('.sa-input-error');
-  (0, _handleDom.removeClass)($errorIcon, 'show');
-
-  var $errorContainer = $modal.querySelector('.form-group');
-  (0, _handleDom.removeClass)($errorContainer, 'has-error');
-};
-
-/*
- * Disable confirm and cancel buttons
- */
-sweetAlert.disableButtons = _swal.disableButtons = function (event) {
-  var modal = (0, _handleSwalDom.getModal)();
-  var $confirmButton = modal.querySelector('button.confirm');
-  var $cancelButton = modal.querySelector('button.cancel');
-  $confirmButton.disabled = true;
-  $cancelButton.disabled = true;
-};
-
-/*
- * Enable confirm and cancel buttons
- */
-sweetAlert.enableButtons = _swal.enableButtons = function (event) {
-  var modal = (0, _handleSwalDom.getModal)();
-  var $confirmButton = modal.querySelector('button.confirm');
-  var $cancelButton = modal.querySelector('button.cancel');
-  $confirmButton.disabled = false;
-  $cancelButton.disabled = false;
-};
-
-if (typeof window !== 'undefined') {
-  // The 'handle-click' module requires
-  // that 'sweetAlert' was set as global.
-  window.sweetAlert = window.swal = sweetAlert;
-} else {
-  (0, _utils.logStr)('SweetAlert is a frontend module!');
-}
-
-},{"./modules/default-params":1,"./modules/handle-click":2,"./modules/handle-dom":3,"./modules/handle-key":4,"./modules/handle-swal-dom":5,"./modules/set-params":7,"./modules/utils":8}]},{},[9]);
-
-/*
- * Use SweetAlert with RequireJS
- */
-
-if (typeof define === 'function' && define.amd) {
-  define(function () {
-    return sweetAlert;
-  });
-} else if (typeof module !== 'undefined' && module.exports) {
-  module.exports = sweetAlert;
-}
-
-})(window, document);
\ No newline at end of file

From d04b40c925627f0e81c43fd0ad95dc9434510af5 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 15 Nov 2017 22:02:55 -0500
Subject: [PATCH 13/74] Start working on adding locations to service messages

---
 .../ServiceMessages/ServiceMessage.php        |  3 ++
 .../ServiceMessages/ServiceMessageHandler.php | 11 ++++++
 .../ServiceMessageLocation.php                | 34 +++++++++++++++++++
 .../ServiceMessagesController.php             | 19 ++++++++---
 .../ServiceMessagesGateway.php                | 23 +++++++++++++
 install/migrations/core.php                   |  2 ++
 .../CreateServiceMessageToLocationTable.php   | 16 +++++++++
 7 files changed, 103 insertions(+), 5 deletions(-)
 create mode 100644 api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php
 create mode 100644 install/migrations/v330/CreateServiceMessageToLocationTable.php

diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessage.php b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
index 1951b672..9a5aff94 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessage.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
@@ -30,4 +30,7 @@ class ServiceMessage extends \BaseClass {
 
     /* @var $icon string */
     public $icon;
+
+    /* @var $locations string[] */
+    public $locations;
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index 7d7ffd59..e852f4cf 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -130,6 +130,17 @@ class ServiceMessageHandler extends \BaseClass {
         } catch (\Exception $e) {
             $validationModel->errorKeys[] = 'INVALID_STYLE';
         }
+        if ($serviceMessage->locations === null || count($serviceMessage->locations) === 0) {
+            $validationModel->errorKeys[] = 'MISSING_LOCATIONS';
+        } else {
+            $locations = ServiceMessageLocation::getAll();
+            foreach ($serviceMessage->locations as $location) {
+                if (!in_array($location, $locations)) {
+                    $validationModel->errorKeys[] = 'INVALID_LOCATION';
+                    break;
+                }
+            }
+        }
 
         if (count($validationModel->errorKeys) > 0) {
             // Validation failed
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php b/api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php
new file mode 100644
index 00000000..7f918bc7
--- /dev/null
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace BusinessLogic\ServiceMessages;
+
+
+class ServiceMessageLocation {
+    const CUSTOMER_HOME = 'CUSTOMER_HOME';
+    const CUSTOMER_KB_HOME = 'CUSTOMER_KB_HOME';
+    const CUSTOMER_VIEW_KB_ARTICLE = 'CUSTOMER_VIEW_KB_ARTICLE';
+    const CUSTOMER_SUBMIT_TICKET = 'CUSTOMER_SUBMIT_TICKET';
+    const CUSTOMER_VIEW_TICKET = 'CUSTOMER_VIEW_TICKET';
+    const STAFF_LOGIN = 'STAFF_LOGIN';
+    const STAFF_HOME = 'STAFF_HOME';
+    const STAFF_KB_HOME = 'STAFF_KB_HOME';
+    const STAFF_VIEW_KB_ARTICLE = 'STAFF_VIEW_KB_ARTICLE';
+    const STAFF_SUBMIT_TICKET = 'STAFF_SUBMIT_TICKET';
+    const STAFF_VIEW_TICKET = 'STAFF_VIEW_TICKET';
+
+    static function getAll() {
+        return array(
+            self::CUSTOMER_HOME,
+            self::CUSTOMER_KB_HOME,
+            self::CUSTOMER_VIEW_KB_ARTICLE,
+            self::CUSTOMER_SUBMIT_TICKET,
+            self::CUSTOMER_VIEW_TICKET,
+            self::STAFF_LOGIN,
+            self::STAFF_HOME,
+            self::STAFF_KB_HOME,
+            self::STAFF_VIEW_KB_ARTICLE,
+            self::STAFF_SUBMIT_TICKET,
+            self::STAFF_VIEW_TICKET,
+        );
+    }
+}
\ No newline at end of file
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index f3247917..481c10a6 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -2,6 +2,7 @@
 
 namespace Controllers\ServiceMessages;
 
+use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageHandler;
@@ -70,11 +71,19 @@ class ServiceMessagesController extends \BaseClass {
             $serviceMessage->createdBy = $userContext->id;
         }
 
-        $serviceMessage->title = $data['title'];
-        $serviceMessage->icon = $data['icon'];
-        $serviceMessage->message = $data['message'];
-        $serviceMessage->published = $data['published'];
-        $serviceMessage->style = $data['style'];
+        $serviceMessage->title = Helpers::safeArrayGet($data, 'title');
+        $serviceMessage->icon = Helpers::safeArrayGet($data, 'icon');
+        $serviceMessage->message = Helpers::safeArrayGet($data, 'message');
+        $serviceMessage->published = Helpers::safeArrayGet($data, 'published');
+        $serviceMessage->style = Helpers::safeArrayGet($data, 'style');
+
+        $jsonLocations = Helpers::safeArrayGet($data, 'locations');
+
+        if ($jsonLocations !== null && !empty($jsonLocations)) {
+            foreach ($jsonLocations as $key => $value) {
+                $serviceMessage->locations[] = $value;
+            }
+        }
 
         return $serviceMessage;
     }
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 0f15c333..6a58b070 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -36,6 +36,11 @@ class ServiceMessagesGateway extends CommonDao {
 
         $serviceMessage->id = hesk_dbInsertID();
 
+        foreach ($serviceMessage->locations as $location) {
+            hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location` 
+                (`service_message_id`, `location`) VALUES (" . intval($serviceMessage->id) . ", '" . hesk_dbEscape($location) . "')");
+        }
+
         // Get the autogenerated fields
         $rs = hesk_dbQuery("SELECT `dt`, `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` 
             WHERE `id` = " . intval($serviceMessage->id));
@@ -69,6 +74,14 @@ class ServiceMessagesGateway extends CommonDao {
             $serviceMessage->message = $row['message'];
             $serviceMessage->style = ServiceMessageStyle::getStyleById($row['style']);
             $serviceMessage->icon = $row['icon'];
+            $serviceMessage->locations = array();
+
+            $locationsRs = hesk_dbQuery("SELECT `location` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
+                WHERE `service_message_id` = " . intval($serviceMessage->id));
+            while ($innerRow = hesk_dbFetchAssoc($locationsRs)) {
+                $serviceMessage->locations[] = $innerRow['location'];
+            }
+
             $serviceMessages[] = $serviceMessage;
         }
 
@@ -92,6 +105,13 @@ class ServiceMessagesGateway extends CommonDao {
                 `order` = " . intval($serviceMessage->order) . "
             WHERE `id` = " . intval($serviceMessage->id));
 
+        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
+            WHERE `service_message_id` = " . intval($serviceMessage->id));
+        foreach ($serviceMessage->locations as $location) {
+            hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location` 
+                (`service_message_id`, `location`) VALUES (" . intval($serviceMessage->id) . ", '" . hesk_dbEscape($location) . "')");
+        }
+
         $otherFieldsRs = hesk_dbQuery("SELECT `dt`, `author`, `order` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
             WHERE `id` = " . intval($serviceMessage->id));
         $otherFields = hesk_dbFetchAssoc($otherFieldsRs);
@@ -107,6 +127,9 @@ class ServiceMessagesGateway extends CommonDao {
     function deleteServiceMessage($id, $heskSettings) {
         $this->init();
 
+        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
+            WHERE `service_message_id` = " . intval($id));
+
         hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages`
             WHERE `id` = " . intval($id));
 
diff --git a/install/migrations/core.php b/install/migrations/core.php
index 6526344d..db30e5ac 100644
--- a/install/migrations/core.php
+++ b/install/migrations/core.php
@@ -216,5 +216,7 @@ function getAllMigrations() {
         //3.2.1 - 3.2.2
         160 => new UpdateMigration('3.2.1', '3.2.0', 160),
         161 => new UpdateMigration('3.2.2', '3.2.1', 161),
+        // 3.3.0
+        162 => new \v330\CreateServiceMessageToLocationTable(162),
     );
 }
\ No newline at end of file
diff --git a/install/migrations/v330/CreateServiceMessageToLocationTable.php b/install/migrations/v330/CreateServiceMessageToLocationTable.php
new file mode 100644
index 00000000..066ab39c
--- /dev/null
+++ b/install/migrations/v330/CreateServiceMessageToLocationTable.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace v330;
+
+
+class CreateServiceMessageToLocationTable extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("CREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_service_message_to_location`
+            (`service_message_id` INT NOT NULL, `location` VARCHAR(100) NOT NULL)");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_service_message_to_location`");
+    }
+}
\ No newline at end of file

From 6a763593eef21e4e8039cdc36a550e5d5b2220e0 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 17 Nov 2017 22:27:55 -0500
Subject: [PATCH 14/74] Locations can be added to service messages

---
 admin/service_messages.php                    | 42 +++++++++++++++++++
 ...UpdateExistingServiceMessagesLocations.php | 19 +++++++++
 internal-api/js/service-messages.js           | 20 +++++++--
 3 files changed, 78 insertions(+), 3 deletions(-)
 create mode 100644 install/migrations/v330/UpdateExistingServiceMessagesLocations.php

diff --git a/admin/service_messages.php b/admin/service_messages.php
index c60d7b58..93ad7a5c 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -214,6 +214,48 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                             </div>
                         </div>
                     </div>
+                    <div class="form-group">
+                        <label for="location" class="col-md-2 control-label">[!] Location</label>
+                        <div class="col-sm-4" style="margin-left:20px">
+                            <h5 style="text-decoration: underline;">Customer Pages</h5>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="CUSTOMER_HOME"> Homepage
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="CUSTOMER_KB_HOME"> Knowledgebase Home
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="CUSTOMER_SUBMIT_TICKET"> Submit Ticket
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="CUSTOMER_VIEW_TICKET"> View Ticket
+                            </div>
+                        </div>
+                        <div class="col-sm-4" style="margin-left:20px">
+                            <h5 style="text-decoration: underline;">Staff Pages</h5>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_LOGIN"> Login Page
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_HOME"> Homepage
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_KB_HOME"> Knowledgebase Home
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_SUBMIT_TICKET"> Submit Ticket
+                            </div>
+                            <div class="checkbox">
+                                <input type="checkbox" name="location[]" value="STAFF_VIEW_TICKET"> View Ticket
+                            </div>
+                        </div>
+                    </div>
                     <div class="form-group">
                         <label for="title"
                                class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
diff --git a/install/migrations/v330/UpdateExistingServiceMessagesLocations.php b/install/migrations/v330/UpdateExistingServiceMessagesLocations.php
new file mode 100644
index 00000000..899909dc
--- /dev/null
+++ b/install/migrations/v330/UpdateExistingServiceMessagesLocations.php
@@ -0,0 +1,19 @@
+<?php
+
+namespace v330;
+
+
+use BusinessLogic\ServiceMessages\ServiceMessageLocation;
+
+class UpdateExistingServiceMessagesLocations extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_service_message_to_location` (`service_message_id`, `location`)
+            SELECT `id`, '" . hesk_dbEscape(ServiceMessageLocation::CUSTOMER_HOME) . "' FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages`");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_service_message_to_location`
+            WHERE `service_message_id` IN (SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages`)");
+    }
+}
\ No newline at end of file
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index 050c864a..ebe79766 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -137,7 +137,8 @@ function bindEditModal() {
     $(document).on('click', '[data-action="edit"]', function() {
         var element = serviceMessages[$(this).parent().parent().find('[data-property="id"]').data('value')];
         var $modal = $('#service-message-modal');
-        $modal.find('#preview-pane').html('');
+        $modal.find('#preview-pane').html('').end()
+            .find('input[name="location[]"]').prop('checked', false);
 
         $modal.find('#edit-label').show();
         $modal.find('#create-label').hide();
@@ -150,6 +151,10 @@ function bindEditModal() {
             .find('input[name="order"]').val(element.order).end();
         setIcon(element.icon);
 
+        $.each(element.locations, function() {
+            $modal.find('input[name="location[]"][value="' + this + '"]').prop('checked', 'checked');
+        });
+
         if ($('input[name="kb_wysiwyg"]').val() === "1") {
             tinyMCE.get('content').setContent(element.message);
         } else {
@@ -171,7 +176,8 @@ function bindCreateModal() {
             .find('input[name="title"]').val('').end()
             .find('input[name="id"]').val(-1).end()
             .find('input[name="order"]').val('').end()
-            .find('#preview-pane').html('').end();
+            .find('#preview-pane').html('').end()
+            .find('input[name="location[]"]').prop('checked', false);
         setIcon('');
 
         if ($('input[name="kb_wysiwyg"]').val() === "1") {
@@ -198,13 +204,21 @@ function bindFormSubmit() {
         styles[3] = "NOTICE";
         styles[4] = "ERROR";
 
+        var domLocations = $modal.find('input[name="location[]"]:checked');
+
+        var locations = [];
+        $.each(domLocations, function() {
+            locations.push($(this).val());
+        });
+
         var data = {
             icon: $modal.find('input[name="icon"]').val(),
             title: $modal.find('input[name="title"]').val(),
             message: getMessage(),
             published: $modal.find('input[name="type"]:checked').val() === "0",
             style: styles[$modal.find('input[name="style"]:checked').val()],
-            order: $modal.find('input[name="order"]').val()
+            order: $modal.find('input[name="order"]').val(),
+            locations: locations
         };
 
         var url = heskUrl + 'api/index.php/v1/service-messages/';

From 3e82065fa4010c92098bbee2967f97c9a9ec8f0f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sat, 18 Nov 2017 22:05:11 -0500
Subject: [PATCH 15/74] Working on adding a language option to service messages

---
 admin/service_messages.php                    | 330 ++++++++++--------
 install/migrations/core.php                   |   4 +-
 .../AddLanguageColumnToServiceMessages.php    |  17 +
 .../CreateServiceMessageToLocationTable.php   |   2 +-
 ...UpdateExistingServiceMessagesLocations.php |   2 +-
 5 files changed, 213 insertions(+), 142 deletions(-)
 create mode 100644 install/migrations/v330/ServiceMessagesImprovements/AddLanguageColumnToServiceMessages.php
 rename install/migrations/v330/{ => ServiceMessagesImprovements}/CreateServiceMessageToLocationTable.php (91%)
 rename install/migrations/v330/{ => ServiceMessagesImprovements}/UpdateExistingServiceMessagesLocations.php (94%)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 93ad7a5c..8d13ea0a 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -130,150 +130,202 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
             </div>
             <form id="service-message" class="form-horizontal" data-toggle="validator" method="post">
                 <div class="modal-body">
-                    <div class="form-group">
-                        <div class="row" style="padding-bottom: 10px;">
-                            <label for="style"
-                                   class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
-
-                            <div class="col-md-3">
-                                <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
-                                    <label>
-                                        <input type="radio" name="style" value="0" onclick="setIcon('')">
-                                        <?php echo $hesklang['sm_none']; ?>
-                                    </label>
+                    <ul class="nav nav-tabs" role="tablist">
+                        <li role="presentation" class="active"><a href="#contents" role="tab" data-toggle="tab">Contents</a></li>
+                        <li role="presentation"><a href="#properties" role="tab" data-toggle="tab">Properties</a></li>
+                    </ul><br>
+                    <div class="tab-content">
+                        <div role="tabpanel" class="tab-pane active" id="contents">
+                            <div class="form-group">
+                                <label for="title"
+                                       class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
+                                <div class="col-md-10">
+                                    <input class="form-control"
+                                           placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
+                                           type="text" name="title" size="70" maxlength="255"
+                                           data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
+                                    <div class="help-block with-errors"></div>
                                 </div>
                             </div>
-                            <div class="col-md-3">
-                                <div class="radio alert alert-success pad-5">
-                                    <label style="margin-top: -5px">
-                                        <input type="radio" name="style" value="1" onclick="setIcon('fa fa-check-circle')">
-                                        <?php echo $hesklang['sm_success']; ?>
-                                    </label>
-                                </div>
-                            </div>
-                            <div class="col-md-3">
-                                <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
-                                    <label style="margin-top: -5px">
-                                        <input type="radio" name="style" value="2">
-                                        <?php echo $hesklang['sm_info']; ?>
-                                    </label>
-                                </div>
-                            </div>
-                        </div>
-                        <div class="row">
-                            <div class="col-md-3 col-md-offset-2">
-                                <div class="radio alert alert-warning pad-5">
-                                    <label style="margin-top: -5px">
-                                        <input type="radio" name="style" value="3"
-                                               onclick="setIcon('fa fa-exclamation-triangle')">
-                                        <?php echo $hesklang['sm_notice']; ?>
-                                    </label>
-                                </div>
-                            </div>
-                            <div class="col-md-3">
-                                <div class="radio alert alert-danger pad-5">
-                                    <label style="margin-top: -5px">
-                                        <input type="radio" name="style" value="4" onclick="setIcon('fa fa-times-circle')">
-                                        <?php echo $hesklang['sm_error']; ?>
-                                    </label>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="form-group">
-                        <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
-                        <div class="col-md-10">
-                            <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
+                            <div class="form-group">
+                                <label for="message"
+                                       class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
 
-                            <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
-
-                            <p style="display:none"
-                               id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
-
-                            <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
-                                 data-search="false" data-icon=""></div>
-                        </div>
-                    </div>
-                    <div class="form-group">
-                        <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
-
-                        <div class="col-md-2">
-                            <div class="radio pad-5">
-                                <label>
-                                    <input type="radio" name="type" value="0">
-                                    <?php echo $hesklang['sm_published']; ?>
-                                </label>
-                            </div>
-                        </div>
-                        <div class="col-md-2">
-                            <div class="radio pad-5">
-                                <label>
-                                    <input type="radio" name="type" value="1">
-                                    <?php echo $hesklang['sm_draft']; ?>
-                                </label>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="form-group">
-                        <label for="location" class="col-md-2 control-label">[!] Location</label>
-                        <div class="col-sm-4" style="margin-left:20px">
-                            <h5 style="text-decoration: underline;">Customer Pages</h5>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="CUSTOMER_HOME"> Homepage
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="CUSTOMER_KB_HOME"> Knowledgebase Home
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> View Knowledgebase Article
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="CUSTOMER_SUBMIT_TICKET"> Submit Ticket
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="CUSTOMER_VIEW_TICKET"> View Ticket
-                            </div>
-                        </div>
-                        <div class="col-sm-4" style="margin-left:20px">
-                            <h5 style="text-decoration: underline;">Staff Pages</h5>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_LOGIN"> Login Page
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_HOME"> Homepage
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_KB_HOME"> Knowledgebase Home
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_VIEW_KB_ARTICLE"> View Knowledgebase Article
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_SUBMIT_TICKET"> Submit Ticket
-                            </div>
-                            <div class="checkbox">
-                                <input type="checkbox" name="location[]" value="STAFF_VIEW_TICKET"> View Ticket
-                            </div>
-                        </div>
-                    </div>
-                    <div class="form-group">
-                        <label for="title"
-                               class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
-                        <div class="col-md-10">
-                            <input class="form-control"
-                                   placeholder="<?php echo htmlspecialchars($hesklang['sm_mtitle']); ?>"
-                                   type="text" name="title" size="70" maxlength="255"
-                                   data-error="<?php echo htmlspecialchars($hesklang['sm_e_title']); ?>" required>
-                            <div class="help-block with-errors"></div>
-                        </div>
-                    </div>
-                    <div class="form-group">
-                        <label for="message"
-                               class="col-md-2 control-label"><?php echo $hesklang['sm_msg']; ?></label>
-
-                        <div class="col-md-10">
+                                <div class="col-md-10">
                             <textarea placeholder="<?php echo htmlspecialchars($hesklang['sm_msg']); ?>"
                                       class="form-control" name="message" id="content"></textarea>
+                                </div>
+                            </div>
+                        </div>
+                        <div role="tabpanel" class="tab-pane" id="properties">
+                            <div class="form-group">
+                                <label for="language" class="col-md-2 control-label">
+                                    <?php echo $hesklang['lgs']; ?>
+                                </label>
+                                <div class="col-md-10">
+                                    <select name="language" class="form-control">
+                                        <option value="ALL"><?php echo $hesklang['all']; ?></option>
+                                        <?php foreach($hesk_settings['languages'] as $name => $info): ?>
+                                        <option value="<?php echo $info['folder']; ?>">
+                                            <?php echo $name; ?>
+                                        </option>
+                                        <?php endforeach; ?>
+                                    </select>
+                                </div>
+                            </div>
+                            <div class="form-group">
+                                <div class="row" style="padding-bottom: 10px;">
+                                    <label for="style"
+                                           class="col-md-2 control-label"><?php echo $hesklang['sm_style']; ?></label>
+
+                                    <div class="col-md-3">
+                                        <div class="radio alert pad-5" style="box-shadow: none; border-radius: 4px;">
+                                            <label>
+                                                <input type="radio" name="style" value="0" onclick="setIcon('')">
+                                                <?php echo $hesklang['sm_none']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-3">
+                                        <div class="radio alert alert-success pad-5">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="1" onclick="setIcon('fa fa-check-circle')">
+                                                <?php echo $hesklang['sm_success']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-3">
+                                        <div class="radio alert alert-info pad-5" onclick="setIcon('fa fa-comment')">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="2">
+                                                <?php echo $hesklang['sm_info']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                </div>
+                                <div class="row">
+                                    <div class="col-md-3 col-md-offset-2">
+                                        <div class="radio alert alert-warning pad-5">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="3"
+                                                       onclick="setIcon('fa fa-exclamation-triangle')">
+                                                <?php echo $hesklang['sm_notice']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="col-md-3">
+                                        <div class="radio alert alert-danger pad-5">
+                                            <label style="margin-top: -5px">
+                                                <input type="radio" name="style" value="4" onclick="setIcon('fa fa-times-circle')">
+                                                <?php echo $hesklang['sm_error']; ?>
+                                            </label>
+                                        </div>
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="form-group">
+                                <label for="icon" class="col-md-2 control-label"><?php echo $hesklang['sm_icon']; ?></label>
+                                <div class="col-md-10">
+                                    <p style="display:none" id="no-icon"><?php echo $hesklang['sm_no_icon']; ?></p>
+
+                                    <p style="display:none" id="search-icon"><?php echo $hesklang['sm_search_icon']; ?></p>
+
+                                    <p style="display:none"
+                                       id="footer-icon"><?php echo $hesklang['sm_iconpicker_footer_label']; ?></p>
+
+                                    <div name="icon" class="btn btn-default iconpicker-container" data-toggle="iconpicker"
+                                         data-search="false" data-icon=""></div>
+                                </div>
+                            </div>
+                            <div class="form-group">
+                                <label for="type" class="col-md-2 control-label"><?php echo $hesklang['sm_type']; ?></label>
+
+                                <div class="col-md-2">
+                                    <div class="radio pad-5">
+                                        <label>
+                                            <input type="radio" name="type" value="0">
+                                            <?php echo $hesklang['sm_published']; ?>
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="col-md-2">
+                                    <div class="radio pad-5">
+                                        <label>
+                                            <input type="radio" name="type" value="1">
+                                            <?php echo $hesklang['sm_draft']; ?>
+                                        </label>
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="form-group">
+                                <label for="location" class="col-md-2 control-label">[!] Location</label>
+                                <div class="col-sm-4" style="margin-left:20px">
+                                    <h5 style="text-decoration: underline;">Customer Pages</h5>
+                                    <div class="btn-group btn-group-sm">
+                                        <div data-select-all="customer-location" class="btn btn-default">
+                                            Select All
+                                        </div>
+                                        <div data-deselect-all="customer-location" class="btn btn-default">
+                                            Deselect All
+                                        </div>
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="customer-location" type="checkbox"
+                                               name="location[]" value="CUSTOMER_HOME"> Homepage
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="customer-location" type="checkbox"
+                                               name="location[]" value="CUSTOMER_KB_HOME"> Knowledgebase Home
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="customer-location" type="checkbox"
+                                               name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="customer-location" type="checkbox"
+                                               name="location[]" value="CUSTOMER_SUBMIT_TICKET"> Submit Ticket
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="customer-location" type="checkbox"
+                                               name="location[]" value="CUSTOMER_VIEW_TICKET"> View Ticket
+                                    </div>
+                                </div>
+                                <div class="col-sm-4" style="margin-left:20px">
+                                    <h5 style="text-decoration: underline;">Staff Pages</h5>
+                                    <div class="btn-group btn-group-sm">
+                                        <div data-select-all="staff-location" class="btn btn-default">
+                                            Select All
+                                        </div>
+                                        <div data-deselect-all="staff-location" class="btn btn-default">
+                                            Deselect All
+                                        </div>
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_LOGIN"> Login Page
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_HOME"> Homepage
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_KB_HOME"> Knowledgebase Home
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_SUBMIT_TICKET"> Submit Ticket
+                                    </div>
+                                    <div class="checkbox">
+                                        <input data-select-target="staff-location" type="checkbox"
+                                               name="location[]" value="STAFF_VIEW_TICKET"> View Ticket
+                                    </div>
+                                </div>
+                            </div>
                         </div>
                     </div>
                     <div id="preview-pane"></div>
diff --git a/install/migrations/core.php b/install/migrations/core.php
index db30e5ac..405144a1 100644
--- a/install/migrations/core.php
+++ b/install/migrations/core.php
@@ -217,6 +217,8 @@ function getAllMigrations() {
         160 => new UpdateMigration('3.2.1', '3.2.0', 160),
         161 => new UpdateMigration('3.2.2', '3.2.1', 161),
         // 3.3.0
-        162 => new \v330\CreateServiceMessageToLocationTable(162),
+        162 => new \v330\ServiceMessagesImprovements\CreateServiceMessageToLocationTable(162),
+        163 => new \v330\ServiceMessagesImprovements\UpdateExistingServiceMessagesLocations(163),
+        164 => new \v330\ServiceMessagesImprovements\AddLanguageColumnToServiceMessages(164),
     );
 }
\ No newline at end of file
diff --git a/install/migrations/v330/ServiceMessagesImprovements/AddLanguageColumnToServiceMessages.php b/install/migrations/v330/ServiceMessagesImprovements/AddLanguageColumnToServiceMessages.php
new file mode 100644
index 00000000..21481b99
--- /dev/null
+++ b/install/migrations/v330/ServiceMessagesImprovements/AddLanguageColumnToServiceMessages.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace v330\ServiceMessagesImprovements;
+
+
+class AddLanguageColumnToServiceMessages extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages`
+            ADD COLUMN `mfh_language` VARCHAR(255) NOT NULL DEFAULT 'ALL'");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages`
+            DROP COLUMN `mfh_language`");
+    }
+}
\ No newline at end of file
diff --git a/install/migrations/v330/CreateServiceMessageToLocationTable.php b/install/migrations/v330/ServiceMessagesImprovements/CreateServiceMessageToLocationTable.php
similarity index 91%
rename from install/migrations/v330/CreateServiceMessageToLocationTable.php
rename to install/migrations/v330/ServiceMessagesImprovements/CreateServiceMessageToLocationTable.php
index 066ab39c..0fe7d1ec 100644
--- a/install/migrations/v330/CreateServiceMessageToLocationTable.php
+++ b/install/migrations/v330/ServiceMessagesImprovements/CreateServiceMessageToLocationTable.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace v330;
+namespace v330\ServiceMessagesImprovements;
 
 
 class CreateServiceMessageToLocationTable extends \AbstractUpdatableMigration {
diff --git a/install/migrations/v330/UpdateExistingServiceMessagesLocations.php b/install/migrations/v330/ServiceMessagesImprovements/UpdateExistingServiceMessagesLocations.php
similarity index 94%
rename from install/migrations/v330/UpdateExistingServiceMessagesLocations.php
rename to install/migrations/v330/ServiceMessagesImprovements/UpdateExistingServiceMessagesLocations.php
index 899909dc..b9da7cc4 100644
--- a/install/migrations/v330/UpdateExistingServiceMessagesLocations.php
+++ b/install/migrations/v330/ServiceMessagesImprovements/UpdateExistingServiceMessagesLocations.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace v330;
+namespace v330\ServiceMessagesImprovements;
 
 
 use BusinessLogic\ServiceMessages\ServiceMessageLocation;

From 36295d18616902ec835b76d3181b529fa9aa664b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 19 Nov 2017 22:16:45 -0500
Subject: [PATCH 16/74] Add language property to service messages

---
 admin/service_messages.php                    | 12 +++++++++--
 .../ServiceMessages/ServiceMessage.php        |  3 +++
 .../ServiceMessages/ServiceMessageHandler.php | 14 +++++++++++++
 .../ServiceMessagesController.php             |  1 +
 .../ServiceMessagesGateway.php                |  9 ++++++---
 internal-api/js/service-messages.js           | 20 +++++++++++++++++--
 6 files changed, 52 insertions(+), 7 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 8d13ea0a..935a09c1 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -102,6 +102,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                             <th style="display: none"><?php echo $hesklang['id']; ?></th>
                             <th><?php echo $hesklang['sm_mtitle']; ?></th>
                             <th><?php echo $hesklang['sm_author']; ?></th>
+                            <th><?php echo $hesklang['lgs']; ?></th>
                             <th><?php echo $hesklang['sm_type']; ?></th>
                             <th><?php echo $hesklang['opt']; ?></th>
                         </tr>
@@ -131,11 +132,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
             <form id="service-message" class="form-horizontal" data-toggle="validator" method="post">
                 <div class="modal-body">
                     <ul class="nav nav-tabs" role="tablist">
-                        <li role="presentation" class="active"><a href="#contents" role="tab" data-toggle="tab">Contents</a></li>
+                        <li role="presentation" class="active"><a href="#sm-contents" role="tab" data-toggle="tab">Contents</a></li>
                         <li role="presentation"><a href="#properties" role="tab" data-toggle="tab">Properties</a></li>
                     </ul><br>
                     <div class="tab-content">
-                        <div role="tabpanel" class="tab-pane active" id="contents">
+                        <div role="tabpanel" class="tab-pane active" id="sm-contents">
                             <div class="form-group">
                                 <label for="title"
                                        class="col-md-2 control-label"><?php echo $hesklang['sm_mtitle']; ?></label>
@@ -364,6 +365,7 @@ echo mfh_get_hidden_fields_for_language(array(
     'error_deleting_sm',
     'error_sorting_categories',
     'error_retrieving_sm',
+    'all',
 ));
 
 echo '<script>var users = [];';
@@ -376,6 +378,11 @@ while ($row = hesk_dbFetchAssoc($usersRs)) {
         name: '".$row['name']."'
     }\n";
 }
+echo "
+var languages = [];\n";
+foreach ($hesk_settings['languages'] as $key => $value) {
+    echo "languages[" . json_encode($value['folder']) . "] = " . json_encode($key) . ";\n";
+}
 echo '</script>';
 ?>
 <script type="text/html" id="service-message-title-template">
@@ -400,6 +407,7 @@ echo '</script>';
     <td style="display: none"><span data-property="id" data-value="x"></span></td>
     <td><span data-property="title"></span></td>
     <td><span data-property="author"></span></td>
+    <td><span data-property="language"></span></td>
     <td><span data-property="type"></span></td>
     <td>
         <span class="sort-arrows">
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessage.php b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
index 9a5aff94..f40e9b9c 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessage.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessage.php
@@ -33,4 +33,7 @@ class ServiceMessage extends \BaseClass {
 
     /* @var $locations string[] */
     public $locations;
+
+    /* @var $language string */
+    public $language;
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index e852f4cf..2cf31892 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -118,6 +118,20 @@ class ServiceMessageHandler extends \BaseClass {
             $htmlPurifier = new \HeskHTMLPurifier($heskSettings['cache_dir']);
             $serviceMessage->message = $htmlPurifier->heskPurify($serviceMessage->message);
         }
+        if ($serviceMessage->language === null || trim($serviceMessage->language) === '') {
+            $validationModel->errorKeys[] = 'MISSING_LANGUAGE';
+        }
+
+        $languageFound = false;
+        foreach ($heskSettings['languages'] as $key => $value) {
+            if ($value['folder'] === $serviceMessage->language || $serviceMessage->language === 'ALL') {
+                $languageFound = true;
+                break;
+            }
+        }
+        if (!$languageFound) {
+            $validationModel->errorKeys[] = 'LANGUAGE_NOT_INSTALLED';
+        }
 
         if ($serviceMessage->title === null || trim($serviceMessage->title) === '') {
             $validationModel->errorKeys[] = 'MISSING_TITLE';
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index 481c10a6..bf6c26de 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -76,6 +76,7 @@ class ServiceMessagesController extends \BaseClass {
         $serviceMessage->message = Helpers::safeArrayGet($data, 'message');
         $serviceMessage->published = Helpers::safeArrayGet($data, 'published');
         $serviceMessage->style = Helpers::safeArrayGet($data, 'style');
+        $serviceMessage->language = Helpers::safeArrayGet($data, 'language');
 
         $jsonLocations = Helpers::safeArrayGet($data, 'locations');
 
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 6a58b070..371089a9 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -24,14 +24,15 @@ class ServiceMessagesGateway extends CommonDao {
         $type = $serviceMessage->published ? 0 : 1;
 
         // Insert service message into database
-        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`, `icon`) VALUES (
+        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`, `icon`, `mfh_language`) VALUES (
             '" . intval($serviceMessage->createdBy) . "',
             '" . hesk_dbEscape($serviceMessage->title) . "',
             '" . hesk_dbEscape($serviceMessage->message) . "',
             '" . hesk_dbEscape($style) . "',
             '{$type}',
             '{$myOrder}',
-            '" . hesk_dbEscape($serviceMessage->icon) . "'
+            '" . hesk_dbEscape($serviceMessage->icon) . "',
+            '" . hesk_dbEscape($serviceMessage->language) . "',
             )");
 
         $serviceMessage->id = hesk_dbInsertID();
@@ -74,6 +75,7 @@ class ServiceMessagesGateway extends CommonDao {
             $serviceMessage->message = $row['message'];
             $serviceMessage->style = ServiceMessageStyle::getStyleById($row['style']);
             $serviceMessage->icon = $row['icon'];
+            $serviceMessage->language = $row['mfh_language'];
             $serviceMessage->locations = array();
 
             $locationsRs = hesk_dbQuery("SELECT `location` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
@@ -102,7 +104,8 @@ class ServiceMessagesGateway extends CommonDao {
                 `style` = '" . intval($style) . "', 
                 `type` = " . intval($type) . ",
                 `icon` = '" . hesk_dbEscape($serviceMessage->icon) . "',
-                `order` = " . intval($serviceMessage->order) . "
+                `order` = " . intval($serviceMessage->order) . ",
+                `mfh_language` = '" . hesk_dbEscape($serviceMessage->language) . "'
             WHERE `id` = " . intval($serviceMessage->id));
 
         hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
diff --git a/internal-api/js/service-messages.js b/internal-api/js/service-messages.js
index ebe79766..e75719eb 100644
--- a/internal-api/js/service-messages.js
+++ b/internal-api/js/service-messages.js
@@ -50,6 +50,9 @@ function loadTable() {
                 } else {
                     $template.find('span[data-property="type"]').text(mfhLang.text('sm_draft'));
                 }
+                $template.find('[data-property="language"]').text(this.language === 'ALL' ?
+                    mfhLang.text('all') :
+                    languages[this.language]);
 
                 $tableBody.append($template);
 
@@ -148,7 +151,8 @@ function bindEditModal() {
                 .prop('checked', 'checked').end()
             .find('input[name="title"]').val(element.title).end()
             .find('input[name="id"]').val(element.id).end()
-            .find('input[name="order"]').val(element.order).end();
+            .find('input[name="order"]').val(element.order).end()
+            .find('select[name="language"]').val(element.language).end();
         setIcon(element.icon);
 
         $.each(element.locations, function() {
@@ -161,6 +165,11 @@ function bindEditModal() {
             $('textarea[name="message"]').val(element.message);
         }
 
+        $('.tab-pane#sm-contents').addClass('active');
+        $('.tab-pane#properties').removeClass('active');
+        $('.nav-tabs > li').removeClass('active');
+        $('.nav-tabs > li:first').addClass('active');
+
 
         $modal.modal('show');
     });
@@ -177,7 +186,8 @@ function bindCreateModal() {
             .find('input[name="id"]').val(-1).end()
             .find('input[name="order"]').val('').end()
             .find('#preview-pane').html('').end()
-            .find('input[name="location[]"]').prop('checked', false);
+            .find('input[name="location[]"]').prop('checked', false)
+            .find('select[name="language"]').val('ALL');
         setIcon('');
 
         if ($('input[name="kb_wysiwyg"]').val() === "1") {
@@ -186,6 +196,11 @@ function bindCreateModal() {
             $('textarea[name="message"]').val('');
         }
 
+        $('.tab-pane#sm-contents').addClass('active');
+        $('.tab-pane#properties').removeClass('active');
+        $('.nav-tabs > li').removeClass('active');
+        $('.nav-tabs > li:first').addClass('active');
+
         $modal.modal('show');
     });
 }
@@ -218,6 +233,7 @@ function bindFormSubmit() {
             published: $modal.find('input[name="type"]:checked').val() === "0",
             style: styles[$modal.find('input[name="style"]:checked').val()],
             order: $modal.find('input[name="order"]').val(),
+            language: $modal.find('select[name="language"]').val(),
             locations: locations
         };
 

From 3bff7fd30b3efbd10fcc3a6ab23979670b524f7b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 27 Nov 2017 12:22:41 -0500
Subject: [PATCH 17/74] Contentified some strings

---
 admin/service_messages.php | 36 ++++++++++++++++++------------------
 language/en/text.php       |  9 +++++++++
 2 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index 935a09c1..cb08371a 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -259,71 +259,71 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                 </div>
                             </div>
                             <div class="form-group">
-                                <label for="location" class="col-md-2 control-label">[!] Location</label>
+                                <label for="location" class="col-md-2 control-label"><?php echo $hesklang['sm_location']; ?></label>
                                 <div class="col-sm-4" style="margin-left:20px">
-                                    <h5 style="text-decoration: underline;">Customer Pages</h5>
+                                    <h5 style="text-decoration: underline;"><?php echo $hesklang['sm_customer_pages']; ?></h5>
                                     <div class="btn-group btn-group-sm">
                                         <div data-select-all="customer-location" class="btn btn-default">
-                                            Select All
+                                            <?php echo $hesklang['select_all_title_case']; ?>
                                         </div>
                                         <div data-deselect-all="customer-location" class="btn btn-default">
-                                            Deselect All
+                                            <?php echo $hesklang['deselect_all_title_case']; ?>
                                         </div>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
-                                               name="location[]" value="CUSTOMER_HOME"> Homepage
+                                               name="location[]" value="CUSTOMER_HOME"> <?php echo $hesklang['sm_homepage']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
-                                               name="location[]" value="CUSTOMER_KB_HOME"> Knowledgebase Home
+                                               name="location[]" value="CUSTOMER_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
-                                               name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                                               name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
-                                               name="location[]" value="CUSTOMER_SUBMIT_TICKET"> Submit Ticket
+                                               name="location[]" value="CUSTOMER_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
-                                               name="location[]" value="CUSTOMER_VIEW_TICKET"> View Ticket
+                                               name="location[]" value="CUSTOMER_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
                                     </div>
                                 </div>
                                 <div class="col-sm-4" style="margin-left:20px">
-                                    <h5 style="text-decoration: underline;">Staff Pages</h5>
+                                    <h5 style="text-decoration: underline;"><?php echo $hesklang['sm_staff_pages']; ?></h5>
                                     <div class="btn-group btn-group-sm">
                                         <div data-select-all="staff-location" class="btn btn-default">
-                                            Select All
+                                            <?php echo $hesklang['select_all_title_case']; ?>
                                         </div>
                                         <div data-deselect-all="staff-location" class="btn btn-default">
-                                            Deselect All
+                                            <?php echo $hesklang['deselect_all_title_case']; ?>
                                         </div>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_LOGIN"> Login Page
+                                               name="location[]" value="STAFF_LOGIN"> <?php echo $hesklang['sm_login_page']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_HOME"> Homepage
+                                               name="location[]" value="STAFF_HOME"> <?php echo $hesklang['sm_homepage']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_KB_HOME"> Knowledgebase Home
+                                               name="location[]" value="STAFF_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_VIEW_KB_ARTICLE"> View Knowledgebase Article
+                                               name="location[]" value="STAFF_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_SUBMIT_TICKET"> Submit Ticket
+                                               name="location[]" value="STAFF_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
                                     </div>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
-                                               name="location[]" value="STAFF_VIEW_TICKET"> View Ticket
+                                               name="location[]" value="STAFF_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
                                     </div>
                                 </div>
                             </div>
diff --git a/language/en/text.php b/language/en/text.php
index a360ef74..7d62e3f3 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2219,6 +2219,15 @@ $hesklang['error_retrieving_sm'] = 'An error occurred retrieving service message
 $hesklang['error_saving_updating_sm'] = 'An error occurred creating / saving the service message!';
 $hesklang['error_deleting_sm'] = 'An error occurred when trying to delete the service message.';
 $hesklang['error_sorting_sm'] = 'An error occurred sorting service messages!';
+$hesklang['sm_location'] = 'Location'; // Location for service messages
+$hesklang['sm_customer_pages'] = 'Customer Pages';
+$hesklang['sm_staff_pages'] = 'Staff Pages';
+$hesklang['sm_homepage'] = 'Homepage';
+$hesklang['sm_kb_home'] = 'Knowledgebase Home';
+$hesklang['sm_view_kb_article'] = 'View Knowledgebase Article';
+$hesklang['sm_submit_ticket'] = 'Submit Ticket';
+$hesklang['sm_view_ticket'] = 'View Ticket';
+$hesklang['sm_login_page'] = 'Login Page';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 902f3edcf6c2ab3e5febffd41299cf80a2dc3045 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 27 Nov 2017 12:51:34 -0500
Subject: [PATCH 18/74] Only show locations that are active

---
 admin/service_messages.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/admin/service_messages.php b/admin/service_messages.php
index cb08371a..052e0eb4 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -50,11 +50,6 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                    title="<?php echo hesk_makeJsString($hesklang['sm_intro']); ?>"
                     data-placement="bottom"></i>
             </h1>
-            <div class="box-tools pull-right">
-                <button type="button" class="btn btn-box-tool" data-widget="collapse">
-                    <i class="fa fa-minus"></i>
-                </button>
-            </div>
         </div>
         <div class="box-body">
             <div class="row">
@@ -274,6 +269,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="customer-location" type="checkbox"
                                                name="location[]" value="CUSTOMER_HOME"> <?php echo $hesklang['sm_homepage']; ?>
                                     </div>
+                                    <?php if ($hesk_settings['kb_enable'] > 0): ?>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
                                                name="location[]" value="CUSTOMER_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
@@ -282,6 +278,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="customer-location" type="checkbox"
                                                name="location[]" value="CUSTOMER_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
                                     </div>
+                                    <?php endif; if ($hesk_settings['kb_enable'] != 2): ?>
                                     <div class="checkbox">
                                         <input data-select-target="customer-location" type="checkbox"
                                                name="location[]" value="CUSTOMER_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
@@ -290,6 +287,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="customer-location" type="checkbox"
                                                name="location[]" value="CUSTOMER_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
                                     </div>
+                                    <?php endif; ?>
                                 </div>
                                 <div class="col-sm-4" style="margin-left:20px">
                                     <h5 style="text-decoration: underline;"><?php echo $hesklang['sm_staff_pages']; ?></h5>
@@ -309,6 +307,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="staff-location" type="checkbox"
                                                name="location[]" value="STAFF_HOME"> <?php echo $hesklang['sm_homepage']; ?>
                                     </div>
+                                    <?php if ($hesk_settings['kb_enable'] > 0): ?>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
                                                name="location[]" value="STAFF_KB_HOME"> <?php echo $hesklang['sm_kb_home']; ?>
@@ -317,6 +316,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="staff-location" type="checkbox"
                                                name="location[]" value="STAFF_VIEW_KB_ARTICLE"> <?php echo $hesklang['sm_view_kb_article']; ?>
                                     </div>
+                                    <?php endif; if ($hesk_settings['kb_enable'] != 2): ?>
                                     <div class="checkbox">
                                         <input data-select-target="staff-location" type="checkbox"
                                                name="location[]" value="STAFF_SUBMIT_TICKET"> <?php echo $hesklang['sm_submit_ticket']; ?>
@@ -325,6 +325,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                         <input data-select-target="staff-location" type="checkbox"
                                                name="location[]" value="STAFF_VIEW_TICKET"> <?php echo $hesklang['sm_view_ticket']; ?>
                                     </div>
+                                    <?php endif; ?>
                                 </div>
                             </div>
                         </div>

From 2faac6be1a44e84425ca65e291b153ce9579c707 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 27 Nov 2017 13:00:35 -0500
Subject: [PATCH 19/74] Fixed type not being stored, working on display
 locations

---
 api/DataAccess/ServiceMessages/ServiceMessagesGateway.php | 4 ++--
 index.php                                                 | 7 ++++++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index 371089a9..d9d8985a 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -32,7 +32,7 @@ class ServiceMessagesGateway extends CommonDao {
             '{$type}',
             '{$myOrder}',
             '" . hesk_dbEscape($serviceMessage->icon) . "',
-            '" . hesk_dbEscape($serviceMessage->language) . "',
+            '" . hesk_dbEscape($serviceMessage->language) . "'
             )");
 
         $serviceMessage->id = hesk_dbInsertID();
@@ -102,7 +102,7 @@ class ServiceMessagesGateway extends CommonDao {
             SET `title` = '" . hesk_dbEscape($serviceMessage->title) . "', 
                 `message` = '" . hesk_dbEscape($serviceMessage->message) . "', 
                 `style` = '" . intval($style) . "', 
-                `type` = " . intval($type) . ",
+                `type` = '{$type}',
                 `icon` = '" . hesk_dbEscape($serviceMessage->icon) . "',
                 `order` = " . intval($serviceMessage->order) . ",
                 `mfh_language` = '" . hesk_dbEscape($serviceMessage->language) . "'
diff --git a/index.php b/index.php
index e9082980..ad824f67 100644
--- a/index.php
+++ b/index.php
@@ -1315,7 +1315,12 @@ function print_start()
 </ol>
     <?php
     // Service messages
-    $res = hesk_dbQuery('SELECT `title`, `message`, `style`, `icon` FROM `'.hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `type`='0' ORDER BY `order` ASC");
+    $res = hesk_dbQuery('SELECT `title`, `message`, `style`, `icon` FROM `'.hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` AS `sm`
+        INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix'])  . "mfh_service_message_to_location` AS `location`
+            ON `sm`.`id` = `location`.`service_message_id`
+            AND `location`.`location` = 'CUSTOMER_HOME'
+        WHERE `type`='0' 
+        ORDER BY `order` ASC");
     if (hesk_dbNumRows($res) > 0)
     {
     ?>

From 3e8085110ff464b269fe96d9ab0e4efd4c15c98b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 28 Nov 2017 13:03:06 -0500
Subject: [PATCH 20/74] Service messages now appear in their proper locations

---
 admin/admin_main.php            | 10 +++++++++-
 admin/admin_ticket.php          |  5 +++++
 admin/index.php                 |  6 ++++++
 admin/knowledgebase_private.php | 19 ++++++++++++++++++-
 admin/manage_knowledgebase.php  |  6 ++++++
 admin/new_ticket.php            |  5 +++++
 inc/common.inc.php              | 21 +++++++++++++++++++++
 index.php                       | 21 ++++++++++-----------
 knowledgebase.php               | 15 +++++++++++----
 ticket.php                      | 13 +++++++++++++
 10 files changed, 104 insertions(+), 17 deletions(-)

diff --git a/admin/admin_main.php b/admin/admin_main.php
index 0d6dcefc..59898d18 100644
--- a/admin/admin_main.php
+++ b/admin/admin_main.php
@@ -54,7 +54,15 @@ else {
 ?>
 <div class="content-wrapper">
     <section class="content">
-    <?php hesk_handle_messages(); ?>
+    <?php
+    // Service messages
+    $service_messages = mfh_get_service_messages('STAFF_HOME');
+    foreach ($service_messages as $sm) {
+        hesk_service_message($sm);
+    }
+
+    hesk_handle_messages();
+    ?>
     <div class="box">
         <div class="box-header with-border">
             <h1 class="box-title">
diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php
index 150b54e6..36804051 100644
--- a/admin/admin_ticket.php
+++ b/admin/admin_ticket.php
@@ -939,6 +939,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
     /* This will handle error, success and notice messages */
     hesk_handle_messages();
 
+    $service_messages = mfh_get_service_messages('STAFF_VIEW_TICKET');
+    foreach ($service_messages as $sm) {
+        hesk_service_message($sm);
+    }
+
     // Prepare special custom fields
     foreach ($hesk_settings['custom_fields'] as $k=>$v) {
         if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) {
diff --git a/admin/index.php b/admin/index.php
index aec1e374..f623d4a0 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -278,6 +278,12 @@ function print_login()
                 <?php
                 /* This will handle error, success and notice messages */
                 hesk_handle_messages();
+
+                // Service messages
+                $service_messages = mfh_get_service_messages('STAFF_LOGIN');
+                foreach ($service_messages as $sm) {
+                    hesk_service_message($sm);
+                }
                 ?>
             </div>
             <div class="login-logo">
diff --git a/admin/knowledgebase_private.php b/admin/knowledgebase_private.php
index 041da9bd..e2cd0277 100644
--- a/admin/knowledgebase_private.php
+++ b/admin/knowledgebase_private.php
@@ -121,7 +121,9 @@ function hesk_kb_header($kb_link, $catid=1)
     </ol>
 	<?php
 		show_subnav('view', $catid);
+        echo '<div style="margin-left:40px;margin-right:40px">';
 		hesk_kbSearchLarge(1);
+        echo '</div>';
 } // END hesk_kb_header()
 
 
@@ -214,7 +216,15 @@ function hesk_show_kb_article($artid)
 
 ?>
 <div class="content-wrapper">
-	<?php hesk_kb_header($hesk_settings['kb_link'], $article['catid']); ?>
+	<?php
+    hesk_kb_header($hesk_settings['kb_link'], $article['catid']);
+    echo '<div style="margin-left:40px;margin-right:40px">';
+    $service_messages = mfh_get_service_messages('STAFF_VIEW_KB_ARTICLE');
+    foreach ($service_messages as $sm) {
+        hesk_service_message($sm);
+    }
+    echo '</div>';
+    ?>
 	<section class="content">
 		<div class="box">
 			<div class="box-header with-border">
@@ -397,6 +407,13 @@ function hesk_show_kb_category($catid, $is_search = 0) {
 	{
 		/* Print header */
 		hesk_kb_header($hesk_settings['kb_link'], $catid);
+
+        echo '<div style="margin-left:40px;margin-right:40px">';
+        $service_messages = mfh_get_service_messages('STAFF_KB_HOME');
+        foreach ($service_messages as $sm) {
+            hesk_service_message($sm);
+        }
+        echo '</div>';
 	} ?>
 	<section class="content">
 		<?php if ($thiscat['parent']): ?>
diff --git a/admin/manage_knowledgebase.php b/admin/manage_knowledgebase.php
index b126a326..03e4ba6f 100644
--- a/admin/manage_knowledgebase.php
+++ b/admin/manage_knowledgebase.php
@@ -270,6 +270,12 @@ if (!isset($_SESSION['hide']['treemenu']))
         <?php
         show_subnav();
 
+        // Service messages
+        $service_messages = mfh_get_service_messages('STAFF_KB_HOME');
+        foreach ($service_messages as $sm) {
+            hesk_service_message($sm);
+        }
+
         // Show a notice if total public articles is less than 5
         if ($total_articles < 5)
         {
diff --git a/admin/new_ticket.php b/admin/new_ticket.php
index 9128c017..261077a3 100644
--- a/admin/new_ticket.php
+++ b/admin/new_ticket.php
@@ -157,6 +157,11 @@ $show_quick_help = $show['show'];
     /* This will handle error, success and notice messages */
     hesk_handle_messages();
 
+    $service_messages = mfh_get_service_messages('STAFF_SUBMIT_TICKET');
+    foreach ($service_messages as $sm) {
+        hesk_service_message($sm);
+    }
+
     if ($show_quick_help): ?>
     <div class="box">
         <div class="box-header with-border">
diff --git a/inc/common.inc.php b/inc/common.inc.php
index b510e92b..b6ce26f9 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -192,6 +192,27 @@ function hesk_service_message($sm)
     <?php
 } // END hesk_service_message()
 
+function mfh_get_service_messages($location) {
+    global $hesk_settings;
+
+    $language = $hesk_settings['languages'][$hesk_settings['language']]['folder'];
+
+    $res = hesk_dbQuery('SELECT `title`, `message`, `style`, `icon` FROM `'.hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` AS `sm`
+        INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix'])  . "mfh_service_message_to_location` AS `location`
+            ON `sm`.`id` = `location`.`service_message_id`
+            AND `location`.`location` = '" . hesk_dbEscape($location) . "'
+            AND `sm`.`mfh_language` IN ('ALL', '" . hesk_dbEscape($language) . "')
+        WHERE `type`='0' 
+        ORDER BY `order` ASC");
+
+    $sm = array();
+    while ($row = hesk_dbFetchAssoc($res)) {
+        $sm[] = $row;
+    }
+
+    return $sm;
+}
+
 
 function hesk_isBannedIP($ip)
 {
diff --git a/index.php b/index.php
index ad824f67..e985b676 100644
--- a/index.php
+++ b/index.php
@@ -79,7 +79,6 @@ function print_select_category($number_of_categories)
     ?>
 
     <div style="text-align: center">
-
         <h3><?php echo $hesklang['select_category_text']; ?></h3>
 
         <div class="select_category">
@@ -322,6 +321,13 @@ function print_add_ticket()
             <h2><?php hesk_showTopBar($hesklang['submit_ticket']); ?></h2>
             <small><?php echo $hesklang['use_form_below']; ?></small>
             <div class="blankSpace"></div>
+            <?php
+            // Service messages
+            $service_messages = mfh_get_service_messages('CUSTOMER_SUBMIT_TICKET');
+            foreach ($service_messages as $sm) {
+                hesk_service_message($sm);
+            }
+            ?>
 
             <div align="left" class="h3"><?php echo $hesklang['add_ticket_general_information']; ?></div>
             <div class="footerWithBorder"></div>
@@ -1315,20 +1321,13 @@ function print_start()
 </ol>
     <?php
     // Service messages
-    $res = hesk_dbQuery('SELECT `title`, `message`, `style`, `icon` FROM `'.hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` AS `sm`
-        INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix'])  . "mfh_service_message_to_location` AS `location`
-            ON `sm`.`id` = `location`.`service_message_id`
-            AND `location`.`location` = 'CUSTOMER_HOME'
-        WHERE `type`='0' 
-        ORDER BY `order` ASC");
-    if (hesk_dbNumRows($res) > 0)
-    {
+    $service_messages = mfh_get_service_messages('CUSTOMER_HOME');
+    if (count($service_messages) > 0) {
     ?>
     <div class="row">
         <div class="col-md-12">
             <?php
-            while ($sm=hesk_dbFetchAssoc($res))
-            {
+            foreach ($service_messages as $sm) {
                 hesk_service_message($sm);
             }
             ?>
diff --git a/knowledgebase.php b/knowledgebase.php
index fdb2a3a4..22e86586 100644
--- a/knowledgebase.php
+++ b/knowledgebase.php
@@ -254,6 +254,13 @@ if (!$show['show']) {
             require_once(HESK_PATH . 'inc/header.inc.php');
             hesk_kb_header($hesk_settings['kb_link']);
 
+
+            // Service messages
+            $service_messages = mfh_get_service_messages('CUSTOMER_VIEW_KB_ARTICLE');
+            foreach ($service_messages as $sm) {
+                hesk_service_message($sm);
+            }
+
             // Update views by 1 - exclude known bots and reloads because of ratings
             if (!isset($_GET['rated']) && !hesk_detect_bots()) {
                 hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `views`=`views`+1 WHERE `id`={$artid}");
@@ -406,11 +413,11 @@ if (!$show['show']) {
                 hesk_kb_header($hesk_settings['kb_link']);
             }
 
-            // If we are in "Knowledgebase only" mode show system messages
-            if ($catid == 1 && hesk_check_kb_only(false)) {
+            // Display service messages on the default category
+            if ($catid == 1) {
                 // Service messages
-                $res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `type`='0' ORDER BY `order` ASC");
-                while ($sm = hesk_dbFetchAssoc($res)) {
+                $service_messages = mfh_get_service_messages('CUSTOMER_KB_HOME');
+                foreach ($service_messages as $sm) {
                     hesk_service_message($sm);
                 }
             }
diff --git a/ticket.php b/ticket.php
index cb7ef11b..316dac96 100644
--- a/ticket.php
+++ b/ticket.php
@@ -215,6 +215,13 @@ if (!$show['show']) {
     <?php endif; ?>
     <div class="<?php echo $columnWidth; ?>">
         <?php
+        // Service messages
+        $service_messages = mfh_get_service_messages('CUSTOMER_VIEW_TICKET');
+        foreach ($service_messages as $sm) {
+            hesk_service_message($sm);
+        }
+
+
         /* This will handle error, success and notice messages */
         hesk_handle_messages();
 
@@ -478,6 +485,12 @@ function print_form()
         <?php endif; ?>
         <div class="<?php echo $columnWidth; ?>">
             <?php
+            // Service messages
+            $service_messages = mfh_get_service_messages('CUSTOMER_VIEW_TICKET');
+            foreach ($service_messages as $sm) {
+                hesk_service_message($sm);
+            }
+
             /* This will handle error, success and notice messages */
             hesk_handle_messages();
             ?>

From f70c3635a9d30b3440414c59b9c1c9854b443b04 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 29 Nov 2017 21:58:30 -0500
Subject: [PATCH 21/74] Working on moving the calendar API

---
 api/BusinessLogic/Calendar/AbstractEvent.php |  20 +++
 api/BusinessLogic/Calendar/CalendarEvent.php |  21 +++
 api/BusinessLogic/Calendar/TicketEvent.php   |  18 +++
 api/DataAccess/Calendar/CalendarGateway.php  | 129 +++++++++++++++++++
 4 files changed, 188 insertions(+)
 create mode 100644 api/BusinessLogic/Calendar/AbstractEvent.php
 create mode 100644 api/BusinessLogic/Calendar/CalendarEvent.php
 create mode 100644 api/BusinessLogic/Calendar/TicketEvent.php
 create mode 100644 api/DataAccess/Calendar/CalendarGateway.php

diff --git a/api/BusinessLogic/Calendar/AbstractEvent.php b/api/BusinessLogic/Calendar/AbstractEvent.php
new file mode 100644
index 00000000..5413ef48
--- /dev/null
+++ b/api/BusinessLogic/Calendar/AbstractEvent.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class AbstractEvent {
+    public $startTime;
+
+    public $title;
+
+    public $categoryId;
+
+    public $categoryName;
+
+    public $backgroundColor;
+
+    public $foregroundColor;
+
+    public $displayBorder;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
new file mode 100644
index 00000000..91a45761
--- /dev/null
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class CalendarEvent extends AbstractEvent {
+    public $type = 'CALENDAR';
+
+    public $endTime;
+
+    /* @var $allDay bool */
+    public $allDay;
+
+    public $location;
+
+    public $comments;
+
+    public $reminderValue;
+
+    public $reminderUnits;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/TicketEvent.php b/api/BusinessLogic/Calendar/TicketEvent.php
new file mode 100644
index 00000000..e2e7102f
--- /dev/null
+++ b/api/BusinessLogic/Calendar/TicketEvent.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class TicketEvent extends AbstractEvent {
+    public $type = 'TICKET';
+
+    public $trackingId;
+
+    public $subject;
+
+    public $url;
+
+    public $owner;
+
+    public $priority;
+}
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
new file mode 100644
index 00000000..8327808b
--- /dev/null
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -0,0 +1,129 @@
+<?php
+
+namespace DataAccess\Calendar;
+
+
+use BusinessLogic\Security\UserContext;
+use DataAccess\CommonDao;
+
+class CalendarGateway extends CommonDao {
+
+    /**
+     * @param $startTime int
+     * @param $endTime int
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @return array
+     */
+    public function getEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
+        $this->init();
+
+        $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
+        $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
+
+        $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
+        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border` ";
+
+        if ($staff) {
+            $sql .= ",`reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit` ";
+        }
+
+        $sql .= "FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
+        INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
+            ON `events`.`category` = `categories`.`id` ";
+
+        if ($staff) {
+            $sql .= "LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders` ON
+        `reminders`.`user_id` = " . intval($_SESSION['id']) . " AND `reminders`.`event_id` = `events`.`id`";
+        }
+        $sql .= "WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql}) AND `categories`.`usage` <> 1";
+
+        if (!$staff) {
+            $sql .= " AND `categories`.`type` = '0'";
+        }
+
+        $rs = hesk_dbQuery($sql);
+
+        $events = array();
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            // Skip the event if the user does not have access to it
+            // TODO This should be business logic
+            if ($staff && !$_SESSION['isadmin'] && !in_array($row['category'], $_SESSION['categories'])) {
+                continue;
+            }
+
+            $event['type'] = 'CALENDAR';
+            $event['id'] = intval($row['id']);
+            $event['startTime'] = $row['start'];
+            $event['endTime'] = $row['end'];
+            $event['allDay'] = $row['all_day'] ? true : false;
+            $event['title'] = $row['name'];
+            $event['location'] = $row['location'];
+            $event['comments'] = $row['comments'];
+            $event['categoryId'] = $row['category'];
+            $event['categoryName'] = $row['category_name'];
+            $event['backgroundColor'] = $row['background_color'];
+            $event['foregroundColor'] = $row['foreground_color'];
+            $event['displayBorder'] = $row['display_border'];
+
+            if ($staff) {
+                $event['reminderValue'] = $row['reminder_value'];
+                $event['reminderUnits'] = $row['reminder_unit'];
+            }
+
+            $events[] = $event;
+        }
+
+        if ($staff) {
+            $oldTimeSetting = $heskSettings['timeformat'];
+            $heskSettings['timeformat'] = 'Y-m-d';
+            $currentDate = hesk_date();
+            $heskSettings['timeformat'] = $oldTimeSetting;
+
+            $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
+        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
+          CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
+           `tickets`.`priority` AS `priority`
+        FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` AS `tickets`
+        INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
+            ON `categories`.`id` = `tickets`.`category`
+            AND `categories`.`usage` <> 2
+        LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
+            ON `tickets`.`owner` = `owner`.`id`
+        WHERE `due_date` >= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime)
+                . " / 1000), @@session.time_zone, '+00:00')
+        AND `due_date` <= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')
+        AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) ";
+
+            $rs = hesk_dbQuery($sql);
+            while ($row = hesk_dbFetchAssoc($rs)) {
+                // Skip the ticket if the user does not have access to it
+                if (!hesk_checkPermission('can_view_tickets', 0)
+                    || ($row['owner_id'] && $row['owner_id'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0))
+                    || (!$row['owner_id'] && !hesk_checkPermission('can_view_unassigned', 0))) {
+                    continue;
+                }
+
+                $event['type'] = 'TICKET';
+                $event['trackingId'] = $row['trackid'];
+                $event['subject'] = $row['subject'];
+                $event['title'] = $row['subject'];
+                $event['startTime'] = $row['due_date'];
+                $event['url'] = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
+                $event['categoryId'] = $row['category'];
+                $event['categoryName'] = $row['category_name'];
+                $event['backgroundColor'] = $row['background_color'];
+                $event['foregroundColor'] = $row['foreground_color'];
+                $event['displayBorder'] = $row['display_border'];
+                $event['owner'] = $row['owner_name'];
+                $event['priority'] = $row['priority'];
+
+                $events[] = $event;
+            }
+        }
+
+        $this->close();
+
+        return $events;
+    }
+}
\ No newline at end of file

From 0a2e37320aef3a7cd9c4f8670772ba051c249a00 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 1 Dec 2017 12:56:23 -0500
Subject: [PATCH 22/74] Working on adding controller security

---
 api/BusinessLogic/Security/UserPrivilege.php    |  1 +
 .../ServiceMessagesController.php               | 17 ++++++++++++++++-
 api/Core/json_error.php                         |  6 +++++-
 api/index.php                                   |  2 +-
 4 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/api/BusinessLogic/Security/UserPrivilege.php b/api/BusinessLogic/Security/UserPrivilege.php
index 353e8e43..8cd1eee4 100644
--- a/api/BusinessLogic/Security/UserPrivilege.php
+++ b/api/BusinessLogic/Security/UserPrivilege.php
@@ -15,4 +15,5 @@ class UserPrivilege extends \BaseClass {
     const CAN_EDIT_TICKETS = 'can_edit_tickets';
     const CAN_DELETE_TICKETS = 'can_del_tickets';
     const CAN_MANAGE_CATEGORIES = 'can_man_cat';
+    const CAN_MANAGE_SERVICE_MESSAGES = 'can_service_msg';
 }
\ No newline at end of file
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index bf6c26de..b147f123 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -2,15 +2,30 @@
 
 namespace Controllers\ServiceMessages;
 
+use BusinessLogic\Exceptions\ApiFriendlyException;
 use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
+use BusinessLogic\Security\UserPrivilege;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageHandler;
+use Controllers\ControllerWithSecurity;
 use Controllers\JsonRetriever;
 
 class ServiceMessagesController extends \BaseClass {
+    /**
+     * @param $userContext UserContext
+     * @throws ApiFriendlyException
+     */
+    function checkSecurity($userContext) {
+        if (!in_array(UserPrivilege::CAN_MANAGE_SERVICE_MESSAGES, $userContext->permissions)) {
+            throw new ApiFriendlyException("User does not have permission to access the following URI: " . $_SERVER['REQUEST_URI'], "Access Forbidden", 403);
+        }
+    }
+    
     function get() {
-        global $applicationContext, $hesk_settings;
+        global $applicationContext, $hesk_settings, $userContext;
+
+        $this->checkSecurity($userContext);
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
diff --git a/api/Core/json_error.php b/api/Core/json_error.php
index 1ff438c0..c9ea1b61 100644
--- a/api/Core/json_error.php
+++ b/api/Core/json_error.php
@@ -7,7 +7,11 @@ function print_error($title, $message, $logId = null, $response_code = 500) {
     $error['type'] = 'ERROR';
     $error['title'] = $title;
     $error['message'] = $message;
-    $error['logId'] = $logId;
+
+    if ($logId !== null) {
+        $error['logId'] = $logId;
+    }
+
 
     print output($error, $response_code);
     return;
diff --git a/api/index.php b/api/index.php
index d7fa3656..8502e108 100644
--- a/api/index.php
+++ b/api/index.php
@@ -105,7 +105,7 @@ function exceptionHandler($exception) {
         /* @var $castedException \BusinessLogic\Exceptions\ApiFriendlyException */
         $castedException = $exception;
 
-        print_error($castedException->title, $castedException->getMessage(), $castedException->httpResponseCode);
+        print_error($castedException->title, $castedException->getMessage(), null, $castedException->httpResponseCode);
     } elseif (exceptionIsOfType($exception, \Core\Exceptions\SQLException::clazz())) {
         /* @var $castedException \Core\Exceptions\SQLException */
         $castedException = $exception;

From 39e61b85c46643aa1ae508e568513391701de1ee Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 4 Dec 2017 12:56:09 -0500
Subject: [PATCH 23/74] Fixed some issues with the service messages endpoints:

---
 .../MissingAuthenticationTokenException.php   |  4 +-
 api/BusinessLogic/Security/UserContext.php    |  4 ++
 .../GetServiceMessagesFilter.php              | 12 ++++++
 .../ServiceMessages/ServiceMessageHandler.php |  8 ++--
 .../ServiceMessagesController.php             | 38 +++++++++++++++----
 .../ServiceMessagesGateway.php                | 31 +++++++++++++--
 api/index.php                                 | 13 +++++--
 7 files changed, 90 insertions(+), 20 deletions(-)
 create mode 100644 api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php

diff --git a/api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php b/api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php
index 596839ff..267a82c0 100644
--- a/api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php
+++ b/api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php
@@ -4,8 +4,8 @@ namespace BusinessLogic\Exceptions;
 
 class MissingAuthenticationTokenException extends ApiFriendlyException {
     function __construct() {
-        parent::__construct("An 'X-Auth-Token' is required for all requests",
+        parent::__construct("An 'X-Auth-Token' is required for this request",
             'Security Exception',
-            400);
+            401);
     }
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Security/UserContext.php b/api/BusinessLogic/Security/UserContext.php
index 3055b4ff..6ce0fba0 100644
--- a/api/BusinessLogic/Security/UserContext.php
+++ b/api/BusinessLogic/Security/UserContext.php
@@ -57,6 +57,10 @@ class UserContext extends \BaseClass {
     /* @var $active bool */
     public $active;
 
+    function isAnonymousUser() {
+        return $this->id === -1;
+    }
+
     static function buildAnonymousUser() {
         $userContext = new UserContext();
         $userContext->id = -1;
diff --git a/api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php b/api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php
new file mode 100644
index 00000000..a8f381d6
--- /dev/null
+++ b/api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php
@@ -0,0 +1,12 @@
+<?php
+
+namespace BusinessLogic\ServiceMessages;
+
+
+class GetServiceMessagesFilter {
+    /* @var $includeStaffServiceMessages bool */
+    public $includeStaffServiceMessages = true;
+
+    /* @var $includeDrafts bool */
+    public $includeDrafts = true;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
index 2cf31892..f27c9326 100644
--- a/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
+++ b/api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
@@ -43,8 +43,8 @@ class ServiceMessageHandler extends \BaseClass {
         return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
     }
 
-    function getServiceMessages($heskSettings) {
-        return $this->serviceMessageGateway->getServiceMessages($heskSettings);
+    function getServiceMessages($heskSettings, $searchFilter) {
+        return $this->serviceMessageGateway->getServiceMessages($heskSettings, $searchFilter);
     }
 
     function editServiceMessage($serviceMessage, $heskSettings) {
@@ -78,7 +78,7 @@ class ServiceMessageHandler extends \BaseClass {
     }
 
     function sortServiceMessage($id, $direction, $heskSettings) {
-        $serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings);
+        $serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings, new GetServiceMessagesFilter());
         $serviceMessage = null;
         foreach ($serviceMessages as $innerServiceMessage) {
             if (intval($innerServiceMessage->id) === intval($id)) {
@@ -129,7 +129,7 @@ class ServiceMessageHandler extends \BaseClass {
                 break;
             }
         }
-        if (!$languageFound) {
+        if (!$languageFound && !in_array('MISSING_LANGUAGE', $validationModel->errorKeys)) {
             $validationModel->errorKeys[] = 'LANGUAGE_NOT_INSTALLED';
         }
 
diff --git a/api/Controllers/ServiceMessages/ServiceMessagesController.php b/api/Controllers/ServiceMessages/ServiceMessagesController.php
index b147f123..48da1a7d 100644
--- a/api/Controllers/ServiceMessages/ServiceMessagesController.php
+++ b/api/Controllers/ServiceMessages/ServiceMessagesController.php
@@ -6,6 +6,7 @@ use BusinessLogic\Exceptions\ApiFriendlyException;
 use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
 use BusinessLogic\Security\UserPrivilege;
+use BusinessLogic\ServiceMessages\GetServiceMessagesFilter;
 use BusinessLogic\ServiceMessages\ServiceMessage;
 use BusinessLogic\ServiceMessages\ServiceMessageHandler;
 use Controllers\ControllerWithSecurity;
@@ -17,25 +18,41 @@ class ServiceMessagesController extends \BaseClass {
      * @throws ApiFriendlyException
      */
     function checkSecurity($userContext) {
-        if (!in_array(UserPrivilege::CAN_MANAGE_SERVICE_MESSAGES, $userContext->permissions)) {
+        if (!$userContext->admin && !in_array(UserPrivilege::CAN_MANAGE_SERVICE_MESSAGES, $userContext->permissions)) {
+            throw new ApiFriendlyException("User does not have permission to access the following URI: " . $_SERVER['REQUEST_URI'], "Access Forbidden", 403);
+        }
+    }
+
+    static function staticCheckSecurity($userContext) {
+        if (!$userContext->admin && !in_array(UserPrivilege::CAN_MANAGE_SERVICE_MESSAGES, $userContext->permissions)) {
             throw new ApiFriendlyException("User does not have permission to access the following URI: " . $_SERVER['REQUEST_URI'], "Access Forbidden", 403);
         }
     }
     
     function get() {
+        /* @var $userContext UserContext */
+        /* @var $hesk_settings array */
         global $applicationContext, $hesk_settings, $userContext;
 
-        $this->checkSecurity($userContext);
+        $searchFilter = new GetServiceMessagesFilter();
+        if ($userContext->isAnonymousUser()) {
+            $searchFilter->includeDrafts = false;
+            $searchFilter->includeStaffServiceMessages = false;
+        } elseif (!$userContext->admin && !in_array(UserPrivilege::CAN_MANAGE_SERVICE_MESSAGES, $userContext->permissions)) {
+            $searchFilter->includeDrafts = false;
+        }
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
 
-        return output($handler->getServiceMessages($hesk_settings));
+        return output($handler->getServiceMessages($hesk_settings, $searchFilter));
     }
 
     function post() {
         global $applicationContext, $userContext, $hesk_settings;
 
+        $this->checkSecurity($userContext);
+
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
 
@@ -46,7 +63,9 @@ class ServiceMessagesController extends \BaseClass {
     }
 
     function put($id) {
-        global $applicationContext, $hesk_settings;
+        global $applicationContext, $hesk_settings, $userContext;
+
+        $this->checkSecurity($userContext);
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
@@ -60,7 +79,9 @@ class ServiceMessagesController extends \BaseClass {
     }
 
     function delete($id) {
-        global $applicationContext, $hesk_settings;
+        global $applicationContext, $hesk_settings, $userContext;
+
+        $this->checkSecurity($userContext);
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
@@ -79,7 +100,7 @@ class ServiceMessagesController extends \BaseClass {
         $serviceMessage = new ServiceMessage();
 
         if (!$creating) {
-            $serviceMessage->order = $data['order'];
+            $serviceMessage->order = Helpers::safeArrayGet($data, 'order');
         }
 
         if ($creating) {
@@ -105,7 +126,10 @@ class ServiceMessagesController extends \BaseClass {
     }
 
     static function sort($id, $direction) {
-        global $applicationContext, $hesk_settings;
+        /* @var $userContext UserContext */
+        global $applicationContext, $hesk_settings, $userContext;
+
+        self::staticCheckSecurity($userContext);
 
         /* @var $handler ServiceMessageHandler */
         $handler = $applicationContext->get(ServiceMessageHandler::clazz());
diff --git a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
index d9d8985a..e15a593e 100644
--- a/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
+++ b/api/DataAccess/ServiceMessages/ServiceMessagesGateway.php
@@ -3,7 +3,9 @@
 namespace DataAccess\ServiceMessages;
 
 
+use BusinessLogic\ServiceMessages\GetServiceMessagesFilter;
 use BusinessLogic\ServiceMessages\ServiceMessage;
+use BusinessLogic\ServiceMessages\ServiceMessageLocation;
 use BusinessLogic\ServiceMessages\ServiceMessageStyle;
 use DataAccess\CommonDao;
 
@@ -56,14 +58,29 @@ class ServiceMessagesGateway extends CommonDao {
 
     /**
      * @param $heskSettings
+     * @param $searchFilter GetServiceMessagesFilter
      * @return ServiceMessage[]
      */
-    function getServiceMessages($heskSettings) {
+    function getServiceMessages($heskSettings, $searchFilter) {
         $this->init();
 
         $serviceMessages = array();
 
-        $rs = hesk_dbQuery("SELECT * FROM `". hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` ORDER BY `order`");
+        $sql = "SELECT DISTINCT `service_messages`.* FROM `". hesk_dbEscape($heskSettings['db_pfix']) . "service_messages` AS `service_messages` ";
+
+        if (!$searchFilter->includeStaffServiceMessages) {
+            $sql .= "INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location` AS `location`
+                ON `location`.`service_message_id` = `service_messages`.`id` AND `location`.`location` LIKE 'CUSTOMER%' ";
+        }
+
+        if (!$searchFilter->includeDrafts) {
+            $sql .= "WHERE `type` = '0' ";
+        }
+
+        $sql .= "ORDER BY `order`";
+
+
+        $rs = hesk_dbQuery($sql);
         while ($row = hesk_dbFetchAssoc($rs)) {
             $serviceMessage = new ServiceMessage();
             $serviceMessage->id = $row['id'];
@@ -78,8 +95,14 @@ class ServiceMessagesGateway extends CommonDao {
             $serviceMessage->language = $row['mfh_language'];
             $serviceMessage->locations = array();
 
-            $locationsRs = hesk_dbQuery("SELECT `location` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
-                WHERE `service_message_id` = " . intval($serviceMessage->id));
+            $locationSql = "SELECT `location` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_service_message_to_location`
+                WHERE `service_message_id` = " . intval($serviceMessage->id);
+
+            if (!$searchFilter->includeStaffServiceMessages) {
+                $locationSql .= " AND `location` LIKE 'CUSTOMER%'";
+            }
+
+            $locationsRs = hesk_dbQuery($locationSql);
             while ($innerRow = hesk_dbFetchAssoc($locationsRs)) {
                 $serviceMessage->locations[] = $innerRow['location'];
             }
diff --git a/api/index.php b/api/index.php
index 8502e108..3a67c362 100644
--- a/api/index.php
+++ b/api/index.php
@@ -45,8 +45,15 @@ function internalOrAuthHandler() {
 function publicHandler() {
     global $userContext;
 
-    //-- Create an "anonymous" UserContext
-    $userContext = \BusinessLogic\Security\UserContext::buildAnonymousUser();
+    // Check if we passed in a X-Auth-Token or X-Internal-Call header. Those take priority
+    if (\BusinessLogic\Helpers::getHeader('X-INTERNAL-CALL') === 'true') {
+        internalHandler();
+    } elseif (\BusinessLogic\Helpers::getHeader('X-AUTH-TOKEN') !== null) {
+        authTokenHandler();
+    } else {
+        //-- Create an "anonymous" UserContext
+        $userContext = \BusinessLogic\Security\UserContext::buildAnonymousUser();
+    }
 }
 
 function assertApiIsEnabled() {
@@ -205,7 +212,7 @@ Link::all(array(
     // Service Messages
     '/v1/service-messages' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
         array(RequestMethod::GET, RequestMethod::POST),
-        SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+        SecurityHandler::OPEN),
     '/v1/service-messages/{i}' => action(\Controllers\ServiceMessages\ServiceMessagesController::clazz(),
         array(RequestMethod::PUT, RequestMethod::DELETE),
         SecurityHandler::INTERNAL_OR_AUTH_TOKEN),

From 5ee4ed5864d9147e3e923d0959c6884f930fb668 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 6 Dec 2017 21:37:42 -0500
Subject: [PATCH 24/74] revert meeee

---
 api/BusinessLogic/Calendar/CalendarEvent.php  |   2 +
 .../Calendar/SearchEventsFilter.php           |  21 ++
 api/BusinessLogic/Security/UserContext.php    |   4 +
 api/BusinessLogic/Security/UserPrivilege.php  |   2 +
 api/DataAccess/Calendar/CalendarGateway.php   | 213 ++++++++++++------
 5 files changed, 173 insertions(+), 69 deletions(-)
 create mode 100644 api/BusinessLogic/Calendar/SearchEventsFilter.php

diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
index 91a45761..893cbccb 100644
--- a/api/BusinessLogic/Calendar/CalendarEvent.php
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -4,6 +4,8 @@ namespace BusinessLogic\Calendar;
 
 
 class CalendarEvent extends AbstractEvent {
+    public $id;
+
     public $type = 'CALENDAR';
 
     public $endTime;
diff --git a/api/BusinessLogic/Calendar/SearchEventsFilter.php b/api/BusinessLogic/Calendar/SearchEventsFilter.php
new file mode 100644
index 00000000..1a509f9f
--- /dev/null
+++ b/api/BusinessLogic/Calendar/SearchEventsFilter.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class SearchEventsFilter {
+    /* @var $categories int[]|null */
+    public $categories;
+
+    /* @var $reminderUserId int|null */
+    public $reminderUserId;
+
+    /* @var $includeTickets bool */
+    public $includeTickets;
+
+    /* @var $includeUnassignedTickets bool */
+    public $includeUnassignedTickets;
+
+    /* @var $includeTicketsAssignedToOthers bool */
+    public $includeTicketsAssignedToOthers;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Security/UserContext.php b/api/BusinessLogic/Security/UserContext.php
index 3055b4ff..53002a8e 100644
--- a/api/BusinessLogic/Security/UserContext.php
+++ b/api/BusinessLogic/Security/UserContext.php
@@ -57,6 +57,10 @@ class UserContext extends \BaseClass {
     /* @var $active bool */
     public $active;
 
+    function isAnonymousUser() {
+        return $this->username === "API - ANONYMOUS USER";
+    }
+
     static function buildAnonymousUser() {
         $userContext = new UserContext();
         $userContext->id = -1;
diff --git a/api/BusinessLogic/Security/UserPrivilege.php b/api/BusinessLogic/Security/UserPrivilege.php
index 353e8e43..0d68418f 100644
--- a/api/BusinessLogic/Security/UserPrivilege.php
+++ b/api/BusinessLogic/Security/UserPrivilege.php
@@ -15,4 +15,6 @@ class UserPrivilege extends \BaseClass {
     const CAN_EDIT_TICKETS = 'can_edit_tickets';
     const CAN_DELETE_TICKETS = 'can_del_tickets';
     const CAN_MANAGE_CATEGORIES = 'can_man_cat';
+    const CAN_VIEW_ASSIGNED_TO_OTHER = 'can_view_ass_others';
+    const CAN_VIEW_UNASSIGNED = 'can_view_unassigned';
 }
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 8327808b..5fea19a3 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -3,10 +3,97 @@
 namespace DataAccess\Calendar;
 
 
+use BusinessLogic\Calendar\CalendarEvent;
+use BusinessLogic\Calendar\SearchEventsFilter;
+use BusinessLogic\Calendar\TicketEvent;
 use BusinessLogic\Security\UserContext;
+use BusinessLogic\Security\UserPrivilege;
 use DataAccess\CommonDao;
 
 class CalendarGateway extends CommonDao {
+    /**
+     * @param $startTime int
+     * @param $endTime int
+     * @param $searchEventsFilter SearchEventsFilter
+     * @param $heskSettings array
+     */
+    public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
+        $this->init();
+
+        $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
+        $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
+
+        // EVENTS
+        $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
+                    `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
+                    `reminders`.`amount` AS `reminder_value`, `reminder`.`unit` AS `reminder_unit`
+                FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
+                INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
+                    ON `events`.`category` = `categories`.`id`
+                LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders`
+                    ON `reminders`.`user_id` = " . intval($searchEventsFilter->reminderUserId) . "
+                    AND `reminders`.`event_id` = `events`.`id`
+                WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
+                    AND `categories`.`usage` <> 1
+                    AND `categories`.`type` = '0'";
+
+        if (!empty($searchEventsFilter->categories)) {
+            $categoriesAsString = implode(',', $searchEventsFilter->categories);
+            $sql .= " AND `events`.`category` IN (" . $categoriesAsString . ")";
+        }
+
+        $rs = hesk_dbQuery($sql);
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            $event = new CalendarEvent();
+            $event->id = intval($row['id']);
+            $event->startTime = $row['start'];
+            $event->endTime = $row['end'];
+            $event->allDay = $row['all_day'] ? true : false;
+            $event->title = $row['name'];
+            $event->location = $row['location'];
+            $event->comments = $row['comments'];
+            $event->categoryId = $row['category'];
+            $event->categoryName = $row['category_name'];
+            $event->backgroundColor = $row['background_color'];
+            $event->foregroundColor = $row['foreground_color'];
+            $event->displayBorder = $row['display_border'];
+            $event->reminderValue = $row['reminder_value'];
+            $event->reminderUnits = $row['reminder_unit'];
+
+            $events[] = $event;
+        }
+
+        // TICKETS
+        if ($searchEventsFilter->includeTickets) {
+            $oldTimeSetting = $heskSettings['timeformat'];
+            $heskSettings['timeformat'] = 'Y-m-d';
+            $currentDate = hesk_date();
+            $heskSettings['timeformat'] = $oldTimeSetting;
+
+            $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
+                `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
+                  CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
+                   `tickets`.`priority` AS `priority`
+                FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` AS `tickets`
+                INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
+                    ON `categories`.`id` = `tickets`.`category`
+                    AND `categories`.`usage` <> 2
+                LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
+                    ON `tickets`.`owner` = `owner`.`id`
+                WHERE `due_date` >= {$startTimeSql})
+                AND `due_date` <= {$endTimeSql})
+                AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) 
+                AND (`owner` = " . $searchEventsFilter->reminderUserId;
+
+            if ($searchEventsFilter->includeUnassignedTickets) {
+                $sql .= "";
+            }
+
+            $sql .= ")";
+        }
+
+        $this->close();
+    }
 
     /**
      * @param $startTime int
@@ -15,32 +102,24 @@ class CalendarGateway extends CommonDao {
      * @param $heskSettings array
      * @return array
      */
-    public function getEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
+    public function getXXEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
         $this->init();
 
         $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
         $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
 
         $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
-        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border` ";
-
-        if ($staff) {
-            $sql .= ",`reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit` ";
-        }
-
-        $sql .= "FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
-        INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
-            ON `events`.`category` = `categories`.`id` ";
-
-        if ($staff) {
-            $sql .= "LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders` ON
-        `reminders`.`user_id` = " . intval($_SESSION['id']) . " AND `reminders`.`event_id` = `events`.`id`";
-        }
-        $sql .= "WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql}) AND `categories`.`usage` <> 1";
-
-        if (!$staff) {
-            $sql .= " AND `categories`.`type` = '0'";
-        }
+                `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
+                `reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit`
+            FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
+            INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
+                ON `events`.`category` = `categories`.`id`
+            LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders` 
+                ON `reminders`.`user_id` = " . intval($userContext->id) . " 
+                AND `reminders`.`event_id` = `events`.`id`
+            WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql}) 
+                AND `categories`.`usage` <> 1
+                AND `categories`.`type` = '0'";
 
         $rs = hesk_dbQuery($sql);
 
@@ -48,39 +127,35 @@ class CalendarGateway extends CommonDao {
         while ($row = hesk_dbFetchAssoc($rs)) {
             // Skip the event if the user does not have access to it
             // TODO This should be business logic
-            if ($staff && !$_SESSION['isadmin'] && !in_array($row['category'], $_SESSION['categories'])) {
+            if (!$userContext->admin && in_array($row['category'], $userContext->categories)) {
                 continue;
             }
 
-            $event['type'] = 'CALENDAR';
-            $event['id'] = intval($row['id']);
-            $event['startTime'] = $row['start'];
-            $event['endTime'] = $row['end'];
-            $event['allDay'] = $row['all_day'] ? true : false;
-            $event['title'] = $row['name'];
-            $event['location'] = $row['location'];
-            $event['comments'] = $row['comments'];
-            $event['categoryId'] = $row['category'];
-            $event['categoryName'] = $row['category_name'];
-            $event['backgroundColor'] = $row['background_color'];
-            $event['foregroundColor'] = $row['foreground_color'];
-            $event['displayBorder'] = $row['display_border'];
-
-            if ($staff) {
-                $event['reminderValue'] = $row['reminder_value'];
-                $event['reminderUnits'] = $row['reminder_unit'];
-            }
+            $event = new CalendarEvent();
+            $event->id = intval($row['id']);
+            $event->startTime = $row['start'];
+            $event->endTime = $row['end'];
+            $event->allDay = $row['all_day'] ? true : false;
+            $event->title = $row['name'];
+            $event->location = $row['location'];
+            $event->comments = $row['comments'];
+            $event->categoryId = $row['category'];
+            $event->categoryName = $row['category_name'];
+            $event->backgroundColor = $row['background_color'];
+            $event->foregroundColor = $row['foreground_color'];
+            $event->displayBorder = $row['display_border'];
+            $event->reminderValue = $row['reminder_value'];
+            $event->reminderUnits = $row['reminder_unit'];
 
             $events[] = $event;
         }
 
-        if ($staff) {
-            $oldTimeSetting = $heskSettings['timeformat'];
-            $heskSettings['timeformat'] = 'Y-m-d';
-            $currentDate = hesk_date();
-            $heskSettings['timeformat'] = $oldTimeSetting;
+        $oldTimeSetting = $heskSettings['timeformat'];
+        $heskSettings['timeformat'] = 'Y-m-d';
+        $currentDate = hesk_date();
+        $heskSettings['timeformat'] = $oldTimeSetting;
 
-            $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
+        $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
         `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
           CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
            `tickets`.`priority` AS `priority`
@@ -95,31 +170,31 @@ class CalendarGateway extends CommonDao {
         AND `due_date` <= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')
         AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) ";
 
-            $rs = hesk_dbQuery($sql);
-            while ($row = hesk_dbFetchAssoc($rs)) {
-                // Skip the ticket if the user does not have access to it
-                if (!hesk_checkPermission('can_view_tickets', 0)
-                    || ($row['owner_id'] && $row['owner_id'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0))
-                    || (!$row['owner_id'] && !hesk_checkPermission('can_view_unassigned', 0))) {
-                    continue;
-                }
-
-                $event['type'] = 'TICKET';
-                $event['trackingId'] = $row['trackid'];
-                $event['subject'] = $row['subject'];
-                $event['title'] = $row['subject'];
-                $event['startTime'] = $row['due_date'];
-                $event['url'] = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
-                $event['categoryId'] = $row['category'];
-                $event['categoryName'] = $row['category_name'];
-                $event['backgroundColor'] = $row['background_color'];
-                $event['foregroundColor'] = $row['foreground_color'];
-                $event['displayBorder'] = $row['display_border'];
-                $event['owner'] = $row['owner_name'];
-                $event['priority'] = $row['priority'];
-
-                $events[] = $event;
+        $rs = hesk_dbQuery($sql);
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            // Skip the ticket if the user does not have access to it
+            // TODO Move to Business logic
+            if (!in_array(UserPrivilege::CAN_VIEW_TICKETS, $userContext->permissions)
+                || ($row['owner_id'] && $row['owner_id'] != $userContext->id && !in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions))
+                || (!$row['owner_id']) && !in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions)) {
+                continue;
             }
+
+            $event = new TicketEvent();
+            $event->trackingId = $row['trackid'];
+            $event->subject = $row['subject'];
+            $event->title = $row['subject'];
+            $event->startTime = $row['due_date'];
+            $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
+            $event->categoryId = $row['category'];
+            $event->categoryName = $row['category_name'];
+            $event->backgroundColor = $row['background_color'];
+            $event->foregroundColor = $row['foreground_color'];
+            $event->displayBorder = $row['display_border'];
+            $event->owner = $row['owner_name'];
+            $event->priority = $row['priority'];
+
+            $events[] = $event;
         }
 
         $this->close();

From 13161696ae30f3b207d190a3c323add9a44aca10 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 10 Dec 2017 22:01:18 -0500
Subject: [PATCH 25/74] Working on refactoring the calendar API

---
 .../Calendar/CalendarHandler.php              | 18 +++++++++++
 .../Calendar/CalendarController.php           | 23 ++++++++++++++
 api/DataAccess/Calendar/CalendarGateway.php   | 30 ++++++++++++++++++-
 3 files changed, 70 insertions(+), 1 deletion(-)
 create mode 100644 api/BusinessLogic/Calendar/CalendarHandler.php
 create mode 100644 api/Controllers/Calendar/CalendarController.php

diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
new file mode 100644
index 00000000..f3374279
--- /dev/null
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+use DataAccess\Calendar\CalendarGateway;
+
+class CalendarHandler extends \BaseClass {
+    private $calendarGateway;
+
+    public function __construct(CalendarGateway $calendarGateway) {
+        $this->calendarGateway = $calendarGateway;
+    }
+
+    public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
+        return $this->calendarGateway->getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings);
+    }
+}
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
new file mode 100644
index 00000000..60a57b79
--- /dev/null
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace Controllers\Calendar;
+
+
+use BusinessLogic\Calendar\CalendarHandler;
+use BusinessLogic\Calendar\SearchEventsFilter;
+
+class CalendarController extends \BaseClass {
+    function get() {
+        global $applicationContext, $hesk_settings;
+
+        $startTime = isset($_GET['start']) ? $_GET['start'] : round(microtime(true) * 1000);
+        $endTime = isset($_GET['end']) ? $_GET['end'] : round(microtime(true) * 1000);
+
+        /* @var $calendarHandler CalendarHandler */
+        $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+
+        $events = $calendarHandler->getEventsForStaff($startTime, $endTime, new SearchEventsFilter(), $hesk_settings);
+
+        return output($events);
+    }
+}
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 5fea19a3..b3ae4b92 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -86,10 +86,38 @@ class CalendarGateway extends CommonDao {
                 AND (`owner` = " . $searchEventsFilter->reminderUserId;
 
             if ($searchEventsFilter->includeUnassignedTickets) {
-                $sql .= "";
+                $sql .= " OR `owner` = 0 ";
+            }
+
+            if ($searchEventsFilter->includeTicketsAssignedToOthers) {
+                $sql .= " OR `owner` NOT IN (0, " . $searchEventsFilter->reminderUserId . ") ";
             }
 
             $sql .= ")";
+
+            if (!empty($searchEventsFilter->categories)) {
+                $categoriesAsString = implode(',', $searchEventsFilter->categories);
+                $sql .= " AND `events`.`category` IN (" . $categoriesAsString . ")";
+            }
+
+            $rs = hesk_dbQuery($sql);
+            while ($row = hesk_dbFetchAssoc($rs)) {
+                $event = new TicketEvent();
+                $event->trackingId = $row['trackid'];
+                $event->subject = $row['subject'];
+                $event->title = $row['subject'];
+                $event->startTime = $row['due_date'];
+                $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
+                $event->categoryId = $row['category'];
+                $event->categoryName = $row['category_name'];
+                $event->backgroundColor = $row['background_color'];
+                $event->foregroundColor = $row['foreground_color'];
+                $event->displayBorder = $row['display_border'];
+                $event->owner = $row['owner_name'];
+                $event->priority = $row['priority'];
+
+                $events[] = $event;
+            }
         }
 
         $this->close();

From 814523ba6e21999ca8f2978dde9907228696fe95 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 17 Dec 2017 22:05:32 -0500
Subject: [PATCH 26/74] getEventsForStaff endpoint appears to be working

---
 api/BusinessLogic/Calendar/ReminderUnit.php   | 26 +++++++++++++++++
 .../Calendar/CalendarController.php           | 26 ++++++++++++++---
 api/Core/Constants/Priority.php               | 15 ++++++++++
 api/DataAccess/Calendar/CalendarGateway.php   | 28 +++++++++++--------
 api/index.php                                 |  2 ++
 5 files changed, 82 insertions(+), 15 deletions(-)
 create mode 100644 api/BusinessLogic/Calendar/ReminderUnit.php

diff --git a/api/BusinessLogic/Calendar/ReminderUnit.php b/api/BusinessLogic/Calendar/ReminderUnit.php
new file mode 100644
index 00000000..866ad8e9
--- /dev/null
+++ b/api/BusinessLogic/Calendar/ReminderUnit.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class ReminderUnit {
+    const MINUTE = 0;
+    const HOUR = 1;
+    const DAY = 2;
+    const WEEK = 3;
+
+    static function getByValue($value) {
+        switch ($value) {
+            case 0:
+                return 'MINUTE';
+            case 1:
+                return 'HOUR';
+            case 2:
+                return 'DAY';
+            case 3:
+                return 'WEEK';
+            default:
+                return 'UNKNOWN';
+        }
+    }
+}
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 60a57b79..6a9a6861 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -5,18 +5,36 @@ namespace Controllers\Calendar;
 
 use BusinessLogic\Calendar\CalendarHandler;
 use BusinessLogic\Calendar\SearchEventsFilter;
+use BusinessLogic\Exceptions\ValidationException;
+use BusinessLogic\Security\UserContext;
+use BusinessLogic\Security\UserPrivilege;
+use BusinessLogic\ValidationModel;
 
 class CalendarController extends \BaseClass {
     function get() {
-        global $applicationContext, $hesk_settings;
+        /* @var $userContext UserContext */
+        global $applicationContext, $hesk_settings, $userContext;
 
-        $startTime = isset($_GET['start']) ? $_GET['start'] : round(microtime(true) * 1000);
-        $endTime = isset($_GET['end']) ? $_GET['end'] : round(microtime(true) * 1000);
+        if (!isset($_GET['start']) || !isset($_GET['end'])) {
+            $validationModel = new ValidationModel();
+            $validationModel->errorKeys = array('START_AND_END_TIMES_REQUIRED');
+            throw new ValidationException($validationModel);
+        }
+
+        $startTime = $_GET['start'];
+        $endTime = $_GET['end'];
 
         /* @var $calendarHandler CalendarHandler */
         $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
 
-        $events = $calendarHandler->getEventsForStaff($startTime, $endTime, new SearchEventsFilter(), $hesk_settings);
+        $searchEventsFilter = new SearchEventsFilter();
+        $searchEventsFilter->reminderUserId = $userContext->id;
+        $searchEventsFilter->includeTicketsAssignedToOthers = in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions);
+        $searchEventsFilter->includeUnassignedTickets = in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions);
+        $searchEventsFilter->includeTickets = true;
+        $searchEventsFilter->categories = $userContext->admin ? null : $userContext->categories;
+
+        $events = $calendarHandler->getEventsForStaff($startTime, $endTime, $searchEventsFilter, $hesk_settings);
 
         return output($events);
     }
diff --git a/api/Core/Constants/Priority.php b/api/Core/Constants/Priority.php
index 39b86313..de361ab3 100644
--- a/api/Core/Constants/Priority.php
+++ b/api/Core/Constants/Priority.php
@@ -8,4 +8,19 @@ class Priority extends \BaseClass {
     const HIGH = 1;
     const MEDIUM = 2;
     const LOW = 3;
+
+    static function getByValue($value) {
+        switch ($value) {
+            case self::CRITICAL:
+                return 'CRITICAL';
+            case self::HIGH:
+                return 'HIGH';
+            case self::MEDIUM:
+                return 'MEDIUM';
+            case self::LOW:
+                return 'LOW';
+            default:
+                return 'UNKNOWN';
+        }
+    }
 }
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index b3ae4b92..dc724a73 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -4,10 +4,12 @@ namespace DataAccess\Calendar;
 
 
 use BusinessLogic\Calendar\CalendarEvent;
+use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Calendar\TicketEvent;
 use BusinessLogic\Security\UserContext;
 use BusinessLogic\Security\UserPrivilege;
+use Core\Constants\Priority;
 use DataAccess\CommonDao;
 
 class CalendarGateway extends CommonDao {
@@ -20,13 +22,15 @@ class CalendarGateway extends CommonDao {
     public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
         $this->init();
 
+        $events = array();
+
         $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
         $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
 
         // EVENTS
         $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
                     `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
-                    `reminders`.`amount` AS `reminder_value`, `reminder`.`unit` AS `reminder_unit`
+                    `reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit`
                 FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
                 INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
                     ON `events`.`category` = `categories`.`id`
@@ -52,13 +56,13 @@ class CalendarGateway extends CommonDao {
             $event->title = $row['name'];
             $event->location = $row['location'];
             $event->comments = $row['comments'];
-            $event->categoryId = $row['category'];
+            $event->categoryId = intval($row['category']);
             $event->categoryName = $row['category_name'];
             $event->backgroundColor = $row['background_color'];
             $event->foregroundColor = $row['foreground_color'];
-            $event->displayBorder = $row['display_border'];
-            $event->reminderValue = $row['reminder_value'];
-            $event->reminderUnits = $row['reminder_unit'];
+            $event->displayBorder = $row['display_border'] === '1';
+            $event->reminderValue = $row['reminder_value'] === null ? null : floatval($row['reminder_value']);
+            $event->reminderUnits = $row['reminder_unit'] === null ? null : ReminderUnit::getByValue($row['reminder_unit']);
 
             $events[] = $event;
         }
@@ -80,8 +84,8 @@ class CalendarGateway extends CommonDao {
                     AND `categories`.`usage` <> 2
                 LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
                     ON `tickets`.`owner` = `owner`.`id`
-                WHERE `due_date` >= {$startTimeSql})
-                AND `due_date` <= {$endTimeSql})
+                WHERE `due_date` >= {$startTimeSql}
+                AND `due_date` <= {$endTimeSql}
                 AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) 
                 AND (`owner` = " . $searchEventsFilter->reminderUserId;
 
@@ -107,20 +111,22 @@ class CalendarGateway extends CommonDao {
                 $event->subject = $row['subject'];
                 $event->title = $row['subject'];
                 $event->startTime = $row['due_date'];
-                $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
-                $event->categoryId = $row['category'];
+                $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event->trackingId;
+                $event->categoryId = intval($row['category']);
                 $event->categoryName = $row['category_name'];
                 $event->backgroundColor = $row['background_color'];
                 $event->foregroundColor = $row['foreground_color'];
-                $event->displayBorder = $row['display_border'];
+                $event->displayBorder = $row['display_border'] === '0';
                 $event->owner = $row['owner_name'];
-                $event->priority = $row['priority'];
+                $event->priority = Priority::getByValue($row['priority']);
 
                 $events[] = $event;
             }
         }
 
         $this->close();
+
+        return $events;
     }
 
     /**
diff --git a/api/index.php b/api/index.php
index 4766701c..9e617185 100644
--- a/api/index.php
+++ b/api/index.php
@@ -202,6 +202,8 @@ Link::all(array(
     '/v1/statuses' => action(\Controllers\Statuses\StatusController::clazz(), RequestMethod::all()),
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
+    // Calendar
+    '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
 
     /* Internal use only routes */
     // Resend email response

From 9eab1525ef9202fddb6d899ec9aa1fb82fb25831 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 21 Dec 2017 22:10:45 -0500
Subject: [PATCH 27/74] Getting started on moving the update event endpoint

---
 api/DataAccess/Calendar/CalendarGateway.php | 113 +-------------------
 api/index.php                               |   1 +
 js/calendar/mods-for-hesk-calendar.js       |   5 +-
 3 files changed, 7 insertions(+), 112 deletions(-)

diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index dc724a73..558e4113 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -3,12 +3,11 @@
 namespace DataAccess\Calendar;
 
 
+use BusinessLogic\Calendar\AbstractEvent;
 use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Calendar\TicketEvent;
-use BusinessLogic\Security\UserContext;
-use BusinessLogic\Security\UserPrivilege;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
 
@@ -18,6 +17,7 @@ class CalendarGateway extends CommonDao {
      * @param $endTime int
      * @param $searchEventsFilter SearchEventsFilter
      * @param $heskSettings array
+     * @return AbstractEvent[]
      */
     public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
         $this->init();
@@ -101,7 +101,7 @@ class CalendarGateway extends CommonDao {
 
             if (!empty($searchEventsFilter->categories)) {
                 $categoriesAsString = implode(',', $searchEventsFilter->categories);
-                $sql .= " AND `events`.`category` IN (" . $categoriesAsString . ")";
+                $sql .= " AND `tickets`.`category` IN (" . $categoriesAsString . ")";
             }
 
             $rs = hesk_dbQuery($sql);
@@ -128,111 +128,4 @@ class CalendarGateway extends CommonDao {
 
         return $events;
     }
-
-    /**
-     * @param $startTime int
-     * @param $endTime int
-     * @param $userContext UserContext
-     * @param $heskSettings array
-     * @return array
-     */
-    public function getXXEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
-        $this->init();
-
-        $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
-        $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
-
-        $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
-                `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
-                `reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit`
-            FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
-            INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
-                ON `events`.`category` = `categories`.`id`
-            LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders` 
-                ON `reminders`.`user_id` = " . intval($userContext->id) . " 
-                AND `reminders`.`event_id` = `events`.`id`
-            WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql}) 
-                AND `categories`.`usage` <> 1
-                AND `categories`.`type` = '0'";
-
-        $rs = hesk_dbQuery($sql);
-
-        $events = array();
-        while ($row = hesk_dbFetchAssoc($rs)) {
-            // Skip the event if the user does not have access to it
-            // TODO This should be business logic
-            if (!$userContext->admin && in_array($row['category'], $userContext->categories)) {
-                continue;
-            }
-
-            $event = new CalendarEvent();
-            $event->id = intval($row['id']);
-            $event->startTime = $row['start'];
-            $event->endTime = $row['end'];
-            $event->allDay = $row['all_day'] ? true : false;
-            $event->title = $row['name'];
-            $event->location = $row['location'];
-            $event->comments = $row['comments'];
-            $event->categoryId = $row['category'];
-            $event->categoryName = $row['category_name'];
-            $event->backgroundColor = $row['background_color'];
-            $event->foregroundColor = $row['foreground_color'];
-            $event->displayBorder = $row['display_border'];
-            $event->reminderValue = $row['reminder_value'];
-            $event->reminderUnits = $row['reminder_unit'];
-
-            $events[] = $event;
-        }
-
-        $oldTimeSetting = $heskSettings['timeformat'];
-        $heskSettings['timeformat'] = 'Y-m-d';
-        $currentDate = hesk_date();
-        $heskSettings['timeformat'] = $oldTimeSetting;
-
-        $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
-        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
-          CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
-           `tickets`.`priority` AS `priority`
-        FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` AS `tickets`
-        INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
-            ON `categories`.`id` = `tickets`.`category`
-            AND `categories`.`usage` <> 2
-        LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
-            ON `tickets`.`owner` = `owner`.`id`
-        WHERE `due_date` >= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime)
-                . " / 1000), @@session.time_zone, '+00:00')
-        AND `due_date` <= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')
-        AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) ";
-
-        $rs = hesk_dbQuery($sql);
-        while ($row = hesk_dbFetchAssoc($rs)) {
-            // Skip the ticket if the user does not have access to it
-            // TODO Move to Business logic
-            if (!in_array(UserPrivilege::CAN_VIEW_TICKETS, $userContext->permissions)
-                || ($row['owner_id'] && $row['owner_id'] != $userContext->id && !in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions))
-                || (!$row['owner_id']) && !in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions)) {
-                continue;
-            }
-
-            $event = new TicketEvent();
-            $event->trackingId = $row['trackid'];
-            $event->subject = $row['subject'];
-            $event->title = $row['subject'];
-            $event->startTime = $row['due_date'];
-            $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
-            $event->categoryId = $row['category'];
-            $event->categoryName = $row['category_name'];
-            $event->backgroundColor = $row['background_color'];
-            $event->foregroundColor = $row['foreground_color'];
-            $event->displayBorder = $row['display_border'];
-            $event->owner = $row['owner_name'];
-            $event->priority = $row['priority'];
-
-            $events[] = $event;
-        }
-
-        $this->close();
-
-        return $events;
-    }
 }
\ No newline at end of file
diff --git a/api/index.php b/api/index.php
index 9e617185..d833c236 100644
--- a/api/index.php
+++ b/api/index.php
@@ -204,6 +204,7 @@ Link::all(array(
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Calendar
     '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+    '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
 
     /* Internal use only routes */
     // Resend email response
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 97c4fc7b..88197f4f 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -16,9 +16,10 @@ $(document).ready(function() {
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
             $.ajax({
-                url: heskPath + 'internal-api/admin/calendar/?start=' + start + '&end=' + end,
+                url: heskPath + 'api/v1/calendar/events/staff?start=' + start + '&end=' + end,
                 method: 'GET',
                 dataType: 'json',
+                headers: { 'X-Internal-Call': true },
                 success: function(data) {
                     var events = [];
                     $(data).each(function() {
@@ -90,7 +91,7 @@ $(document).ready(function() {
             var $eventMarkup = $(this);
 
             var eventTitle = event.title;
-            if (event.fontIconMarkup != undefined) {
+            if (event.fontIconMarkup !== undefined) {
                 eventTitle = event.fontIconMarkup + '&nbsp;' + eventTitle;
             }
 

From c805fd8eab2ffc13eea3cbc8138d666bf0d0f964 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sat, 23 Dec 2017 22:04:52 -0500
Subject: [PATCH 28/74] Working on new update event endpoint

---
 .../Calendar/CalendarHandler.php              |  4 +++
 api/BusinessLogic/Calendar/ReminderUnit.php   | 15 ++++++++
 .../Calendar/CalendarController.php           | 36 +++++++++++++++++++
 api/DataAccess/Calendar/CalendarGateway.php   | 29 +++++++++++++++
 internal-api/dao/calendar_dao.php             | 23 ------------
 5 files changed, 84 insertions(+), 23 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index f3374279..7f327997 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -15,4 +15,8 @@ class CalendarHandler extends \BaseClass {
     public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
         return $this->calendarGateway->getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings);
     }
+
+    public function updateEvent($calendarEvent, $userContext, $heskSettings) {
+        $this->calendarGateway->updateEvent($calendarEvent, $userContext, $heskSettings);
+    }
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/ReminderUnit.php b/api/BusinessLogic/Calendar/ReminderUnit.php
index 866ad8e9..e45b2169 100644
--- a/api/BusinessLogic/Calendar/ReminderUnit.php
+++ b/api/BusinessLogic/Calendar/ReminderUnit.php
@@ -23,4 +23,19 @@ class ReminderUnit {
                 return 'UNKNOWN';
         }
     }
+
+    static function getByName($name) {
+        switch ($name) {
+            case 'MINUTE':
+                return self::MINUTE;
+            case 'HOUR':
+                return self::HOUR;
+            case 'DAY':
+                return self::DAY;
+            case 'WEEK':
+                return self::WEEK;
+            default:
+                return null;
+        }
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 6a9a6861..1a180fc1 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -3,12 +3,16 @@
 namespace Controllers\Calendar;
 
 
+use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\CalendarHandler;
+use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Exceptions\ValidationException;
+use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
 use BusinessLogic\Security\UserPrivilege;
 use BusinessLogic\ValidationModel;
+use Controllers\JsonRetriever;
 
 class CalendarController extends \BaseClass {
     function get() {
@@ -38,4 +42,36 @@ class CalendarController extends \BaseClass {
 
         return output($events);
     }
+
+    function put($id) {
+        /* @var $userContext UserContext */
+        global $applicationContext, $hesk_settings, $userContext;
+
+        $json = JsonRetriever::getJsonData();
+
+        $event = $this->transformJson($json);
+
+        /* @var $calendarHandler CalendarHandler */
+        $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+
+        return output($calendarHandler->updateEvent($event, $userContext, $hesk_settings));
+    }
+
+    private function transformJson($json, $creating = false) {
+        $event = new CalendarEvent();
+
+        if ($creating) {
+            $event->id = Helpers::safeArrayGet($json, 'id');
+        }
+
+        $event->startTime = date('Y-m-d H:i:s', Helpers::safeArrayGet($json, 'startTime'));
+        $event->endTime = date('Y-m-d H:i:s', Helpers::safeArrayGet($json, 'endTime'));
+        $event->allDay = Helpers::safeArrayGet($json, 'allDay') === 'true';
+        $event->title = Helpers::safeArrayGet($json, 'title');
+        $event->location = Helpers::safeArrayGet($json, 'location');
+        $event->comments = Helpers::safeArrayGet($json, 'comments');
+        $event->categoryId = Helpers::safeArrayGet($json, 'categoryId');
+        $event->reminderValue = Helpers::safeArrayGet($json, 'reminderValue');
+        $event->reminderUnits = ReminderUnit::getByName(Helpers::safeArrayGet($json, 'reminderUnits'));
+    }
 }
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 558e4113..9367dbb7 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -8,6 +8,7 @@ use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Calendar\TicketEvent;
+use BusinessLogic\Security\UserContext;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
 
@@ -128,4 +129,32 @@ class CalendarGateway extends CommonDao {
 
         return $events;
     }
+
+    /**
+     * @param $event CalendarEvent
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     */
+    public function updateEvent($event, $userContext, $heskSettings) {
+        $this->init();
+
+        $sql = "UPDATE `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` SET `start` = '" . hesk_dbEscape($event->startTime)
+            . "', `end` = '" . hesk_dbEscape($event->endTime) . "', `all_day` = '" . ($event->allDay ? 1 : 0) . "', `name` = '"
+            . hesk_dbEscape(addslashes($event->title)) . "', `location` = '" . hesk_dbEscape(addslashes($event->location)) . "', `comments` = '"
+            . hesk_dbEscape(addslashes($event->comments)) . "', `category` = " . intval($event->categoryId) . " WHERE `id` = " . intval($event->id);
+
+        if ($event->reminderValue != null) {
+            $delete_sql = "DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` WHERE `event_id` = " . intval($event->id)
+                . " AND `user_id` = " . intval($userContext->id);
+            hesk_dbQuery($delete_sql);
+            $insert_sql = "INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` (`user_id`, `event_id`,
+        `amount`, `unit`) VALUES (" . intval($userContext->id) . ", " . intval($event->id) . ", " . intval($event->reminderValue) . ",
+        " . intval($event->reminderUnits) . ")";
+            hesk_dbQuery($insert_sql);
+        }
+
+        hesk_dbQuery($sql);
+
+        $this->close();
+    }
 }
\ No newline at end of file
diff --git a/internal-api/dao/calendar_dao.php b/internal-api/dao/calendar_dao.php
index a3f15d98..3ad28dbf 100644
--- a/internal-api/dao/calendar_dao.php
+++ b/internal-api/dao/calendar_dao.php
@@ -154,30 +154,7 @@ function update_event($event, $hesk_settings) {
         print_error('Access Denied', 'You cannot edit an event in this category');
     }
 
-    $event['start'] = date('Y-m-d H:i:s', strtotime($event['start']));
-    $event['end'] = date('Y-m-d H:i:s', strtotime($event['end']));
-    if ($event['create_ticket_date'] != null) {
-        $event['create_ticket_date'] = date('Y-m-d H:i:s', strtotime($event['create_ticket_date']));
-    }
-    $event['all_day'] = $event['all_day'] ? 1 : 0;
-    $event['assign_to'] = $event['assign_to'] != null ? intval($event['assign_to']) : 'NULL';
 
-    $sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event` SET `start` = '" . hesk_dbEscape($event['start'])
-        . "', `end` = '" . hesk_dbEscape($event['end']) . "', `all_day` = '" . hesk_dbEscape($event['all_day']) . "', `name` = '"
-        . hesk_dbEscape(addslashes($event['title'])) . "', `location` = '" . hesk_dbEscape(addslashes($event['location'])) . "', `comments` = '"
-        . hesk_dbEscape(addslashes($event['comments'])) . "', `category` = " . intval($event['category']) . " WHERE `id` = " . intval($event['id']);
-
-    if ($event['reminder_amount'] != null) {
-        $delete_sql = "DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event_reminder` WHERE `event_id` = " . intval($event['id'])
-            . " AND `user_id` = " . intval($event['reminder_user']);
-        hesk_dbQuery($delete_sql);
-        $insert_sql = "INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event_reminder` (`user_id`, `event_id`,
-        `amount`, `unit`) VALUES (" . intval($event['reminder_user']) . ", " . intval($event['id']) . ", " . intval($event['reminder_amount']) . ",
-        " . intval($event['reminder_units']) . ")";
-        hesk_dbQuery($insert_sql);
-    }
-
-    hesk_dbQuery($sql);
 }
 
 function delete_event($id, $hesk_settings) {

From 86f1fb3ca23232259e92eea6fa998027868ec114 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 27 Dec 2017 22:00:30 -0500
Subject: [PATCH 29/74] Slowly working on moving more API endpoints

---
 admin/calendar.php                            | 16 +++---
 .../Calendar/CalendarHandler.php              | 31 ++++++++++-
 .../Calendar/SearchEventsFilter.php           |  9 ++++
 api/BusinessLogic/Tickets/TicketEditor.php    | 21 ++++++++
 .../Calendar/CalendarController.php           | 33 ++++++++----
 .../Tickets/StaffTicketController.php         | 11 ++++
 api/DataAccess/Calendar/CalendarGateway.php   | 51 ++++++++++++++++---
 api/index.php                                 |  2 +-
 js/calendar/mods-for-hesk-calendar.js         | 20 +++++---
 9 files changed, 157 insertions(+), 37 deletions(-)

diff --git a/admin/calendar.php b/admin/calendar.php
index 679bfd21..905cc81d 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -282,10 +282,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                 </div>
                                 <div class="col-sm-4">
                                     <select name="reminder-unit" class="form-control">
-                                        <option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
-                                        <option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
-                                        <option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
-                                        <option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
+                                        <option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
+                                        <option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
+                                        <option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
+                                        <option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
                                     </select>
                                 </div>
                             </div>
@@ -453,10 +453,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                 </div>
                                 <div class="col-sm-4">
                                     <select name="reminder-unit" class="form-control">
-                                        <option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
-                                        <option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
-                                        <option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
-                                        <option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
+                                        <option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
+                                        <option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
+                                        <option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
+                                        <option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
                                     </select>
                                 </div>
                             </div>
diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index 7f327997..5347eaf1 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -3,7 +3,10 @@
 namespace BusinessLogic\Calendar;
 
 
+use BusinessLogic\Exceptions\ApiFriendlyException;
+use BusinessLogic\Security\UserContext;
 use DataAccess\Calendar\CalendarGateway;
+use PHPUnit\Runner\Exception;
 
 class CalendarHandler extends \BaseClass {
     private $calendarGateway;
@@ -12,11 +15,35 @@ class CalendarHandler extends \BaseClass {
         $this->calendarGateway = $calendarGateway;
     }
 
-    public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
-        return $this->calendarGateway->getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings);
+    public function getEventsForStaff($searchEventsFilter, $heskSettings) {
+        return $this->calendarGateway->getEventsForStaff($searchEventsFilter, $heskSettings);
     }
 
+    /**
+     * @param $calendarEvent CalendarEvent
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @return CalendarEvent
+     * @throws \Exception If more than one event is returned for the given ID
+     */
     public function updateEvent($calendarEvent, $userContext, $heskSettings) {
         $this->calendarGateway->updateEvent($calendarEvent, $userContext, $heskSettings);
+
+        $eventFilter = new SearchEventsFilter();
+        $eventFilter->eventId = $calendarEvent->id;
+        $eventFilter->reminderUserId = $userContext->id;
+
+        $events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
+
+        if (count($events) !== 1) {
+            throw new \Exception("Expected exactly 1 event, found: " . count($events));
+        }
+
+        return $events[0];
+    }
+
+
+    public function createEvent($calendarEvent, $userContext, $heskSettings) {
+        return $this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
     }
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/SearchEventsFilter.php b/api/BusinessLogic/Calendar/SearchEventsFilter.php
index 1a509f9f..72e31b3d 100644
--- a/api/BusinessLogic/Calendar/SearchEventsFilter.php
+++ b/api/BusinessLogic/Calendar/SearchEventsFilter.php
@@ -4,6 +4,15 @@ namespace BusinessLogic\Calendar;
 
 
 class SearchEventsFilter {
+    /* @var $startTime int|null */
+    public $startTime;
+
+    /* @var $endTime int|null */
+    public $endTime;
+
+    /* @var $id int|null */
+    public $eventId;
+
     /* @var $categories int[]|null */
     public $categories;
 
diff --git a/api/BusinessLogic/Tickets/TicketEditor.php b/api/BusinessLogic/Tickets/TicketEditor.php
index e15b33d9..5b6e2f7d 100644
--- a/api/BusinessLogic/Tickets/TicketEditor.php
+++ b/api/BusinessLogic/Tickets/TicketEditor.php
@@ -135,4 +135,25 @@ class TicketEditor extends \BaseClass {
             throw new ValidationException($validationModel);
         }
     }
+
+    /**
+     * @param $id int
+     * @param $dueDate string
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @throws ApiFriendlyException If ticket does not exist or if the user cannot edit the ticket
+     */
+    function updateDueDate($id, $dueDate, $userContext, $heskSettings) {
+        $ticket = $this->ticketGateway->getTicketById($id, $heskSettings);
+
+        if ($ticket === null) {
+            throw new ApiFriendlyException("Please enter a valid ticket ID.", "Ticket Not Found!", 400);
+        }
+
+        if (!$this->userToTicketChecker->isTicketAccessibleToUser($userContext, $ticket, $heskSettings, array(UserPrivilege::CAN_EDIT_TICKETS))) {
+            throw new ApiFriendlyException("User " . $userContext->id . " does not have permission to edit ticket " . $id, "Access Denied", 403);
+        }
+
+        // TODO Do it
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 1a180fc1..2e30c0b1 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -32,18 +32,20 @@ class CalendarController extends \BaseClass {
         $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
 
         $searchEventsFilter = new SearchEventsFilter();
+        $searchEventsFilter->startTime = $startTime;
+        $searchEventsFilter->endTime = $endTime;
         $searchEventsFilter->reminderUserId = $userContext->id;
         $searchEventsFilter->includeTicketsAssignedToOthers = in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions);
         $searchEventsFilter->includeUnassignedTickets = in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions);
         $searchEventsFilter->includeTickets = true;
         $searchEventsFilter->categories = $userContext->admin ? null : $userContext->categories;
 
-        $events = $calendarHandler->getEventsForStaff($startTime, $endTime, $searchEventsFilter, $hesk_settings);
+        $events = $calendarHandler->getEventsForStaff($searchEventsFilter, $hesk_settings);
 
         return output($events);
     }
 
-    function put($id) {
+    function post() {
         /* @var $userContext UserContext */
         global $applicationContext, $hesk_settings, $userContext;
 
@@ -53,25 +55,36 @@ class CalendarController extends \BaseClass {
 
         /* @var $calendarHandler CalendarHandler */
         $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+    }
+
+    function put($id) {
+        /* @var $userContext UserContext */
+        global $applicationContext, $hesk_settings, $userContext;
+
+        $json = JsonRetriever::getJsonData();
+
+        $event = $this->transformJson($json, $id);
+
+        /* @var $calendarHandler CalendarHandler */
+        $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
 
         return output($calendarHandler->updateEvent($event, $userContext, $hesk_settings));
     }
 
-    private function transformJson($json, $creating = false) {
+    private function transformJson($json, $id = null) {
         $event = new CalendarEvent();
 
-        if ($creating) {
-            $event->id = Helpers::safeArrayGet($json, 'id');
-        }
-
-        $event->startTime = date('Y-m-d H:i:s', Helpers::safeArrayGet($json, 'startTime'));
-        $event->endTime = date('Y-m-d H:i:s', Helpers::safeArrayGet($json, 'endTime'));
-        $event->allDay = Helpers::safeArrayGet($json, 'allDay') === 'true';
+        $event->id = $id;
+        $event->startTime = date('Y-m-d H:i:s', strtotime(Helpers::safeArrayGet($json, 'startTime')));
+        $event->endTime = date('Y-m-d H:i:s', strtotime(Helpers::safeArrayGet($json, 'endTime')));
+        $event->allDay = Helpers::safeArrayGet($json, 'allDay');
         $event->title = Helpers::safeArrayGet($json, 'title');
         $event->location = Helpers::safeArrayGet($json, 'location');
         $event->comments = Helpers::safeArrayGet($json, 'comments');
         $event->categoryId = Helpers::safeArrayGet($json, 'categoryId');
         $event->reminderValue = Helpers::safeArrayGet($json, 'reminderValue');
         $event->reminderUnits = ReminderUnit::getByName(Helpers::safeArrayGet($json, 'reminderUnits'));
+
+        return $event;
     }
 }
\ No newline at end of file
diff --git a/api/Controllers/Tickets/StaffTicketController.php b/api/Controllers/Tickets/StaffTicketController.php
index 023f5352..ea4761a1 100644
--- a/api/Controllers/Tickets/StaffTicketController.php
+++ b/api/Controllers/Tickets/StaffTicketController.php
@@ -4,6 +4,7 @@ namespace Controllers\Tickets;
 
 
 use BusinessLogic\Helpers;
+use BusinessLogic\Security\UserContext;
 use BusinessLogic\Tickets\EditTicketModel;
 use BusinessLogic\Tickets\TicketDeleter;
 use BusinessLogic\Tickets\TicketEditor;
@@ -45,6 +46,16 @@ class StaffTicketController extends \BaseClass {
         return;
     }
 
+    static function updateDueDate($id) {
+        /* @var $userContext UserContext */
+        global $applicationContext, $userContext, $hesk_settings;
+
+        /* @var $ticketEditor TicketEditor */
+        $ticketEditor = $applicationContext->get(TicketEditor::clazz());
+
+
+    }
+
     private function getEditTicketModel($id, $jsonRequest) {
         $editTicketModel = new EditTicketModel();
         $editTicketModel->id = $id;
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 9367dbb7..a644370d 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -11,23 +11,19 @@ use BusinessLogic\Calendar\TicketEvent;
 use BusinessLogic\Security\UserContext;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
+use DataAccess\Logging\LoggingGateway;
 
 class CalendarGateway extends CommonDao {
     /**
-     * @param $startTime int
-     * @param $endTime int
      * @param $searchEventsFilter SearchEventsFilter
      * @param $heskSettings array
      * @return AbstractEvent[]
      */
-    public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
+    public function getEventsForStaff($searchEventsFilter, $heskSettings) {
         $this->init();
 
         $events = array();
 
-        $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
-        $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
-
         // EVENTS
         $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
                     `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
@@ -38,9 +34,21 @@ class CalendarGateway extends CommonDao {
                 LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders`
                     ON `reminders`.`user_id` = " . intval($searchEventsFilter->reminderUserId) . "
                     AND `reminders`.`event_id` = `events`.`id`
-                WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
+                WHERE 1=1";
+
+        if ($searchEventsFilter->startTime !== null && $searchEventsFilter->endTime !== null) {
+            $startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($searchEventsFilter->startTime) . " / 1000), @@session.time_zone, '+00:00')";
+            $endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($searchEventsFilter->endTime) . " / 1000), @@session.time_zone, '+00:00')";
+
+
+            $sql .= " AND NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
                     AND `categories`.`usage` <> 1
                     AND `categories`.`type` = '0'";
+        }
+
+        if ($searchEventsFilter->eventId !== null) {
+            $sql .= " AND `events`.`id` = " . intval($searchEventsFilter->eventId);
+        }
 
         if (!empty($searchEventsFilter->categories)) {
             $categoriesAsString = implode(',', $searchEventsFilter->categories);
@@ -130,6 +138,33 @@ class CalendarGateway extends CommonDao {
         return $events;
     }
 
+    /**
+     * @param $event CalendarEvent
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @return CalendarEvent
+     */
+    public function createEvent($event, $userContext, $heskSettings) {
+        $this->init();
+
+        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` (`start`, `end`, `all_day`, `name`,
+            `location`, `comments`, `category`) VALUES ('" . hesk_dbEscape($event->startTime) . "', '" . hesk_dbEscape($event->endTime) . "',
+                '" . ($event->allDay ? 1 : 0) . "', '" . hesk_dbEscape(addslashes($event->title)) . "',
+                '" . hesk_dbEscape(addslashes($event->location)) . "', '". hesk_dbEscape(addslashes($event->comments)) . "', " . intval($event->categoryId) . ")");
+
+        $event->id = hesk_dbInsertID();
+
+        if ($event->reminderValue !== null) {
+            hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` (`user_id`, `event_id`,
+                `amount`, `unit`) VALUES (" . intval($userContext->id) . ", " . intval($event->id) . ", " . intval($event->reminderValue) . ",
+                " . intval($event->reminderUnits) . ")");
+        }
+
+        $this->close();
+
+        return $event;
+    }
+
     /**
      * @param $event CalendarEvent
      * @param $userContext UserContext
@@ -143,7 +178,7 @@ class CalendarGateway extends CommonDao {
             . hesk_dbEscape(addslashes($event->title)) . "', `location` = '" . hesk_dbEscape(addslashes($event->location)) . "', `comments` = '"
             . hesk_dbEscape(addslashes($event->comments)) . "', `category` = " . intval($event->categoryId) . " WHERE `id` = " . intval($event->id);
 
-        if ($event->reminderValue != null) {
+        if ($event->reminderValue !== null) {
             $delete_sql = "DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` WHERE `event_id` = " . intval($event->id)
                 . " AND `user_id` = " . intval($userContext->id);
             hesk_dbQuery($delete_sql);
diff --git a/api/index.php b/api/index.php
index d833c236..00bd9af3 100644
--- a/api/index.php
+++ b/api/index.php
@@ -203,7 +203,7 @@ Link::all(array(
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Calendar
-    '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+    '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET, RequestMethod::POST), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
     '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
 
     /* Internal use only routes */
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 88197f4f..1ccfe7eb 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -204,7 +204,6 @@ $(document).ready(function() {
             allDay: allDay,
             comments: $createForm.find('textarea[name="comments"]').val(),
             categoryId: $createForm.find('select[name="category"]').val(),
-            action: 'create',
             type: 'CALENDAR',
             backgroundColor: $createForm.find('select[name="category"] :selected').attr('data-background-color'),
             foregroundColor: $createForm.find('select[name="category"] :selected').attr('data-foreground-color'),
@@ -216,8 +215,10 @@ $(document).ready(function() {
 
         $.ajax({
             method: 'POST',
-            url: heskPath + 'internal-api/admin/calendar/',
-            data: data,
+            url: heskPath + 'api/v1/calendar/events/staff',
+            data: JSON.stringify(data),
+            contentType: 'json',
+            headers: { 'X-Internal-Call': true },
             success: function(id) {
                 addToCalendar(id, data, $('#lang_event_created').text());
                 $('#create-event-modal').modal('hide');
@@ -245,7 +246,6 @@ $(document).ready(function() {
         }
 
         var data = {
-            id: $form.find('input[name="id"]').val(),
             title: $form.find('input[name="name"]').val(),
             location: $form.find('input[name="location"]').val(),
             startTime: moment(start).format(dateFormat),
@@ -257,15 +257,19 @@ $(document).ready(function() {
             foregroundColor: $form.find('select[name="category"] :selected').attr('data-foreground-color'),
             displayBorder: $form.find('select[name="category"] :selected').attr('data-display-border'),
             categoryName: $form.find('select[name="category"] :selected').text().trim(),
-            action: 'update',
             reminderValue: $form.find('input[name="reminder-value"]').val(),
             reminderUnits: $form.find('select[name="reminder-unit"]').val()
         };
 
         $.ajax({
             method: 'POST',
-            url: heskPath + 'internal-api/admin/calendar/',
-            data: data,
+            url: heskPath + 'api/v1/calendar/events/staff/' + $form.find('input[name="id"]').val(),
+            data: JSON.stringify(data),
+            contentType: 'json',
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': 'PUT'
+            },
             success: function() {
                 removeFromCalendar(data.id);
                 addToCalendar(data.id, data, $('#lang_event_updated').text());
@@ -291,7 +295,7 @@ function removeFromCalendar(id) {
 }
 
 function buildEvent(id, dbObject) {
-    if (dbObject.type == 'TICKET') {
+    if (dbObject.type === 'TICKET') {
         return {
             title: dbObject.title,
             subject: dbObject.subject,

From bd5b3e1322ff03f6cd097f90d64ff3e078c32dc9 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 1 Jan 2018 21:39:01 -0500
Subject: [PATCH 30/74] Working on moving the update ticket due date endpoint

---
 api/BusinessLogic/Tickets/AuditTrailEvent.php |  9 +++
 api/BusinessLogic/Tickets/TicketEditor.php    | 59 +++++++++++++++++--
 api/DataAccess/Tickets/TicketGateway.php      | 14 +++++
 3 files changed, 77 insertions(+), 5 deletions(-)
 create mode 100644 api/BusinessLogic/Tickets/AuditTrailEvent.php

diff --git a/api/BusinessLogic/Tickets/AuditTrailEvent.php b/api/BusinessLogic/Tickets/AuditTrailEvent.php
new file mode 100644
index 00000000..d3063e73
--- /dev/null
+++ b/api/BusinessLogic/Tickets/AuditTrailEvent.php
@@ -0,0 +1,9 @@
+<?php
+
+namespace BusinessLogic\Tickets;
+
+
+class AuditTrailEvent extends \BaseClass {
+    const DUE_DATE_REMOVED = 'audit_due_date_removed';
+    const DUE_DATE_CHANGED = 'audit_due_date_changed';
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/TicketEditor.php b/api/BusinessLogic/Tickets/TicketEditor.php
index 5b6e2f7d..13eceaa6 100644
--- a/api/BusinessLogic/Tickets/TicketEditor.php
+++ b/api/BusinessLogic/Tickets/TicketEditor.php
@@ -3,6 +3,7 @@
 namespace BusinessLogic\Tickets;
 
 
+use BusinessLogic\DateTimeHelpers;
 use BusinessLogic\Exceptions\AccessViolationException;
 use BusinessLogic\Exceptions\ApiFriendlyException;
 use BusinessLogic\Exceptions\ValidationException;
@@ -13,6 +14,7 @@ use BusinessLogic\Tickets\CustomFields\CustomFieldValidator;
 use BusinessLogic\ValidationModel;
 use BusinessLogic\Validators;
 use Core\Constants\CustomField;
+use DataAccess\AuditTrail\AuditTrailGateway;
 use DataAccess\Tickets\TicketGateway;
 
 class TicketEditor extends \BaseClass {
@@ -22,10 +24,15 @@ class TicketEditor extends \BaseClass {
     /* @var $userToTicketChecker UserToTicketChecker */
     private $userToTicketChecker;
 
+    /* @var $auditTrailGateway AuditTrailGateway */
+    private $auditTrailGateway;
+
     function __construct(TicketGateway $ticketGateway,
-                         UserToTicketChecker $userToTicketChecker) {
+                         UserToTicketChecker $userToTicketChecker,
+                         AuditTrailGateway $auditTrailGateway) {
         $this->ticketGateway = $ticketGateway;
         $this->userToTicketChecker = $userToTicketChecker;
+        $this->auditTrailGateway = $auditTrailGateway;
     }
 
 
@@ -141,19 +148,61 @@ class TicketEditor extends \BaseClass {
      * @param $dueDate string
      * @param $userContext UserContext
      * @param $heskSettings array
-     * @throws ApiFriendlyException If ticket does not exist or if the user cannot edit the ticket
+     * @return Ticket The updated ticket
      */
     function updateDueDate($id, $dueDate, $userContext, $heskSettings) {
         $ticket = $this->ticketGateway->getTicketById($id, $heskSettings);
 
+        $this->validateDueDate($ticket, $dueDate, $userContext, $heskSettings);
+
+        $this->ticketGateway->updateTicketDueDate($ticket->id, $dueDate, $heskSettings);
+
+        $event = AuditTrailEvent::DUE_DATE_REMOVED;
+        $replacementValues = array(0 => $userContext->name . ' (' . $userContext->username . ')');
+        if ($dueDate !== null) {
+            $event = AuditTrailEvent::DUE_DATE_CHANGED;
+            $replacementValues = array(
+                0 => $userContext->name . ' (' . $userContext->username . ')',
+                1 => date('Y-m-d H:i:s', strtotime($dueDate))
+            );
+        }
+
+        $this->auditTrailGateway->insertAuditTrailRecord($ticket->id,
+            AuditTrailEntityType::TICKET,
+            $event,
+            DateTimeHelpers::heskDate($heskSettings),
+            $replacementValues,
+            $heskSettings);
+
+        $ticket->dueDate = $dueDate;
+
+        return $ticket;
+    }
+
+    /**
+     * @param $ticket Ticket
+     * @param $dueDate string
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @throws ValidationException When validation fails
+     */
+    private function validateDueDate($ticket, $dueDate, $userContext, $heskSettings) {
+        $validationModel = new ValidationModel();
+
         if ($ticket === null) {
-            throw new ApiFriendlyException("Please enter a valid ticket ID.", "Ticket Not Found!", 400);
+            $validationModel->errorKeys[] = 'TICKET_MUST_EXIST_FOR_ID';
         }
 
         if (!$this->userToTicketChecker->isTicketAccessibleToUser($userContext, $ticket, $heskSettings, array(UserPrivilege::CAN_EDIT_TICKETS))) {
-            throw new ApiFriendlyException("User " . $userContext->id . " does not have permission to edit ticket " . $id, "Access Denied", 403);
+            $validationModel->errorKeys[] = 'TICKET_MUST_BE_ACCESSIBLE_TO_USER';
         }
 
-        // TODO Do it
+        if ($dueDate === false) {
+            $validationModel->errorKeys[] = 'DUE_DATE_MUST_BE_IN_VALID_FORMAT';
+        }
+
+        if (count($validationModel->errorKeys) > 0) {
+            throw new ValidationException($validationModel);
+        }
     }
 }
\ No newline at end of file
diff --git a/api/DataAccess/Tickets/TicketGateway.php b/api/DataAccess/Tickets/TicketGateway.php
index 4c72a9f2..2ea5a84d 100644
--- a/api/DataAccess/Tickets/TicketGateway.php
+++ b/api/DataAccess/Tickets/TicketGateway.php
@@ -440,4 +440,18 @@ class TicketGateway extends CommonDao {
 
         $this->close();
     }
+
+    function updateTicketDueDate($id, $dueDate, $heskSettings) {
+        $this->init();
+
+        $sqlDueDate = 'NULL';
+        if ($dueDate != NULL) {
+            $sqlDueDate = "'" . date('Y-m-d H:i:s', strtotime($dueDate)) . "'";
+        }
+
+        hesk_dbQuery("UPDATE `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` SET `due_date` = {$sqlDueDate}
+            WHERE `id` = " . intval($id));
+
+        $this->close();
+    }
 }
\ No newline at end of file

From 0514965040d3199a843bdfd676198319d3359b35 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 2 Jan 2018 13:05:10 -0500
Subject: [PATCH 31/74] Update due date mostly done... just need to fix the
 buildEvent function

---
 api/BusinessLogic/Calendar/AbstractEvent.php  |  2 ++
 api/BusinessLogic/Calendar/CalendarEvent.php  |  2 --
 api/BusinessLogic/Helpers.php                 |  4 ++++
 .../Tickets/StaffTicketController.php         |  4 ++++
 api/DataAccess/Calendar/CalendarGateway.php   | 14 ++++++-----
 api/index.php                                 |  1 +
 js/calendar/mods-for-hesk-calendar.js         | 23 ++++++++++++-------
 7 files changed, 34 insertions(+), 16 deletions(-)

diff --git a/api/BusinessLogic/Calendar/AbstractEvent.php b/api/BusinessLogic/Calendar/AbstractEvent.php
index 5413ef48..27f2a184 100644
--- a/api/BusinessLogic/Calendar/AbstractEvent.php
+++ b/api/BusinessLogic/Calendar/AbstractEvent.php
@@ -4,6 +4,8 @@ namespace BusinessLogic\Calendar;
 
 
 class AbstractEvent {
+    public $id;
+
     public $startTime;
 
     public $title;
diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
index 893cbccb..91a45761 100644
--- a/api/BusinessLogic/Calendar/CalendarEvent.php
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -4,8 +4,6 @@ namespace BusinessLogic\Calendar;
 
 
 class CalendarEvent extends AbstractEvent {
-    public $id;
-
     public $type = 'CALENDAR';
 
     public $endTime;
diff --git a/api/BusinessLogic/Helpers.php b/api/BusinessLogic/Helpers.php
index f2a49c6d..b841fd27 100644
--- a/api/BusinessLogic/Helpers.php
+++ b/api/BusinessLogic/Helpers.php
@@ -30,4 +30,8 @@ class Helpers extends \BaseClass {
     static function boolval($val) {
         return $val == true;
     }
+
+    static function heskHtmlSpecialCharsDecode($in) {
+        return str_replace(array('&amp;', '&lt;', '&gt;', '&quot;'), array('&', '<', '>', '"'), $in);
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Tickets/StaffTicketController.php b/api/Controllers/Tickets/StaffTicketController.php
index ea4761a1..e049bca5 100644
--- a/api/Controllers/Tickets/StaffTicketController.php
+++ b/api/Controllers/Tickets/StaffTicketController.php
@@ -53,7 +53,11 @@ class StaffTicketController extends \BaseClass {
         /* @var $ticketEditor TicketEditor */
         $ticketEditor = $applicationContext->get(TicketEditor::clazz());
 
+        $json = JsonRetriever::getJsonData();
 
+        $dueDate = date('Y-m-d H:i:s', strtotime(Helpers::safeArrayGet($json, 'dueDate')));
+
+        $ticketEditor->updateDueDate($id, $dueDate, $userContext, $hesk_settings);
     }
 
     private function getEditTicketModel($id, $jsonRequest) {
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index a644370d..f101f1bd 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -8,6 +8,7 @@ use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Calendar\TicketEvent;
+use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
@@ -61,15 +62,15 @@ class CalendarGateway extends CommonDao {
             $event->id = intval($row['id']);
             $event->startTime = $row['start'];
             $event->endTime = $row['end'];
-            $event->allDay = $row['all_day'] ? true : false;
+            $event->allDay = Helpers::boolval($row['all_day']);
             $event->title = $row['name'];
             $event->location = $row['location'];
             $event->comments = $row['comments'];
             $event->categoryId = intval($row['category']);
-            $event->categoryName = $row['category_name'];
+            $event->categoryName = Helpers::heskHtmlSpecialCharsDecode($row['category_name']);
             $event->backgroundColor = $row['background_color'];
             $event->foregroundColor = $row['foreground_color'];
-            $event->displayBorder = $row['display_border'] === '1';
+            $event->displayBorder = Helpers::boolval($row['display_border']);
             $event->reminderValue = $row['reminder_value'] === null ? null : floatval($row['reminder_value']);
             $event->reminderUnits = $row['reminder_unit'] === null ? null : ReminderUnit::getByValue($row['reminder_unit']);
 
@@ -83,7 +84,7 @@ class CalendarGateway extends CommonDao {
             $currentDate = hesk_date();
             $heskSettings['timeformat'] = $oldTimeSetting;
 
-            $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
+            $sql = "SELECT `tickets`.`id` AS `id`, `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
                 `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
                   CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
                    `tickets`.`priority` AS `priority`
@@ -116,16 +117,17 @@ class CalendarGateway extends CommonDao {
             $rs = hesk_dbQuery($sql);
             while ($row = hesk_dbFetchAssoc($rs)) {
                 $event = new TicketEvent();
+                $event->id = intval($row['id']);
                 $event->trackingId = $row['trackid'];
                 $event->subject = $row['subject'];
                 $event->title = $row['subject'];
                 $event->startTime = $row['due_date'];
                 $event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event->trackingId;
                 $event->categoryId = intval($row['category']);
-                $event->categoryName = $row['category_name'];
+                $event->categoryName = Helpers::heskHtmlSpecialCharsDecode($row['category_name']);
                 $event->backgroundColor = $row['background_color'];
                 $event->foregroundColor = $row['foreground_color'];
-                $event->displayBorder = $row['display_border'] === '0';
+                $event->displayBorder = Helpers::boolval($row['display_border']);
                 $event->owner = $row['owner_name'];
                 $event->priority = Priority::getByValue($row['priority']);
 
diff --git a/api/index.php b/api/index.php
index 00bd9af3..3888685c 100644
--- a/api/index.php
+++ b/api/index.php
@@ -194,6 +194,7 @@ Link::all(array(
     '/v1/tickets' => action(\Controllers\Tickets\CustomerTicketController::clazz(), RequestMethod::all(), SecurityHandler::OPEN),
     // Tickets - Staff
     '/v1/staff/tickets/{i}' => action(\Controllers\Tickets\StaffTicketController::clazz(), RequestMethod::all()),
+    '/v1/staff/tickets/{i}/due-date' => action(\Controllers\Tickets\StaffTicketController::clazz() . '::updateDueDate', array(RequestMethod::PATCH), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
     // Attachments
     '/v1/tickets/{a}/attachments/{i}' => action(\Controllers\Attachments\PublicAttachmentController::clazz() . '::getRaw', RequestMethod::all()),
     '/v1/staff/tickets/{i}/attachments' => action(\Controllers\Attachments\StaffTicketAttachmentsController::clazz(), RequestMethod::all()),
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 1ccfe7eb..1d6729f4 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -482,15 +482,19 @@ function updateCategoryVisibility() {
 
 function respondToDragAndDrop(event, delta, revertFunc) {
     var heskPath = $('p#hesk-path').text();
+
     if (event.type === 'TICKET') {
+        var uri = 'api/v1/staff/tickets/' + event.id + '/due-date';
         $.ajax({
             method: 'POST',
-            url: heskPath + 'internal-api/admin/calendar/',
-            data: {
-                trackingId: event.trackingId,
-                action: 'update-ticket',
-                dueDate: event.start.format('YYYY-MM-DD')
+            url: heskPath + uri,
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': 'PATCH'
             },
+            data: JSON.stringify({
+                dueDate: event.start.format('YYYY-MM-DD')
+            }),
             success: function() {
                 event.fontIconMarkup = getIcon({
                     startTime: event.start
@@ -519,7 +523,6 @@ function respondToDragAndDrop(event, delta, revertFunc) {
             end += ' ' + event.end.format('HH:mm:ss');
         }
         var data = {
-            id: event.id,
             title: event.title,
             location: event.location,
             startTime: start,
@@ -533,8 +536,12 @@ function respondToDragAndDrop(event, delta, revertFunc) {
         };
         $.ajax({
             method: 'POST',
-            url: heskPath + 'internal-api/admin/calendar/',
-            data: data,
+            url: heskPath + 'api/v1/calendar/events/staff/' + event.id,
+            data: JSON.stringify(data),
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': 'PUT'
+            },
             success: function() {
                 mfhAlert.success(mfhLang.text('event_updated'));
             },

From c4b79a722c1f7aae466e5aad8c611a0f8099319f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 3 Jan 2018 13:04:23 -0500
Subject: [PATCH 32/74] More calendar tweaks

---
 .../Calendar/CalendarHandler.php              | 14 +++++-
 .../Calendar/CalendarController.php           |  2 +
 api/DataAccess/Calendar/CalendarGateway.php   |  2 -
 js/calendar/mods-for-hesk-calendar.js         | 44 +++++++++++--------
 4 files changed, 41 insertions(+), 21 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index 5347eaf1..766ea537 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -44,6 +44,18 @@ class CalendarHandler extends \BaseClass {
 
 
     public function createEvent($calendarEvent, $userContext, $heskSettings) {
-        return $this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
+        $this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
+
+        $eventFilter = new SearchEventsFilter();
+        $eventFilter->eventId = $calendarEvent->id;
+        $eventFilter->reminderUserId = $userContext->id;
+
+        $events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
+
+        if (count($events) !== 1) {
+            throw new \Exception("Expected exactly 1 event, found: " . count($events));
+        }
+
+        return $events[0];
     }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 2e30c0b1..f7be1d0e 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -55,6 +55,8 @@ class CalendarController extends \BaseClass {
 
         /* @var $calendarHandler CalendarHandler */
         $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+
+        return output($calendarHandler->createEvent($event, $userContext, $hesk_settings));
     }
 
     function put($id) {
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index f101f1bd..416e7f1e 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -163,8 +163,6 @@ class CalendarGateway extends CommonDao {
         }
 
         $this->close();
-
-        return $event;
     }
 
     /**
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 1d6729f4..677a5db1 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -52,16 +52,7 @@ $(document).ready(function() {
             var $contents = $(contents);
 
             var format = 'dddd, MMMM Do YYYY';
-            var endDate = event.end == null ? event.start : event.end;
-
-            if (event.allDay) {
-                endDate = event.end.clone();
-                endDate.add(-1, 'days');
-            }
-
-            if (!event.allDay && event.type !== 'TICKET') {
-                format += ', HH:mm';
-            }
+            var endDate = event.end === null ? event.start : event.end;
 
             if (event.type === 'TICKET') {
                 contents = $('.ticket-popover-template').html();
@@ -77,6 +68,13 @@ $(document).ready(function() {
                     .find('.popover-category span').text(event.categoryName).end()
                     .find('.popover-priority span').text(event.priority);
             } else {
+                if (event.allDay) {
+                    endDate = event.end.clone();
+                    endDate.add(-1, 'days');
+                } else {
+                    format += ', HH:mm';
+                }
+
                 if (event.location === '') {
                     $contents.find('.popover-location').hide();
                 }
@@ -196,6 +194,9 @@ $(document).ready(function() {
             dateFormat = 'YYYY-MM-DD HH:mm:ss';
         }
 
+        var reminderValue = $createForm.find('input[name="reminder-value"]').val();
+        var reminderUnits = $createForm.find('select[name="reminder-unit"]').val();
+
         var data = {
             title: $createForm.find('input[name="name"]').val(),
             location: $createForm.find('input[name="location"]').val(),
@@ -209,8 +210,8 @@ $(document).ready(function() {
             foregroundColor: $createForm.find('select[name="category"] :selected').attr('data-foreground-color'),
             displayBorder: $createForm.find('select[name="category"] :selected').attr('data-display-border'),
             categoryName: $createForm.find('select[name="category"] :selected').text().trim(),
-            reminderValue: $createForm.find('input[name="reminder-value"]').val(),
-            reminderUnits: $createForm.find('select[name="reminder-unit"]').val()
+            reminderValue: reminderValue === "" ? null : reminderValue,
+            reminderUnits: reminderValue === "" ? null : reminderUnits
         };
 
         $.ajax({
@@ -245,25 +246,29 @@ $(document).ready(function() {
             dateFormat = 'YYYY-MM-DD HH:mm:ss';
         }
 
+        var reminderValue = $createForm.find('input[name="reminder-value"]').val();
+        var reminderUnits = $createForm.find('select[name="reminder-unit"]').val();
+
         var data = {
+            id: $form.find('input[name="id"]').val(),
             title: $form.find('input[name="name"]').val(),
             location: $form.find('input[name="location"]').val(),
             startTime: moment(start).format(dateFormat),
             endTime: moment(end).format(dateFormat),
             allDay: allDay,
             comments: $form.find('textarea[name="comments"]').val(),
-            categoryId: $form.find('select[name="category"]').val(),
+            categoryId: parseInt($form.find('select[name="category"]').val()),
             backgroundColor: $form.find('select[name="category"] :selected').attr('data-background-color'),
             foregroundColor: $form.find('select[name="category"] :selected').attr('data-foreground-color'),
             displayBorder: $form.find('select[name="category"] :selected').attr('data-display-border'),
             categoryName: $form.find('select[name="category"] :selected').text().trim(),
-            reminderValue: $form.find('input[name="reminder-value"]').val(),
-            reminderUnits: $form.find('select[name="reminder-unit"]').val()
+            reminderValue: reminderValue === "" ? null : reminderValue,
+            reminderUnits: reminderValue === "" ? null : reminderUnits
         };
 
         $.ajax({
             method: 'POST',
-            url: heskPath + 'api/v1/calendar/events/staff/' + $form.find('input[name="id"]').val(),
+            url: heskPath + 'api/v1/calendar/events/staff/' + data.id,
             data: JSON.stringify(data),
             contentType: 'json',
             headers: {
@@ -297,6 +302,7 @@ function removeFromCalendar(id) {
 function buildEvent(id, dbObject) {
     if (dbObject.type === 'TICKET') {
         return {
+            id: id,
             title: dbObject.title,
             subject: dbObject.subject,
             trackingId: dbObject.trackingId,
@@ -384,7 +390,7 @@ function displayCreateModal(date, viewName) {
         .find('input[name="location"]').val('').end()
         .find('textarea[name="comments"]').val('').end()
         .find('select[name="category"]').val($form.find('select[name="category"] option:first-child').val()).end()
-        .find('select[name="reminder-unit"]').val(0).end()
+        .find('select[name="reminder-unit"]').val("MINUTE").end()
         .find('input[name="reminder-value"]').val('').end();
 
     var $modal = $('#create-event-modal');
@@ -534,9 +540,11 @@ function respondToDragAndDrop(event, delta, revertFunc) {
             reminderValue: event.reminderValue,
             reminderUnits: event.reminderUnits
         };
+
+        var url = heskPath + 'api/v1/calendar/events/staff/' + event.id;
         $.ajax({
             method: 'POST',
-            url: heskPath + 'api/v1/calendar/events/staff/' + event.id,
+            url: url,
             data: JSON.stringify(data),
             headers: {
                 'X-Internal-Call': true,

From 3d73b9a4b25c55481c09efeea982ae4e79484690 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 7 Jan 2018 22:02:43 -0500
Subject: [PATCH 33/74] All main staff calendar endpoints moved

---
 .../Calendar/CalendarHandler.php              |  6 +++--
 .../Calendar/CalendarController.php           | 12 ++++++++++
 api/DataAccess/Calendar/CalendarGateway.php   | 16 +++++++++++++
 api/index.php                                 |  2 +-
 js/calendar/mods-for-hesk-calendar.js         | 24 +++++++++----------
 5 files changed, 44 insertions(+), 16 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index 766ea537..ad5a1775 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -3,10 +3,8 @@
 namespace BusinessLogic\Calendar;
 
 
-use BusinessLogic\Exceptions\ApiFriendlyException;
 use BusinessLogic\Security\UserContext;
 use DataAccess\Calendar\CalendarGateway;
-use PHPUnit\Runner\Exception;
 
 class CalendarHandler extends \BaseClass {
     private $calendarGateway;
@@ -58,4 +56,8 @@ class CalendarHandler extends \BaseClass {
 
         return $events[0];
     }
+
+    public function deleteEvent($id, $userContext, $heskSettings) {
+        $this->calendarGateway->deleteEvent($id, $userContext, $heskSettings);
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index f7be1d0e..d586b310 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -73,6 +73,18 @@ class CalendarController extends \BaseClass {
         return output($calendarHandler->updateEvent($event, $userContext, $hesk_settings));
     }
 
+    function delete($id) {
+        /* @var $userContext UserContext */
+        global $applicationContext, $hesk_settings, $userContext;
+
+        /* @var $calendarHandler CalendarHandler */
+        $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+
+        $calendarHandler->deleteEvent($id, $userContext, $hesk_settings);
+
+        return http_response_code(204);
+    }
+
     private function transformJson($json, $id = null) {
         $event = new CalendarEvent();
 
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 416e7f1e..81b7026f 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -192,4 +192,20 @@ class CalendarGateway extends CommonDao {
 
         $this->close();
     }
+
+    /**
+     * @param $id int
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     */
+    public function deleteEvent($id, $userContext, $heskSettings) {
+        $this->init();
+
+        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder`
+            WHERE `event_id` = " . intval($id) . " AND `user_id` = " . intval($userContext->id));
+        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event`
+            WHERE `id` = " . intval($id));
+
+        $this->close();
+    }
 }
\ No newline at end of file
diff --git a/api/index.php b/api/index.php
index 3888685c..2277d647 100644
--- a/api/index.php
+++ b/api/index.php
@@ -205,7 +205,7 @@ Link::all(array(
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Calendar
     '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET, RequestMethod::POST), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
-    '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
+    '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT, RequestMethod::DELETE), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
 
     /* Internal use only routes */
     // Resend email response
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 677a5db1..2561381b 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -16,7 +16,7 @@ $(document).ready(function() {
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
             $.ajax({
-                url: heskPath + 'api/v1/calendar/events/staff?start=' + start + '&end=' + end,
+                url: heskPath + 'api/index.php/v1/calendar/events/staff?start=' + start + '&end=' + end,
                 method: 'GET',
                 dataType: 'json',
                 headers: { 'X-Internal-Call': true },
@@ -160,17 +160,15 @@ $(document).ready(function() {
     $editForm.find('#delete-button').click(function() {
         var id = $editForm.find('input[name="id"]').val();
 
-        var data = {
-            id: id,
-            action: 'delete'
-        };
-
         $.ajax({
             method: 'POST',
-            url: heskPath + 'internal-api/admin/calendar/',
-            data: data,
+            url: heskPath + 'api/index.php/v1/calendar/events/staff/' + id,
+            headers: {
+                'X-Internal-Call': true,
+                'X-HTTP-Method-Override': 'DELETE'
+            },
             success: function() {
-                removeFromCalendar(data.id);
+                removeFromCalendar(id);
                 mfhAlert.success(mfhLang.text('event_deleted'));
                 $('#edit-event-modal').modal('hide');
             },
@@ -216,7 +214,7 @@ $(document).ready(function() {
 
         $.ajax({
             method: 'POST',
-            url: heskPath + 'api/v1/calendar/events/staff',
+            url: heskPath + 'api/index.php/v1/calendar/events/staff',
             data: JSON.stringify(data),
             contentType: 'json',
             headers: { 'X-Internal-Call': true },
@@ -268,7 +266,7 @@ $(document).ready(function() {
 
         $.ajax({
             method: 'POST',
-            url: heskPath + 'api/v1/calendar/events/staff/' + data.id,
+            url: heskPath + 'api/index.php/v1/calendar/events/staff/' + data.id,
             data: JSON.stringify(data),
             contentType: 'json',
             headers: {
@@ -490,7 +488,7 @@ function respondToDragAndDrop(event, delta, revertFunc) {
     var heskPath = $('p#hesk-path').text();
 
     if (event.type === 'TICKET') {
-        var uri = 'api/v1/staff/tickets/' + event.id + '/due-date';
+        var uri = 'api/index.php/v1/staff/tickets/' + event.id + '/due-date';
         $.ajax({
             method: 'POST',
             url: heskPath + uri,
@@ -541,7 +539,7 @@ function respondToDragAndDrop(event, delta, revertFunc) {
             reminderUnits: event.reminderUnits
         };
 
-        var url = heskPath + 'api/v1/calendar/events/staff/' + event.id;
+        var url = heskPath + 'api/index.php/v1/calendar/events/staff/' + event.id;
         $.ajax({
             method: 'POST',
             url: url,

From 4c2432a35bec4dacc697dc003dae03bf4d1d8b97 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 9 Jan 2018 12:37:29 -0500
Subject: [PATCH 34/74] Moved all calendar API logic to the api folder

---
 api/BusinessLogic/Categories/Category.php     |   2 +-
 .../Categories/CategoryHandler.php            |  13 ++
 .../Calendar/CalendarController.php           |  27 ++-
 api/DataAccess/Calendar/CalendarGateway.php   |   3 +-
 api/index.php                                 |   1 +
 internal-api/calendar/index.php               |  29 ---
 internal-api/dao/calendar_dao.php             | 195 ------------------
 .../mods-for-hesk-calendar-admin-readonly.js  |   3 +-
 .../mods-for-hesk-calendar-readonly.js        |   2 +-
 js/calendar/mods-for-hesk-calendar.js         |   4 +-
 10 files changed, 44 insertions(+), 235 deletions(-)
 delete mode 100644 internal-api/calendar/index.php
 delete mode 100644 internal-api/dao/calendar_dao.php

diff --git a/api/BusinessLogic/Categories/Category.php b/api/BusinessLogic/Categories/Category.php
index 597c3410..f7ea363e 100644
--- a/api/BusinessLogic/Categories/Category.php
+++ b/api/BusinessLogic/Categories/Category.php
@@ -22,7 +22,7 @@ class Category extends \BaseClass {
     public $autoAssign;
 
     /**
-     * @var int The type of Categories (1 = Private, 2 = Public)
+     * @var int The type of Categories (1 = Private, 0 = Public)
      */
     public $type;
 
diff --git a/api/BusinessLogic/Categories/CategoryHandler.php b/api/BusinessLogic/Categories/CategoryHandler.php
index 98e5b6d4..49d0b189 100644
--- a/api/BusinessLogic/Categories/CategoryHandler.php
+++ b/api/BusinessLogic/Categories/CategoryHandler.php
@@ -187,4 +187,17 @@ class CategoryHandler extends \BaseClass {
         $this->categoryGateway->updateCategory($category, $heskSettings);
         $this->categoryGateway->resortAllCategories($heskSettings);
     }
+
+    function getPublicCategories($heskSettings) {
+        $allCategories = $this->categoryGateway->getAllCategories($heskSettings, $this->modsForHeskSettingsGateway->getAllSettings($heskSettings));
+
+        $publicCategories = array();
+        foreach ($allCategories as $category) {
+            if ($category->type === 0) {
+                $publicCategories[] = $category;
+            }
+        }
+
+        return $publicCategories;
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index d586b310..0953b585 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -7,12 +7,14 @@ use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\CalendarHandler;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
+use BusinessLogic\Categories\CategoryHandler;
 use BusinessLogic\Exceptions\ValidationException;
 use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
 use BusinessLogic\Security\UserPrivilege;
 use BusinessLogic\ValidationModel;
 use Controllers\JsonRetriever;
+use DataAccess\Settings\ModsForHeskSettingsGateway;
 
 class CalendarController extends \BaseClass {
     function get() {
@@ -35,10 +37,27 @@ class CalendarController extends \BaseClass {
         $searchEventsFilter->startTime = $startTime;
         $searchEventsFilter->endTime = $endTime;
         $searchEventsFilter->reminderUserId = $userContext->id;
-        $searchEventsFilter->includeTicketsAssignedToOthers = in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions);
-        $searchEventsFilter->includeUnassignedTickets = in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions);
-        $searchEventsFilter->includeTickets = true;
-        $searchEventsFilter->categories = $userContext->admin ? null : $userContext->categories;
+
+        if ($userContext->isAnonymousUser()) {
+            $searchEventsFilter->includeTicketsAssignedToOthers = false;
+            $searchEventsFilter->includeUnassignedTickets = false;
+            $searchEventsFilter->includeTickets = false;
+
+            /* @var $categoryHandler CategoryHandler */
+            $categoryHandler = $applicationContext->get(CategoryHandler::clazz());
+
+            $publicCategories = $categoryHandler->getPublicCategories($hesk_settings);
+            $ids = array();
+            foreach ($publicCategories as $category) {
+                $ids[] = $category->id;
+            }
+            $searchEventsFilter->categories = $ids;
+        } else {
+            $searchEventsFilter->includeTicketsAssignedToOthers = in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions);
+            $searchEventsFilter->includeUnassignedTickets = in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions);
+            $searchEventsFilter->includeTickets = true;
+            $searchEventsFilter->categories = $userContext->admin ? null : $userContext->categories;
+        }
 
         $events = $calendarHandler->getEventsForStaff($searchEventsFilter, $hesk_settings);
 
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 81b7026f..ddb263e6 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -43,8 +43,7 @@ class CalendarGateway extends CommonDao {
 
 
             $sql .= " AND NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
-                    AND `categories`.`usage` <> 1
-                    AND `categories`.`type` = '0'";
+                    AND `categories`.`usage` <> 1";
         }
 
         if ($searchEventsFilter->eventId !== null) {
diff --git a/api/index.php b/api/index.php
index 2277d647..7c0574b2 100644
--- a/api/index.php
+++ b/api/index.php
@@ -204,6 +204,7 @@ Link::all(array(
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Calendar
+    '/v1/calendar/events' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET), SecurityHandler::OPEN),
     '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET, RequestMethod::POST), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
     '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT, RequestMethod::DELETE), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
 
diff --git a/internal-api/calendar/index.php b/internal-api/calendar/index.php
deleted file mode 100644
index 1ccc6011..00000000
--- a/internal-api/calendar/index.php
+++ /dev/null
@@ -1,29 +0,0 @@
-<?php
-define('IN_SCRIPT', 1);
-define('HESK_PATH', '../../');
-define('INTERNAL_API_PATH', '../');
-require_once(HESK_PATH . 'hesk_settings.inc.php');
-require_once(HESK_PATH . 'inc/common.inc.php');
-require_once(HESK_PATH . 'inc/attachments.inc.php');
-require_once(HESK_PATH . 'inc/posting_functions.inc.php');
-require_once(INTERNAL_API_PATH . 'core/output.php');
-require_once(INTERNAL_API_PATH . 'dao/calendar_dao.php');
-require_once(INTERNAL_API_PATH . 'core/cors.php');
-
-hesk_session_start();
-hesk_load_internal_api_database_functions();
-hesk_dbConnect();
-
-$modsForHesk_settings = mfh_getSettings();
-
-// Routing
-$request_method = $_SERVER['REQUEST_METHOD'];
-if ($request_method === 'GET') {
-    $start = hesk_GET('start');
-    $end = hesk_GET('end');
-    $events = get_events($start, $end, $hesk_settings, false);
-
-    return output($events);
-}
-
-return http_response_code(400);
\ No newline at end of file
diff --git a/internal-api/dao/calendar_dao.php b/internal-api/dao/calendar_dao.php
deleted file mode 100644
index 3ad28dbf..00000000
--- a/internal-api/dao/calendar_dao.php
+++ /dev/null
@@ -1,195 +0,0 @@
-<?php
-
-function get_events($start, $end, $hesk_settings, $staff = true) {
-    global $hesk_settings, $hesklang;
-
-    $start_time_sql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($start) . " / 1000), @@session.time_zone, '+00:00')";
-    $end_time_sql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($end) . " / 1000), @@session.time_zone, '+00:00')";
-
-    $sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
-        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border` ";
-
-    if ($staff) {
-        $sql .= ",`reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit` ";
-    }
-
-    $sql .= "FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event` AS `events`
-        INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` AS `categories`
-            ON `events`.`category` = `categories`.`id` ";
-
-    if ($staff) {
-        $sql .= "LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event_reminder` AS `reminders` ON
-        `reminders`.`user_id` = " . intval($_SESSION['id']) . " AND `reminders`.`event_id` = `events`.`id`";
-    }
-    $sql .= "WHERE NOT (`end` < {$start_time_sql} OR `start` > {$end_time_sql}) AND `categories`.`usage` <> 1";
-
-    if (!$staff) {
-        $sql .= " AND `categories`.`type` = '0'";
-    }
-
-    $rs = hesk_dbQuery($sql);
-
-    $events = array();
-    while ($row = hesk_dbFetchAssoc($rs)) {
-        // Skip the event if the user does not have access to it
-        if ($staff && !$_SESSION['isadmin'] && !in_array($row['category'], $_SESSION['categories'])) {
-            continue;
-        }
-
-        mfh_log_debug('Calendar', "Creating event with id: {$row['id']}", '');
-
-        $event['type'] = 'CALENDAR';
-        $event['id'] = intval($row['id']);
-        $event['startTime'] = $row['start'];
-        $event['endTime'] = $row['end'];
-        $event['allDay'] = $row['all_day'] ? true : false;
-        $event['title'] = $row['name'];
-        $event['location'] = $row['location'];
-        $event['comments'] = $row['comments'];
-        $event['categoryId'] = $row['category'];
-        $event['categoryName'] = $row['category_name'];
-        $event['backgroundColor'] = $row['background_color'];
-        $event['foregroundColor'] = $row['foreground_color'];
-        $event['displayBorder'] = $row['display_border'];
-
-        if ($staff) {
-            $event['reminderValue'] = $row['reminder_value'];
-            $event['reminderUnits'] = $row['reminder_unit'];
-        }
-
-        $events[] = $event;
-    }
-
-    if ($staff) {
-        $old_time_setting = $hesk_settings['timeformat'];
-        $hesk_settings['timeformat'] = 'Y-m-d';
-        $current_date = hesk_date();
-        $hesk_settings['timeformat'] = $old_time_setting;
-
-        $sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
-        `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
-          CASE WHEN `due_date` < '{$current_date}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
-           `tickets`.`priority` AS `priority`
-        FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` AS `tickets`
-        INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` AS `categories`
-            ON `categories`.`id` = `tickets`.`category`
-            AND `categories`.`usage` <> 2
-        LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` AS `owner`
-            ON `tickets`.`owner` = `owner`.`id`
-        WHERE `due_date` >= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($start)
-        . " / 1000), @@session.time_zone, '+00:00')
-        AND `due_date` <= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($end) . " / 1000), @@session.time_zone, '+00:00')
-        AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) ";
-
-        $rs = hesk_dbQuery($sql);
-        while ($row = hesk_dbFetchAssoc($rs)) {
-            // Skip the ticket if the user does not have access to it
-            if (!hesk_checkPermission('can_view_tickets', 0)
-                || ($row['owner_id'] && $row['owner_id'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0))
-                || (!$row['owner_id'] && !hesk_checkPermission('can_view_unassigned', 0))) {
-                continue;
-            }
-
-            $event['type'] = 'TICKET';
-            $event['trackingId'] = $row['trackid'];
-            $event['subject'] = $row['subject'];
-            $event['title'] = $row['subject'];
-            $event['startTime'] = $row['due_date'];
-            $event['url'] = $hesk_settings['hesk_url'] . '/' . $hesk_settings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
-            $event['categoryId'] = $row['category'];
-            $event['categoryName'] = $row['category_name'];
-            $event['backgroundColor'] = $row['background_color'];
-            $event['foregroundColor'] = $row['foreground_color'];
-            $event['displayBorder'] = $row['display_border'];
-            $event['owner'] = $row['owner_name'];
-
-            $priorities = array(
-                0 => $hesklang['critical'],
-                1 => $hesklang['high'],
-                2 => $hesklang['medium'],
-                3 => $hesklang['low']
-            );
-            $event['priority'] = $priorities[$row['priority']];
-
-            $events[] = $event;
-        }
-    }
-
-    return $events;
-}
-
-function create_event($event, $hesk_settings) {
-    // Make sure the user can create events in this category
-    if (!$_SESSION['isadmin'] && !in_array($event['category'], $_SESSION['categories'])) {
-        print_error('Access Denied', 'You cannot create an event in this category');
-    }
-
-    $event['start'] = date('Y-m-d H:i:s', strtotime($event['start']));
-    $event['end'] = date('Y-m-d H:i:s', strtotime($event['end']));
-    $event['all_day'] = $event['all_day'] ? 1 : 0;
-
-    $sql = "INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event` (`start`, `end`, `all_day`,
-    `name`, `location`, `comments`, `category`) VALUES (
-    '" . hesk_dbEscape($event['start']) . "', '" . hesk_dbEscape($event['end']) . "', '" . hesk_dbEscape($event['all_day']) . "',
-    '" . hesk_dbEscape(addslashes($event['title'])) . "', '" . hesk_dbEscape(addslashes($event['location'])) . "', '" . hesk_dbEscape(addslashes($event['comments'])) . "',
-    " . intval($event['category']) . ")";
-
-    hesk_dbQuery($sql);
-    $event_id = hesk_dbInsertID();
-
-    if ($event['reminder_amount'] != null) {
-        $sql = "INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event_reminder` (`user_id`, `event_id`,
-        `amount`, `unit`) VALUES (" . intval($event['reminder_user']) . ", " . intval($event_id) . ", " . intval($event['reminder_amount']) . ",
-        " . intval($event['reminder_units']) . ")";
-
-        hesk_dbQuery($sql);
-    }
-
-    return $event_id;
-}
-
-function update_event($event, $hesk_settings) {
-    // Make sure the user can edit events in this category
-    if (!$_SESSION['isadmin'] && !in_array($event['category'], $_SESSION['categories'])) {
-        print_error('Access Denied', 'You cannot edit an event in this category');
-    }
-
-
-}
-
-function delete_event($id, $hesk_settings) {
-    // Make sure the user can delete events in this category
-    $categoryRs = hesk_dbQuery('SELECT `category` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'calendar_event` WHERE `id` = ' . intval($id));
-    $category = hesk_dbFetchAssoc($categoryRs);
-    if (!$_SESSION['isadmin'] && !in_array($category['category'], $_SESSION['categories'])) {
-        print_error('Access Denied', 'You cannot delete events in this category');
-    }
-
-    $sql = "DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "calendar_event` WHERE `id` = " . intval($id);
-
-    hesk_dbQuery($sql);
-}
-
-function update_ticket_due_date($ticket, $hesk_settings) {
-    $ticket_id_rs = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($ticket['trackid']) . "'");
-    $ticket_id = hesk_dbFetchAssoc($ticket_id_rs);
-
-    $due_date = 'NULL';
-    $language_key = 'audit_due_date_removed';
-    $audit_array = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
-    if ($ticket['due_date'] != NULL) {
-        $audit_array = array(
-            0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
-            1 => date('Y-m-d H:i:s', strtotime($ticket['due_date']))
-        );
-        $due_date = "'" . date('Y-m-d H:i:s', strtotime($ticket['due_date'])) . "'";
-        $language_key = 'audit_due_date_changed';
-    }
-    $sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `due_date` = {$due_date}, `overdue_email_sent` = '0'
-        WHERE `trackid` = '" . hesk_dbEscape($ticket['trackid']) . "'";
-
-    mfh_insert_audit_trail_record($ticket_id['id'], 'TICKET', $language_key, hesk_date(),
-        $audit_array);
-
-    hesk_dbQuery($sql);
-}
\ No newline at end of file
diff --git a/js/calendar/mods-for-hesk-calendar-admin-readonly.js b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
index 619e5d23..7290189e 100644
--- a/js/calendar/mods-for-hesk-calendar-admin-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
@@ -16,9 +16,10 @@ $(document).ready(function() {
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
             $.ajax({
-                url: heskPath + 'internal-api/admin/calendar/?start=' + start + '&end=' + end,
+                url: heskPath + 'api/index.php/v1/calendar/events/staff?start=' + start + '&end=' + end,
                 method: 'GET',
                 dataType: 'json',
+                headers: { 'X-Internal-Call': true },
                 success: function(data) {
                     var events = [];
                     $(data).each(function() {
diff --git a/js/calendar/mods-for-hesk-calendar-readonly.js b/js/calendar/mods-for-hesk-calendar-readonly.js
index eff85039..a282c155 100644
--- a/js/calendar/mods-for-hesk-calendar-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-readonly.js
@@ -16,7 +16,7 @@ $(document).ready(function() {
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
             $.ajax({
-                url: heskPath + 'internal-api/calendar/?start=' + start + '&end=' + end,
+                url: heskPath + 'api/index.php/v1/calendar/events/?start=' + start + '&end=' + end,
                 method: 'GET',
                 dataType: 'json',
                 success: function(data) {
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 2561381b..48fac68f 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -218,8 +218,8 @@ $(document).ready(function() {
             data: JSON.stringify(data),
             contentType: 'json',
             headers: { 'X-Internal-Call': true },
-            success: function(id) {
-                addToCalendar(id, data, $('#lang_event_created').text());
+            success: function(createdEvent) {
+                addToCalendar(createdEvent.id, data, $('#lang_event_created').text());
                 $('#create-event-modal').modal('hide');
                 updateCategoryVisibility();
             },

From 4959ccb815dd6d530c5f027624e10f07d9f4657b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 18 Jan 2018 22:02:48 -0500
Subject: [PATCH 35/74] Add php-rrule for recurring event parsing

---
 api/composer.json |   3 +-
 api/composer.lock | 151 ++++++++++++++++++++++++++++++----------------
 2 files changed, 102 insertions(+), 52 deletions(-)

diff --git a/api/composer.json b/api/composer.json
index b91d34b5..c7215460 100644
--- a/api/composer.json
+++ b/api/composer.json
@@ -17,6 +17,7 @@
     "phpmailer/phpmailer": "^5.2",
     "mailgun/mailgun-php": "1.7.2",
     "mike-koch/php-di": "4.4.11",
-    "doctrine/annotations": "1.2"
+    "doctrine/annotations": "1.2",
+    "rlanvin/php-rrule": "1.6.0"
   }
 }
diff --git a/api/composer.lock b/api/composer.lock
index 1668fba8..14ef8855 100644
--- a/api/composer.lock
+++ b/api/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "cba4f6a9b461d9050bd4095da7c79aea",
+    "content-hash": "271633d6be53dff4f327e318b49a049f",
     "packages": [
         {
             "name": "container-interop/container-interop",
@@ -691,17 +691,61 @@
             "time": "2017-02-14T16:28:37+00:00"
         },
         {
-            "name": "symfony/event-dispatcher",
-            "version": "v2.8.28",
+            "name": "rlanvin/php-rrule",
+            "version": "v1.6.0",
             "source": {
                 "type": "git",
-                "url": "https://github.com/symfony/event-dispatcher.git",
-                "reference": "7fe089232554357efb8d4af65ce209fc6e5a2186"
+                "url": "https://github.com/rlanvin/php-rrule.git",
+                "reference": "c543bda87d2f8b6c490210f1a6e2bf0d79162a4a"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/7fe089232554357efb8d4af65ce209fc6e5a2186",
-                "reference": "7fe089232554357efb8d4af65ce209fc6e5a2186",
+                "url": "https://api.github.com/repos/rlanvin/php-rrule/zipball/c543bda87d2f8b6c490210f1a6e2bf0d79162a4a",
+                "reference": "c543bda87d2f8b6c490210f1a6e2bf0d79162a4a",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.3.0"
+            },
+            "require-dev": {
+                "phpunit/phpunit": "<6"
+            },
+            "suggest": {
+                "ext-intl": "Intl extension is needed for humanReadable()"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "RRule\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "description": "Lightweight and fast recurrence rules for PHP (RFC 5545)",
+            "homepage": "https://github.com/rlanvin/php-rrule",
+            "keywords": [
+                "date",
+                "ical",
+                "recurrence",
+                "recurring",
+                "rrule"
+            ],
+            "time": "2017-10-11T12:23:40+00:00"
+        },
+        {
+            "name": "symfony/event-dispatcher",
+            "version": "v2.8.33",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/event-dispatcher.git",
+                "reference": "d64be24fc1eba62f9daace8a8918f797fc8e87cc"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/d64be24fc1eba62f9daace8a8918f797fc8e87cc",
+                "reference": "d64be24fc1eba62f9daace8a8918f797fc8e87cc",
                 "shasum": ""
             },
             "require": {
@@ -748,7 +792,7 @@
             ],
             "description": "Symfony EventDispatcher Component",
             "homepage": "https://symfony.com",
-            "time": "2017-10-01T21:00:16+00:00"
+            "time": "2018-01-03T07:36:31+00:00"
         },
         {
             "name": "zendframework/zend-code",
@@ -1334,29 +1378,35 @@
         },
         {
             "name": "phpdocumentor/reflection-docblock",
-            "version": "4.1.1",
+            "version": "4.2.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git",
-                "reference": "2d3d238c433cf69caeb4842e97a3223a116f94b2"
+                "reference": "66465776cfc249844bde6d117abff1d22e06c2da"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/2d3d238c433cf69caeb4842e97a3223a116f94b2",
-                "reference": "2d3d238c433cf69caeb4842e97a3223a116f94b2",
+                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/66465776cfc249844bde6d117abff1d22e06c2da",
+                "reference": "66465776cfc249844bde6d117abff1d22e06c2da",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.0",
-                "phpdocumentor/reflection-common": "^1.0@dev",
+                "phpdocumentor/reflection-common": "^1.0.0",
                 "phpdocumentor/type-resolver": "^0.4.0",
                 "webmozart/assert": "^1.0"
             },
             "require-dev": {
-                "mockery/mockery": "^0.9.4",
-                "phpunit/phpunit": "^4.4"
+                "doctrine/instantiator": "~1.0.5",
+                "mockery/mockery": "^1.0",
+                "phpunit/phpunit": "^6.4"
             },
             "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "4.x-dev"
+                }
+            },
             "autoload": {
                 "psr-4": {
                     "phpDocumentor\\Reflection\\": [
@@ -1375,7 +1425,7 @@
                 }
             ],
             "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.",
-            "time": "2017-08-30T18:51:59+00:00"
+            "time": "2017-11-27T17:38:31+00:00"
         },
         {
             "name": "phpdocumentor/type-resolver",
@@ -1426,16 +1476,16 @@
         },
         {
             "name": "phpspec/prophecy",
-            "version": "v1.7.2",
+            "version": "1.7.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpspec/prophecy.git",
-                "reference": "c9b8c6088acd19d769d4cc0ffa60a9fe34344bd6"
+                "reference": "e4ed002c67da8eceb0eb8ddb8b3847bb53c5c2bf"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpspec/prophecy/zipball/c9b8c6088acd19d769d4cc0ffa60a9fe34344bd6",
-                "reference": "c9b8c6088acd19d769d4cc0ffa60a9fe34344bd6",
+                "url": "https://api.github.com/repos/phpspec/prophecy/zipball/e4ed002c67da8eceb0eb8ddb8b3847bb53c5c2bf",
+                "reference": "e4ed002c67da8eceb0eb8ddb8b3847bb53c5c2bf",
                 "shasum": ""
             },
             "require": {
@@ -1447,7 +1497,7 @@
             },
             "require-dev": {
                 "phpspec/phpspec": "^2.5|^3.2",
-                "phpunit/phpunit": "^4.8 || ^5.6.5"
+                "phpunit/phpunit": "^4.8.35 || ^5.7"
             },
             "type": "library",
             "extra": {
@@ -1485,20 +1535,20 @@
                 "spy",
                 "stub"
             ],
-            "time": "2017-09-04T11:05:03+00:00"
+            "time": "2017-11-24T13:59:53+00:00"
         },
         {
             "name": "phpunit/php-code-coverage",
-            "version": "5.2.3",
+            "version": "5.3.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/php-code-coverage.git",
-                "reference": "8e1d2397d8adf59a3f12b2878a3aaa66d1ab189d"
+                "reference": "661f34d0bd3f1a7225ef491a70a020ad23a057a1"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/8e1d2397d8adf59a3f12b2878a3aaa66d1ab189d",
-                "reference": "8e1d2397d8adf59a3f12b2878a3aaa66d1ab189d",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/661f34d0bd3f1a7225ef491a70a020ad23a057a1",
+                "reference": "661f34d0bd3f1a7225ef491a70a020ad23a057a1",
                 "shasum": ""
             },
             "require": {
@@ -1507,14 +1557,13 @@
                 "php": "^7.0",
                 "phpunit/php-file-iterator": "^1.4.2",
                 "phpunit/php-text-template": "^1.2.1",
-                "phpunit/php-token-stream": "^2.0",
+                "phpunit/php-token-stream": "^2.0.1",
                 "sebastian/code-unit-reverse-lookup": "^1.0.1",
                 "sebastian/environment": "^3.0",
                 "sebastian/version": "^2.0.1",
                 "theseer/tokenizer": "^1.1"
             },
             "require-dev": {
-                "ext-xdebug": "^2.5",
                 "phpunit/phpunit": "^6.0"
             },
             "suggest": {
@@ -1523,7 +1572,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "5.2.x-dev"
+                    "dev-master": "5.3.x-dev"
                 }
             },
             "autoload": {
@@ -1538,7 +1587,7 @@
             "authors": [
                 {
                     "name": "Sebastian Bergmann",
-                    "email": "sb@sebastian-bergmann.de",
+                    "email": "sebastian@phpunit.de",
                     "role": "lead"
                 }
             ],
@@ -1549,20 +1598,20 @@
                 "testing",
                 "xunit"
             ],
-            "time": "2017-11-03T13:47:33+00:00"
+            "time": "2017-12-06T09:29:45+00:00"
         },
         {
             "name": "phpunit/php-file-iterator",
-            "version": "1.4.2",
+            "version": "1.4.5",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/php-file-iterator.git",
-                "reference": "3cc8f69b3028d0f96a9078e6295d86e9bf019be5"
+                "reference": "730b01bc3e867237eaac355e06a36b85dd93a8b4"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/3cc8f69b3028d0f96a9078e6295d86e9bf019be5",
-                "reference": "3cc8f69b3028d0f96a9078e6295d86e9bf019be5",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/730b01bc3e867237eaac355e06a36b85dd93a8b4",
+                "reference": "730b01bc3e867237eaac355e06a36b85dd93a8b4",
                 "shasum": ""
             },
             "require": {
@@ -1596,7 +1645,7 @@
                 "filesystem",
                 "iterator"
             ],
-            "time": "2016-10-03T07:40:28+00:00"
+            "time": "2017-11-27T13:52:08+00:00"
         },
         {
             "name": "phpunit/php-text-template",
@@ -1690,16 +1739,16 @@
         },
         {
             "name": "phpunit/php-token-stream",
-            "version": "2.0.1",
+            "version": "2.0.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/php-token-stream.git",
-                "reference": "9a02332089ac48e704c70f6cefed30c224e3c0b0"
+                "reference": "791198a2c6254db10131eecfe8c06670700904db"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/9a02332089ac48e704c70f6cefed30c224e3c0b0",
-                "reference": "9a02332089ac48e704c70f6cefed30c224e3c0b0",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/791198a2c6254db10131eecfe8c06670700904db",
+                "reference": "791198a2c6254db10131eecfe8c06670700904db",
                 "shasum": ""
             },
             "require": {
@@ -1735,7 +1784,7 @@
             "keywords": [
                 "tokenizer"
             ],
-            "time": "2017-08-20T05:47:52+00:00"
+            "time": "2017-11-27T05:48:46+00:00"
         },
         {
             "name": "phpunit/phpunit",
@@ -1974,16 +2023,16 @@
         },
         {
             "name": "sebastian/comparator",
-            "version": "2.1.0",
+            "version": "2.1.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/comparator.git",
-                "reference": "1174d9018191e93cb9d719edec01257fc05f8158"
+                "reference": "11c07feade1d65453e06df3b3b90171d6d982087"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/1174d9018191e93cb9d719edec01257fc05f8158",
-                "reference": "1174d9018191e93cb9d719edec01257fc05f8158",
+                "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/11c07feade1d65453e06df3b3b90171d6d982087",
+                "reference": "11c07feade1d65453e06df3b3b90171d6d982087",
                 "shasum": ""
             },
             "require": {
@@ -2034,7 +2083,7 @@
                 "compare",
                 "equality"
             ],
-            "time": "2017-11-03T07:16:52+00:00"
+            "time": "2018-01-12T06:34:42+00:00"
         },
         {
             "name": "sebastian/diff",
@@ -2488,16 +2537,16 @@
         },
         {
             "name": "symfony/console",
-            "version": "v2.8.28",
+            "version": "v2.8.33",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/console.git",
-                "reference": "f81549d2c5fdee8d711c9ab3c7e7362353ea5853"
+                "reference": "a4bd0f02ea156cf7b5138774a7ba0ab44d8da4fe"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/console/zipball/f81549d2c5fdee8d711c9ab3c7e7362353ea5853",
-                "reference": "f81549d2c5fdee8d711c9ab3c7e7362353ea5853",
+                "url": "https://api.github.com/repos/symfony/console/zipball/a4bd0f02ea156cf7b5138774a7ba0ab44d8da4fe",
+                "reference": "a4bd0f02ea156cf7b5138774a7ba0ab44d8da4fe",
                 "shasum": ""
             },
             "require": {
@@ -2545,7 +2594,7 @@
             ],
             "description": "Symfony Console Component",
             "homepage": "https://symfony.com",
-            "time": "2017-10-01T21:00:16+00:00"
+            "time": "2018-01-03T07:36:31+00:00"
         },
         {
             "name": "symfony/debug",

From 78cb2de9b6767bd005a00b466a948df3802c78aa Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 19 Jan 2018 22:17:15 -0500
Subject: [PATCH 36/74] Going to use rrule.js instead

---
 api/BusinessLogic/Calendar/CalendarEvent.php  |  2 +
 .../Calendar/CalendarController.php           |  2 +
 api/composer.json                             |  3 +-
 api/composer.lock                             | 46 +------------------
 4 files changed, 6 insertions(+), 47 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
index 91a45761..9e974b01 100644
--- a/api/BusinessLogic/Calendar/CalendarEvent.php
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -18,4 +18,6 @@ class CalendarEvent extends AbstractEvent {
     public $reminderValue;
 
     public $reminderUnits;
+
+    public $recurringRule;
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 0953b585..2c84270a 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -15,6 +15,7 @@ use BusinessLogic\Security\UserPrivilege;
 use BusinessLogic\ValidationModel;
 use Controllers\JsonRetriever;
 use DataAccess\Settings\ModsForHeskSettingsGateway;
+use RRule\RRule;
 
 class CalendarController extends \BaseClass {
     function get() {
@@ -117,6 +118,7 @@ class CalendarController extends \BaseClass {
         $event->categoryId = Helpers::safeArrayGet($json, 'categoryId');
         $event->reminderValue = Helpers::safeArrayGet($json, 'reminderValue');
         $event->reminderUnits = ReminderUnit::getByName(Helpers::safeArrayGet($json, 'reminderUnits'));
+        $event->recurringRule = Helpers::safeArrayGet($json, 'recurringRule');
 
         return $event;
     }
diff --git a/api/composer.json b/api/composer.json
index c7215460..b91d34b5 100644
--- a/api/composer.json
+++ b/api/composer.json
@@ -17,7 +17,6 @@
     "phpmailer/phpmailer": "^5.2",
     "mailgun/mailgun-php": "1.7.2",
     "mike-koch/php-di": "4.4.11",
-    "doctrine/annotations": "1.2",
-    "rlanvin/php-rrule": "1.6.0"
+    "doctrine/annotations": "1.2"
   }
 }
diff --git a/api/composer.lock b/api/composer.lock
index 14ef8855..f882508e 100644
--- a/api/composer.lock
+++ b/api/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "271633d6be53dff4f327e318b49a049f",
+    "content-hash": "cba4f6a9b461d9050bd4095da7c79aea",
     "packages": [
         {
             "name": "container-interop/container-interop",
@@ -690,50 +690,6 @@
             ],
             "time": "2017-02-14T16:28:37+00:00"
         },
-        {
-            "name": "rlanvin/php-rrule",
-            "version": "v1.6.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/rlanvin/php-rrule.git",
-                "reference": "c543bda87d2f8b6c490210f1a6e2bf0d79162a4a"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/rlanvin/php-rrule/zipball/c543bda87d2f8b6c490210f1a6e2bf0d79162a4a",
-                "reference": "c543bda87d2f8b6c490210f1a6e2bf0d79162a4a",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=5.3.0"
-            },
-            "require-dev": {
-                "phpunit/phpunit": "<6"
-            },
-            "suggest": {
-                "ext-intl": "Intl extension is needed for humanReadable()"
-            },
-            "type": "library",
-            "autoload": {
-                "psr-4": {
-                    "RRule\\": "src/"
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "description": "Lightweight and fast recurrence rules for PHP (RFC 5545)",
-            "homepage": "https://github.com/rlanvin/php-rrule",
-            "keywords": [
-                "date",
-                "ical",
-                "recurrence",
-                "recurring",
-                "rrule"
-            ],
-            "time": "2017-10-11T12:23:40+00:00"
-        },
         {
             "name": "symfony/event-dispatcher",
             "version": "v2.8.33",

From 770a01a970a2c44ff7be6cec3105b35e13c63c39 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 21 Jan 2018 22:03:54 -0500
Subject: [PATCH 37/74] Add status to ticket popover on calendar

---
 admin/calendar.php                               | 10 +++++++++-
 api/BusinessLogic/Calendar/CalendarEvent.php     |  2 --
 api/BusinessLogic/Calendar/TicketEvent.php       |  2 ++
 api/Controllers/Calendar/CalendarController.php  |  3 ++-
 api/DataAccess/Calendar/CalendarGateway.php      |  6 +++++-
 .../mods-for-hesk-calendar-admin-readonly.js     | 16 ++++++++++++----
 js/calendar/mods-for-hesk-calendar.js            | 15 ++++++++++++---
 7 files changed, 42 insertions(+), 12 deletions(-)

diff --git a/admin/calendar.php b/admin/calendar.php
index 905cc81d..4fc81a57 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -545,6 +545,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
             <strong><?php echo $hesklang['category']; ?></strong>
             <span></span>
         </div>
+        <div class="popover-status">
+            <strong><?php echo $hesklang['status']; ?></strong>
+            <span></span>
+        </div>
         <div class="popover-priority">
             <strong><?php echo $hesklang['priority']; ?></strong>
             <span></span>
@@ -560,7 +564,11 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
     'event_updated',
     'error_updating_event',
     'ticket_due_date_updated',
-    'error_updating_ticket_due_date'));
+    'error_updating_ticket_due_date',
+    'critical',
+    'high',
+    'medium',
+    'low'));
 ?>
 <div style="display: none">
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
index 9e974b01..91a45761 100644
--- a/api/BusinessLogic/Calendar/CalendarEvent.php
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -18,6 +18,4 @@ class CalendarEvent extends AbstractEvent {
     public $reminderValue;
 
     public $reminderUnits;
-
-    public $recurringRule;
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/TicketEvent.php b/api/BusinessLogic/Calendar/TicketEvent.php
index e2e7102f..95bf621d 100644
--- a/api/BusinessLogic/Calendar/TicketEvent.php
+++ b/api/BusinessLogic/Calendar/TicketEvent.php
@@ -15,4 +15,6 @@ class TicketEvent extends AbstractEvent {
     public $owner;
 
     public $priority;
+
+    public $status;
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 2c84270a..4b7ab9cd 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -5,6 +5,7 @@ namespace Controllers\Calendar;
 
 use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\CalendarHandler;
+use BusinessLogic\Calendar\RecurringRule;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Categories\CategoryHandler;
@@ -16,6 +17,7 @@ use BusinessLogic\ValidationModel;
 use Controllers\JsonRetriever;
 use DataAccess\Settings\ModsForHeskSettingsGateway;
 use RRule\RRule;
+use RRule\RSet;
 
 class CalendarController extends \BaseClass {
     function get() {
@@ -118,7 +120,6 @@ class CalendarController extends \BaseClass {
         $event->categoryId = Helpers::safeArrayGet($json, 'categoryId');
         $event->reminderValue = Helpers::safeArrayGet($json, 'reminderValue');
         $event->reminderUnits = ReminderUnit::getByName(Helpers::safeArrayGet($json, 'reminderUnits'));
-        $event->recurringRule = Helpers::safeArrayGet($json, 'recurringRule');
 
         return $event;
     }
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index ddb263e6..1693e23d 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -86,13 +86,16 @@ class CalendarGateway extends CommonDao {
             $sql = "SELECT `tickets`.`id` AS `id`, `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`, 
                 `categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
                   CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
-                   `tickets`.`priority` AS `priority`
+                   `tickets`.`priority` AS `priority`, `text_to_status_xref`.`text` AS `status_name`
                 FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` AS `tickets`
                 INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
                     ON `categories`.`id` = `tickets`.`category`
                     AND `categories`.`usage` <> 2
                 LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
                     ON `tickets`.`owner` = `owner`.`id`
+                LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "text_to_status_xref` AS `text_to_status_xref`
+                    ON `tickets`.`status` = `text_to_status_xref`.`status_id`
+                    AND `text_to_status_xref`.`language` = '" . hesk_dbEscape($heskSettings['language']) . "'
                 WHERE `due_date` >= {$startTimeSql}
                 AND `due_date` <= {$endTimeSql}
                 AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) 
@@ -129,6 +132,7 @@ class CalendarGateway extends CommonDao {
                 $event->displayBorder = Helpers::boolval($row['display_border']);
                 $event->owner = $row['owner_name'];
                 $event->priority = Priority::getByValue($row['priority']);
+                $event->status = $row['status_name'];
 
                 $events[] = $event;
             }
diff --git a/js/calendar/mods-for-hesk-calendar-admin-readonly.js b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
index 7290189e..51f2b763 100644
--- a/js/calendar/mods-for-hesk-calendar-admin-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
@@ -62,7 +62,8 @@ $(document).ready(function() {
                     .find('.popover-owner span').text(event.owner).end()
                     .find('.popover-subject span').text(event.subject).end()
                     .find('.popover-category span').text(event.categoryName).end()
-                    .find('.popover-priority span').text(event.priority);
+                    .find('.popover-priority span').text(event.priority)
+                    .find('.popover-status span').text(event.status).end();
             } else {
                 if (event.location === '') {
                     $contents.find('.popover-location').hide();
@@ -125,7 +126,13 @@ $(document).ready(function() {
 });
 
 function buildEvent(id, dbObject) {
-    if (dbObject.type == 'TICKET') {
+    var priorities = [];
+    priorities['CRITICAL'] = mfhLang.text('critical');
+    priorities['HIGH'] = mfhLang.text('high');
+    priorities['MEDIUM'] = mfhLang.text('medium');
+    priorities['LOW'] = mfhLang.text('low');
+
+    if (dbObject.type === 'TICKET') {
         return {
             title: dbObject.title,
             subject: dbObject.subject,
@@ -141,8 +148,9 @@ function buildEvent(id, dbObject) {
             categoryName: dbObject.categoryName,
             className: 'category-' + dbObject.categoryId,
             owner: dbObject.owner,
-            priority: dbObject.priority,
-            fontIconMarkup: getIcon(dbObject)
+            priority: priorities[dbObject.priority],
+            fontIconMarkup: getIcon(dbObject),
+            status: dbObject.status
         };
     }
     
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 48fac68f..7551e2d7 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -66,7 +66,8 @@ $(document).ready(function() {
                     .find('.popover-owner span').text(event.owner).end()
                     .find('.popover-subject span').text(event.subject).end()
                     .find('.popover-category span').text(event.categoryName).end()
-                    .find('.popover-priority span').text(event.priority);
+                    .find('.popover-priority span').text(event.priority).end()
+                    .find('.popover-status span').text(event.status).end();
             } else {
                 if (event.allDay) {
                     endDate = event.end.clone();
@@ -298,6 +299,13 @@ function removeFromCalendar(id) {
 }
 
 function buildEvent(id, dbObject) {
+    var priorities = [];
+    priorities['CRITICAL'] = mfhLang.text('critical');
+    priorities['HIGH'] = mfhLang.text('high');
+    priorities['MEDIUM'] = mfhLang.text('medium');
+    priorities['LOW'] = mfhLang.text('low');
+
+
     if (dbObject.type === 'TICKET') {
         return {
             id: id,
@@ -315,8 +323,9 @@ function buildEvent(id, dbObject) {
             categoryName: dbObject.categoryName,
             className: 'category-' + dbObject.categoryId,
             owner: dbObject.owner,
-            priority: dbObject.priority,
-            fontIconMarkup: getIcon(dbObject)
+            priority: priorities[dbObject.priority],
+            fontIconMarkup: getIcon(dbObject),
+            status: dbObject.status
         };
     }
 

From 1a66485d48478f1b228d83920adef0ae107368ab Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 23 Jan 2018 22:14:25 -0500
Subject: [PATCH 38/74] Working on adding audit trail to events

---
 .../Calendar/CalendarHandler.php              | 35 +++++++++++++++++--
 .../Tickets/AuditTrailEntityType.php          |  1 +
 .../Calendar/CalendarController.php           |  3 +-
 api/DataAccess/Calendar/CalendarGateway.php   | 32 +++++++++++++++++
 language/en/text.php                          |  4 +++
 5 files changed, 71 insertions(+), 4 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index ad5a1775..2c4967d1 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -3,14 +3,20 @@
 namespace BusinessLogic\Calendar;
 
 
+use BusinessLogic\DateTimeHelpers;
 use BusinessLogic\Security\UserContext;
+use BusinessLogic\Tickets\AuditTrailEntityType;
+use DataAccess\AuditTrail\AuditTrailGateway;
 use DataAccess\Calendar\CalendarGateway;
 
 class CalendarHandler extends \BaseClass {
     private $calendarGateway;
+    private $auditTrailGateway;
 
-    public function __construct(CalendarGateway $calendarGateway) {
+    public function __construct(CalendarGateway $calendarGateway,
+                                AuditTrailGateway $auditTrailGateway) {
         $this->calendarGateway = $calendarGateway;
+        $this->auditTrailGateway = $auditTrailGateway;
     }
 
     public function getEventsForStaff($searchEventsFilter, $heskSettings) {
@@ -37,10 +43,25 @@ class CalendarHandler extends \BaseClass {
             throw new \Exception("Expected exactly 1 event, found: " . count($events));
         }
 
-        return $events[0];
+        $event = $events[0];
+
+        $this->auditTrailGateway->insertAuditTrailRecord($event->id,
+            AuditTrailEntityType::CALENDAR_EVENT,
+            'audit_event_updated',
+            DateTimeHelpers::heskDate($heskSettings),
+            array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
+
+        return $event;
     }
 
 
+    /**
+     * @param $calendarEvent CalendarEvent
+     * @param $userContext UserContext
+     * @param $heskSettings array
+     * @return AbstractEvent
+     * @throws \Exception
+     */
     public function createEvent($calendarEvent, $userContext, $heskSettings) {
         $this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
 
@@ -54,7 +75,15 @@ class CalendarHandler extends \BaseClass {
             throw new \Exception("Expected exactly 1 event, found: " . count($events));
         }
 
-        return $events[0];
+        $event = $events[0];
+
+        $this->auditTrailGateway->insertAuditTrailRecord($event->id,
+            AuditTrailEntityType::CALENDAR_EVENT,
+            'audit_event_created',
+            DateTimeHelpers::heskDate($heskSettings),
+            array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
+
+        return $event;
     }
 
     public function deleteEvent($id, $userContext, $heskSettings) {
diff --git a/api/BusinessLogic/Tickets/AuditTrailEntityType.php b/api/BusinessLogic/Tickets/AuditTrailEntityType.php
index feea16f6..dafcad42 100644
--- a/api/BusinessLogic/Tickets/AuditTrailEntityType.php
+++ b/api/BusinessLogic/Tickets/AuditTrailEntityType.php
@@ -5,4 +5,5 @@ namespace BusinessLogic\Tickets;
 
 class AuditTrailEntityType extends \BaseClass {
     const TICKET = 'TICKET';
+    const CALENDAR_EVENT = 'CALENDAR_EVENT';
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 4b7ab9cd..0440f54a 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -69,6 +69,7 @@ class CalendarController extends \BaseClass {
 
     function post() {
         /* @var $userContext UserContext */
+        /* @var $hesk_settings array */
         global $applicationContext, $hesk_settings, $userContext;
 
         $json = JsonRetriever::getJsonData();
@@ -78,7 +79,7 @@ class CalendarController extends \BaseClass {
         /* @var $calendarHandler CalendarHandler */
         $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
 
-        return output($calendarHandler->createEvent($event, $userContext, $hesk_settings));
+        return output($calendarHandler->createEvent($event, $userContext, $hesk_settings), 201);
     }
 
     function put($id) {
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 1693e23d..705651d0 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -10,6 +10,8 @@ use BusinessLogic\Calendar\SearchEventsFilter;
 use BusinessLogic\Calendar\TicketEvent;
 use BusinessLogic\Helpers;
 use BusinessLogic\Security\UserContext;
+use BusinessLogic\Tickets\AuditTrail;
+use BusinessLogic\Tickets\AuditTrailEntityType;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
 use DataAccess\Logging\LoggingGateway;
@@ -73,6 +75,36 @@ class CalendarGateway extends CommonDao {
             $event->reminderValue = $row['reminder_value'] === null ? null : floatval($row['reminder_value']);
             $event->reminderUnits = $row['reminder_unit'] === null ? null : ReminderUnit::getByValue($row['reminder_unit']);
 
+            $auditTrailSql = "SELECT `at`.`id` AS `id`, `at`.`entity_id`, `at`.`language_key`, `at`.`date`,
+                    `values`.`replacement_index`, `values`.`replacement_values` 
+                FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "audit_trail` AS `at`
+                INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "audit_trail_to_replacement_values` AS `values`
+                    ON `at`.`id` = `values`.`audit_trail_id`
+                WHERE `entity_id` = " . intval($event->id) . "
+                    AND `entity_type` = '" . AuditTrailEntityType::CALENDAR_EVENT . "'";
+            $auditTrailRs = hesk_dbFetchAssoc($auditTrailSql);
+            $auditTrailEntry = null;
+            while ($row = hesk_dbFetchAssoc($rs)) {
+                if ($auditTrailEntry == null || intval($auditTrailEntry['id']) !== intval($row['id'])) {
+                    if ($auditTrailEntry !== null) {
+                        //$audit_records[] = $auditTrailEntry;
+                    }
+
+                    $auditTrailEntry = new AuditTrail();
+                    $auditTrailEntry->id = $row['id'];
+                    $auditTrailEntry->entityId = $row['entity_id'];
+                    $auditTrailEntry->entityType = AuditTrailEntityType::CALENDAR_EVENT;
+                    $auditTrailEntry->languageKey = $row['language_key'];
+                    $auditTrailEntry->date = $row['date'];
+                    $auditTrailEntry->replacementValues = array();
+                }
+                $auditTrailEntry->replacementValues[intval($row['replacement_index'])] = $row['replacement_value'];
+            }
+
+            if ($auditTrailEntry !== null) {
+                //$event->auditTrail[] = $audiTrailEntry;
+            }
+
             $events[] = $event;
         }
 
diff --git a/language/en/text.php b/language/en/text.php
index e55cd0e4..6f5e9838 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2214,5 +2214,9 @@ $hesklang['audit_due_date_changed'] = '%s changed due date to %s';
 $hesklang['audit_linked_ticket'] = '%s linked ticket %s to this ticket';
 $hesklang['audit_unlinked_ticket'] = '%s unlinked ticket %s';
 
+// Added or modified in Mods for HESK 3.3.0
+$hesklang['audit_event_created'] = '%s created event';
+$hesklang['audit_event_updated'] = '%s updated event';
+
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From ad63bcac0298a35c182cb87e168ba7f7e6a963b5 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Wed, 24 Jan 2018 13:01:23 -0500
Subject: [PATCH 39/74] Fixed a couple issues with the audit trail changes

---
 api/BusinessLogic/Calendar/CalendarEvent.php |  5 +++++
 api/DataAccess/Calendar/CalendarGateway.php  | 17 +++++++++--------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/api/BusinessLogic/Calendar/CalendarEvent.php b/api/BusinessLogic/Calendar/CalendarEvent.php
index 91a45761..967ae3ea 100644
--- a/api/BusinessLogic/Calendar/CalendarEvent.php
+++ b/api/BusinessLogic/Calendar/CalendarEvent.php
@@ -3,6 +3,8 @@
 namespace BusinessLogic\Calendar;
 
 
+use BusinessLogic\Tickets\AuditTrail;
+
 class CalendarEvent extends AbstractEvent {
     public $type = 'CALENDAR';
 
@@ -18,4 +20,7 @@ class CalendarEvent extends AbstractEvent {
     public $reminderValue;
 
     public $reminderUnits;
+
+    /* @var $auditTrail AuditTrail[] */
+    public $auditTrail = array();
 }
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 705651d0..3561631c 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -76,23 +76,24 @@ class CalendarGateway extends CommonDao {
             $event->reminderUnits = $row['reminder_unit'] === null ? null : ReminderUnit::getByValue($row['reminder_unit']);
 
             $auditTrailSql = "SELECT `at`.`id` AS `id`, `at`.`entity_id`, `at`.`language_key`, `at`.`date`,
-                    `values`.`replacement_index`, `values`.`replacement_values` 
+                    `values`.`replacement_index`, `values`.`replacement_value` 
                 FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "audit_trail` AS `at`
                 INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "audit_trail_to_replacement_values` AS `values`
                     ON `at`.`id` = `values`.`audit_trail_id`
                 WHERE `entity_id` = " . intval($event->id) . "
                     AND `entity_type` = '" . AuditTrailEntityType::CALENDAR_EVENT . "'";
-            $auditTrailRs = hesk_dbFetchAssoc($auditTrailSql);
+            $auditTrailRs = hesk_dbQuery($auditTrailSql);
+            /* @var $auditTrailEntry AuditTrail */
             $auditTrailEntry = null;
-            while ($row = hesk_dbFetchAssoc($rs)) {
-                if ($auditTrailEntry == null || intval($auditTrailEntry['id']) !== intval($row['id'])) {
+            while ($row = hesk_dbFetchAssoc($auditTrailRs)) {
+                if ($auditTrailEntry == null || intval($auditTrailEntry->id) !== intval($row['id'])) {
                     if ($auditTrailEntry !== null) {
-                        //$audit_records[] = $auditTrailEntry;
+                        $event->auditTrail[] = $auditTrailEntry;
                     }
 
                     $auditTrailEntry = new AuditTrail();
-                    $auditTrailEntry->id = $row['id'];
-                    $auditTrailEntry->entityId = $row['entity_id'];
+                    $auditTrailEntry->id = intval($row['id']);
+                    $auditTrailEntry->entityId = intval($row['entity_id']);
                     $auditTrailEntry->entityType = AuditTrailEntityType::CALENDAR_EVENT;
                     $auditTrailEntry->languageKey = $row['language_key'];
                     $auditTrailEntry->date = $row['date'];
@@ -102,7 +103,7 @@ class CalendarGateway extends CommonDao {
             }
 
             if ($auditTrailEntry !== null) {
-                //$event->auditTrail[] = $audiTrailEntry;
+                $event->auditTrail[] = $auditTrailEntry;
             }
 
             $events[] = $event;

From 401e335e5f976045a2c82e97977d48aad79ae8fe Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 24 Jan 2018 22:00:10 -0500
Subject: [PATCH 40/74] Adding history to modal

---
 admin/calendar.php | 299 ++++++++++++++++++++++++---------------------
 1 file changed, 163 insertions(+), 136 deletions(-)

diff --git a/admin/calendar.php b/admin/calendar.php
index 4fc81a57..b9be4bab 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -334,147 +334,174 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
             </div>
             <form id="edit-form" class="form-horizontal" data-toggle="validator">
                 <div class="modal-body">
-                    <div class="row">
-                        <div class="col-md-12">
-                            <div class="form-group">
-                                <label for="name" class="col-sm-3 control-label">
-                                    <?php echo $hesklang['event_title']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
-                                <div class="col-sm-9">
-                                    <input type="text" name="name" class="form-control"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
-                                           data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
-                                           required>
-                                    <div class="help-block with-errors"></div>
-                                </div>
-                            </div>
-                            <div class="form-group">
-                                <label for="location" class="col-sm-3 control-label">
-                                    <?php echo $hesklang['event_location']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-9">
-                                    <input type="text" name="location" class="form-control"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
-                                    <div class="help-block with-errors"></div>
-                                </div>
-                            </div>
-                            <div class="form-group">
-                                <label for="category" class="col-sm-3 control-label">
-                                    <?php echo $hesklang['category']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-9">
-                                    <select name="category" class="form-control"
-                                            pattern="[0-9]+"
-                                            data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
-                                        <?php
-                                        if ($hesk_settings['select_cat']) {
-                                            echo '<option value="">'.$hesklang['select'].'</option>';
-                                        }
-                                        foreach ($categories as $category): ?>
-                                            <option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
-                                                    data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
-                                                    data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
-                                                <?php echo $category['name']; ?>
-                                            </option>
-                                        <?php endforeach; ?>
-                                    </select>
-                                    <div class="help-block with-errors"></div>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-md-6">
-                            <div class="form-group">
-                                <label for="start-date" class="col-sm-6 control-label">
-                                    <?php echo $hesklang['event_start']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-6">
-                                    <input type="text" name="start-date" class="form-control datepicker"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
-                                           data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
-                                           required>
-                                    <input type="text" name="start-time" class="form-control clockpicker"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
-                                           data-placement="left" data-align="top" data-autoclose="true">
-                                    <div class="help-block with-errors"></div>
-
-                                    <div class="checkbox">
-                                        <label>
-                                            <input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
+                    <ul class="nav nav-tabs" role="tablist">
+                        <li role="presentation" class="active"><a href="#edit-contents" aria-controls="home" role="tab" data-toggle="tab">Information [!]</a></li>
+                        <li role="presentation"><a href="#edit-history" aria-controls="profile" role="tab" data-toggle="tab">History [!]</a></li>
+                    </ul>
+                    <div class="tab-content">
+                        <div role="tabpanel" class="tab-pane active" id="edit-contents">
+                            <br>
+                            <div class="row">
+                                <div class="col-md-12">
+                                    <div class="form-group">
+                                        <label for="name" class="col-sm-3 control-label">
+                                            <?php echo $hesklang['event_title']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
+                                        <div class="col-sm-9">
+                                            <input type="text" name="name" class="form-control"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
+                                                   data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
+                                                   required>
+                                            <div class="help-block with-errors"></div>
+                                        </div>
+                                    </div>
+                                    <div class="form-group">
+                                        <label for="location" class="col-sm-3 control-label">
+                                            <?php echo $hesklang['event_location']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
                                         </label>
+                                        <div class="col-sm-9">
+                                            <input type="text" name="location" class="form-control"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
+                                            <div class="help-block with-errors"></div>
+                                        </div>
+                                    </div>
+                                    <div class="form-group">
+                                        <label for="category" class="col-sm-3 control-label">
+                                            <?php echo $hesklang['category']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
+                                        </label>
+                                        <div class="col-sm-9">
+                                            <select name="category" class="form-control"
+                                                    pattern="[0-9]+"
+                                                    data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
+                                                <?php
+                                                if ($hesk_settings['select_cat']) {
+                                                    echo '<option value="">'.$hesklang['select'].'</option>';
+                                                }
+                                                foreach ($categories as $category): ?>
+                                                    <option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
+                                                            data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
+                                                            data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
+                                                        <?php echo $category['name']; ?>
+                                                    </option>
+                                                <?php endforeach; ?>
+                                            </select>
+                                            <div class="help-block with-errors"></div>
+                                        </div>
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="row">
+                                <div class="col-md-6">
+                                    <div class="form-group">
+                                        <label for="start-date" class="col-sm-6 control-label">
+                                            <?php echo $hesklang['event_start']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
+                                        </label>
+                                        <div class="col-sm-6">
+                                            <input type="text" name="start-date" class="form-control datepicker"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
+                                                   data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
+                                                   required>
+                                            <input type="text" name="start-time" class="form-control clockpicker"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
+                                                   data-placement="left" data-align="top" data-autoclose="true">
+                                            <div class="help-block with-errors"></div>
+
+                                            <div class="checkbox">
+                                                <label>
+                                                    <input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
+                                                </label>
+                                            </div>
+                                        </div>
+                                    </div>
+                                </div>
+                                <div class="col-md-6">
+                                    <div class="form-group">
+                                        <label for="end-date" class="col-sm-6 control-label">
+                                            <?php echo $hesklang['event_end']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
+                                        </label>
+                                        <div class="col-sm-6">
+                                            <input type="text" name="end-date" class="form-control datepicker"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
+                                                   data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
+                                                   required>
+                                            <input type="text" name="end-time" class="form-control clockpicker"
+                                                   data-placement="left" data-align="top" data-autoclose="true"
+                                                   placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
+                                            <div class="help-block with-errors"></div>
+                                        </div>
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="row">
+                                <div class="col-md-12">
+                                    <div class="form-group">
+                                        <label for="reminder" class="col-sm-3 control-label">
+                                            <?php echo $hesklang['event_reminder']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
+                                        </label>
+                                        <div class="col-sm-2">
+                                            <input type="text" name="reminder-value" class="form-control" placeholder="#">
+                                        </div>
+                                        <div class="col-sm-4">
+                                            <select name="reminder-unit" class="form-control">
+                                                <option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
+                                                <option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
+                                                <option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
+                                                <option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
+                                            </select>
+                                        </div>
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="row">
+                                <div class="col-md-12">
+                                    <div class="form-group">
+                                        <label for="comments" class="col-sm-3 control-label">
+                                            <?php echo $hesklang['event_comments']; ?>
+                                            <i class="fa fa-question-circle settingsquestionmark"
+                                               data-toggle="tooltip"
+                                               title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
+                                        </label>
+                                        <div class="col-sm-9">
+                                            <textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
+                                        </div>
                                     </div>
                                 </div>
                             </div>
                         </div>
-                        <div class="col-md-6">
-                            <div class="form-group">
-                                <label for="end-date" class="col-sm-6 control-label">
-                                    <?php echo $hesklang['event_end']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-6">
-                                    <input type="text" name="end-date" class="form-control datepicker"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
-                                           data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
-                                           required>
-                                    <input type="text" name="end-time" class="form-control clockpicker"
-                                           data-placement="left" data-align="top" data-autoclose="true"
-                                           placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
-                                    <div class="help-block with-errors"></div>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-md-12">
-                            <div class="form-group">
-                                <label for="reminder" class="col-sm-3 control-label">
-                                    <?php echo $hesklang['event_reminder']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-2">
-                                    <input type="text" name="reminder-value" class="form-control" placeholder="#">
-                                </div>
-                                <div class="col-sm-4">
-                                    <select name="reminder-unit" class="form-control">
-                                        <option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
-                                        <option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
-                                        <option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
-                                        <option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
-                                    </select>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-md-12">
-                            <div class="form-group">
-                                <label for="comments" class="col-sm-3 control-label">
-                                    <?php echo $hesklang['event_comments']; ?>
-                                    <i class="fa fa-question-circle settingsquestionmark"
-                                       data-toggle="tooltip"
-                                       title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
-                                </label>
-                                <div class="col-sm-9">
-                                    <textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
-                                </div>
-                            </div>
+                        <div role="tabpanel" class="tab-pane" id="edit-history">
+                            <br>
+                            <table class="table table-striped">
+                                <thead>
+                                <tr>
+                                    <th>Date[!]</th>
+                                    <th>Description[!]</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                <tr>
+                                    <td>2018-01-24</td>
+                                    <td>Description</td>
+                                </tr>
+                                </tbody>
+                            </table>
+                            <p>Fill this in</p>
                         </div>
                     </div>
                 </div>

From 624267fe45483d01466f107a0de993cd35756ca0 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 25 Jan 2018 22:07:28 -0500
Subject: [PATCH 41/74] Audit trail now displays for users who can manage
 calendar

---
 admin/calendar.php                            | 30 +++++++++--------
 .../Calendar/CalendarHandler.php              | 12 +++----
 api/DataAccess/Calendar/CalendarGateway.php   |  1 -
 inc/headerAdmin.inc.php                       |  1 +
 js/calendar/mods-for-hesk-calendar.js         | 32 ++++++++++++++++---
 js/sprintf.min.js                             |  3 ++
 6 files changed, 53 insertions(+), 26 deletions(-)
 create mode 100644 js/sprintf.min.js

diff --git a/admin/calendar.php b/admin/calendar.php
index b9be4bab..e8dc6aa9 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -334,11 +334,11 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
             </div>
             <form id="edit-form" class="form-horizontal" data-toggle="validator">
                 <div class="modal-body">
-                    <ul class="nav nav-tabs" role="tablist">
-                        <li role="presentation" class="active"><a href="#edit-contents" aria-controls="home" role="tab" data-toggle="tab">Information [!]</a></li>
-                        <li role="presentation"><a href="#edit-history" aria-controls="profile" role="tab" data-toggle="tab">History [!]</a></li>
+                    <ul class="nav nav-tabs" role="tablist" id="edit-modal-tabs">
+                        <li role="presentation" class="active"><a href="#edit-contents" aria-controls="home" role="tab" data-toggle="tab"><?php echo $hesklang['information']; ?></a></li>
+                        <li role="presentation"><a href="#edit-history" aria-controls="profile" role="tab" data-toggle="tab"><?php echo $hesklang['thist']; ?></a></li>
                     </ul>
-                    <div class="tab-content">
+                    <div class="tab-content" id="information-tab">
                         <div role="tabpanel" class="tab-pane active" id="edit-contents">
                             <br>
                             <div class="row">
@@ -490,18 +490,12 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                             <table class="table table-striped">
                                 <thead>
                                 <tr>
-                                    <th>Date[!]</th>
-                                    <th>Description[!]</th>
+                                    <th><?php echo $hesklang['date']; ?></th>
+                                    <th><?php echo $hesklang['description']; ?></th>
                                 </tr>
                                 </thead>
-                                <tbody>
-                                <tr>
-                                    <td>2018-01-24</td>
-                                    <td>Description</td>
-                                </tr>
-                                </tbody>
+                                <tbody id="history-table"></tbody>
                             </table>
-                            <p>Fill this in</p>
                         </div>
                     </div>
                 </div>
@@ -595,7 +589,9 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
     'critical',
     'high',
     'medium',
-    'low'));
+    'low',
+    'audit_event_created',
+    'audit_event_updated'));
 ?>
 <div style="display: none">
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
@@ -610,6 +606,12 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
         ?>
     </p>
 </div>
+<script type="text/html" id="audit-trail-template">
+<tr>
+    <td data-property="date"></td>
+    <td data-property="description"></td>
+</tr>
+</script>
 <?php
 
 require_once(HESK_PATH . 'inc/footer.inc.php');
diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index 2c4967d1..9bd7e0a2 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -33,6 +33,12 @@ class CalendarHandler extends \BaseClass {
     public function updateEvent($calendarEvent, $userContext, $heskSettings) {
         $this->calendarGateway->updateEvent($calendarEvent, $userContext, $heskSettings);
 
+        $this->auditTrailGateway->insertAuditTrailRecord($calendarEvent->id,
+            AuditTrailEntityType::CALENDAR_EVENT,
+            'audit_event_updated',
+            DateTimeHelpers::heskDate($heskSettings),
+            array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
+
         $eventFilter = new SearchEventsFilter();
         $eventFilter->eventId = $calendarEvent->id;
         $eventFilter->reminderUserId = $userContext->id;
@@ -45,12 +51,6 @@ class CalendarHandler extends \BaseClass {
 
         $event = $events[0];
 
-        $this->auditTrailGateway->insertAuditTrailRecord($event->id,
-            AuditTrailEntityType::CALENDAR_EVENT,
-            'audit_event_updated',
-            DateTimeHelpers::heskDate($heskSettings),
-            array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
-
         return $event;
     }
 
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 3561631c..39c73c44 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -14,7 +14,6 @@ use BusinessLogic\Tickets\AuditTrail;
 use BusinessLogic\Tickets\AuditTrailEntityType;
 use Core\Constants\Priority;
 use DataAccess\CommonDao;
-use DataAccess\Logging\LoggingGateway;
 
 class CalendarGateway extends CommonDao {
     /**
diff --git a/inc/headerAdmin.inc.php b/inc/headerAdmin.inc.php
index 3f7df57d..37976b7b 100644
--- a/inc/headerAdmin.inc.php
+++ b/inc/headerAdmin.inc.php
@@ -78,6 +78,7 @@ header('X-UA-Compatible: IE=edge');
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>internal-api/js/lang.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/clipboard.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/bootstrap-select.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
+    <script type="text/javascript" src="<?php echo HESK_PATH; ?>js/sprintf.min.js?v=<?php echo MODS_FOR_HESK_BUILD; ?>"></script>
     <?php
     if (defined('EXTRA_JS')) {
         echo EXTRA_JS;
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 7551e2d7..4cf6ebe9 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -262,7 +262,7 @@ $(document).ready(function() {
             displayBorder: $form.find('select[name="category"] :selected').attr('data-display-border'),
             categoryName: $form.find('select[name="category"] :selected').text().trim(),
             reminderValue: reminderValue === "" ? null : reminderValue,
-            reminderUnits: reminderValue === "" ? null : reminderUnits
+            reminderUnits: reminderValue === "" ? null : reminderUnits,
         };
 
         $.ajax({
@@ -274,7 +274,8 @@ $(document).ready(function() {
                 'X-Internal-Call': true,
                 'X-HTTP-Method-Override': 'PUT'
             },
-            success: function() {
+            success: function(updatedEvent) {
+                data.auditTrail = updatedEvent.auditTrail;
                 removeFromCalendar(data.id);
                 addToCalendar(data.id, data, $('#lang_event_updated').text());
                 $('#edit-event-modal').modal('hide');
@@ -352,7 +353,8 @@ function buildEvent(id, dbObject) {
         borderColor: parseInt(dbObject.displayBorder) === 1 ? dbObject.foregroundColor : dbObject.backgroundColor,
         reminderValue: dbObject.reminderValue == null ? '' : dbObject.reminderValue,
         reminderUnits: dbObject.reminderUnits,
-        fontIconMarkup: '<i class="fa fa-calendar"></i>'
+        fontIconMarkup: '<i class="fa fa-calendar"></i>',
+        auditTrail: dbObject.auditTrail
     };
 }
 
@@ -472,6 +474,24 @@ function displayEditModal(date) {
 
     $form.find('select[name="category"] option[value="' + date.categoryId + '"]').prop('selected', true);
 
+    var $auditTrail = $('#edit-history');
+    if (date.auditTrail.length === 0) {
+        $('.nav-tabs[role="tablist"]').hide();
+    } else {
+        $('.nav-tabs[role="tablist"]').show();
+
+        var $historyTable = $('#history-table');
+        $historyTable.html('');
+        $.each(date.auditTrail, function() {
+            var $template = $($('#audit-trail-template').html());
+            $template.find('[data-property="date"]').text(this.date).end()
+                .find('[data-property="description"]').text(vsprintf(mfhLang.text(this.languageKey), this.replacementValues));
+
+            $historyTable.append($template);
+        });
+    }
+    $('#edit-modal-tabs').find('a:first').tab('show');
+
     $('#edit-event-modal').modal('show');
 }
 
@@ -536,6 +556,7 @@ function respondToDragAndDrop(event, delta, revertFunc) {
             end += ' ' + event.end.format('HH:mm:ss');
         }
         var data = {
+            id: event.id,
             title: event.title,
             location: event.location,
             startTime: start,
@@ -557,8 +578,9 @@ function respondToDragAndDrop(event, delta, revertFunc) {
                 'X-Internal-Call': true,
                 'X-HTTP-Method-Override': 'PUT'
             },
-            success: function() {
-                mfhAlert.success(mfhLang.text('event_updated'));
+            success: function(updatedEvent) {
+                removeFromCalendar(updatedEvent.id);
+                addToCalendar(updatedEvent.id, updatedEvent, $('#lang_event_updated').text());
             },
             error: function() {
                 mfhAlert.error(mfhLang.text('error_updating_event'));
diff --git a/js/sprintf.min.js b/js/sprintf.min.js
new file mode 100644
index 00000000..11ea3642
--- /dev/null
+++ b/js/sprintf.min.js
@@ -0,0 +1,3 @@
+/*! sprintf-js v1.1.0 | Copyright (c) 2007-present, Alexandru Marasteanu <hello@alexei.ro> | BSD-3-Clause */
+!function(e){"use strict";function t(){var e=arguments[0],r=t.cache;return r[e]||(r[e]=t.parse(e)),t.format.call(null,r[e],arguments)}function r(e){return"number"==typeof e?"number":"string"==typeof e?"string":Object.prototype.toString.call(e).slice(8,-1).toLowerCase()}function n(e,t){return t>=0&&t<=7&&i[e]?i[e][t]:Array(t+1).join(e)}var s={not_string:/[^s]/,not_bool:/[^t]/,not_type:/[^T]/,not_primitive:/[^v]/,number:/[diefg]/,numeric_arg:/[bcdiefguxX]/,json:/[j]/,not_json:/[^j]/,text:/^[^\x25]+/,modulo:/^\x25{2}/,placeholder:/^\x25(?:([1-9]\d*)\$|\(([^\)]+)\))?(\+)?(0|'[^$])?(-)?(\d+)?(?:\.(\d+))?([b-gijostTuvxX])/,key:/^([a-z_][a-z_\d]*)/i,key_access:/^\.([a-z_][a-z_\d]*)/i,index_access:/^\[(\d+)\]/,sign:/^[\+\-]/};t.format=function(e,a){var i,o,l,c,p,f,u,g=1,_=e.length,d="",b=[],h=!0,x="";for(o=0;o<_;o++)if("string"===(d=r(e[o])))b[b.length]=e[o];else if("array"===d){if(c=e[o],c[2])for(i=a[g],l=0;l<c[2].length;l++){if(!i.hasOwnProperty(c[2][l]))throw new Error(t('[sprintf] property "%s" does not exist',c[2][l]));i=i[c[2][l]]}else i=c[1]?a[c[1]]:a[g++];if(s.not_type.test(c[8])&&s.not_primitive.test(c[8])&&"function"==r(i)&&(i=i()),s.numeric_arg.test(c[8])&&"number"!=r(i)&&isNaN(i))throw new TypeError(t("[sprintf] expecting number but found %s",r(i)));switch(s.number.test(c[8])&&(h=i>=0),c[8]){case"b":i=parseInt(i,10).toString(2);break;case"c":i=String.fromCharCode(parseInt(i,10));break;case"d":case"i":i=parseInt(i,10);break;case"j":i=JSON.stringify(i,null,c[6]?parseInt(c[6]):0);break;case"e":i=c[7]?parseFloat(i).toExponential(c[7]):parseFloat(i).toExponential();break;case"f":i=c[7]?parseFloat(i).toFixed(c[7]):parseFloat(i);break;case"g":i=c[7]?parseFloat(i).toPrecision(c[7]):parseFloat(i);break;case"o":i=i.toString(8);break;case"s":i=String(i),i=c[7]?i.substring(0,c[7]):i;break;case"t":i=String(!!i),i=c[7]?i.substring(0,c[7]):i;break;case"T":i=r(i),i=c[7]?i.substring(0,c[7]):i;break;case"u":i=parseInt(i,10)>>>0;break;case"v":i=i.valueOf(),i=c[7]?i.substring(0,c[7]):i;break;case"x":i=parseInt(i,10).toString(16);break;case"X":i=parseInt(i,10).toString(16).toUpperCase()}s.json.test(c[8])?b[b.length]=i:(!s.number.test(c[8])||h&&!c[3]?x="":(x=h?"+":"-",i=i.toString().replace(s.sign,"")),f=c[4]?"0"===c[4]?"0":c[4].charAt(1):" ",u=c[6]-(x+i).length,p=c[6]&&u>0?n(f,u):"",b[b.length]=c[5]?x+i+p:"0"===f?x+p+i:p+x+i)}return b.join("")},t.cache=Object.create(null),t.parse=function(e){for(var t=e,r=[],n=[],a=0;t;){if(null!==(r=s.text.exec(t)))n[n.length]=r[0];else if(null!==(r=s.modulo.exec(t)))n[n.length]="%";else{if(null===(r=s.placeholder.exec(t)))throw new SyntaxError("[sprintf] unexpected placeholder");if(r[2]){a|=1;var i=[],o=r[2],l=[];if(null===(l=s.key.exec(o)))throw new SyntaxError("[sprintf] failed to parse named argument key");for(i[i.length]=l[1];""!==(o=o.substring(l[0].length));)if(null!==(l=s.key_access.exec(o)))i[i.length]=l[1];else{if(null===(l=s.index_access.exec(o)))throw new SyntaxError("[sprintf] failed to parse named argument key");i[i.length]=l[1]}r[2]=i}else a|=2;if(3===a)throw new Error("[sprintf] mixing positional and named placeholders is not (yet) supported");n[n.length]=r}t=t.substring(r[0].length)}return n};var a=function(e,r,n){return n=(r||[]).slice(0),n.splice(0,0,e),t.apply(null,n)},i={0:["","0","00","000","0000","00000","000000","0000000"]," ":[""," ","  ","   ","    ","     ","      ","       "],_:["","_","__","___","____","_____","______","_______"]};"undefined"!=typeof exports&&(exports.sprintf=t,exports.vsprintf=a),void 0!==e&&(e.sprintf=t,e.vsprintf=a,"function"==typeof define&&define.amd&&define(function(){return{sprintf:t,vsprintf:a}}))}("undefined"==typeof window?this:window);
+//# sourceMappingURL=sprintf.min.js.map

From 7c884582a24a879d70dc2a587e2894e1742eda3b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 28 Jan 2018 22:05:09 -0500
Subject: [PATCH 42/74] Working on adding business hours to the calendar

---
 admin/admin_settings.php                      | 81 +++++++++++++++++++
 install/database-validation.php               |  2 +
 .../AddBusinessHoursTable.php                 | 16 ++++
 3 files changed, 99 insertions(+)
 create mode 100644 install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php

diff --git a/admin/admin_settings.php b/admin/admin_settings.php
index 8f9a5115..af7c7493 100644
--- a/admin/admin_settings.php
+++ b/admin/admin_settings.php
@@ -2220,6 +2220,87 @@ $modsForHesk_settings = mfh_getSettings();
                         </select>
                     </div>
                 </div>
+                <div class="form-group">
+                    <label for="business-hours" class="col-sm-4 col-xs-12 control-label">
+                        Business Hours
+                        <?php /*echo $hesklang['business_hours']; */?>
+                        <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
+                           title="<?php echo $hesklang['business_hours']; ?>"
+                           data-content="<?php echo $hesklang['business_hours_help']; ?>"></i>
+                    </label>
+                    <div class="col-sm-8 col-xs-12">
+                        <div class="table-reponsive">
+                            <table class="table table-striped">
+                                <thead>
+                                <tr>
+                                    <th>&nbsp;</th>
+                                    <th>Sunday</th>
+                                    <th>Monday</th>
+                                    <th>Tuesday</th>
+                                    <th>Wednesday</th>
+                                    <th>Thursday</th>
+                                    <th>Friday</th>
+                                    <th>Saturday</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                <tr>
+                                    <td>
+                                        From
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td>
+                                        To
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                    <td>
+                                        <input type="text">
+                                    </td>
+                                </tr>
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
+                </div>
             </div>
         </div>
 
diff --git a/install/database-validation.php b/install/database-validation.php
index 4b2b14ef..cce19ef6 100644
--- a/install/database-validation.php
+++ b/install/database-validation.php
@@ -206,6 +206,8 @@ hesk_dbConnect();
             $all_good &= run_column_check('categories', 'mfh_description');
             $all_good &= run_column_check('custom_fields', 'mfh_description');
             $all_good &= run_setting_check('migrationNumber');
+            output_header_row('3.3.0');
+            $all_good &= run_table_check('mfh_calendar_business_hours');
 
             if ($all_good) {
                 echo "<script>$('#all-good').show()</script>";
diff --git a/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php b/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php
new file mode 100644
index 00000000..90f881c5
--- /dev/null
+++ b/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace v330\CalendarImprovements;
+
+class AddBusinessHoursTable extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("CREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
+            (`day_of_week` INT NOT NULL, `all_day` INT NOT NULL, 
+               `start_time` VARCHAR(5) NOT NULL, `end_time` VARCHAR(5) NOT NULL)");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
+    }
+}
\ No newline at end of file

From 09b371036a6ea8a6a7b3ea5e0239698be2461298 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 29 Jan 2018 22:12:00 -0500
Subject: [PATCH 43/74] Business hours can be added to the calendar

---
 admin/admin_settings.php                      | 157 +++++++++---------
 admin/admin_settings_save.php                 |  30 ++++
 admin/calendar.php                            |   7 +
 calendar.php                                  |   9 +-
 .../mods-for-hesk-calendar-admin-readonly.js  |  37 +++++
 .../mods-for-hesk-calendar-readonly.js        |  37 +++++
 js/calendar/mods-for-hesk-calendar.js         |  37 +++++
 language/en/text.php                          |   3 +
 8 files changed, 239 insertions(+), 78 deletions(-)

diff --git a/admin/admin_settings.php b/admin/admin_settings.php
index af7c7493..1f055ddc 100644
--- a/admin/admin_settings.php
+++ b/admin/admin_settings.php
@@ -2220,85 +2220,88 @@ $modsForHesk_settings = mfh_getSettings();
                         </select>
                     </div>
                 </div>
-                <div class="form-group">
-                    <label for="business-hours" class="col-sm-4 col-xs-12 control-label">
-                        Business Hours
-                        <?php /*echo $hesklang['business_hours']; */?>
-                        <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
+                <h4 class="bold">
+                    <?php echo $hesklang['business_hours']; ?>
+                    <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
                            title="<?php echo $hesklang['business_hours']; ?>"
-                           data-content="<?php echo $hesklang['business_hours_help']; ?>"></i>
+                       data-content="<?php echo $hesklang['business_hours_help']; ?>"></i>
+                </h4>
+                <?php
+                $rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
+                $business_hours = array();
+                while ($row = hesk_dbFetchAssoc($rs)) {
+                    $business_hours[intval($row['day_of_week'])]['start'] = $row['start_time'];
+                    $business_hours[intval($row['day_of_week'])]['end'] = $row['end_time'];
+                }
+                ?>
+                <div class="form-group">
+                    <label for="business-hours-sunday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d0']; ?>
                     </label>
-                    <div class="col-sm-8 col-xs-12">
-                        <div class="table-reponsive">
-                            <table class="table table-striped">
-                                <thead>
-                                <tr>
-                                    <th>&nbsp;</th>
-                                    <th>Sunday</th>
-                                    <th>Monday</th>
-                                    <th>Tuesday</th>
-                                    <th>Wednesday</th>
-                                    <th>Thursday</th>
-                                    <th>Friday</th>
-                                    <th>Saturday</th>
-                                </tr>
-                                </thead>
-                                <tbody>
-                                <tr>
-                                    <td>
-                                        From
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                </tr>
-                                <tr>
-                                    <td>
-                                        To
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                    <td>
-                                        <input type="text">
-                                    </td>
-                                </tr>
-                                </tbody>
-                            </table>
-                        </div>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[0]" value="<?php echo $business_hours[0]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[1]" value="<?php echo $business_hours[0]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-monday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d1']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[0]" value="<?php echo $business_hours[1]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[1]" value="<?php echo $business_hours[1]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-tuesday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d2']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[0]" value="<?php echo $business_hours[2]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[1]" value="<?php echo $business_hours[2]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-wednesday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d3']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[0]" value="<?php echo $business_hours[3]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[1]" value="<?php echo $business_hours[3]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-thursday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d4']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[0]" value="<?php echo $business_hours[4]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[1]" value="<?php echo $business_hours[4]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-friday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d5']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[0]" value="<?php echo $business_hours[5]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[1]" value="<?php echo $business_hours[5]['end']; ?>">
+                    </div>
+                </div>
+                <div class="form-group">
+                    <label for="business-hours-saturday" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['d6']; ?>
+                    </label>
+                    <div class="col-sm-8 col-xs-12 form-inline">
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[0]" value="<?php echo $business_hours[6]['start']; ?>">
+                        <?php echo $hesklang['to']; ?>
+                        <input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[1]" value="<?php echo $business_hours[6]['end']; ?>">
                     </div>
                 </div>
             </div>
diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php
index ee1d8181..5592c9cc 100644
--- a/admin/admin_settings_save.php
+++ b/admin/admin_settings_save.php
@@ -514,6 +514,13 @@ $set['admin_sidebar_text_hover'] = hesk_input(hesk_POST('admin-sidebar-text-hove
 
 $set['login_background_type'] = hesk_input(hesk_POST('login-background'));
 $set['login_box_header'] = hesk_input(hesk_POST('login-box-header'));
+$set['business_hours_sunday'] = hesk_POST_array('business-hours-sunday');
+$set['business_hours_monday'] = hesk_POST_array('business-hours-monday');
+$set['business_hours_tuesday'] = hesk_POST_array('business-hours-tuesday');
+$set['business_hours_wednesday'] = hesk_POST_array('business-hours-wednesday');
+$set['business_hours_thursday'] = hesk_POST_array('business-hours-thursday');
+$set['business_hours_friday'] = hesk_POST_array('business-hours-friday');
+$set['business_hours_saturday'] = hesk_POST_array('business-hours-saturday');
 
 $changedBackground = false;
 $loadedAttachmentFuncs = false;
@@ -667,6 +674,29 @@ if ($changedLoginImage) {
     mfh_updateSetting('login_box_header_image', $set['login_box_header_image'], true);
 }
 
+// Update business hours
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_sunday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_sunday'][1]) . "' WHERE `day_of_week` = " . intval(0));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_monday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_monday'][1]) . "' WHERE `day_of_week` = " . intval(1));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][1]) . "' WHERE `day_of_week` = " . intval(2));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][1]) . "' WHERE `day_of_week` = " . intval(3));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_thursday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_thursday'][1]) . "' WHERE `day_of_week` = " . intval(4));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_friday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_friday'][1]) . "' WHERE `day_of_week` = " . intval(5));
+hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` 
+    SET `start_time` = '" . hesk_dbEscape($set['business_hours_saturday'][0]) . "', 
+        `end_time` = '" . hesk_dbEscape($set['business_hours_saturday'][1]) . "' WHERE `day_of_week` = " . intval(6));
+
 // Prepare settings file and save it
 $settings_file_content = '<?php
 // Settings file for HESK ' . $set['hesk_version'] . '
diff --git a/admin/calendar.php b/admin/calendar.php
index e8dc6aa9..451495cd 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -605,6 +605,13 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
         echo $view_array[$_SESSION['default_calendar_view']];
         ?>
     </p>
+    <?php
+    $businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
+    while ($row = hesk_dbFetchAssoc($businessHoursRs)):
+    ?>
+        <p id="business_hours_<?php echo $row['day_of_week']; ?>_start"><?php echo $row['start_time']; ?></p>
+        <p id="business_hours_<?php echo $row['day_of_week']; ?>_end"><?php echo $row['end_time']; ?></p>
+    <?php endwhile; ?>
 </div>
 <script type="text/html" id="audit-trail-template">
 <tr>
diff --git a/calendar.php b/calendar.php
index 2dcde8d3..2980fde3 100644
--- a/calendar.php
+++ b/calendar.php
@@ -119,4 +119,11 @@ echo mfh_get_hidden_fields_for_language(array(
 <div style="display: none">
     <p id="setting_default_view"><?php echo $modsForHesk_settings['default_calendar_view']; ?></p>
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
-</div>
\ No newline at end of file
+</div>
+<?php
+$businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
+while ($row = hesk_dbFetchAssoc($businessHoursRs)):
+    ?>
+    <p id="business_hours_<?php echo $row['day_of_week']; ?>_start"><?php echo $row['start_time']; ?></p>
+    <p id="business_hours_<?php echo $row['day_of_week']; ?>_end"><?php echo $row['end_time']; ?></p>
+<?php endwhile; ?>
\ No newline at end of file
diff --git a/js/calendar/mods-for-hesk-calendar-admin-readonly.js b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
index 51f2b763..7acce334 100644
--- a/js/calendar/mods-for-hesk-calendar-admin-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
@@ -12,6 +12,43 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        businessHours: [
+            {
+                dow: [0],
+                start: $('#business_hours_0_start').text(),
+                end: $('#business_hours_0_end').text()
+            },
+            {
+                dow: [1],
+                start: $('#business_hours_1_start').text(),
+                end: $('#business_hours_1_end').text()
+            },
+            {
+                dow: [2],
+                start: $('#business_hours_2_start').text(),
+                end: $('#business_hours_2_end').text()
+            },
+            {
+                dow: [3],
+                start: $('#business_hours_3_start').text(),
+                end: $('#business_hours_3_end').text()
+            },
+            {
+                dow: [4],
+                start: $('#business_hours_4_start').text(),
+                end: $('#business_hours_4_end').text()
+            },
+            {
+                dow: [5],
+                start: $('#business_hours_5_start').text(),
+                end: $('#business_hours_5_end').text()
+            },
+            {
+                dow: [6],
+                start: $('#business_hours_6_start').text(),
+                end: $('#business_hours_6_end').text()
+            }
+        ],
         firstDay: $('#setting_first_day_of_week').text(),
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
diff --git a/js/calendar/mods-for-hesk-calendar-readonly.js b/js/calendar/mods-for-hesk-calendar-readonly.js
index a282c155..dca8b66f 100644
--- a/js/calendar/mods-for-hesk-calendar-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-readonly.js
@@ -12,6 +12,43 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        businessHours: [
+            {
+                dow: [0],
+                start: $('#business_hours_0_start').text(),
+                end: $('#business_hours_0_end').text()
+            },
+            {
+                dow: [1],
+                start: $('#business_hours_1_start').text(),
+                end: $('#business_hours_1_end').text()
+            },
+            {
+                dow: [2],
+                start: $('#business_hours_2_start').text(),
+                end: $('#business_hours_2_end').text()
+            },
+            {
+                dow: [3],
+                start: $('#business_hours_3_start').text(),
+                end: $('#business_hours_3_end').text()
+            },
+            {
+                dow: [4],
+                start: $('#business_hours_4_start').text(),
+                end: $('#business_hours_4_end').text()
+            },
+            {
+                dow: [5],
+                start: $('#business_hours_5_start').text(),
+                end: $('#business_hours_5_end').text()
+            },
+            {
+                dow: [6],
+                start: $('#business_hours_6_start').text(),
+                end: $('#business_hours_6_end').text()
+            }
+        ],
         firstDay: $('#setting_first_day_of_week').text(),
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 4cf6ebe9..621102b1 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -12,6 +12,43 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        businessHours: [
+            {
+                dow: [0],
+                start: $('#business_hours_0_start').text(),
+                end: $('#business_hours_0_end').text()
+            },
+            {
+                dow: [1],
+                start: $('#business_hours_1_start').text(),
+                end: $('#business_hours_1_end').text()
+            },
+            {
+                dow: [2],
+                start: $('#business_hours_2_start').text(),
+                end: $('#business_hours_2_end').text()
+            },
+            {
+                dow: [3],
+                start: $('#business_hours_3_start').text(),
+                end: $('#business_hours_3_end').text()
+            },
+            {
+                dow: [4],
+                start: $('#business_hours_4_start').text(),
+                end: $('#business_hours_4_end').text()
+            },
+            {
+                dow: [5],
+                start: $('#business_hours_5_start').text(),
+                end: $('#business_hours_5_end').text()
+            },
+            {
+                dow: [6],
+                start: $('#business_hours_6_start').text(),
+                end: $('#business_hours_6_end').text()
+            }
+        ],
         firstDay: $('#setting_first_day_of_week').text(),
         defaultView: $('#setting_default_view').text().trim(),
         events: function(start, end, timezone, callback) {
diff --git a/language/en/text.php b/language/en/text.php
index 51c2470a..19ac1eb5 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2230,6 +2230,9 @@ $hesklang['sm_view_kb_article'] = 'View Knowledgebase Article';
 $hesklang['sm_submit_ticket'] = 'Submit Ticket';
 $hesklang['sm_view_ticket'] = 'View Ticket';
 $hesklang['sm_login_page'] = 'Login Page';
+$hesklang['business_hours'] = 'Business Hours';
+$hesklang['business_hours_help'] = 'Set business hours for the calendar. There is no functional change by setting this, 
+but times outside of the defined business hours will have a darker gray background for increased visibility.';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From df780f4546e99fd8ba804c2ecc2bccf9454ba4b2 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 30 Jan 2018 21:24:33 -0500
Subject: [PATCH 44/74] Add business-hours API endpoint

---
 api/BusinessLogic/Calendar/BusinessHours.php  | 15 ++++++++++++++
 .../Calendar/CalendarHandler.php              |  4 ++++
 .../Calendar/CalendarController.php           |  8 ++++++++
 api/DataAccess/Calendar/CalendarGateway.php   | 20 +++++++++++++++++++
 api/index.php                                 |  1 +
 5 files changed, 48 insertions(+)
 create mode 100644 api/BusinessLogic/Calendar/BusinessHours.php

diff --git a/api/BusinessLogic/Calendar/BusinessHours.php b/api/BusinessLogic/Calendar/BusinessHours.php
new file mode 100644
index 00000000..27c41a41
--- /dev/null
+++ b/api/BusinessLogic/Calendar/BusinessHours.php
@@ -0,0 +1,15 @@
+<?php
+
+namespace BusinessLogic\Calendar;
+
+
+class BusinessHours {
+    /* @var $dayOfWeek int */
+    public $dayOfWeek;
+
+    /* @var $startTime string */
+    public $startTime;
+
+    /* @var $endTime string */
+    public $endTime;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Calendar/CalendarHandler.php b/api/BusinessLogic/Calendar/CalendarHandler.php
index 9bd7e0a2..6e6b3ae4 100644
--- a/api/BusinessLogic/Calendar/CalendarHandler.php
+++ b/api/BusinessLogic/Calendar/CalendarHandler.php
@@ -89,4 +89,8 @@ class CalendarHandler extends \BaseClass {
     public function deleteEvent($id, $userContext, $heskSettings) {
         $this->calendarGateway->deleteEvent($id, $userContext, $heskSettings);
     }
+
+    public function getBusinessHours($heskSettings) {
+        return $this->calendarGateway->getBusinessHours($heskSettings);
+    }
 }
\ No newline at end of file
diff --git a/api/Controllers/Calendar/CalendarController.php b/api/Controllers/Calendar/CalendarController.php
index 0440f54a..df9a1cc3 100644
--- a/api/Controllers/Calendar/CalendarController.php
+++ b/api/Controllers/Calendar/CalendarController.php
@@ -124,4 +124,12 @@ class CalendarController extends \BaseClass {
 
         return $event;
     }
+
+    static function getBusinessHours() {
+        global $applicationContext, $hesk_settings;
+
+        $calendarHandler = $applicationContext->get(CalendarHandler::clazz());
+
+        return output($calendarHandler->getBusinessHours($hesk_settings));
+    }
 }
\ No newline at end of file
diff --git a/api/DataAccess/Calendar/CalendarGateway.php b/api/DataAccess/Calendar/CalendarGateway.php
index 39c73c44..f0f95885 100644
--- a/api/DataAccess/Calendar/CalendarGateway.php
+++ b/api/DataAccess/Calendar/CalendarGateway.php
@@ -4,6 +4,7 @@ namespace DataAccess\Calendar;
 
 
 use BusinessLogic\Calendar\AbstractEvent;
+use BusinessLogic\Calendar\BusinessHours;
 use BusinessLogic\Calendar\CalendarEvent;
 use BusinessLogic\Calendar\ReminderUnit;
 use BusinessLogic\Calendar\SearchEventsFilter;
@@ -243,4 +244,23 @@ class CalendarGateway extends CommonDao {
 
         $this->close();
     }
+
+    public function getBusinessHours($heskSettings) {
+        $this->init();
+
+        $rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "mfh_calendar_business_hours`");
+        $businessHours = array();
+        while ($row = hesk_dbFetchAssoc($rs)) {
+            $businessHour = new BusinessHours();
+            $businessHour->dayOfWeek = intval($row['day_of_week']);
+            $businessHour->startTime = $row['start_time'];
+            $businessHour->endTime = $row['end_time'];
+
+            $businessHours[] = $businessHour;
+        }
+
+        $this->close();
+
+        return $businessHours;
+    }
 }
\ No newline at end of file
diff --git a/api/index.php b/api/index.php
index ebdb36c7..ec493347 100644
--- a/api/index.php
+++ b/api/index.php
@@ -211,6 +211,7 @@ Link::all(array(
     // Settings
     '/v1/settings' => action(\Controllers\Settings\SettingsController::clazz(), RequestMethod::all()),
     // Calendar
+    '/v1/calendar/business-hours' => action(\Controllers\Calendar\CalendarController::clazz() . '::getBusinessHours', array(RequestMethod::GET), SecurityHandler::OPEN),
     '/v1/calendar/events' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET), SecurityHandler::OPEN),
     '/v1/calendar/events/staff' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::GET, RequestMethod::POST), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),
     '/v1/calendar/events/staff/{i}' => action(\Controllers\Calendar\CalendarController::clazz(), array(RequestMethod::PUT, RequestMethod::DELETE), SecurityHandler::INTERNAL_OR_AUTH_TOKEN),

From af45726fe6cf6f22ca2030dc8bb49f2510b20397 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 30 Jan 2018 22:24:12 -0500
Subject: [PATCH 45/74] Add ability to hide start time

---
 admin/admin_settings.php                      | 16 +++++++++++
 admin/admin_settings_save.php                 |  2 ++
 admin/calendar.php                            |  1 +
 calendar.php                                  |  1 +
 install/migrations/core.php                   |  3 ++
 .../AddBusinessHoursTable.php                 |  3 +-
 .../AddShowStartTimeSetting.php               | 17 +++++++++++
 .../InsertDefaultBusinessHours.php            | 28 +++++++++++++++++++
 .../mods-for-hesk-calendar-admin-readonly.js  |  1 +
 .../mods-for-hesk-calendar-readonly.js        |  1 +
 js/calendar/mods-for-hesk-calendar.js         |  1 +
 language/en/text.php                          |  2 ++
 12 files changed, 74 insertions(+), 2 deletions(-)
 create mode 100644 install/migrations/v330/CalendarImprovements/AddShowStartTimeSetting.php
 create mode 100644 install/migrations/v330/CalendarImprovements/InsertDefaultBusinessHours.php

diff --git a/admin/admin_settings.php b/admin/admin_settings.php
index 1f055ddc..8ccfaea6 100644
--- a/admin/admin_settings.php
+++ b/admin/admin_settings.php
@@ -2220,6 +2220,22 @@ $modsForHesk_settings = mfh_getSettings();
                         </select>
                     </div>
                 </div>
+                <div class="form-group">
+                    <label for="show-start-time" class="col-sm-4 col-xs-12 control-label">
+                        <?php echo $hesklang['show_event_start_time']; ?>
+                        <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
+                           title="<?php echo $hesklang['show_event_start_time']; ?>"
+                           data-content="<?php echo $hesklang['show_event_start_time_help']; ?>"></i>
+                    </label>
+                    <div class="col-sm-8 form-inline">
+                        <?php
+                        $on = $modsForHesk_settings['calendar_show_start_time'] == 'true' ? 'checked="checked"' : '';
+                        $off = $modsForHesk_settings['calendar_show_start_time'] == 'false' ? 'checked="checked"' : '';
+                        echo '
+                        <div class="radio"><label><input type="radio" name="calendar-show-start-time" value="true" ' . $on . ' /> ' . $hesklang['yes'] . '</label></div><br>
+                        <div class="radio"><label><input type="radio" name="calendar-show-start-time" value="false" ' . $off . ' /> ' . $hesklang['no'] . '</label></div><br>'; ?>
+                    </div>
+                </div>
                 <h4 class="bold">
                     <?php echo $hesklang['business_hours']; ?>
                     <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php
index 5592c9cc..e52dd5a8 100644
--- a/admin/admin_settings_save.php
+++ b/admin/admin_settings_save.php
@@ -480,6 +480,7 @@ $set['navbar_title_url'] = hesk_POST('navbar_title_url');
 $set['enable_calendar'] = hesk_checkMinMax(intval(hesk_POST('enable_calendar')), 0, 2, 2);
 $set['first_day_of_week'] = hesk_POST('first-day-of-week', 0);
 $set['default_view'] = hesk_POST('default-view', 'month');
+$set['calendar_show_start_time'] = hesk_POST('calendar-show-start-time', 'true');
 
 if ($set['customer-email-verification-required']) {
     //-- Don't allow multiple emails if verification is required
@@ -662,6 +663,7 @@ mfh_updateSetting('use_mailgun', $set['use_mailgun'], false);
 mfh_updateSetting('enable_calendar', $set['enable_calendar'], false);
 mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false);
 mfh_updateSetting('default_calendar_view', $set['default_view'], true);
+mfh_updateSetting('calendar_show_start_time', $set['calendar_show_start_time'], true);
 mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true);
 
 mfh_updateSetting('login_background_type', $set['login_background_type'], true);
diff --git a/admin/calendar.php b/admin/calendar.php
index 451495cd..c5b33cd8 100644
--- a/admin/calendar.php
+++ b/admin/calendar.php
@@ -605,6 +605,7 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
         echo $view_array[$_SESSION['default_calendar_view']];
         ?>
     </p>
+    <p id="setting_show_start_time"><?php echo $modsForHesk_settings['calendar_show_start_time']; ?></p>
     <?php
     $businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
     while ($row = hesk_dbFetchAssoc($businessHoursRs)):
diff --git a/calendar.php b/calendar.php
index 2980fde3..64488e4c 100644
--- a/calendar.php
+++ b/calendar.php
@@ -119,6 +119,7 @@ echo mfh_get_hidden_fields_for_language(array(
 <div style="display: none">
     <p id="setting_default_view"><?php echo $modsForHesk_settings['default_calendar_view']; ?></p>
     <p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
+    <p id="setting_show_start_time"><?php echo $modsForHesk_settings['calendar_show_start_time']; ?></p>
 </div>
 <?php
 $businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
diff --git a/install/migrations/core.php b/install/migrations/core.php
index 798f7fa9..c9473d3a 100644
--- a/install/migrations/core.php
+++ b/install/migrations/core.php
@@ -222,5 +222,8 @@ function getAllMigrations() {
         164 => new \v330\ServiceMessagesImprovements\CreateServiceMessageToLocationTable(164),
         165 => new \v330\ServiceMessagesImprovements\UpdateExistingServiceMessagesLocations(165),
         166 => new \v330\ServiceMessagesImprovements\AddLanguageColumnToServiceMessages(166),
+        167 => new \v330\CalendarImprovements\AddBusinessHoursTable(167),
+        168 => new \v330\CalendarImprovements\InsertDefaultBusinessHours(168),
+        169 => new \v330\CalendarImprovements\AddShowStartTimeSetting(169),
     );
 }
\ No newline at end of file
diff --git a/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php b/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php
index 90f881c5..42483d29 100644
--- a/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php
+++ b/install/migrations/v330/CalendarImprovements/AddBusinessHoursTable.php
@@ -6,8 +6,7 @@ class AddBusinessHoursTable extends \AbstractUpdatableMigration {
 
     function innerUp($hesk_settings) {
         $this->executeQuery("CREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
-            (`day_of_week` INT NOT NULL, `all_day` INT NOT NULL, 
-               `start_time` VARCHAR(5) NOT NULL, `end_time` VARCHAR(5) NOT NULL)");
+            (`day_of_week` INT NOT NULL, `start_time` VARCHAR(5) NOT NULL, `end_time` VARCHAR(5) NOT NULL)");
     }
 
     function innerDown($hesk_settings) {
diff --git a/install/migrations/v330/CalendarImprovements/AddShowStartTimeSetting.php b/install/migrations/v330/CalendarImprovements/AddShowStartTimeSetting.php
new file mode 100644
index 00000000..89c0cd81
--- /dev/null
+++ b/install/migrations/v330/CalendarImprovements/AddShowStartTimeSetting.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace v330\CalendarImprovements;
+
+
+class AddShowStartTimeSetting extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`)
+            VALUES ('calendar_show_start_time', 'true')");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` 
+            WHERE `Key` = 'calendar_show_start_time'");
+    }
+}
\ No newline at end of file
diff --git a/install/migrations/v330/CalendarImprovements/InsertDefaultBusinessHours.php b/install/migrations/v330/CalendarImprovements/InsertDefaultBusinessHours.php
new file mode 100644
index 00000000..970b59ca
--- /dev/null
+++ b/install/migrations/v330/CalendarImprovements/InsertDefaultBusinessHours.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace v330\CalendarImprovements;
+
+
+class InsertDefaultBusinessHours extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (0, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (1, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (2, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (3, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (4, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (5, '00:00', '23:59')");
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours` (`day_of_week`, `start_time`, `end_time`)
+            VALUES (6, '00:00', '23:59')");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
+    }
+}
\ No newline at end of file
diff --git a/js/calendar/mods-for-hesk-calendar-admin-readonly.js b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
index 7acce334..43ce1b43 100644
--- a/js/calendar/mods-for-hesk-calendar-admin-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-admin-readonly.js
@@ -12,6 +12,7 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        displayEventTime: $('#setting_show_start_time').text(),
         businessHours: [
             {
                 dow: [0],
diff --git a/js/calendar/mods-for-hesk-calendar-readonly.js b/js/calendar/mods-for-hesk-calendar-readonly.js
index dca8b66f..72774ce5 100644
--- a/js/calendar/mods-for-hesk-calendar-readonly.js
+++ b/js/calendar/mods-for-hesk-calendar-readonly.js
@@ -12,6 +12,7 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        displayEventTime: $('#setting_show_start_time').text(),
         businessHours: [
             {
                 dow: [0],
diff --git a/js/calendar/mods-for-hesk-calendar.js b/js/calendar/mods-for-hesk-calendar.js
index 621102b1..08f1b4f4 100644
--- a/js/calendar/mods-for-hesk-calendar.js
+++ b/js/calendar/mods-for-hesk-calendar.js
@@ -12,6 +12,7 @@ $(document).ready(function() {
         eventLimit: true,
         timeFormat: 'H:mm',
         axisFormat: 'H:mm',
+        displayEventTime: $('#setting_show_start_time').text() === 'true',
         businessHours: [
             {
                 dow: [0],
diff --git a/language/en/text.php b/language/en/text.php
index 19ac1eb5..8a621218 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2233,6 +2233,8 @@ $hesklang['sm_login_page'] = 'Login Page';
 $hesklang['business_hours'] = 'Business Hours';
 $hesklang['business_hours_help'] = 'Set business hours for the calendar. There is no functional change by setting this, 
 but times outside of the defined business hours will have a darker gray background for increased visibility.';
+$hesklang['show_event_start_time'] = 'Show event start time in title';
+$hesklang['show_event_start_time_help'] = 'Always show the start time on event titles (unless the event is an all-day event).';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From c4f080184c102a71b3421acfcd072bcbfdebac33 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Wed, 31 Jan 2018 12:54:31 -0500
Subject: [PATCH 46/74] Add setting to highlight all ticket rows based on
 priority

---
 admin/admin_settings.php                      | 21 +++++++++++++++++++
 admin/admin_settings_save.php                 |  2 ++
 inc/ticket_list.inc.php                       |  2 ++
 .../v330/AddHighlightTicketRowsSetting.php    | 16 ++++++++++++++
 language/en/text.php                          |  3 +++
 5 files changed, 44 insertions(+)
 create mode 100644 install/migrations/v330/AddHighlightTicketRowsSetting.php

diff --git a/admin/admin_settings.php b/admin/admin_settings.php
index 8ccfaea6..db11e3e2 100644
--- a/admin/admin_settings.php
+++ b/admin/admin_settings.php
@@ -3372,6 +3372,27 @@ $modsForHesk_settings = mfh_getSettings();
                         </div>
                     </div>
                 </div>
+                <div class="form-group">
+                    <label for="show_number_merged" class="col-sm-4 control-label">
+                          <span class="label label-primary"
+                                data-toggle="tooltip"
+                                title="<?php echo $hesklang['added_in_mods_for_hesk'] ?>"><?php echo $hesklang['mods_for_hesk_acronym']; ?></span>
+                        <?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>
+                        <i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
+                           title="<?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>"
+                           data-content="<?php echo $hesklang['highlight_ticket_rows_based_on_priority_help']; ?>"></i>
+                    </label>
+                    <div class="col-sm-8">
+                        <div class="checkbox">
+                            <label>
+                                <input type="checkbox"
+                                       name="highlight_ticket_rows_based_on_priority" <?php if ($modsForHesk_settings['highlight_ticket_rows_based_on_priority']) {
+                                    echo 'checked';
+                                } ?>> <?php echo $hesklang['highlight_ticket_rows_based_on_priority_descr']; ?>
+                            </label>
+                        </div>
+                    </div>
+                </div>
                 <div class="form-group">
                     <label for="s_submittedformat" class="col-sm-4 control-label"><?php echo $hesklang['sdf']; ?> <a
                             href="Javascript:void(0)"
diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php
index e52dd5a8..27855154 100644
--- a/admin/admin_settings_save.php
+++ b/admin/admin_settings_save.php
@@ -458,6 +458,7 @@ $set['use_bootstrap_theme'] = empty($_POST['use_bootstrap_theme']) ? 0 : 1;
 $set['new_kb_article_visibility'] = hesk_checkMinMax(intval(hesk_POST('new_kb_article_visibility')), 0, 2, 2);
 $set['mfh_attachments'] = empty($_POST['email_attachments']) ? 0 : 1;
 $set['show_number_merged'] = empty($_POST['show_number_merged']) ? 0 : 1;
+$set['highlight_ticket_rows_based_on_priority'] = empty($_POST['highlight_ticket_rows_based_on_priority']) ? 0 : 1;
 $set['request_location'] = empty($_POST['request_location']) ? 0 : 1;
 $set['category_order_column'] = empty($_POST['category_order_column']) ? 'cat_order' : 'name';
 
@@ -621,6 +622,7 @@ mfh_updateSetting('use_bootstrap_theme', $set['use_bootstrap_theme']);
 mfh_updateSetting('new_kb_article_visibility', $set['new_kb_article_visibility']);
 mfh_updateSetting('attachments', $set['mfh_attachments']);
 mfh_updateSetting('show_number_merged', $set['show_number_merged']);
+mfh_updateSetting('highlight_ticket_rows_based_on_priority', $set['highlight_ticket_rows_based_on_priority']);
 mfh_updateSetting('request_location', $set['request_location']);
 mfh_updateSetting('category_order_column', $set['category_order_column'], true);
 mfh_updateSetting('rich_text_for_tickets', $set['rich_text_for_tickets']);
diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php
index 1e871e48..712c6797 100644
--- a/inc/ticket_list.inc.php
+++ b/inc/ticket_list.inc.php
@@ -238,9 +238,11 @@ if ($total > 0) {
                     break;
                 case 2:
                     $ticket['priority'] = '<span style="color: green; font-size:1.3em" class="fa fa-fw fa-angle-double-down" data-toggle="tooltip" data-placement="top" title="' . $hesklang['medium'] . '"></span>';
+                    $color = $modsForHesk_settings['highlight_ticket_rows_based_on_priority'] ? 'success' : '';
                     break;
                 default:
                     $ticket['priority'] = '<span style="color: blue; font-size:1.3em" class="fa fa-fw fa-long-arrow-down" data-toggle="tooltip" data-placement="top" title="' . $hesklang['low'] . '"></span>';
+                    $color = $modsForHesk_settings['highlight_ticket_rows_based_on_priority'] ? 'info' : '';
             }
 
             // Set message (needed for row title)
diff --git a/install/migrations/v330/AddHighlightTicketRowsSetting.php b/install/migrations/v330/AddHighlightTicketRowsSetting.php
new file mode 100644
index 00000000..192359a7
--- /dev/null
+++ b/install/migrations/v330/AddHighlightTicketRowsSetting.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace v330;
+
+class AddHighlightTicketRowsSetting extends \AbstractUpdatableMigration {
+
+    function innerUp($hesk_settings) {
+        $this->executeQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` (`Key`, `Value`)
+            VALUES ('highlight_ticket_rows_based_on_priority', '0')");
+    }
+
+    function innerDown($hesk_settings) {
+        $this->executeQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` 
+            WHERE `Key` = 'highlight_ticket_rows_based_on_priority'");
+    }
+}
\ No newline at end of file
diff --git a/language/en/text.php b/language/en/text.php
index 8a621218..0de8b91c 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2235,6 +2235,9 @@ $hesklang['business_hours_help'] = 'Set business hours for the calendar. There i
 but times outside of the defined business hours will have a darker gray background for increased visibility.';
 $hesklang['show_event_start_time'] = 'Show event start time in title';
 $hesklang['show_event_start_time_help'] = 'Always show the start time on event titles (unless the event is an all-day event).';
+$hesklang['highlight_ticket_rows_based_on_priority'] = 'Highlight ticket rows based on priority';
+$hesklang['highlight_ticket_rows_based_on_priority_help'] = 'If enabled, each ticket on the tickets page will be highlighted based on priority. If disabled, only * Critical * and High priority tickets will be highlighted.';
+$hesklang['highlight_ticket_rows_based_on_priority_descr'] = 'Highlight all ticket rows based on priority';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 4e2b21ae60a613b206570cfbc4ff786914cacfa5 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 31 Jan 2018 22:04:11 -0500
Subject: [PATCH 47/74] Show due date on ticket home page

---
 inc/admin_functions.inc.php |  1 +
 inc/print_tickets.inc.php   |  3 ++-
 inc/ticket_list.inc.php     | 10 ++++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php
index 1de4b3a7..f2ace1dc 100644
--- a/inc/admin_functions.inc.php
+++ b/inc/admin_functions.inc.php
@@ -32,6 +32,7 @@ $hesk_settings['possible_ticket_list'] = array(
     'staffreplies' => $hesklang['replies'] . ' (' . $hesklang['staff'] . ')',
     'lastreplier' => $hesklang['last_replier'],
     'time_worked' => $hesklang['ts'],
+    'due_date' => $hesklang['due_date'],
 );
 
 define('HESK_NO_ROBOTS', true);
diff --git a/inc/print_tickets.inc.php b/inc/print_tickets.inc.php
index 66d2534a..3b4c0f04 100644
--- a/inc/print_tickets.inc.php
+++ b/inc/print_tickets.inc.php
@@ -45,7 +45,8 @@ LEFT(`message`, 400) AS `message`,
 `replierid`,
 `archive`,
 `locked`,
-`merged`
+`merged`,
+`due_date`
 ";
 
 foreach ($hesk_settings['custom_fields'] as $k => $v) {
diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php
index 712c6797..c787d876 100644
--- a/inc/ticket_list.inc.php
+++ b/inc/ticket_list.inc.php
@@ -375,6 +375,16 @@ if ($total > 0) {
                 echo '<td class="' . $color . '">' . $ticket['time_worked'] . '</td>';
             }
 
+            // Print due date
+            if (hesk_show_column('due_date')) {
+                $due_date = $hesklang['none'];
+                if ($ticket['due_date'] != null) {
+                    $due_date = hesk_date($ticket['due_date'], false, true, false);
+                }
+
+                echo '<td class="' . $color . '">' . ($ticket['due_date'] == null ? 'NONE' : date('Y-m-d', $due_date)) . '</td>';
+            }
+
             // Print custom fields
             foreach ($hesk_settings['custom_fields'] as $key => $value) {
                 if ($value['use'] && hesk_show_column($key)) {

From 2ffa6c130c0a6d834220af98db917cd5bcae6336 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 1 Feb 2018 21:27:34 -0500
Subject: [PATCH 48/74] Show attachment size in attachment info

---
 admin/admin_ticket.php                |  4 ++--
 inc/common.inc.php                    | 25 +++++++++++++++++++++++++
 inc/view_attachment_functions.inc.php |  2 ++
 3 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/admin/admin_ticket.php b/admin/admin_ticket.php
index 36804051..b180ab34 100644
--- a/admin/admin_ticket.php
+++ b/admin/admin_ticket.php
@@ -1193,9 +1193,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 
                             echo '
                                     <a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">
-                                        <i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . ' ' . $att_name . '"></i>
+                                        <i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . '"></i>
                                     </a>
-                                    <a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . '</a><br />
+                                    <a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . ' (' . mfh_getAttachmentFileSize($att_id) . ')' . '</a><br />
                                 ';
                         }
                     }
diff --git a/inc/common.inc.php b/inc/common.inc.php
index b6ce26f9..e2821a7e 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -2131,6 +2131,31 @@ function mfh_getNumberOfDownloadsForAttachment($att_id, $table = 'attachments')
     return $rec['download_count'];
 }
 
+function mfh_getAttachmentFileSize($att_id, $table = 'attachments') {
+    global $hesk_settings;
+
+    $res = hesk_dbQuery('SELECT `size` FROM `' . hesk_dbEscape($hesk_settings['db_pfix'] . $table) . "` WHERE `att_id` = " . intval($att_id));
+    $rec = hesk_dbFetchAssoc($res);
+    return human_filesize($rec['size']);
+}
+
+function human_filesize($bytes, $decimals = 2) {
+    global $hesklang;
+
+    $sz = 'BKMGTP';
+    $factor = floor((strlen($bytes) - 1) / 3);
+
+    if ($factor < strlen($sz)) {
+        $factorName = @$sz[$factor];
+        if ($factorName !== 'B') {
+            $factorName .= 'B';
+        }
+
+        return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . ' ' . $factorName;
+    }
+    return $hesklang['unknown'];
+}
+
 function mfh_getSettings()
 {
     global $hesk_settings;
diff --git a/inc/view_attachment_functions.inc.php b/inc/view_attachment_functions.inc.php
index 3aee6e88..df2a45b9 100644
--- a/inc/view_attachment_functions.inc.php
+++ b/inc/view_attachment_functions.inc.php
@@ -24,6 +24,7 @@ function mfh_listAttachments($attachments = '', $reply = 0, $is_staff)
     if ($is_staff) {
         echo '<th>' . $hesklang['download_count'] . '</th>';
     }
+    echo '<th>' . 'File size' . '</th>';
     echo '<th>' . $hesklang['action'] . '</th>
         </tr>
         </thead>';
@@ -72,6 +73,7 @@ function mfh_listAttachments($attachments = '', $reply = 0, $is_staff)
         if ($is_staff) {
             echo '<td>' . mfh_getNumberOfDownloadsForAttachment($att_id) . '</td>';
         }
+        echo '<td>' . mfh_getAttachmentFileSize($att_id) . '</td>';
         echo '<td>
                 <div class="btn-group">';
         /* Can edit and delete tickets? */

From f2001ec44613bc1ba28d57e5da0a71ea75f74da4 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 1 Feb 2018 21:43:01 -0500
Subject: [PATCH 49/74] Add back button to login page

---
 admin/index.php                       | 3 +++
 inc/view_attachment_functions.inc.php | 1 -
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/admin/index.php b/admin/index.php
index f623d4a0..c5e5695e 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -475,6 +475,9 @@ function print_login()
                     </div>
                 </div>
             </form>
+            <a class="btn btn-default" href="<?php echo $hesk_settings['hesk_url']; ?>">
+                <i class="fa fa-chevron-left"></i> <?php echo $hesklang['back']; ?>
+            </a>
         </div>
     </div>
 </div>
diff --git a/inc/view_attachment_functions.inc.php b/inc/view_attachment_functions.inc.php
index df2a45b9..cd3c3b52 100644
--- a/inc/view_attachment_functions.inc.php
+++ b/inc/view_attachment_functions.inc.php
@@ -281,7 +281,6 @@ function display_dropzone_field($url, $id = 'filedrop', $max_files_override = -1
         paramName: 'attachment',
         url: '" . $url . "',
         parallelUploads: ".$max_files.",
-        uploadMultiple: true,
         maxFiles: ".$max_files.",
         acceptedFiles: ".json_encode($acceptedFiles).",
         maxFilesize: ".$size.", // MB

From 400c2168691203e68aa94c75aef784b71b36a97d Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 1 Feb 2018 22:02:51 -0500
Subject: [PATCH 50/74] Small UI change, change 'Home' to 'Tickets'

---
 admin/edit_post.php        | 24 ++++++++++++++----------
 inc/show_admin_nav.inc.php |  2 +-
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/admin/edit_post.php b/admin/edit_post.php
index 8e14c90a..9cd56341 100644
--- a/admin/edit_post.php
+++ b/admin/edit_post.php
@@ -646,16 +646,20 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                     }
                     ?>
                 </div>
-                <div class="form-group" style="text-align: center">
-                    <?php
-                    $html = $ticket['html'] ? 1 : 0;
-                    ?>
-                    <input type="hidden" name="html" value="<?php echo $html; ?>">
-                    <input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-default">
-                    <?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
-                        <input type="hidden" name="isManager" value="1">
-                    <?php endif; ?>
-                    <a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
+                <div class="form-group">
+                    <div class="col-md-9 col-md-offset-3">
+                        <?php
+                        $html = $ticket['html'] ? 1 : 0;
+                        ?>
+                        <input type="hidden" name="html" value="<?php echo $html; ?>">
+                        <div class="btn-group">
+                            <input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-primary">
+                            <a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
+                        </div>
+                        <?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
+                            <input type="hidden" name="isManager" value="1">
+                        <?php endif; ?>
+                    </div>
                 </div>
             </form>
         </div>
diff --git a/inc/show_admin_nav.inc.php b/inc/show_admin_nav.inc.php
index f6d7de9d..ddb11a74 100644
--- a/inc/show_admin_nav.inc.php
+++ b/inc/show_admin_nav.inc.php
@@ -53,7 +53,7 @@ $mails = mfh_get_mail_headers_for_dropdown($_SESSION['id'], $hesk_settings, $hes
                     ?>
                     <li <?php echo $active; ?>>
                         <a href="admin_main.php">
-                            <i class="fa fa-home" <?php echo $iconDisplay; ?>></i> <span><?php echo $hesklang['main_page']; ?></span>
+                            <i class="fa fa-ticket" <?php echo $iconDisplay; ?>></i> <span><?php echo $hesklang['tickets']; ?></span>
                         </a>
                     </li>
                     <?php

From dd0edef2baf2a99ccb51557428d4e0fcc5dd07f4 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 2 Feb 2018 21:28:15 -0500
Subject: [PATCH 51/74] Fixes #599 Only show active users in PMs

---
 admin/mail.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/mail.php b/admin/mail.php
index 9890aade..38aa2e75 100644
--- a/admin/mail.php
+++ b/admin/mail.php
@@ -32,7 +32,7 @@ $modsForHesk_settings = mfh_getSettings();
 
 /* List of staff */
 $admins = array();
-$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `name` ASC");
+$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1' ORDER BY `name` ASC");
 while ($row = hesk_dbFetchAssoc($res)) {
     $admins[$row['id']] = $row['name'];
 }

From 5865cb722df7ce87f46b0178fe5c615851a880df Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 2 Feb 2018 21:57:33 -0500
Subject: [PATCH 52/74] Fix custom field description for select fields

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index e985b676..a5b624a6 100644
--- a/index.php
+++ b/index.php
@@ -898,10 +898,10 @@ function print_add_ticket()
 
                                     echo '<option '.$selected.'>'.$option.'</option>';
                                 }
+                                echo '</select>';
                                 if (!empty($v['mfh_description'])) {
                                     echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
                                 }
-                                echo '</select>';
                             echo '<div class="help-block with-errors"></div>
                         </div>
                     </div>';

From 90dc2d691a39133332fc405fa01be6e8c15ead1c Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 2 Feb 2018 22:05:23 -0500
Subject: [PATCH 53/74] Deactivated some migrations as they're no longer
 needed.... might break some new installs

---
 .../Statuses/AddIntColumnUpDropTableDown.php       |  6 ++++--
 .../Pre140/Statuses/CreateStatusesTable.php        |  5 ++++-
 .../Pre140/Statuses/DropOldStatusColumn.php        | 14 ++++++++------
 .../Pre140/Statuses/MoveStatusesToNewColumn.php    | 14 ++++++++------
 .../Pre140/Statuses/RenameTempColumn.php           |  6 ++++--
 5 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/install/migrations/Pre140/Statuses/AddIntColumnUpDropTableDown.php b/install/migrations/Pre140/Statuses/AddIntColumnUpDropTableDown.php
index b6bf841e..c3053741 100644
--- a/install/migrations/Pre140/Statuses/AddIntColumnUpDropTableDown.php
+++ b/install/migrations/Pre140/Statuses/AddIntColumnUpDropTableDown.php
@@ -7,10 +7,12 @@ use AbstractMigration;
 class AddIntColumnUpDropTableDown extends AbstractMigration {
 
     function up($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` ADD COLUMN `status_int` INT NOT NULL DEFAULT 0 AFTER `status`;");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` ADD COLUMN `status_int` INT NOT NULL DEFAULT 0 AFTER `status`;");
     }
 
     function down($hesk_settings) {
-        $this->executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses`");
+        // Moved to migration #2 for clarity
+        //$this->executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses`");
     }
 }
\ No newline at end of file
diff --git a/install/migrations/Pre140/Statuses/CreateStatusesTable.php b/install/migrations/Pre140/Statuses/CreateStatusesTable.php
index 0d7dbef7..8b2321c2 100644
--- a/install/migrations/Pre140/Statuses/CreateStatusesTable.php
+++ b/install/migrations/Pre140/Statuses/CreateStatusesTable.php
@@ -23,6 +23,9 @@ class CreateStatusesTable extends \AbstractMigration {
     }
 
     function down($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` ADD COLUMN `status_int` INT NOT NULL AFTER `status`;");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` ADD COLUMN `status_int` INT NOT NULL AFTER `status`;");
+        // Moved from migration #1
+        $this->executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses`");
     }
 }
\ No newline at end of file
diff --git a/install/migrations/Pre140/Statuses/DropOldStatusColumn.php b/install/migrations/Pre140/Statuses/DropOldStatusColumn.php
index eb41f6b6..0e6d136a 100644
--- a/install/migrations/Pre140/Statuses/DropOldStatusColumn.php
+++ b/install/migrations/Pre140/Statuses/DropOldStatusColumn.php
@@ -8,14 +8,16 @@ use AbstractMigration;
 class DropOldStatusColumn extends AbstractMigration {
 
     function up($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `status`");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `status`");
     }
 
     function down($hesk_settings) {
-        $ticketsRS = $this->executeQuery("SELECT `id`, `status_int` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`;");
-        while ($currentResult = hesk_dbFetchAssoc($ticketsRS)) {
-
-            $this->executeQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status_int` = '" . intval($currentResult['status']) . "' WHERE `id` = " . $currentResult['id']);
-        }
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$ticketsRS = $this->executeQuery("SELECT `id`, `status_int` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`;");
+        //while ($currentResult = hesk_dbFetchAssoc($ticketsRS)) {
+        //
+        //    $this->executeQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status_int` = '" . intval($currentResult['status_int']) . "' WHERE `id` = " . $currentResult['id']);
+        //}
     }
 }
\ No newline at end of file
diff --git a/install/migrations/Pre140/Statuses/MoveStatusesToNewColumn.php b/install/migrations/Pre140/Statuses/MoveStatusesToNewColumn.php
index ce64aced..58037bec 100644
--- a/install/migrations/Pre140/Statuses/MoveStatusesToNewColumn.php
+++ b/install/migrations/Pre140/Statuses/MoveStatusesToNewColumn.php
@@ -7,14 +7,16 @@ use AbstractMigration;
 class MoveStatusesToNewColumn extends AbstractMigration {
 
     function up($hesk_settings) {
-        $ticketsRS = $this->executeQuery("SELECT `id`, `status` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`;");
-        while ($currentResult = hesk_dbFetchAssoc($ticketsRS)) {
-
-            $this->executeQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status_int` = " . $currentResult['status'] . " WHERE `id` = " . $currentResult['id']);
-        }
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$ticketsRS = $this->executeQuery("SELECT `id`, `status` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`;");
+        //while ($currentResult = hesk_dbFetchAssoc($ticketsRS)) {
+        //
+        //    $this->executeQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status_int` = " . $currentResult['status'] . " WHERE `id` = " . $currentResult['id']);
+        //}
     }
 
     function down($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` CHANGE COLUMN `status_int` `status` INT NOT NULL");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` CHANGE COLUMN `status_int` `status` INT NOT NULL");
     }
 }
\ No newline at end of file
diff --git a/install/migrations/Pre140/Statuses/RenameTempColumn.php b/install/migrations/Pre140/Statuses/RenameTempColumn.php
index d1eec50f..5695b798 100644
--- a/install/migrations/Pre140/Statuses/RenameTempColumn.php
+++ b/install/migrations/Pre140/Statuses/RenameTempColumn.php
@@ -6,10 +6,12 @@ namespace Pre140\Statuses;
 class RenameTempColumn extends \AbstractMigration {
 
     function up($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` CHANGE COLUMN `status_int` `status` INT NOT NULL");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` CHANGE COLUMN `status_int` `status` INT NOT NULL");
     }
 
     function down($hesk_settings) {
-        $this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `status`");
+        // We no longer need to do this thanks to HESK 2.7.0
+        //$this->executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `status`");
     }
 }
\ No newline at end of file

From d383bc0c00f729d066a5934380f4b4916a3aba2d Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Fri, 2 Feb 2018 22:18:43 -0500
Subject: [PATCH 54/74] Fix issue where 3.0.0 beta/rc 1 could not update

---
 install/index.php           | 6 +++---
 install/migrations/core.php | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/index.php b/install/index.php
index 6ee2fc35..a669070e 100644
--- a/install/index.php
+++ b/install/index.php
@@ -31,9 +31,9 @@ if (hesk_dbNumRows($tableSql) > 0) {
             '1.6.0' =>  22, '1.6.1' =>  23, '1.7.0' =>  27, '2.0.0' =>  37, '2.0.1' =>  38, '2.1.0' =>  39, '2.1.1' =>  42,
             '2.2.0' =>  47, '2.2.1' =>  48, '2.3.0' =>  68, '2.3.1' =>  69, '2.3.2' =>  70, '2.4.0' =>  86, '2.4.1' =>  87,
             '2.4.2' =>  88, '2.5.0' =>  98, '2.5.1' =>  99, '2.5.2' => 100, '2.5.3' => 101, '2.5.4' => 102, '2.5.5' => 103,
-            '2.6.0' => 121, '2.6.1' => 122, '2.6.2' => 125, '2.6.3' => 126, '2.6.4' => 127, '3.0.0' => 132, '3.0.1' => 133,
-            '3.0.2' => 135, '3.0.3' => 136, '3.0.4' => 137, '3.0.5' => 138, '3.0.6' => 139, '3.0.7' => 140, '3.1.0' => 153,
-            '3.1.1' => 154
+            '2.6.0' => 121, '2.6.1' => 122, '2.6.2' => 125, '2.6.3' => 126, '2.6.4' => 127, '3.0.0 beta 1' => 130,
+            '3.0.0 RC 1' => 131, '3.0.0' => 132, '3.0.1' => 133, '3.0.2' => 135, '3.0.3' => 136, '3.0.4' => 137,
+            '3.0.5' => 138, '3.0.6' => 139, '3.0.7' => 140, '3.1.0' => 153, '3.1.1' => 154
         );
         $startingMigrationNumber = $migration_map[$versionRow['Value']];
     }
diff --git a/install/migrations/core.php b/install/migrations/core.php
index c9473d3a..2349b657 100644
--- a/install/migrations/core.php
+++ b/install/migrations/core.php
@@ -176,8 +176,8 @@ function getAllMigrations() {
         //3.0.0
         127 => new \v300\MigrateHeskCustomStatuses(),
         128 => new \v300\MigrateAutorefreshOption\UpdateFromOldValue(),
-        129 => new \v300\MigrateAutorefreshOption\DropOldColumn(),
-        130 => new \v300\AddColorSchemeSetting(),
+        129 => new \v300\AddColorSchemeSetting(),
+        130 => new \v300\MigrateAutorefreshOption\DropOldColumn(),
         131 => new LegacyUpdateMigration('3.0.0', '2.6.4'),
         //3.0.1
         132 => new LegacyUpdateMigration('3.0.1', '3.0.0'),

From 5696968f2577a3c2e4c2646d735bdcb9dc191d8f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sat, 3 Feb 2018 22:16:00 -0500
Subject: [PATCH 55/74] Working on improving the validator

---
 install/database-validation.php | 415 +++++++++++++++++++-------------
 1 file changed, 246 insertions(+), 169 deletions(-)

diff --git a/install/database-validation.php b/install/database-validation.php
index cce19ef6..8f47a9c9 100644
--- a/install/database-validation.php
+++ b/install/database-validation.php
@@ -5,6 +5,59 @@ require(HESK_PATH . 'install/install_functions.inc.php');
 require(HESK_PATH . 'hesk_settings.inc.php');
 
 hesk_dbConnect();
+
+/*
+We have four possible validation scenarios:
+
+1. Fresh install - the user has never installed Mods for HESK before. Nothing to validate.
+2. Installed a really old version - we don't have a previous version to start from.
+3. Installed a recent version, but before migrations began - just pull the version # and use the dictionary below.
+4. Migration number present in the settings table. Take that number and run with it.
+ */
+
+$tableSql = hesk_dbQuery("SHOW TABLES LIKE '" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings'");
+$startingValidationNumber = 1;
+if (hesk_dbNumRows($tableSql) > 0) {
+    // They have installed at LEAST to version 1.6.0. Just pull the version number OR migration number
+    $migrationNumberSql = hesk_dbQuery("SELECT `Value` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = 'migrationNumber'");
+    if ($migrationRow = hesk_dbFetchAssoc($migrationNumberSql)) {
+        $startingValidationNumber = intval($migrationRow['Value']) + 1;
+    } else {
+        $versionSql = hesk_dbQuery("SELECT `Value` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = 'modsForHeskVersion'");
+        $versionRow = hesk_dbFetchAssoc($versionSql);
+
+        $migration_map = array(
+            // Pre-1.4.0 to 1.5.0 did not have a settings table
+            '1.6.0' =>  22, '1.6.1' =>  23, '1.7.0' =>  27, '2.0.0' =>  37, '2.0.1' =>  38, '2.1.0' =>  39, '2.1.1' =>  42,
+            '2.2.0' =>  47, '2.2.1' =>  48, '2.3.0' =>  68, '2.3.1' =>  69, '2.3.2' =>  70, '2.4.0' =>  86, '2.4.1' =>  87,
+            '2.4.2' =>  88, '2.5.0' =>  98, '2.5.1' =>  99, '2.5.2' => 100, '2.5.3' => 101, '2.5.4' => 102, '2.5.5' => 103,
+            '2.6.0' => 121, '2.6.1' => 122, '2.6.2' => 125, '2.6.3' => 126, '2.6.4' => 127, '3.0.0 beta 1' => 130,
+            '3.0.0 RC 1' => 131, '3.0.0' => 132, '3.0.1' => 133, '3.0.2' => 135, '3.0.3' => 136, '3.0.4' => 137,
+            '3.0.5' => 138, '3.0.6' => 139, '3.0.7' => 140, '3.1.0' => 153, '3.1.1' => 154
+        );
+        $startingValidationNumber = $migration_map[$versionRow['Value']];
+    }
+} else {
+    // migration # => sql for checking
+    $versionChecks = array(
+        // 1.5.0 -> users.active
+        14 => "SHOW COLUMNS FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` LIKE 'active'",
+        // 1.4.1 -> denied_emails
+        11 => "SHOW TABLES LIKE '" . hesk_dbEscape($hesk_settings['db_pfix']) . "denied_emails'",
+        // 1.4.0 -> denied ips
+        9 => "SHOW TABLES LIKE '" . hesk_dbEscape($hesk_settings['db_pfix']) . "denied_ips'",
+        // Pre-1.4.0 but still something -> statuses
+        7 => "SHOW TABLES LIKE '" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses'"
+    );
+
+    foreach ($versionChecks as $migrationNumber => $sql) {
+        $rs = hesk_dbQuery($sql);
+        if (hesk_dbNumRows($rs) > 0) {
+            $startingValidationNumber = $migrationNumber;
+            break;
+        }
+    }
+}
 ?>
 <html>
 <head>
@@ -61,155 +114,157 @@ hesk_dbConnect();
             </thead>
             <tbody>
             <?php
-            $all_good = true;
-
+            $validations = array();
+            
             output_header_row('1.0.0 - 1.3.x');
-            $all_good = run_table_check('statuses');
-            $all_good &= run_column_check('statuses', 'ID');
-            $all_good &= run_column_check('statuses', 'TextColor');
-            $all_good &= run_column_check('statuses', 'IsNewTicketStatus');
-            $all_good &= run_column_check('statuses', 'IsClosed');
-            $all_good &= run_column_check('statuses', 'IsClosedByClient');
-            $all_good &= run_column_check('statuses', 'IsCustomerReplyStatus');
-            $all_good &= run_column_check('statuses', 'IsStaffClosedOption');
-            $all_good &= run_column_check('statuses', 'IsStaffReopenedStatus');
-            $all_good &= run_column_check('statuses', 'IsDefaultStaffReplyStatus');
-            $all_good &= run_column_check('statuses', 'LockedTicketStatus');
+            $validations[] = run_table_check('statuses', 7);
+            $validations[] = run_column_check('statuses', 'ID', 7);
+            $validations[] = run_column_check('statuses', 'TextColor', 7);
+            $validations[] = run_column_check('statuses', 'IsNewTicketStatus', 7);
+            $validations[] = run_column_check('statuses', 'IsClosed', 7);
+            $validations[] = run_column_check('statuses', 'IsClosedByClient', 7);
+            $validations[] = run_column_check('statuses', 'IsCustomerReplyStatus', 7);
+            $validations[] = run_column_check('statuses', 'IsStaffClosedOption', 7);
+            $validations[] = run_column_check('statuses', 'IsStaffReopenedStatus', 7);
+            $validations[] = run_column_check('statuses', 'IsDefaultStaffReplyStatus', 7);
+            $validations[] = run_column_check('statuses', 'LockedTicketStatus', 7);
             output_header_row('1.5.0');
-            $all_good &= run_column_check('users', 'active');
+            $validations[] = run_column_check('users', 'active', 11);
             output_header_row('1.6.0');
-            $all_good &= run_column_check('users', 'notify_note_unassigned');
-            $all_good &= run_table_check('settings');
+            $validations[] = run_column_check('users', 'notify_note_unassigned', 14);
+            $validations[] = run_table_check('settings', 20);
             output_header_row('1.7.0');
-            $all_good &= run_table_check('verified_emails');
-            $all_good &= run_table_check('pending_verification_emails');
-            $all_good &= run_table_check('stage_tickets');
+            $validations[] = run_table_check('verified_emails', 23);
+            $validations[] = run_table_check('pending_verification_emails', 24);
+            $validations[] = run_table_check('stage_tickets', 25);
             output_header_row('2.2.0');
-            $all_good &= run_column_check('statuses', 'IsAutocloseOption');
-            $all_good &= run_column_check('statuses', 'Closable');
+            $validations[] = run_column_check('statuses', 'IsAutocloseOption', 42);
+            $validations[] = run_column_check('statuses', 'Closable', 44);
             output_header_row('2.3.0');
-            $all_good &= run_column_check('service_messages', 'icon');
-            $all_good &= run_column_check('statuses', 'Key');
-            $all_good &= run_column_check('tickets', 'latitude');
-            $all_good &= run_column_check('tickets', 'longitude');
-            $all_good &= run_column_check('stage_tickets', 'latitude');
-            $all_good &= run_column_check('stage_tickets', 'longitude');
-            $all_good &= run_column_check('categories', 'manager');
-            $all_good &= run_column_check('users', 'permission_template');
-            $all_good &= run_table_check('permission_templates');
-            $all_good &= run_column_check('permission_templates', 'id');
-            $all_good &= run_column_check('permission_templates', 'name');
-            $all_good &= run_column_check('permission_templates', 'heskprivileges');
-            $all_good &= run_column_check('permission_templates', 'categories');
+            $validations[] = run_column_check('service_messages', 'icon', 48);
+            $validations[] = run_column_check('statuses', 'Key', 49);
+            $validations[] = run_column_check('tickets', 'latitude', 53);
+            $validations[] = run_column_check('tickets', 'longitude', 54);
+            $validations[] = run_column_check('stage_tickets', 'latitude', 55);
+            $validations[] = run_column_check('stage_tickets', 'longitude', 56);
+            $validations[] = run_column_check('categories', 'manager', 57);
+            $validations[] = run_column_check('users', 'permission_template', 62);
+            $validations[] = run_table_check('permission_templates', 63);
+            $validations[] = run_column_check('permission_templates', 'id', 63);
+            $validations[] = run_column_check('permission_templates', 'name', 63);
+            $validations[] = run_column_check('permission_templates', 'heskprivileges', 63);
+            $validations[] = run_column_check('permission_templates', 'categories', 63);
             output_header_row('2.4.0');
-            $all_good &= run_table_check('quick_help_sections');
-            $all_good &= run_column_check('quick_help_sections', 'id');
-            $all_good &= run_column_check('quick_help_sections', 'location');
-            $all_good &= run_column_check('quick_help_sections', 'show');
-            $all_good &= run_table_check('text_to_status_xref');
-            $all_good &= run_column_check('text_to_status_xref', 'id');
-            $all_good &= run_column_check('text_to_status_xref', 'language');
-            $all_good &= run_column_check('text_to_status_xref', 'text');
-            $all_good &= run_column_check('text_to_status_xref', 'status_id');
-            $all_good &= run_column_check('statuses', 'sort');
-            $all_good &= run_column_check('attachments', 'download_count');
-            $all_good &= run_column_check('kb_attachments', 'download_count');
-            $all_good &= run_column_check('tickets', 'html');
-            $all_good &= run_column_check('stage_tickets', 'html');
-            $all_good &= run_column_check('replies', 'html');
+            $validations[] = run_table_check('quick_help_sections', 70);
+            $validations[] = run_column_check('quick_help_sections', 'id', 70);
+            $validations[] = run_column_check('quick_help_sections', 'location', 70);
+            $validations[] = run_column_check('quick_help_sections', 'show', 70);
+            $validations[] = run_table_check('text_to_status_xref', 76);
+            $validations[] = run_column_check('text_to_status_xref', 'id', 76);
+            $validations[] = run_column_check('text_to_status_xref', 'language', 76);
+            $validations[] = run_column_check('text_to_status_xref', 'text', 76);
+            $validations[] = run_column_check('text_to_status_xref', 'status_id', 76);
+            $validations[] = run_column_check('statuses', 'sort', 77);
+            $validations[] = run_column_check('attachments', 'download_count', 80);
+            $validations[] = run_column_check('kb_attachments', 'download_count', 81);
+            $validations[] = run_column_check('tickets', 'html', 82);
+            $validations[] = run_column_check('stage_tickets', 'html', 83);
+            $validations[] = run_column_check('replies', 'html', 84);
             output_header_row('2.5.0');
-            $all_good &= run_column_check('tickets', 'user_agent');
-            $all_good &= run_column_check('tickets', 'screen_resolution_width');
-            $all_good &= run_column_check('tickets', 'screen_resolution_height');
-            $all_good &= run_column_check('stage_tickets', 'user_agent');
-            $all_good &= run_column_check('stage_tickets', 'screen_resolution_width');
-            $all_good &= run_column_check('stage_tickets', 'screen_resolution_height');
+            $validations[] = run_column_check('tickets', 'user_agent', 89);
+            $validations[] = run_column_check('tickets', 'screen_resolution_width', 91);
+            $validations[] = run_column_check('tickets', 'screen_resolution_height', 92);
+            $validations[] = run_column_check('stage_tickets', 'user_agent', 90);
+            $validations[] = run_column_check('stage_tickets', 'screen_resolution_width', 93);
+            $validations[] = run_column_check('stage_tickets', 'screen_resolution_height', 94);
+            $validations[] = run_setting_check('navbar_title_url', 96);
             output_header_row('2.6.0');
-            $all_good &= run_table_check('logging');
-            $all_good &= run_column_check('logging', 'id');
-            $all_good &= run_column_check('logging', 'username');
-            $all_good &= run_column_check('logging', 'message');
-            $all_good &= run_column_check('logging', 'severity');
-            $all_good &= run_column_check('logging', 'location');
-            $all_good &= run_column_check('logging', 'timestamp');
-            $all_good &= run_table_check('user_api_tokens');
-            $all_good &= run_column_check('user_api_tokens', 'id');
-            $all_good &= run_column_check('user_api_tokens', 'user_id');
-            $all_good &= run_column_check('user_api_tokens', 'token');
-            $all_good &= run_table_check('temp_attachment');
-            $all_good &= run_column_check('temp_attachment', 'id');
-            $all_good &= run_column_check('temp_attachment', 'file_name');
-            $all_good &= run_column_check('temp_attachment', 'saved_name');
-            $all_good &= run_column_check('temp_attachment', 'size');
-            $all_good &= run_column_check('temp_attachment', 'type');
-            $all_good &= run_column_check('temp_attachment', 'date_uploaded');
-            $all_good &= run_table_check('calendar_event');
-            $all_good &= run_column_check('calendar_event', 'id');
-            $all_good &= run_column_check('calendar_event', 'start');
-            $all_good &= run_column_check('calendar_event', 'end');
-            $all_good &= run_column_check('calendar_event', 'all_day');
-            $all_good &= run_column_check('calendar_event', 'name');
-            $all_good &= run_column_check('calendar_event', 'location');
-            $all_good &= run_column_check('calendar_event', 'comments');
-            $all_good &= run_column_check('calendar_event', 'category');
-            $all_good &= run_table_check('calendar_event_reminder');
-            $all_good &= run_column_check('calendar_event_reminder', 'id');
-            $all_good &= run_column_check('calendar_event_reminder', 'user_id');
-            $all_good &= run_column_check('calendar_event_reminder', 'event_id');
-            $all_good &= run_column_check('calendar_event_reminder', 'amount');
-            $all_good &= run_column_check('calendar_event_reminder', 'unit');
-            $all_good &= run_column_check('calendar_event_reminder', 'email_sent');
-            $all_good &= run_column_check('tickets', 'due_date');
-            $all_good &= run_column_check('tickets', 'overdue_email_sent');
-            $all_good &= run_column_check('categories', 'usage');
-            $all_good &= run_column_check('users', 'notify_overdue_unassigned');
-            $all_good &= run_column_check('users', 'default_calendar_view');
+            $validations[] = run_table_check('logging', 105);
+            $validations[] = run_column_check('logging', 'id', 105);
+            $validations[] = run_column_check('logging', 'username', 105);
+            $validations[] = run_column_check('logging', 'message', 105);
+            $validations[] = run_column_check('logging', 'severity', 105);
+            $validations[] = run_column_check('logging', 'location', 105);
+            $validations[] = run_column_check('logging', 'timestamp', 105);
+            $validations[] = run_table_check('user_api_tokens', 103);
+            $validations[] = run_column_check('user_api_tokens', 'id', 103);
+            $validations[] = run_column_check('user_api_tokens', 'user_id', 103);
+            $validations[] = run_column_check('user_api_tokens', 'token', 103);
+            $validations[] = run_setting_check('public_api', 104);
+            $validations[] = run_table_check('temp_attachment', 106);
+            $validations[] = run_column_check('temp_attachment', 'id', 106);
+            $validations[] = run_column_check('temp_attachment', 'file_name', 106);
+            $validations[] = run_column_check('temp_attachment', 'saved_name', 106);
+            $validations[] = run_column_check('temp_attachment', 'size', 106);
+            $validations[] = run_column_check('temp_attachment', 'type', 106);
+            $validations[] = run_column_check('temp_attachment', 'date_uploaded', 106);
+            $validations[] = run_table_check('calendar_event', 107);
+            $validations[] = run_column_check('calendar_event', 'id', 107);
+            $validations[] = run_column_check('calendar_event', 'start', 107);
+            $validations[] = run_column_check('calendar_event', 'end', 107);
+            $validations[] = run_column_check('calendar_event', 'all_day', 107);
+            $validations[] = run_column_check('calendar_event', 'name', 107);
+            $validations[] = run_column_check('calendar_event', 'location', 107);
+            $validations[] = run_column_check('calendar_event', 'comments', 107);
+            $validations[] = run_column_check('calendar_event', 'category', 107);
+            $validations[] = run_table_check('calendar_event_reminder', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'id', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'user_id', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'event_id', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'amount', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'unit', 108);
+            $validations[] = run_column_check('calendar_event_reminder', 'email_sent', 108);
+            $validations[] = run_column_check('tickets', 'due_date', 109);
+            $validations[] = run_column_check('tickets', 'overdue_email_sent', 110);
+            $validations[] = run_column_check('categories', 'usage', 112);
+            $validations[] = run_column_check('users', 'notify_overdue_unassigned', 113);
+            $validations[] = run_column_check('users', 'default_calendar_view', 114);
             output_header_row('2.6.2');
-            $all_good &= run_column_check('stage_tickets', 'due_date');
-            $all_good &= run_column_check('stage_tickets', 'overdue_email_sent');
+            $validations[] = run_column_check('stage_tickets', 'due_date');
+            $validations[] = run_column_check('stage_tickets', 'overdue_email_sent');
             output_header_row('3.1.0');
-            $all_good &= run_column_check('categories', 'background_color');
-            $all_good &= run_column_check('categories', 'foreground_color');
-            $all_good &= run_column_check('categories', 'display_border_outline');
-            $all_good &= run_column_check('logging', 'stack_trace');
-            $all_good &= run_table_check('custom_nav_element');
-            $all_good &= run_column_check('custom_nav_element', 'id');
-            $all_good &= run_column_check('custom_nav_element', 'image_url');
-            $all_good &= run_column_check('custom_nav_element', 'font_icon');
-            $all_good &= run_column_check('custom_nav_element', 'place');
-            $all_good &= run_column_check('custom_nav_element', 'url');
-            $all_good &= run_column_check('custom_nav_element', 'sort');
-            $all_good &= run_table_check('custom_nav_element_to_text');
-            $all_good &= run_column_check('custom_nav_element_to_text', 'id');
-            $all_good &= run_column_check('custom_nav_element_to_text', 'nav_element_id');
-            $all_good &= run_column_check('custom_nav_element_to_text', 'language');
-            $all_good &= run_column_check('custom_nav_element_to_text', 'text');
-            $all_good &= run_column_check('custom_nav_element_to_text', 'subtext');
-            $all_good &= run_setting_check('admin_navbar_background');
-            $all_good &= run_setting_check('admin_navbar_background_hover');
-            $all_good &= run_setting_check('admin_navbar_text');
-            $all_good &= run_setting_check('admin_navbar_text_hover');
-            $all_good &= run_setting_check('admin_navbar_brand_background');
-            $all_good &= run_setting_check('admin_navbar_brand_background_hover');
-            $all_good &= run_setting_check('admin_navbar_brand_text');
-            $all_good &= run_setting_check('admin_navbar_brand_text_hover');
-            $all_good &= run_setting_check('admin_sidebar_background');
-            $all_good &= run_setting_check('admin_sidebar_background_hover');
-            $all_good &= run_setting_check('admin_sidebar_text');
-            $all_good &= run_setting_check('admin_sidebar_text_hover');
-            $all_good &= run_setting_check('admin_sidebar_font_weight');
-            $all_good &= run_setting_check('admin_sidebar_header_background');
-            $all_good &= run_setting_check('admin_sidebar_header_text');
+            $validations[] = run_column_check('categories', 'background_color');
+            $validations[] = run_column_check('categories', 'foreground_color');
+            $validations[] = run_column_check('categories', 'display_border_outline');
+            $validations[] = run_column_check('logging', 'stack_trace');
+            $validations[] = run_table_check('custom_nav_element');
+            $validations[] = run_column_check('custom_nav_element', 'id');
+            $validations[] = run_column_check('custom_nav_element', 'image_url');
+            $validations[] = run_column_check('custom_nav_element', 'font_icon');
+            $validations[] = run_column_check('custom_nav_element', 'place');
+            $validations[] = run_column_check('custom_nav_element', 'url');
+            $validations[] = run_column_check('custom_nav_element', 'sort');
+            $validations[] = run_table_check('custom_nav_element_to_text');
+            $validations[] = run_column_check('custom_nav_element_to_text', 'id');
+            $validations[] = run_column_check('custom_nav_element_to_text', 'nav_element_id');
+            $validations[] = run_column_check('custom_nav_element_to_text', 'language');
+            $validations[] = run_column_check('custom_nav_element_to_text', 'text');
+            $validations[] = run_column_check('custom_nav_element_to_text', 'subtext');
+            $validations[] = run_setting_check('admin_navbar_background');
+            $validations[] = run_setting_check('admin_navbar_background_hover');
+            $validations[] = run_setting_check('admin_navbar_text');
+            $validations[] = run_setting_check('admin_navbar_text_hover');
+            $validations[] = run_setting_check('admin_navbar_brand_background');
+            $validations[] = run_setting_check('admin_navbar_brand_background_hover');
+            $validations[] = run_setting_check('admin_navbar_brand_text');
+            $validations[] = run_setting_check('admin_navbar_brand_text_hover');
+            $validations[] = run_setting_check('admin_sidebar_background');
+            $validations[] = run_setting_check('admin_sidebar_background_hover');
+            $validations[] = run_setting_check('admin_sidebar_text');
+            $validations[] = run_setting_check('admin_sidebar_text_hover');
+            $validations[] = run_setting_check('admin_sidebar_font_weight');
+            $validations[] = run_setting_check('admin_sidebar_header_background');
+            $validations[] = run_setting_check('admin_sidebar_header_text');
             output_header_row('3.2.0');
-            $all_good &= run_table_check('audit_trail');
-            $all_good &= run_table_check('audit_trail_to_replacement_values');
-            $all_good &= run_column_check('categories', 'mfh_description');
-            $all_good &= run_column_check('custom_fields', 'mfh_description');
-            $all_good &= run_setting_check('migrationNumber');
+            $validations[] = run_table_check('audit_trail');
+            $validations[] = run_table_check('audit_trail_to_replacement_values');
+            $validations[] = run_column_check('categories', 'mfh_description');
+            $validations[] = run_column_check('custom_fields', 'mfh_description');
+            $validations[] = run_setting_check('migrationNumber');
             output_header_row('3.3.0');
-            $all_good &= run_table_check('mfh_calendar_business_hours');
+            $validations[] = run_table_check('mfh_calendar_business_hours');
 
-            if ($all_good) {
+            if ($checks) {
                 echo "<script>$('#all-good').show()</script>";
             } else {
                 echo "<script>$('#not-good').show()</script>";
@@ -222,36 +277,50 @@ hesk_dbConnect();
 </body>
 </html>
 <?php
-function run_setting_check($setting_name) {
-    global $hesk_settings;
+function run_setting_check($setting_name, $minimumValidationNumber) {
+    global $hesk_settings, $startingValidationNumber;
 
-    $res = run_check("SELECT 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = '{$setting_name}'");
-	$all_good = hesk_dbNumRows($res) > 0;
-
-    output_result('<b>Setting Exists</b>: ' . $setting_name, $all_good);
-
-    return $all_good !== false;
-}
-
-function run_table_check($table_name) {
-    return run_column_check($table_name, '1');
-}
-
-function run_column_check($table_name, $column_name) {
-    global $hesk_settings;
-
-    if ($column_name == '1') {
-        $all_good = run_check('SELECT ' . $column_name . ' FROM `' . $hesk_settings['db_pfix'] . $table_name . '` LIMIT 1');
-
-        output_result('<b>Table Exists</b>: ' . $table_name,
-            $all_good);
+    if ($startingValidationNumber < $minimumValidationNumber) {
+        $checks = 'SKIPPED';
     } else {
-        $all_good = run_check('SELECT `' . $column_name . '` FROM `' . $hesk_settings['db_pfix'] . $table_name . '` LIMIT 1');
-        output_result('<b>Column Exists</b>: ' . $table_name . '.' . $column_name,
-            $all_good);
+        $res = run_check("SELECT 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = '{$setting_name}'");
+        $checks = hesk_dbNumRows($res) > 0;
     }
 
-    return $all_good !== false;
+    output_result('<b>Setting Exists</b>: ' . $setting_name, $checks);
+
+    return $checks !== false;
+}
+
+function run_table_check($table_name, $minimumValidationNumber) {
+
+    return run_column_check($table_name, '1', $minimumValidationNumber);
+}
+
+function run_column_check($table_name, $column_name, $minimumValidationNumber) {
+    global $hesk_settings, $startingValidationNumber;
+
+    if ($column_name == '1') {
+        if ($startingValidationNumber < $minimumValidationNumber) {
+            $checks = 'SKIPPED';
+        } else {
+            $checks = run_check('SELECT ' . $column_name . ' FROM `' . $hesk_settings['db_pfix'] . $table_name . '` LIMIT 1');
+        }
+
+        output_result('<b>Table Exists</b>: ' . $table_name,
+            $checks);
+    } else {
+        if ($startingValidationNumber < $minimumValidationNumber) {
+            $checks = 'SKIPPED';
+        } else {
+            $checks = run_check('SELECT `' . $column_name . '` FROM `' . $hesk_settings['db_pfix'] . $table_name . '` LIMIT 1');
+        }
+
+        output_result('<b>Column Exists</b>: ' . $table_name . '.' . $column_name,
+            $checks);
+    }
+
+    return $checks !== false;
 }
 
 function run_check($sql) {
@@ -263,23 +332,31 @@ function run_check($sql) {
         }
         $hesk_last_query = $sql;
 
-        return @mysqli_query($hesk_db_link, $sql);
+        return @mysqli_query($hesk_db_link, $sql) ? 'PASS' : 'FAIL';
     } else {
         if (!$hesk_db_link && !hesk_dbConnect()) {
             return false;
         }
         $hesk_last_query = $sql;
 
-        return $res = @mysql_query($sql, $hesk_db_link);
+        return $res = @mysql_query($sql, $hesk_db_link) ? 'PASS' : 'FAIL';
     }
 }
 
-function output_result($change_title, $success) {
-    $css_color = 'success';
-    $text = '<span data-toggle="tooltip" title="This looks good!"><i class="fa fa-check-circle"></i> Success</span>';
-    if (!$success) {
-        $css_color = 'danger';
-        $text = '<span data-toggle="tooltip" title="Oh no! Something isn\'t right."><i class="fa fa-times-circle"></i> Failure</span>';
+function output_result($change_title, $status) {
+    switch ($status) {
+        case 'PASS':
+            $css_color = 'success';
+            $text = '<span data-toggle="tooltip" title="This looks good!"><i class="fa fa-check-circle"></i> Success</span>';
+            break;
+        case 'FAIL':
+            $css_color = 'danger';
+            $text = '<span data-toggle="tooltip" title="Oh no! Something isn\'t right."><i class="fa fa-times-circle"></i> Failure</span>';
+            break;
+        case 'SKIPPED':
+            $css_color = 'default';
+            $text = '<span data-toggle="tooltip" title="Skipped - You are not running a new enough version of Mods for HESK."><i class="fa-minus-circle"></i> Skipped</span>';
+            break;
     }
 
     $formatted_text = sprintf('<tr class="'.$css_color.'"><td>%s</td><td style="color: %s">%s</td></tr>', $change_title, $css_color, $text);

From 22ecc4804efe51bd3f188d5384579603bbc3a4e6 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 4 Feb 2018 21:16:18 -0500
Subject: [PATCH 56/74] Improve the validator

---
 install/database-validation.php | 158 +++++++++++++++++++++-----------
 install/index.php               |   2 +-
 2 files changed, 105 insertions(+), 55 deletions(-)

diff --git a/install/database-validation.php b/install/database-validation.php
index 8f47a9c9..d90aa816 100644
--- a/install/database-validation.php
+++ b/install/database-validation.php
@@ -21,7 +21,7 @@ if (hesk_dbNumRows($tableSql) > 0) {
     // They have installed at LEAST to version 1.6.0. Just pull the version number OR migration number
     $migrationNumberSql = hesk_dbQuery("SELECT `Value` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = 'migrationNumber'");
     if ($migrationRow = hesk_dbFetchAssoc($migrationNumberSql)) {
-        $startingValidationNumber = intval($migrationRow['Value']) + 1;
+        $startingValidationNumber = intval($migrationRow['Value']);
     } else {
         $versionSql = hesk_dbQuery("SELECT `Value` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = 'modsForHeskVersion'");
         $versionRow = hesk_dbFetchAssoc($versionSql);
@@ -79,12 +79,11 @@ if (hesk_dbNumRows($tableSql) > 0) {
 <div class="container">
     <div class="page-header">
         <h1>Mods for HESK Database Validation</h1>
-        <p>The database validation tool will check your database setup to ensure that everything is set up correctly.
-        As of this time, the database validator assumes you are running the latest version of Mods for HESK (<?php echo MODS_FOR_HESK_NEW_VERSION; ?>)</p>
+        <p>The database validation tool will check your database setup to ensure that everything is set up correctly.</p>
     </div>
     <div class="panel panel-success" id="all-good" style="display: none">
         <div class="panel-heading">
-            <h4>Success</h4>
+            <h4><i class="fa fa-check-circle"></i> Success</h4>
         </div>
         <div class="panel-body text-center">
             <i class="fa fa-check-circle fa-4x" style="color: green"></i><br>
@@ -101,6 +100,14 @@ if (hesk_dbNumRows($tableSql) > 0) {
             <a href="https://developers.phpjunkyard.com/viewforum.php?f=19" target="_blank">PHP Junkyard Forums</a> with this information for assistance.</h4>
         </div>
     </div>
+    <div class="panel panel-warning" id="some-skipped" style="display: none">
+        <div class="panel-heading">
+            <h4><i class="fa fa-exclamation-triangle"></i> Some Checks Skipped</h4>
+        </div>
+        <div class="panel-body">
+            You are not running the latest version of Mods for HESK, so some checks have been skipped.
+        </div>
+    </div>
     <div class="panel panel-default">
         <div class="panel-heading">
             <h4>Results</h4>
@@ -219,56 +226,87 @@ if (hesk_dbNumRows($tableSql) > 0) {
             $validations[] = run_column_check('categories', 'usage', 112);
             $validations[] = run_column_check('users', 'notify_overdue_unassigned', 113);
             $validations[] = run_column_check('users', 'default_calendar_view', 114);
+            $validations[] = run_setting_check('enable_calendar', 115);
+            $validations[] = run_setting_check('first_day_of_week', 116);
+            $validations[] = run_setting_check('default_calendar_view', 117);
             output_header_row('2.6.2');
-            $validations[] = run_column_check('stage_tickets', 'due_date');
-            $validations[] = run_column_check('stage_tickets', 'overdue_email_sent');
+            $validations[] = run_column_check('stage_tickets', 'due_date', 122);
+            $validations[] = run_column_check('stage_tickets', 'overdue_email_sent', 123);
             output_header_row('3.1.0');
-            $validations[] = run_column_check('categories', 'background_color');
-            $validations[] = run_column_check('categories', 'foreground_color');
-            $validations[] = run_column_check('categories', 'display_border_outline');
-            $validations[] = run_column_check('logging', 'stack_trace');
-            $validations[] = run_table_check('custom_nav_element');
-            $validations[] = run_column_check('custom_nav_element', 'id');
-            $validations[] = run_column_check('custom_nav_element', 'image_url');
-            $validations[] = run_column_check('custom_nav_element', 'font_icon');
-            $validations[] = run_column_check('custom_nav_element', 'place');
-            $validations[] = run_column_check('custom_nav_element', 'url');
-            $validations[] = run_column_check('custom_nav_element', 'sort');
-            $validations[] = run_table_check('custom_nav_element_to_text');
-            $validations[] = run_column_check('custom_nav_element_to_text', 'id');
-            $validations[] = run_column_check('custom_nav_element_to_text', 'nav_element_id');
-            $validations[] = run_column_check('custom_nav_element_to_text', 'language');
-            $validations[] = run_column_check('custom_nav_element_to_text', 'text');
-            $validations[] = run_column_check('custom_nav_element_to_text', 'subtext');
-            $validations[] = run_setting_check('admin_navbar_background');
-            $validations[] = run_setting_check('admin_navbar_background_hover');
-            $validations[] = run_setting_check('admin_navbar_text');
-            $validations[] = run_setting_check('admin_navbar_text_hover');
-            $validations[] = run_setting_check('admin_navbar_brand_background');
-            $validations[] = run_setting_check('admin_navbar_brand_background_hover');
-            $validations[] = run_setting_check('admin_navbar_brand_text');
-            $validations[] = run_setting_check('admin_navbar_brand_text_hover');
-            $validations[] = run_setting_check('admin_sidebar_background');
-            $validations[] = run_setting_check('admin_sidebar_background_hover');
-            $validations[] = run_setting_check('admin_sidebar_text');
-            $validations[] = run_setting_check('admin_sidebar_text_hover');
-            $validations[] = run_setting_check('admin_sidebar_font_weight');
-            $validations[] = run_setting_check('admin_sidebar_header_background');
-            $validations[] = run_setting_check('admin_sidebar_header_text');
+            $validations[] = run_column_check('logging', 'stack_trace', 140);
+            $validations[] = run_column_check('categories', 'background_color', 145);
+            $validations[] = run_column_check('categories', 'foreground_color', 143);
+            $validations[] = run_column_check('categories', 'display_border_outline', 144);
+            $validations[] = run_table_check('custom_nav_element', 141);
+            $validations[] = run_column_check('custom_nav_element', 'id', 141);
+            $validations[] = run_column_check('custom_nav_element', 'image_url', 141);
+            $validations[] = run_column_check('custom_nav_element', 'font_icon', 141);
+            $validations[] = run_column_check('custom_nav_element', 'place', 141);
+            $validations[] = run_column_check('custom_nav_element', 'url', 141);
+            $validations[] = run_column_check('custom_nav_element', 'sort', 141);
+            $validations[] = run_table_check('custom_nav_element_to_text', 142);
+            $validations[] = run_column_check('custom_nav_element_to_text', 'id', 142);
+            $validations[] = run_column_check('custom_nav_element_to_text', 'nav_element_id', 142);
+            $validations[] = run_column_check('custom_nav_element_to_text', 'language', 142);
+            $validations[] = run_column_check('custom_nav_element_to_text', 'text', 142);
+            $validations[] = run_column_check('custom_nav_element_to_text', 'subtext', 142);
+            $validations[] = run_setting_check('admin_navbar_background', 151);
+            $validations[] = run_setting_check('admin_navbar_background_hover', 151);
+            $validations[] = run_setting_check('admin_navbar_text', 151);
+            $validations[] = run_setting_check('admin_navbar_text_hover', 151);
+            $validations[] = run_setting_check('admin_navbar_brand_background', 151);
+            $validations[] = run_setting_check('admin_navbar_brand_background_hover', 151);
+            $validations[] = run_setting_check('admin_navbar_brand_text', 151);
+            $validations[] = run_setting_check('admin_navbar_brand_text_hover', 151);
+            $validations[] = run_setting_check('admin_sidebar_background', 151);
+            $validations[] = run_setting_check('admin_sidebar_background_hover', 151);
+            $validations[] = run_setting_check('admin_sidebar_text', 151);
+            $validations[] = run_setting_check('admin_sidebar_text_hover', 151);
+            $validations[] = run_setting_check('admin_sidebar_font_weight', 151);
+            $validations[] = run_setting_check('admin_sidebar_header_background', 151);
+            $validations[] = run_setting_check('admin_sidebar_header_text', 151);
+            $validations[] = run_setting_check('login_background_type', 146);
+            $validations[] = run_setting_check('login_background', 147);
+            $validations[] = run_setting_check('login_box_header', 148);
+            $validations[] = run_setting_check('login_box_header_image', 149);
+            $validations[] = run_setting_check('api_url_rewrite', 150);
             output_header_row('3.2.0');
-            $validations[] = run_table_check('audit_trail');
-            $validations[] = run_table_check('audit_trail_to_replacement_values');
-            $validations[] = run_column_check('categories', 'mfh_description');
-            $validations[] = run_column_check('custom_fields', 'mfh_description');
-            $validations[] = run_setting_check('migrationNumber');
+            $validations[] = run_table_check('audit_trail', 156);
+            $validations[] = run_table_check('audit_trail_to_replacement_values', 157);
+            $validations[] = run_column_check('categories', 'mfh_description', 154);
+            $validations[] = run_column_check('custom_fields', 'mfh_description', 155);
+            $validations[] = run_setting_check('migrationNumber', 158);
             output_header_row('3.3.0');
-            $validations[] = run_table_check('mfh_calendar_business_hours');
+            $validations[] = run_table_check('mfh_service_message_to_location', 164);
+            $validations[] = run_column_check('mfh_service_message_to_location', 'service_message_id', 164);
+            $validations[] = run_column_check('mfh_service_message_to_location', 'location', 164);
+            $validations[] = run_column_check('service_messages', 'mfh_language', 166);
+            $validations[] = run_table_check('mfh_calendar_business_hours', 167);
+            $validations[] = run_setting_check('calendar_show_start_time', 169);
+            $validations[] = run_setting_check('calendar_show_start_time', 999);
 
-            if ($checks) {
+            $passed = false;
+            $failed = false;
+            $skipped = false;
+            foreach ($validations as $validation) {
+                if ($validation === 'SKIPPED') {
+                    $skipped = true;
+                } elseif ($validation === 'FAIL') {
+                    $failed = true;
+                } else if ($validation === 'PASS') {
+                    $passed = true;
+                }
+            }
+
+            if ($passed && !$failed) {
                 echo "<script>$('#all-good').show()</script>";
-            } else {
+            } elseif ($failed) {
                 echo "<script>$('#not-good').show()</script>";
             }
+
+            if ($skipped) {
+                echo "<script>$('#some-skipped').show()</script>";
+            }
             ?>
             </tbody>
         </table>
@@ -283,13 +321,13 @@ function run_setting_check($setting_name, $minimumValidationNumber) {
     if ($startingValidationNumber < $minimumValidationNumber) {
         $checks = 'SKIPPED';
     } else {
-        $res = run_check("SELECT 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = '{$setting_name}'");
-        $checks = hesk_dbNumRows($res) > 0;
+        $res = run_check("SELECT 1 FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` WHERE `Key` = '{$setting_name}'", false);
+        $checks = hesk_dbNumRows($res) > 0 ? 'PASS' : 'FAIL';
     }
 
     output_result('<b>Setting Exists</b>: ' . $setting_name, $checks);
 
-    return $checks !== false;
+    return $checks;
 }
 
 function run_table_check($table_name, $minimumValidationNumber) {
@@ -320,10 +358,10 @@ function run_column_check($table_name, $column_name, $minimumValidationNumber) {
             $checks);
     }
 
-    return $checks !== false;
+    return $checks;
 }
 
-function run_check($sql) {
+function run_check($sql, $returnString = true) {
     global $hesk_last_query;
     global $hesk_db_link;
     if (function_exists('mysqli_connect')) {
@@ -332,14 +370,23 @@ function run_check($sql) {
         }
         $hesk_last_query = $sql;
 
-        return @mysqli_query($hesk_db_link, $sql) ? 'PASS' : 'FAIL';
+        if ($returnString) {
+            return @mysqli_query($hesk_db_link, $sql) ? 'PASS' : 'FAIL';
+        } else {
+            return @mysqli_query($hesk_db_link, $sql);
+        }
+
     } else {
         if (!$hesk_db_link && !hesk_dbConnect()) {
             return false;
         }
         $hesk_last_query = $sql;
 
-        return $res = @mysql_query($sql, $hesk_db_link) ? 'PASS' : 'FAIL';
+        if ($returnString) {
+            return $res = @mysql_query($sql, $hesk_db_link) ? 'PASS' : 'FAIL';
+        } else {
+            return $res = @mysql_query($sql, $hesk_db_link);
+        }
     }
 }
 
@@ -355,8 +402,11 @@ function output_result($change_title, $status) {
             break;
         case 'SKIPPED':
             $css_color = 'default';
-            $text = '<span data-toggle="tooltip" title="Skipped - You are not running a new enough version of Mods for HESK."><i class="fa-minus-circle"></i> Skipped</span>';
+            $text = '<span data-toggle="tooltip" title="Skipped - You are not running a new enough version of Mods for HESK."><i class="fa fa-minus-circle"></i> Skipped</span>';
             break;
+        default:
+            $css_color = 'danger';
+            $text = 'WTF?! ' . $status;
     }
 
     $formatted_text = sprintf('<tr class="'.$css_color.'"><td>%s</td><td style="color: %s">%s</td></tr>', $change_title, $css_color, $text);
diff --git a/install/index.php b/install/index.php
index a669070e..699e5c9b 100644
--- a/install/index.php
+++ b/install/index.php
@@ -100,7 +100,7 @@ if (HESK_NEW_VERSION != $hesk_settings['hesk_version']) {
             </div>
             <?php if ($installMismatch): ?>
             <div class="text-center">
-                <h4>You need to be running HESK 2.7.3 to install Mods for HESK. You currently have HESK <?php echo $hesk_settings['hesk_version']; ?>.</h4>
+                <h4>You need to be running HESK <?php echo HESK_NEW_VERSION; ?> to install Mods for HESK. You currently have HESK <?php echo $hesk_settings['hesk_version']; ?>.</h4>
             </div>
             <?php else: // BEGIN INSTALL SCREENS ?>
             <div data-step="intro" class="login-box-msg">

From 71bb5af4354bda8d5b14a76704652dbc7a0db260 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 4 Feb 2018 22:10:40 -0500
Subject: [PATCH 57/74] Working on permission issues w/permission groups

---
 admin/manage_permission_groups.php | 48 +++++++++++++++++++++++-------
 1 file changed, 37 insertions(+), 11 deletions(-)

diff --git a/admin/manage_permission_groups.php b/admin/manage_permission_groups.php
index 3fd7eddc..1e397e29 100644
--- a/admin/manage_permission_groups.php
+++ b/admin/manage_permission_groups.php
@@ -185,11 +185,23 @@ function createEditModal($template, $features, $categories)
                                                 <?php
                                                 $checked = '';
                                                 if (in_array($category['id'], $enabledCategories)) {
-                                                    $checked = 'checked';
-                                                } ?>
+                                                    $checked = 'checked ';
+                                                }
+                                                if ((!hesk_SESSION('isadmin') &&
+                                                    !in_array($category['id'], $_SESSION['categories'])) ||
+                                                    $template['categories'] === 'ALL') {
+                                                    $disabled = ' disabled';
+                                                }?>
+                                                <?php if (in_array($category['id'], $_SESSION['categories'])): ?>
                                                 <input type="checkbox" name="categories[]"
-                                                       value="<?php echo $category['id']; ?>" <?php echo $checked . $disabled; ?>>
-                                                <?php echo $category['name']; ?>
+                                                       value="<?php echo $category['id']; ?>" <?php echo $checked . ' ' . $disabled; ?>>
+                                                <?php
+                                                    echo $category['name'];
+                                                endif;
+                                                if ($disabled != '' && $checked != ''): ?>
+                                                    <input type="hidden" name="categories[]"
+                                                           value="<?php echo $category['id']; ?>" <?php echo $checked; ?>>
+                                                <?php endif; ?>
                                             </label>
                                         </div>
                                     <?php endforeach; ?>
@@ -201,19 +213,33 @@ function createEditModal($template, $features, $categories)
 
                                 <div class="footerWithBorder blankSpace"></div>
                                 <div class="form-group">
-                                    <?php foreach ($features as $feature): ?>
+                                    <?php
+                                    $hiddenFields = '';
+                                    foreach ($features as $feature): ?>
+                                        <?php
+                                        $checked = '';
+                                        if (in_array($feature, $enabledFeatures)) {
+                                            $checked = 'checked ';
+                                        }
+                                        if ((!hesk_SESSION('isadmin') &&
+                                                !strpos($_SESSION['heskprivileges'], $feature) !== false) ||
+                                            $template['heskprivileges'] === 'ALL') {
+                                            $disabled = ' disabled';
+                                        }
+                                        if ($disabled != '' && $checked != ''):
+                                            $hiddenFields .= '<input type="hidden" name="features[]"
+                                                   value="' . $feature . '" ' . $checked . '>';
+                                        elseif (strpos($_SESSION['heskprivileges'], $feature) !== false):  ?>
                                         <div class="checkbox">
-                                            <label><?php
-                                                $checked = '';
-                                                if (in_array($feature, $enabledFeatures)) {
-                                                    $checked = 'checked';
-                                                } ?>
+                                            <label>
                                                 <input type="checkbox" name="features[]"
                                                        value="<?php echo $feature; ?>" <?php echo $checked . $disabled; ?>>
                                                 <?php echo $hesklang[$feature]; ?>
                                             </label>
                                         </div>
-                                    <?php endforeach; ?>
+                                        <?php endif;
+                                        endforeach;
+                                        echo $hiddenFields; ?>
                                     <div class="help-block with-errors"></div>
                                 </div>
                             </div>

From 4bd4eec53d2b02eb37b06fa9383d3ea8a9b31ae0 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Tue, 6 Feb 2018 22:04:16 -0500
Subject: [PATCH 58/74] Starting on fixing permission group creation/edit
 abilities

---
 admin/manage_permission_groups.php | 77 ++++++++++++++++--------------
 language/en/text.php               |  1 +
 2 files changed, 42 insertions(+), 36 deletions(-)

diff --git a/admin/manage_permission_groups.php b/admin/manage_permission_groups.php
index 1e397e29..4220ea3d 100644
--- a/admin/manage_permission_groups.php
+++ b/admin/manage_permission_groups.php
@@ -137,11 +137,9 @@ function createEditModal($template, $features, $categories)
 {
     global $hesklang;
 
-    $disabled = 'checked="checked" disabled';
     $enabledFeatures = array();
     $enabledCategories = array();
-    if ($template['heskprivileges'] != 'ALL') {
-        $disabled = '';
+    if ($template['heskprivileges'] !== 'ALL') {
         $enabledFeatures = explode(',', $template['heskprivileges']);
         $enabledCategories = explode(',', $template['categories']);
     }
@@ -157,6 +155,12 @@ function createEditModal($template, $features, $categories)
                         <h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_group'], $template['name']); ?></h4>
                     </div>
                     <div class="modal-body">
+                        <?php if ($template['id'] == 1): ?>
+                            <div class="alert alert-info">
+                                <i class="fa fa-info-circle"></i>
+                                <?php echo $hesklang['protected_group']; ?>
+                            </div>
+                        <?php endif; ?>
                         <div class="row">
                             <div class="form-group">
                                 <div class="col-sm-2">
@@ -179,32 +183,32 @@ function createEditModal($template, $features, $categories)
 
                                 <div class="footerWithBorder blankSpace"></div>
                                 <div class="form-group">
-                                    <?php foreach ($categories as $category): ?>
+                                    <?php
+                                    foreach ($categories as $category): ?>
+                                        <?php
+                                        $checked = '';
+                                        $disabled = '';
+                                        if (in_array($category['id'], $enabledCategories) ||
+                                            $template['categories'] == 'ALL') {
+                                            $checked = 'checked ';
+                                        }
+                                        if ((!hesk_SESSION('isadmin') &&
+                                                !in_array($category['id'], $_SESSION['categories'])) ||
+                                            $template['categories'] === 'ALL') {
+                                            $disabled = ' disabled';
+                                        }?>
+
+                                        <?php if (in_array($category['id'], $_SESSION['categories']) || $checked): ?>
                                         <div class="checkbox">
                                             <label>
-                                                <?php
-                                                $checked = '';
-                                                if (in_array($category['id'], $enabledCategories)) {
-                                                    $checked = 'checked ';
-                                                }
-                                                if ((!hesk_SESSION('isadmin') &&
-                                                    !in_array($category['id'], $_SESSION['categories'])) ||
-                                                    $template['categories'] === 'ALL') {
-                                                    $disabled = ' disabled';
-                                                }?>
-                                                <?php if (in_array($category['id'], $_SESSION['categories'])): ?>
                                                 <input type="checkbox" name="categories[]"
                                                        value="<?php echo $category['id']; ?>" <?php echo $checked . ' ' . $disabled; ?>>
-                                                <?php
-                                                    echo $category['name'];
-                                                endif;
-                                                if ($disabled != '' && $checked != ''): ?>
-                                                    <input type="hidden" name="categories[]"
-                                                           value="<?php echo $category['id']; ?>" <?php echo $checked; ?>>
-                                                <?php endif; ?>
+                                                <?php echo $category['name']; ?>
                                             </label>
                                         </div>
-                                    <?php endforeach; ?>
+                                        <?php
+                                        endif;
+                                    endforeach; ?>
                                     <div class="help-block with-errors"></div>
                                 </div>
                             </div>
@@ -214,22 +218,20 @@ function createEditModal($template, $features, $categories)
                                 <div class="footerWithBorder blankSpace"></div>
                                 <div class="form-group">
                                     <?php
-                                    $hiddenFields = '';
                                     foreach ($features as $feature): ?>
                                         <?php
                                         $checked = '';
-                                        if (in_array($feature, $enabledFeatures)) {
+                                        $disabled = '';
+                                        if (in_array($feature, $enabledFeatures) ||
+                                            $template['heskprivileges'] === 'ALL') {
                                             $checked = 'checked ';
                                         }
                                         if ((!hesk_SESSION('isadmin') &&
-                                                !strpos($_SESSION['heskprivileges'], $feature) !== false) ||
+                                                strpos($_SESSION['heskprivileges'], $feature) === false) ||
                                             $template['heskprivileges'] === 'ALL') {
                                             $disabled = ' disabled';
                                         }
-                                        if ($disabled != '' && $checked != ''):
-                                            $hiddenFields .= '<input type="hidden" name="features[]"
-                                                   value="' . $feature . '" ' . $checked . '>';
-                                        elseif (strpos($_SESSION['heskprivileges'], $feature) !== false):  ?>
+                                        if (strpos($_SESSION['heskprivileges'], $feature) !== false || $checked):  ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="features[]"
@@ -238,8 +240,7 @@ function createEditModal($template, $features, $categories)
                                             </label>
                                         </div>
                                         <?php endif;
-                                        endforeach;
-                                        echo $hiddenFields; ?>
+                                        endforeach; ?>
                                     <div class="help-block with-errors"></div>
                                 </div>
                             </div>
@@ -296,7 +297,9 @@ function buildCreateModal($features, $categories)
 
                                 <div class="footerWithBorder blankSpace"></div>
                                 <div class="form-group">
-                                    <?php foreach ($categories as $category): ?>
+                                    <?php
+                                    foreach ($categories as $category):
+                                        if (in_array($category['id'], $_SESSION['categories']) || hesk_SESSION('isadmin')): ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="categories[]"
@@ -306,7 +309,7 @@ function buildCreateModal($features, $categories)
                                                 <?php echo $category['name']; ?>
                                             </label>
                                         </div>
-                                    <?php endforeach; ?>
+                                    <?php endif; endforeach; ?>
                                     <div class="help-block with-errors"></div>
                                 </div>
                             </div>
@@ -315,7 +318,9 @@ function buildCreateModal($features, $categories)
 
                                 <div class="footerWithBorder blankSpace"></div>
                                 <div class="form-group">
-                                    <?php foreach ($features as $feature): ?>
+                                    <?php foreach ($features as $feature):
+                                        if (strpos($_SESSION['heskprivileges'], $feature) !== false || hesk_SESSION('isadmin')):
+                                        ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="features[]"
@@ -325,7 +330,7 @@ function buildCreateModal($features, $categories)
                                                 <?php echo $hesklang[$feature]; ?>
                                             </label>
                                         </div>
-                                    <?php endforeach; ?>
+                                    <?php endif; endforeach; ?>
                                     <div class="help-block with-errors"></div>
                                 </div>
                             </div>
diff --git a/language/en/text.php b/language/en/text.php
index 0de8b91c..a994fc6c 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2238,6 +2238,7 @@ $hesklang['show_event_start_time_help'] = 'Always show the start time on event t
 $hesklang['highlight_ticket_rows_based_on_priority'] = 'Highlight ticket rows based on priority';
 $hesklang['highlight_ticket_rows_based_on_priority_help'] = 'If enabled, each ticket on the tickets page will be highlighted based on priority. If disabled, only * Critical * and High priority tickets will be highlighted.';
 $hesklang['highlight_ticket_rows_based_on_priority_descr'] = 'Highlight all ticket rows based on priority';
+$hesklang['protected_group'] = 'This is a protected group; you cannot change accessible categories / features.';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 48b28fc3cdfdcb7d27ce39c2599a3947d66a5397 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 7 Feb 2018 22:03:55 -0500
Subject: [PATCH 59/74] Only modify permissions the user has access to

---
 admin/manage_permission_groups.php | 36 +++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/admin/manage_permission_groups.php b/admin/manage_permission_groups.php
index 4220ea3d..9eb410a0 100644
--- a/admin/manage_permission_groups.php
+++ b/admin/manage_permission_groups.php
@@ -365,7 +365,6 @@ function save()
         WHERE `id` = " . intval($templateId));
     $row = hesk_dbFetchAssoc($res);
 
-
     // Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
     $catArray = hesk_POST_array('categories');
     $featArray = hesk_POST_array('features');
@@ -380,6 +379,41 @@ function save()
     $features = implode(',', $featArray);
     $name = hesk_POST('name');
 
+    // Only allow users to add what they are allowed to add
+    // Admins can handle anything
+    if (!$_SESSION['isadmin']) {
+        // Update categories based on user visibility
+        $originalCategories = explode(',', $row['categories']);
+        $newCategories = array();
+        foreach ($originalCategories as $innerCategory) {
+            if (in_array($innerCategory, $catArray) && in_array($innerCategory, $_SESSION['categories'])) {
+                $newCategories[] = $innerCategory;
+            } elseif (!in_array($innerCategory, $catArray) && !in_array($innerCategory, $_SESSION['categories'])) {
+                // The user can't modify this, so keep it in
+                $newCategories[] = $innerCategory;
+            }
+            // If neither, the user removed it.
+        }
+
+        // Update features based on user visibility
+        $originalFeatures = explode(',', $row['features']);
+        $newFeatures = array();
+        foreach ($originalFeatures as $innerFeature) {
+            if (in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) !== false) {
+                $newFeatures[] = $innerFeature;
+            } elseif (!in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) === false) {
+                // The user can't modify this, so keep it in
+                $newFeatures[] = $innerFeature;
+            }
+            // If neither, the user removed it.
+        }
+
+        $categories = implode(',', $newCategories);
+        $features = implode(',', $newFeatures);
+    }
+
+
+
     hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
         SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
             `name` = '" . hesk_dbEscape($name) . "'

From 35ed664dfdef0ea48600b134a8030c08196a35d4 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 11 Feb 2018 22:00:44 -0500
Subject: [PATCH 60/74] Only allow users to modify permissions that they have
 access to

---
 admin/manage_permission_groups.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/admin/manage_permission_groups.php b/admin/manage_permission_groups.php
index 9eb410a0..9b9449ac 100644
--- a/admin/manage_permission_groups.php
+++ b/admin/manage_permission_groups.php
@@ -198,7 +198,7 @@ function createEditModal($template, $features, $categories)
                                             $disabled = ' disabled';
                                         }?>
 
-                                        <?php if (in_array($category['id'], $_SESSION['categories']) || $checked): ?>
+                                        <?php if ($_SESSION['isadmin'] || in_array($category['id'], $_SESSION['categories']) || $checked): ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="categories[]"
@@ -231,7 +231,7 @@ function createEditModal($template, $features, $categories)
                                             $template['heskprivileges'] === 'ALL') {
                                             $disabled = ' disabled';
                                         }
-                                        if (strpos($_SESSION['heskprivileges'], $feature) !== false || $checked):  ?>
+                                        if ($_SESSION['isadmin'] || strpos($_SESSION['heskprivileges'], $feature) !== false || $checked):  ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="features[]"
@@ -299,7 +299,7 @@ function buildCreateModal($features, $categories)
                                 <div class="form-group">
                                     <?php
                                     foreach ($categories as $category):
-                                        if (in_array($category['id'], $_SESSION['categories']) || hesk_SESSION('isadmin')): ?>
+                                        if (hesk_SESSION('isadmin') || in_array($category['id'], $_SESSION['categories'])): ?>
                                         <div class="checkbox">
                                             <label>
                                                 <input type="checkbox" name="categories[]"
@@ -396,7 +396,7 @@ function save()
         }
 
         // Update features based on user visibility
-        $originalFeatures = explode(',', $row['features']);
+        $originalFeatures = explode(',', $row['heskprivileges']);
         $newFeatures = array();
         foreach ($originalFeatures as $innerFeature) {
             if (in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) !== false) {

From 2b089f39074dd78f79de6e3d93c29845c722301a Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 11 Feb 2018 22:07:12 -0500
Subject: [PATCH 61/74] Minor UI changes

---
 admin/manage_permission_groups.php | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/admin/manage_permission_groups.php b/admin/manage_permission_groups.php
index 9b9449ac..42cdd736 100644
--- a/admin/manage_permission_groups.php
+++ b/admin/manage_permission_groups.php
@@ -80,14 +80,19 @@ while ($row = hesk_dbFetchAssoc($res)) {
             </div>
         </div>
         <div class="box-body">
-            <a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
-                <i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new_group']; ?>
-            </a>
+            <div class="text-right">
+                <a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
+                    <i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new']; ?>
+                </a>
+            </div>
+
             <table class="table table-striped">
                 <thead>
-                <th><?php echo $hesklang['name']; ?></th>
-                <th><?php echo $hesklang['number_of_users']; ?></th>
-                <th><?php echo $hesklang['actions']; ?></th>
+                <tr>
+                    <th><?php echo $hesklang['name']; ?></th>
+                    <th><?php echo $hesklang['number_of_users']; ?></th>
+                    <th><?php echo $hesklang['actions']; ?></th>
+                </tr>
                 </thead>
                 <tbody>
                 <?php foreach ($templates as $row): ?>
@@ -96,13 +101,13 @@ while ($row = hesk_dbFetchAssoc($res)) {
                         <td><?php echo getNumberOfUsersWithPermissionGroup($row['id']); ?></td>
                         <td>
                             <a href="#" data-toggle="modal" data-target="#modal-template-<?php echo $row['id'] ?>">
-                                <i class="fa fa-pencil icon-link" data-toggle="tooltip"
+                                <i class="fa fa-fw fa-pencil icon-link orange" data-toggle="tooltip"
                                    title="<?php echo $hesklang['view_permissions_for_this_group'] ?>"></i></a>
                             <?php
                             if ($row['id'] != 1 && $row['id'] != 2):
                                 ?>
                                 <a href="manage_permission_groups.php?a=delete&amp;id=<?php echo $row['id']; ?>">
-                                    <i class="fa fa-times icon-link red" data-toggle="tooltip"
+                                    <i class="fa fa-fw fa-times icon-link red" data-toggle="tooltip"
                                        title="<?php echo $hesklang['delete']; ?>"></i></a>
                             <?php endif; ?>
                         </td>

From 904202488d8891ebc8abf6583e15fa7d4ccb9a41 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Mon, 19 Feb 2018 12:40:12 -0500
Subject: [PATCH 62/74] Add an 'emails to receive' option for email custom
 fields

---
 admin/custom_fields.php | 40 ++++++++++++++++++++++++++++++++++++++--
 language/en/text.php    |  3 +++
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/admin/custom_fields.php b/admin/custom_fields.php
index 04917840..979f4114 100755
--- a/admin/custom_fields.php
+++ b/admin/custom_fields.php
@@ -519,7 +519,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 														<?php echo $hesklang['email_custom_field_label']; ?>
 													</label>
 													<div class="col-sm-8">
-														<?php $address_type = empty($value['email_type']) ? 'none' : $value['email_type']; ?>
+														<?php
+                                                        $address_type = empty($value['email_type']) ? 'none' : $value['email_type'];
+                                                        ?>
 														<div class="radio">
 															<label>
 																<input type="radio" name="email_type" value="none"
@@ -541,8 +543,41 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 																<?php echo $hesklang['bcc']; ?>
 															</label>
 														</div>
+                                                        <script>
+                                                            $('input[name="email_type"]').change(function() {
+                                                                if ($('input[name="email_type"]:checked').val() === 'none') {
+                                                                    $('#emails_to_receive').hide();
+                                                                } else {
+                                                                    $('#emails_to_receive').show();
+                                                                }
+                                                            });
+                                                        </script>
 													</div>
 												</div>
+                                                <div class="form-group" id="emails_to_receive" style="display: <?php if ($address_type === 'none') {echo 'none';} else {echo 'block';} ?>">
+                                                    <label for="staff_or_customer" class="col-sm-4 control-label">
+                                                        <?php echo $hesklang['emails_to_receive']; ?>
+                                                    </label>
+                                                    <div class="col-sm-8">
+                                                        <?php
+                                                        $emails_to_receive = empty($value['emails_to_receive']) ? array() : $value['emails_to_receive'];
+                                                        ?>
+                                                        <div class="checkbox">
+                                                            <label>
+                                                                <input type="checkbox" name="emails_to_receive[]" value="STAFF"
+                                                                       <?php if (in_array('STAFF', $emails_to_receive)) {echo 'checked';} ?>>
+                                                                <?php echo $hesklang['emails_sent_to_staff']; ?>
+                                                            </label>
+                                                        </div>
+                                                        <div class="checkbox">
+                                                            <label>
+                                                                <input type="checkbox" name="emails_to_receive[]" value="CUSTOMER"
+                                                                    <?php if (in_array('CUSTOMER', $emails_to_receive)) {echo 'checked';} ?>>
+                                                                <?php echo $hesklang['emails_sent_to_customer']; ?>
+                                                            </label>
+                                                        </div>
+                                                    </div>
+                                                </div>
 											</div>
 
 											<div id="hidden" style="display:<?php echo ($type == 'hidden') ? 'block' : 'none' ?>">
@@ -1250,7 +1285,8 @@ function cf_validate()
 		case 'email':
 			$cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0;
 			$cf['email_type'] = hesk_POST('email_type', 'none');
-			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']);
+			$cf['emails_to_receive'] = $cf['email_type'] === 'none' ? array() : hesk_POST_array('emails_to_receive', array());
+			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type'], 'emails_to_receive' => $cf['emails_to_receive']);
 			break;
 
 		case 'hidden':
diff --git a/language/en/text.php b/language/en/text.php
index a994fc6c..23fdbd79 100644
--- a/language/en/text.php
+++ b/language/en/text.php
@@ -2239,6 +2239,9 @@ $hesklang['highlight_ticket_rows_based_on_priority'] = 'Highlight ticket rows ba
 $hesklang['highlight_ticket_rows_based_on_priority_help'] = 'If enabled, each ticket on the tickets page will be highlighted based on priority. If disabled, only * Critical * and High priority tickets will be highlighted.';
 $hesklang['highlight_ticket_rows_based_on_priority_descr'] = 'Highlight all ticket rows based on priority';
 $hesklang['protected_group'] = 'This is a protected group; you cannot change accessible categories / features.';
+$hesklang['emails_to_receive'] = 'Emails to receive';
+$hesklang['emails_sent_to_staff'] = 'Emails sent to staff';
+$hesklang['emails_sent_to_customer'] = 'Emails sent to customer';
 
 // DO NOT CHANGE BELOW
 if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

From 81b27ddb2e6e5468a9bf7e557b3401b651ccbf3c Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Mon, 19 Feb 2018 13:03:34 -0500
Subject: [PATCH 63/74] Add cc/bcc to rest API, re-enable in email_functions

---
 admin/custom_fields.php                       | 36 +------------------
 api/BusinessLogic/Emails/Addressees.php       |  4 +--
 .../Tickets/CustomFields/CustomField.php      | 17 +++++++++
 api/BusinessLogic/Tickets/TicketCreator.php   | 21 ++++++++++-
 api/DataAccess/CommonDao.php                  |  2 +-
 .../CustomFields/CustomFieldsGateway.php      | 26 ++++++++++++++
 inc/email_functions.inc.php                   | 26 +++++++-------
 7 files changed, 80 insertions(+), 52 deletions(-)
 create mode 100644 api/BusinessLogic/Tickets/CustomFields/CustomField.php
 create mode 100644 api/DataAccess/CustomFields/CustomFieldsGateway.php

diff --git a/admin/custom_fields.php b/admin/custom_fields.php
index 979f4114..238804b0 100755
--- a/admin/custom_fields.php
+++ b/admin/custom_fields.php
@@ -543,41 +543,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
 																<?php echo $hesklang['bcc']; ?>
 															</label>
 														</div>
-                                                        <script>
-                                                            $('input[name="email_type"]').change(function() {
-                                                                if ($('input[name="email_type"]:checked').val() === 'none') {
-                                                                    $('#emails_to_receive').hide();
-                                                                } else {
-                                                                    $('#emails_to_receive').show();
-                                                                }
-                                                            });
-                                                        </script>
 													</div>
 												</div>
-                                                <div class="form-group" id="emails_to_receive" style="display: <?php if ($address_type === 'none') {echo 'none';} else {echo 'block';} ?>">
-                                                    <label for="staff_or_customer" class="col-sm-4 control-label">
-                                                        <?php echo $hesklang['emails_to_receive']; ?>
-                                                    </label>
-                                                    <div class="col-sm-8">
-                                                        <?php
-                                                        $emails_to_receive = empty($value['emails_to_receive']) ? array() : $value['emails_to_receive'];
-                                                        ?>
-                                                        <div class="checkbox">
-                                                            <label>
-                                                                <input type="checkbox" name="emails_to_receive[]" value="STAFF"
-                                                                       <?php if (in_array('STAFF', $emails_to_receive)) {echo 'checked';} ?>>
-                                                                <?php echo $hesklang['emails_sent_to_staff']; ?>
-                                                            </label>
-                                                        </div>
-                                                        <div class="checkbox">
-                                                            <label>
-                                                                <input type="checkbox" name="emails_to_receive[]" value="CUSTOMER"
-                                                                    <?php if (in_array('CUSTOMER', $emails_to_receive)) {echo 'checked';} ?>>
-                                                                <?php echo $hesklang['emails_sent_to_customer']; ?>
-                                                            </label>
-                                                        </div>
-                                                    </div>
-                                                </div>
 											</div>
 
 											<div id="hidden" style="display:<?php echo ($type == 'hidden') ? 'block' : 'none' ?>">
@@ -1285,8 +1252,7 @@ function cf_validate()
 		case 'email':
 			$cf['email_multi'] = hesk_POST('email_multi') ? 1 : 0;
 			$cf['email_type'] = hesk_POST('email_type', 'none');
-			$cf['emails_to_receive'] = $cf['email_type'] === 'none' ? array() : hesk_POST_array('emails_to_receive', array());
-			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type'], 'emails_to_receive' => $cf['emails_to_receive']);
+			$cf['value'] = array('multiple' => $cf['email_multi'], 'email_type' => $cf['email_type']);
 			break;
 
 		case 'hidden':
diff --git a/api/BusinessLogic/Emails/Addressees.php b/api/BusinessLogic/Emails/Addressees.php
index baa37ae5..1e2a4669 100644
--- a/api/BusinessLogic/Emails/Addressees.php
+++ b/api/BusinessLogic/Emails/Addressees.php
@@ -12,10 +12,10 @@ class Addressees extends \BaseClass {
     /**
      * @var $cc string[]|null
      */
-    public $cc;
+    public $cc = array();
 
     /**
      * @var $bcc string[]|null
      */
-    public $bcc;
+    public $bcc = array();
 }
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/CustomFields/CustomField.php b/api/BusinessLogic/Tickets/CustomFields/CustomField.php
new file mode 100644
index 00000000..142d842b
--- /dev/null
+++ b/api/BusinessLogic/Tickets/CustomFields/CustomField.php
@@ -0,0 +1,17 @@
+<?php
+namespace BusinessLogic\Tickets\CustomFields;
+
+
+class CustomField {
+    /* @var $id int */
+    public $id;
+
+    /* @var $name string */
+    public $name;
+
+    /* @var $type string */
+    public $type;
+
+    /* @var $properties array */
+    public $properties;
+}
\ No newline at end of file
diff --git a/api/BusinessLogic/Tickets/TicketCreator.php b/api/BusinessLogic/Tickets/TicketCreator.php
index 4175ce0e..160b922c 100644
--- a/api/BusinessLogic/Tickets/TicketCreator.php
+++ b/api/BusinessLogic/Tickets/TicketCreator.php
@@ -9,6 +9,7 @@ use BusinessLogic\Emails\EmailTemplateRetriever;
 use BusinessLogic\Exceptions\ValidationException;
 use BusinessLogic\Statuses\DefaultStatusForAction;
 use DataAccess\AuditTrail\AuditTrailGateway;
+use DataAccess\CustomFields\CustomFieldsGateway;
 use DataAccess\Security\UserGateway;
 use DataAccess\Settings\ModsForHeskSettingsGateway;
 use DataAccess\Statuses\StatusGateway;
@@ -61,6 +62,9 @@ class TicketCreator extends \BaseClass {
     /* @var $auditTrailGateway AuditTrailGateway */
     private $auditTrailGateway;
 
+    /* @var $customFieldsGateway CustomFieldsGateway */
+    private $customFieldsGateway;
+
     function __construct(NewTicketValidator $newTicketValidator,
                          TrackingIdGenerator $trackingIdGenerator,
                          Autoassigner $autoassigner,
@@ -70,7 +74,8 @@ class TicketCreator extends \BaseClass {
                          EmailSenderHelper $emailSenderHelper,
                          UserGateway $userGateway,
                          ModsForHeskSettingsGateway $modsForHeskSettingsGateway,
-                         AuditTrailGateway $auditTrailGateway) {
+                         AuditTrailGateway $auditTrailGateway,
+                         CustomFieldsGateway $customFieldsGateway) {
         $this->newTicketValidator = $newTicketValidator;
         $this->trackingIdGenerator = $trackingIdGenerator;
         $this->autoassigner = $autoassigner;
@@ -81,6 +86,7 @@ class TicketCreator extends \BaseClass {
         $this->userGateway = $userGateway;
         $this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
         $this->auditTrailGateway = $auditTrailGateway;
+        $this->customFieldsGateway = $customFieldsGateway;
     }
 
     /**
@@ -162,6 +168,19 @@ class TicketCreator extends \BaseClass {
         $addressees = new Addressees();
         $addressees->to = $ticket->email;
 
+        foreach ($ticket->customFields as $key => $value) {
+            $customField = $this->customFieldsGateway->getCustomField($key, $heskSettings);
+            if ($customField !== null &&
+                $customField->type === 'email' &&
+                $customField->properties['email_type'] !== 'none') {
+                if ($customField->properties['email_type'] === 'cc') {
+                    $addressees->cc[] = $value;
+                } elseif ($customField->properties['email_type'] === 'bcc') {
+                    $addressees->bcc[] = $value;
+                }
+            }
+        }
+
         if ($ticketRequest->sendEmailToCustomer && $emailVerified) {
             $this->emailSenderHelper->sendEmailForTicket(EmailTemplateRetriever::NEW_TICKET, $ticketRequest->language, $addressees, $ticket, $heskSettings, $modsForHeskSettings);
         } else if ($modsForHeskSettings['customer_email_verification_required'] && !$emailVerified) {
diff --git a/api/DataAccess/CommonDao.php b/api/DataAccess/CommonDao.php
index cb3f5b3e..dce640b8 100644
--- a/api/DataAccess/CommonDao.php
+++ b/api/DataAccess/CommonDao.php
@@ -11,7 +11,7 @@ class CommonDao extends \BaseClass {
      */
     function init() {
         if (!function_exists('hesk_dbConnect')) {
-            throw new Exception('Database not loaded!');
+            throw new \BaseException('Database not loaded!');
         }
         hesk_dbConnect();
     }
diff --git a/api/DataAccess/CustomFields/CustomFieldsGateway.php b/api/DataAccess/CustomFields/CustomFieldsGateway.php
new file mode 100644
index 00000000..fb52d6a9
--- /dev/null
+++ b/api/DataAccess/CustomFields/CustomFieldsGateway.php
@@ -0,0 +1,26 @@
+<?php
+namespace DataAccess\CustomFields;
+
+use BusinessLogic\Tickets\CustomFields\CustomField;
+use DataAccess\CommonDao;
+
+class CustomFieldsGateway extends CommonDao {
+    public function getCustomField($id, $heskSettings) {
+        $this->init();
+
+        $rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "custom_fields` WHERE `id` = " . intval($id));
+
+        if ($row = hesk_dbFetchAssoc($rs)) {
+            $customField = new CustomField();
+            $customField->id = $row['id'];
+            $names = json_decode($row['name'], true);
+            $customField->name = (isset($names[$hesk_settings['language']])) ? $names[$heskSettings['language']] : reset($names);
+            $customField->type = $row['type'];
+            $customField->properties = json_decode($row['value'], true);
+
+            return $customField;
+        } else {
+            return null;
+        }
+    }
+}
\ No newline at end of file
diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php
index 5483d121..48a6948d 100644
--- a/inc/email_functions.inc.php
+++ b/inc/email_functions.inc.php
@@ -50,20 +50,19 @@ function hesk_notifyCustomerForVerifyEmail($email_template = 'verify_email', $ac
     $ccEmails = array();
     $bccEmails = array();
 
-    //TODO Update the email custom field to handle this properly
-    /*foreach ($hesk_settings['custom_fields'] as $k => $v) {
+    foreach ($hesk_settings['custom_fields'] as $k => $v) {
         if ($v['use']) {
             if ($v['type'] == 'email' && !empty($ticket[$k])) {
-                if ($v['value'] == 'cc') {
+                if ($v['value']['email_type'] == 'cc') {
                     $emails = explode(',', $ticket[$k]);
                     array_push($ccEmails, $emails);
-                } elseif ($v['value'] == 'bcc') {
+                } elseif ($v['value']['email_type'] == 'bcc') {
                     $emails = explode(',', $ticket[$k]);
                     array_push($bccEmails, $emails);
                 }
             }
         }
-    }*/
+    }
 
     hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage);
 }
@@ -95,18 +94,19 @@ function hesk_notifyCustomer($modsForHesk_settings, $email_template = 'new_ticke
     $ccEmails = array();
     $bccEmails = array();
 
-    //TODO Update the email custom field to handle this properly
-    /*foreach ($hesk_settings['custom_fields'] as $k => $v) {
+    foreach ($hesk_settings['custom_fields'] as $k => $v) {
         if ($v['use']) {
-            if ($v['type'] == 'email' && !empty($ticket[$k])) {
-                if ($v['value'] == 'cc') {
-                    array_push($ccEmails, $ticket[$k]);
-                } elseif ($v['value'] == 'bcc') {
-                    array_push($bccEmails, $ticket[$k]);
+            if ($v['type'] == 'email' && !empty($ticket[$k]) && isset($v['value']['emails_to_receive'])) {
+                if ($v['value']['email_type'] == 'cc') {
+                    $emails = explode(',', $ticket[$k]);
+                    array_push($ccEmails, $emails);
+                } elseif ($v['value']['email_type'] == 'bcc') {
+                    $emails = explode(',', $ticket[$k]);
+                    array_push($bccEmails, $emails);
                 }
             }
         }
-    }*/
+    }
 
     // Send e-mail
     hesk_mail($ticket['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, $ccEmails, $bccEmails, $hasMessage);

From 275a1691d1ea259d3938a99b841df1de9312cb2f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Mon, 19 Feb 2018 22:01:42 -0500
Subject: [PATCH 64/74] cc/bcc fields work properly in api

---
 api/BusinessLogic/Emails/BasicEmailSender.php       | 6 ++++--
 api/DataAccess/CustomFields/CustomFieldsGateway.php | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/api/BusinessLogic/Emails/BasicEmailSender.php b/api/BusinessLogic/Emails/BasicEmailSender.php
index 8ab1c37d..0ff5e449 100644
--- a/api/BusinessLogic/Emails/BasicEmailSender.php
+++ b/api/BusinessLogic/Emails/BasicEmailSender.php
@@ -10,8 +10,10 @@ use PHPMailer;
 class BasicEmailSender extends \BaseClass implements EmailSender {
 
     function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
-        if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $emailBuilder->to . $emailBuilder->subject)) {
-            return false;
+        foreach ($emailBuilder->to as $to) {
+            if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $to . $emailBuilder->subject)) {
+                return false;
+            }
         }
 
         $mailer = new PHPMailer();
diff --git a/api/DataAccess/CustomFields/CustomFieldsGateway.php b/api/DataAccess/CustomFields/CustomFieldsGateway.php
index fb52d6a9..ce26ba45 100644
--- a/api/DataAccess/CustomFields/CustomFieldsGateway.php
+++ b/api/DataAccess/CustomFields/CustomFieldsGateway.php
@@ -14,7 +14,7 @@ class CustomFieldsGateway extends CommonDao {
             $customField = new CustomField();
             $customField->id = $row['id'];
             $names = json_decode($row['name'], true);
-            $customField->name = (isset($names[$hesk_settings['language']])) ? $names[$heskSettings['language']] : reset($names);
+            $customField->name = (isset($names[$heskSettings['language']])) ? $names[$heskSettings['language']] : reset($names);
             $customField->type = $row['type'];
             $customField->properties = json_decode($row['value'], true);
 

From 155b6c5926a9e262b12bff11813b6f2634e0982f Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 28 Feb 2018 21:21:47 -0500
Subject: [PATCH 65/74] Update a bunch of files for HESK 2.7.6

---
 admin/admin_settings.php      | 22 ++++++++++++----------
 admin/admin_settings_save.php |  2 +-
 admin/edit_post.php           |  6 ++----
 admin/export.php              |  2 +-
 4 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/admin/admin_settings.php b/admin/admin_settings.php
index db11e3e2..8fd9fd77 100644
--- a/admin/admin_settings.php
+++ b/admin/admin_settings.php
@@ -93,19 +93,20 @@ if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
     $tmp = @ini_get('upload_max_filesize');
     if ($tmp) {
         $last = strtoupper(substr($tmp, -1));
+        $number = substr($tmp, 0, -1);
 
         switch ($last) {
             case 'K':
-                $tmp = $tmp * 1024;
+                $tmp = $number * 1024;
                 break;
             case 'M':
-                $tmp = $tmp * 1048576;
+                $tmp = $number * 1048576;
                 break;
             case 'G':
-                $tmp = $tmp * 1073741824;
+                $tmp = $number * 1073741824;
                 break;
             default:
-                $tmp = $tmp;
+                $tmp = $number;
         }
 
         if ($tmp < $hesk_settings['attachments']['max_size']) {
@@ -117,19 +118,20 @@ if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
     $tmp = @ini_get('post_max_size');
     if ($tmp) {
         $last = strtoupper(substr($tmp, -1));
+        $number = substr($tmp, 0, -1);
 
         switch ($last) {
             case 'K':
-                $tmp = $tmp * 1024;
+                $tmp = $number * 1024;
                 break;
             case 'M':
-                $tmp = $tmp * 1048576;
+                $tmp = $number * 1048576;
                 break;
             case 'G':
-                $tmp = $tmp * 1073741824;
+                $tmp = $number * 1073741824;
                 break;
             default:
-                $tmp = $tmp;
+                $tmp = $number;
         }
 
         if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) {
@@ -3508,13 +3510,13 @@ $modsForHesk_settings = mfh_getSettings();
 
                 <h4 class="bold"><?php echo $hesklang['other']; ?></h4>
                 <div class="form-group">
-                    <label for="s_ip_whois" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
+                    <label for="s_ip_whois_url" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
                             href="Javascript:void(0)"
                             onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#61','400','500')"><i
                                 class="fa fa-question-circle settingsquestionmark"></i></a></label>
 
                     <div class="col-sm-8">
-                        <input type="text" class="form-control" name="s_ip_whois" size="40" maxlength="255"
+                        <input type="text" class="form-control" name="s_ip_whois_url" size="40" maxlength="255"
                                value="<?php echo $hesk_settings['ip_whois']; ?>"/>
                     </div>
                 </div>
diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php
index 27855154..cd6c96cf 100644
--- a/admin/admin_settings_save.php
+++ b/admin/admin_settings_save.php
@@ -425,7 +425,7 @@ $set['daylight'] = empty($_POST['s_daylight']) ? 0 : 1;
 $set['timeformat'] = hesk_input(hesk_POST('s_timeformat')) or $set['timeformat'] = 'Y-m-d H:i:s';
 
 /* --> Other */
-$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois', 'http://whois.domaintools.com/{IP}'));
+$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois_url', 'http://whois.domaintools.com/{IP}'));
 
 // If no {IP} tag append it to the end
 if (strlen($set['ip_whois']) == 0) {
diff --git a/admin/edit_post.php b/admin/edit_post.php
index 9cd56341..1b96d9b1 100644
--- a/admin/edit_post.php
+++ b/admin/edit_post.php
@@ -577,9 +577,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                                     case 'hidden':
                                     case 'readonly':
                                     default:
-                                        if (strlen($k_value) != 0) {
-                                            $v['value']['default_value'] = $k_value;
-                                        }
+                                        $k_value = hesk_msgToPlain($k_value,0,0);
 
                                         $cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
 
@@ -587,7 +585,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
                         <div class="form-group' . $cls . '">
                             <label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
                             <div class="col-sm-9">
-                                <input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>';
+                                <input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $k_value . '" ' . $required_attribute . '>';
                                     if (!empty($v['mfh_description'])) {
                                         echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
                                     }
diff --git a/admin/export.php b/admin/export.php
index c0a366e6..af02e349 100644
--- a/admin/export.php
+++ b/admin/export.php
@@ -291,7 +291,7 @@ $orderBy = $modsForHesk_settings['category_order_column'];
 $res2 = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE " . hesk_myCategories('id') . " ORDER BY `" . $orderBy . "` ASC");
 while ($row = hesk_dbFetchAssoc($res2)) {
     $my_cat[$row['id']] = hesk_msgToPlain($row['name'], 1);
-    $row['name'] = (strlen($row['name']) > 50) ? substr($row['name'], 0, 50) . '...' : $row['name'];
+    $row['name'] = (hesk_mb_strlen($row['name']) > 50) ? hesk_mb_substr($row['name'],0,50) . '...' : $row['name'];
     $cat_selected = ($row['id'] == $category) ? 'selected="selected"' : '';
     $category_options .= '<option value="' . $row['id'] . '" ' . $cat_selected . '>' . $row['name'] . '</option>';
 }

From f40df54772ef20a532dc47e26f7cbdef34660cc8 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 28 Feb 2018 21:45:03 -0500
Subject: [PATCH 66/74] Update rest of files to HESK 2.7.6

---
 .gitignore                                    | 92 +++++++++----------
 admin/manage_knowledgebase.php                | 25 +++--
 admin/manage_users.php                        |  2 +-
 admin/profile.php                             |  2 +-
 api/BusinessLogic/Validators.php              |  2 +-
 inc/common.inc.php                            | 23 ++++-
 inc/custom_fields.inc.php                     |  2 +-
 inc/email_functions.inc.php                   |  1 +
 inc/header.inc.php                            |  2 +-
 inc/knowledgebase_functions.inc.php           |  6 +-
 inc/pipe_functions.inc.php                    |  2 +-
 inc/posting_functions.inc.php                 |  2 +-
 inc/show_search_form.inc.php                  |  6 +-
 inc/ticket_list.inc.php                       |  2 +-
 .../plugins/autolink/editor_plugin.js         |  0
 .../plugins/autolink/editor_plugin_src.js     |  0
 knowledgebase.php                             |  2 +-
 suggest_articles.php                          |  4 +-
 ticket.php                                    |  2 +-
 19 files changed, 102 insertions(+), 75 deletions(-)
 rename inc/tiny_mce/{3.5.11 => 3.5.12}/plugins/autolink/editor_plugin.js (100%)
 rename inc/tiny_mce/{3.5.11 => 3.5.12}/plugins/autolink/editor_plugin_src.js (100%)

diff --git a/.gitignore b/.gitignore
index 44ac5da8..ad0887cb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -197,52 +197,52 @@ inc/tabs/tabber-minimized.js
 inc/tabs/tabber.css
 inc/timer/hesk_timer.js
 inc/timer/index.htm
-inc/tiny_mce/3.5.11/langs/en.js
-inc/tiny_mce/3.5.11/license.txt
-inc/tiny_mce/3.5.11/themes/advanced/about.htm
-inc/tiny_mce/3.5.11/themes/advanced/anchor.htm
-inc/tiny_mce/3.5.11/themes/advanced/charmap.htm
-inc/tiny_mce/3.5.11/themes/advanced/color_picker.htm
-inc/tiny_mce/3.5.11/themes/advanced/editor_template.js
-inc/tiny_mce/3.5.11/themes/advanced/image.htm
-inc/tiny_mce/3.5.11/themes/advanced/img/colorpicker.jpg
-inc/tiny_mce/3.5.11/themes/advanced/img/flash.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/icons.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/iframe.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/pagebreak.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/quicktime.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/realmedia.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/shockwave.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/trans.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/video.gif
-inc/tiny_mce/3.5.11/themes/advanced/img/windowsmedia.gif
-inc/tiny_mce/3.5.11/themes/advanced/js/about.js
-inc/tiny_mce/3.5.11/themes/advanced/js/anchor.js
-inc/tiny_mce/3.5.11/themes/advanced/js/charmap.js
-inc/tiny_mce/3.5.11/themes/advanced/js/color_picker.js
-inc/tiny_mce/3.5.11/themes/advanced/js/image.js
-inc/tiny_mce/3.5.11/themes/advanced/js/link.js
-inc/tiny_mce/3.5.11/themes/advanced/js/source_editor.js
-inc/tiny_mce/3.5.11/themes/advanced/langs/en.js
-inc/tiny_mce/3.5.11/themes/advanced/langs/en_dlg.js
-inc/tiny_mce/3.5.11/themes/advanced/link.htm
-inc/tiny_mce/3.5.11/themes/advanced/shortcuts.htm
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/content.css
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/dialog.css
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/buttons.png
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/items.gif
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_arrow.gif
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_check.gif
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/progress.gif
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/tabs.gif
-inc/tiny_mce/3.5.11/themes/advanced/skins/default/ui.css
-inc/tiny_mce/3.5.11/themes/advanced/source_editor.htm
-inc/tiny_mce/3.5.11/tiny_mce.js
-inc/tiny_mce/3.5.11/tiny_mce_popup.js
-inc/tiny_mce/3.5.11/utils/editable_selects.js
-inc/tiny_mce/3.5.11/utils/form_utils.js
-inc/tiny_mce/3.5.11/utils/mctabs.js
-inc/tiny_mce/3.5.11/utils/validate.js
+inc/tiny_mce/3.5.12/langs/en.js
+inc/tiny_mce/3.5.12/license.txt
+inc/tiny_mce/3.5.12/themes/advanced/about.htm
+inc/tiny_mce/3.5.12/themes/advanced/anchor.htm
+inc/tiny_mce/3.5.12/themes/advanced/charmap.htm
+inc/tiny_mce/3.5.12/themes/advanced/color_picker.htm
+inc/tiny_mce/3.5.12/themes/advanced/editor_template.js
+inc/tiny_mce/3.5.12/themes/advanced/image.htm
+inc/tiny_mce/3.5.12/themes/advanced/img/colorpicker.jpg
+inc/tiny_mce/3.5.12/themes/advanced/img/flash.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/icons.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/iframe.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/pagebreak.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/quicktime.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/realmedia.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/shockwave.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/trans.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/video.gif
+inc/tiny_mce/3.5.12/themes/advanced/img/windowsmedia.gif
+inc/tiny_mce/3.5.12/themes/advanced/js/about.js
+inc/tiny_mce/3.5.12/themes/advanced/js/anchor.js
+inc/tiny_mce/3.5.12/themes/advanced/js/charmap.js
+inc/tiny_mce/3.5.12/themes/advanced/js/color_picker.js
+inc/tiny_mce/3.5.12/themes/advanced/js/image.js
+inc/tiny_mce/3.5.12/themes/advanced/js/link.js
+inc/tiny_mce/3.5.12/themes/advanced/js/source_editor.js
+inc/tiny_mce/3.5.12/themes/advanced/langs/en.js
+inc/tiny_mce/3.5.12/themes/advanced/langs/en_dlg.js
+inc/tiny_mce/3.5.12/themes/advanced/link.htm
+inc/tiny_mce/3.5.12/themes/advanced/shortcuts.htm
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/content.css
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/dialog.css
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/buttons.png
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/items.gif
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_arrow.gif
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_check.gif
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/progress.gif
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/tabs.gif
+inc/tiny_mce/3.5.12/themes/advanced/skins/default/ui.css
+inc/tiny_mce/3.5.12/themes/advanced/source_editor.htm
+inc/tiny_mce/3.5.12/tiny_mce.js
+inc/tiny_mce/3.5.12/tiny_mce_popup.js
+inc/tiny_mce/3.5.12/utils/editable_selects.js
+inc/tiny_mce/3.5.12/utils/form_utils.js
+inc/tiny_mce/3.5.12/utils/mctabs.js
+inc/tiny_mce/3.5.12/utils/validate.js
 inc/treemenu/TreeMenu.php
 inc/treemenu/index.htm
 inc/zip/Zip.php
diff --git a/admin/manage_knowledgebase.php b/admin/manage_knowledgebase.php
index 03e4ba6f..987772e3 100644
--- a/admin/manage_knowledgebase.php
+++ b/admin/manage_knowledgebase.php
@@ -212,7 +212,8 @@ while (count($kb_cat) > 0)
 
             if (isset($node[$up]))
             {
-	            $node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
+                $HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
+                $node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
             }
             else
             {
@@ -242,8 +243,11 @@ while (count($kb_cat) > 0)
 $menu->addItem($node[1]);
 
 // Create the presentation class
-$treeMenu = & ref_new(new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true)));
-$listBox  = & ref_new(new HTML_TreeMenu_Listbox($menu));
+$HTML_TreeMenu_DHTML = new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true));
+$treeMenu = & ref_new($HTML_TreeMenu_DHTML);
+
+$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
+$listBox  = & ref_new($HTML_TreeMenu_Listbox);
 
 /* Hide new article and new category forms by default */
 if (!isset($_SESSION['hide']))
@@ -1353,7 +1357,8 @@ function edit_article()
 
 	            if (isset($node[$up]))
 	            {
-		            $node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
+                    $HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
+                    $node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
 	            }
 	            else
 	            {
@@ -1383,7 +1388,8 @@ function edit_article()
 	$menu->addItem($node[1]);
 
 	// Create the presentation class
-	$listBox  = & ref_new(new HTML_TreeMenu_Listbox($menu));
+    $HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
+    $listBox  = & ref_new($HTML_TreeMenu_Listbox);
 
 	/* Print header */
 	require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@@ -1610,6 +1616,9 @@ function manage_category() {
 
 	    foreach ($kb_cat as $k=>$cat)
 	    {
+	        if ($cat['id'] == $catid) {
+	            continue;
+            }
 
 	    	if (in_array($cat['parent'],$thislevel))
 	        {
@@ -1622,7 +1631,8 @@ function manage_category() {
 
 	            if (isset($node[$up]))
 	            {
-		            $node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
+                    $HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
+                    $node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
 	            }
 	            else
 	            {
@@ -1652,7 +1662,8 @@ function manage_category() {
 	$menu->addItem($node[1]);
 
 	// Create the presentation class
-	$listBox  = & ref_new(new HTML_TreeMenu_Listbox($menu));
+    $HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
+    $listBox  = & ref_new($HTML_TreeMenu_Listbox);
 
 	/* Print header */
 	require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
diff --git a/admin/manage_users.php b/admin/manage_users.php
index e96aff40..dee9b844 100644
--- a/admin/manage_users.php
+++ b/admin/manage_users.php
@@ -736,7 +736,7 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user
         }
     }
 
-    if (strlen($myuser['signature']) > 1000) {
+    if (hesk_mb_strlen($myuser['signature']) > 1000) {
         $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
     }
 
diff --git a/admin/profile.php b/admin/profile.php
index d083e798..17596356 100644
--- a/admin/profile.php
+++ b/admin/profile.php
@@ -170,7 +170,7 @@ function update_profile()
     $_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
 
     /* Signature */
-    if (strlen($_SESSION['new']['signature']) > 1000) {
+    if (hesk_mb_strlen($_SESSION['new']['signature']) > 1000) {
         $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
     }
 
diff --git a/api/BusinessLogic/Validators.php b/api/BusinessLogic/Validators.php
index e0303434..e33adac7 100644
--- a/api/BusinessLogic/Validators.php
+++ b/api/BusinessLogic/Validators.php
@@ -19,7 +19,7 @@ class Validators extends \BaseClass {
             $address = str_replace(';', ',', $address);
 
             /* Check if addresses are valid */
-            $all = explode(',', $address);
+            $all = array_unique(explode(',',$address));
             foreach ($all as $k => $v) {
                 if (!self::isValidEmail($v)) {
                     unset($all[$k]);
diff --git a/inc/common.inc.php b/inc/common.inc.php
index e2821a7e..dd47cafa 100644
--- a/inc/common.inc.php
+++ b/inc/common.inc.php
@@ -379,6 +379,16 @@ function hesk_isREQUEST($in)
     return isset($_GET[$in]) || isset($_POST[$in]) ? true : false;
 } // END hesk_isREQUEST()
 
+function hesk_mb_substr($in, $start, $length)
+{
+   return function_exists('mb_substr') ? mb_substr($in, $start, $length, 'UTF-8') : substr($in, $start, $length);
+} // END hesk_mb_substr()
+
+function hesk_mb_strlen($in)
+{
+   return function_exists('mb_strlen') ? mb_strlen($in, 'UTF-8') : strlen($in);
+} // END hesk_mb_strlen()
+
 function hesk_mb_strtolower($in) {
     return function_exists('mb_strtolower') ? mb_strtolower($in) : strtolower($in);
 } // END hesk_mb_strtolower()
@@ -477,7 +487,7 @@ function hesk_verifyEmailMatch($trackingID, $my_email = 0, $ticket_email = 0, $e
 } // END hesk_verifyEmailMatch()
 
 
-function hesk_getCustomerEmail($can_remember = 0, $field = '')
+function hesk_getCustomerEmail($can_remember = 0, $field = '', $force_only_one = 0)
 {
     global $hesk_settings, $hesklang;
 
@@ -516,6 +526,11 @@ function hesk_getCustomerEmail($can_remember = 0, $field = '')
     // Remove unwanted side-effects
     $my_email = hesk_emailCleanup($my_email);
 
+    // Force only one email address? Use the first one.
+    if ($force_only_one) {
+        $my_email = strtok($my_email, ',');
+    }
+
     $hesk_settings['e_param'] = '&e=' . rawurlencode($my_email);
     $hesk_settings['e_query'] = '&amp;e=' . rawurlencode($my_email);
     $hesk_settings['e_email'] = $my_email;
@@ -1665,7 +1680,7 @@ function hesk_input($in, $error = 0, $redirect_to = '', $force_slashes = 0, $max
 
     // Check length
     if ($max_length) {
-        $in = substr($in, 0, $max_length);
+        $in = hesk_mb_substr($in, 0, $max_length);
     }
 
     // Return processed value
@@ -1685,7 +1700,7 @@ function hesk_validateEmail($address, $error, $required = 1)
         $address = str_replace(';', ',', $address);
 
         /* Check if addresses are valid */
-        $all = explode(',', $address);
+        $all = array_unique(explode(',',$address));
         foreach ($all as $k => $v) {
             if (!hesk_isValidEmail($v)) {
                 unset($all[$k]);
@@ -1799,7 +1814,7 @@ function hesk_session_start()
         return true;
     } else {
         global $hesk_settings, $hesklang;
-        hesk_error("$hesklang[no_session] $hesklang[contact_webmaster] $hesk_settings[webmaster_mail]");
+        hesk_error("$hesklang[no_session] $hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
     }
 
 } // END hesk_session_start()
diff --git a/inc/custom_fields.inc.php b/inc/custom_fields.inc.php
index 7cbd4ef9..bec51b12 100755
--- a/inc/custom_fields.inc.php
+++ b/inc/custom_fields.inc.php
@@ -66,7 +66,7 @@ function hesk_load_custom_fields($category=0, $use_cache=1)
 
         // Name for display in ticket list; punctuation removed and shortened
         $row['title'] = hesk_remove_punctuation($row['name']);
-        $row['title'] = strlen($row['title']) > 30 ?  substr($row['title'], 0, 30) . '...' : $row['title'];
+        $row['title'] = hesk_mb_strlen($row['title']) > 30 ?  hesk_mb_substr($row['title'], 0, 30) . '...' : $row['title'];
 
         // A version with forced punctuation
         $row['name:'] = in_array(substr($row['name'], -1), array(':', '?', '!', '.') ) ? $row['name'] : $row['name'] . ':';
diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php
index 48a6948d..7be13062 100644
--- a/inc/email_functions.inc.php
+++ b/inc/email_functions.inc.php
@@ -513,6 +513,7 @@ function hesk_mail($to, $subject, $message, $htmlMessage, $modsForHesk_settings,
 
     // Remove duplicate recipients
     $to_arr = array_unique(explode(',', $to));
+    $to_arr = array_values($to_arr);
     $to = implode(',', $to_arr);
 
     // Use PHP's mail function
diff --git a/inc/header.inc.php b/inc/header.inc.php
index 970fc128..a436e76d 100644
--- a/inc/header.inc.php
+++ b/inc/header.inc.php
@@ -175,7 +175,7 @@ header('X-UA-Compatible: IE=edge');
     /* If page requires WYSIWYG editor include TinyMCE Javascript */
     if (defined('WYSIWYG') && $hesk_settings['kb_wysiwyg']) {
         ?>
-        <script type="text/javascript" src="<?php echo HESK_PATH; ?>inc/tiny_mce/3.5.11/tiny_mce.js"></script>
+        <script type="text/javascript" src="<?php echo HESK_PATH; ?>inc/tiny_mce/3.5.12/tiny_mce.js"></script>
         <?php
     }
 
diff --git a/inc/knowledgebase_functions.inc.php b/inc/knowledgebase_functions.inc.php
index 8d4b7f7f..66d977a1 100644
--- a/inc/knowledgebase_functions.inc.php
+++ b/inc/knowledgebase_functions.inc.php
@@ -26,12 +26,12 @@ function hesk_kbArticleContentPreview($txt)
     $txt = strip_tags($txt);
 
     // If text is larger than article preview length, shorten it
-    if (strlen($txt) > $hesk_settings['kb_substrart']) {
+    if (hesk_mb_strlen($txt) > $hesk_settings['kb_substrart']) {
         // The quick but not 100% accurate way (number of chars displayed may be lower than the limit)
-        return substr($txt, 0, $hesk_settings['kb_substrart']) . '...';
+        return hesk_mb_substr($txt, 0, $hesk_settings['kb_substrart']) . '...';
 
         // If you want a more accurate, but also slower way, use this instead
-        // return hesk_htmlentities( substr( hesk_html_entity_decode($txt), 0, $hesk_settings['kb_substrart'] ) ) . '...';
+        // return hesk_htmlentities( hesk_mb_substr( hesk_html_entity_decode($txt), 0, $hesk_settings['kb_substrart'] ) ) . '...';
     }
 
     return $txt;
diff --git a/inc/pipe_functions.inc.php b/inc/pipe_functions.inc.php
index 1a56eca6..758ed9e8 100755
--- a/inc/pipe_functions.inc.php
+++ b/inc/pipe_functions.inc.php
@@ -366,7 +366,7 @@ function hesk_stripQuotedText($message)
     foreach ($hesk_settings['languages'] as $language => $settings) {
         if (($found = strpos($message, $settings['hr'])) !== false) {
             // "Reply above this line" tag found, strip quoted reply
-            $message = substr($message, 0, $found);
+            $message = hesk_mb_substr($message, 0, $found);
             $message .= "\n" . $hesklang['qrr'];
 
             // Set language to the detected language
diff --git a/inc/posting_functions.inc.php b/inc/posting_functions.inc.php
index 9ab98909..8111bcde 100644
--- a/inc/posting_functions.inc.php
+++ b/inc/posting_functions.inc.php
@@ -23,7 +23,7 @@ function hesk_newTicket($ticket, $isVerified = true)
     global $hesk_settings, $hesklang, $hesk_db_link;
 
     // Generate a subject if necessary
-    if (strlen($ticket['subject']) < 1)
+    if (hesk_mb_strlen($ticket['subject']) < 1)
     {
         $ticket['subject'] = sprintf($hesklang['default_subject'], $ticket['name']);
     }
diff --git a/inc/show_search_form.inc.php b/inc/show_search_form.inc.php
index 81c4c590..9962b853 100644
--- a/inc/show_search_form.inc.php
+++ b/inc/show_search_form.inc.php
@@ -57,14 +57,14 @@ $can_view_unassigned = hesk_checkPermission('can_view_unassigned', 0);
 $category_options = '';
 if (isset($hesk_settings['categories']) && count($hesk_settings['categories'])) {
     foreach ($hesk_settings['categories'] as $row['id'] => $row['name']) {
-        $row['name'] = (strlen($row['name']) > 30) ? substr($row['name'], 0, 30) . '...' : $row['name'];
+        $row['name'] = (hesk_mb_strlen($row['name']) > 30) ? hesk_mb_substr($row['name'],0,30) . '...' : $row['name'];
         $selected = ($row['id'] == $category) ? 'selected="selected"' : '';
         $category_options .= '<option value="' . $row['id'] . '" ' . $selected . '>' . $row['name'] . '</option>';
     }
 } else {
     $res2 = hesk_dbQuery('SELECT `id`, `name` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` WHERE ' . hesk_myCategories('id') . ' ORDER BY `cat_order` ASC');
     while ($row = hesk_dbFetchAssoc($res2)) {
-        $row['name'] = (strlen($row['name']) > 30) ? substr($row['name'], 0, 30) . '...' : $row['name'];
+        $row['name'] = (hesk_mb_strlen($row['name']) > 30) ? hesk_mb_substr($row['name'],0,30) . '...' : $row['name'];
         $selected = ($row['id'] == $category) ? 'selected="selected"' : '';
         $category_options .= '<option value="' . $row['id'] . '" ' . $selected . '>' . $row['name'] . '</option>';
     }
@@ -436,7 +436,7 @@ $more2 = empty($_GET['more2']) ? 0 : 1;
                                                     $v['name'] = $hesklang[$v['name']];
                                                 }
 
-                                                $v['name'] = (strlen($v['name']) > 30) ? substr($v['name'], 0, 30) . '...' : $v['name'];
+                                                $v['name'] = (hesk_mb_strlen($v['name']) > 30) ? hesk_mb_substr($v['name'],0,30) . '...' : $v['name'];
                                                 echo '<option style="background: #ffffff" value="' . $k . '" ' . $selected . '>' . $v['name'] . '</option>';
                                             }
                                         }
diff --git a/inc/ticket_list.inc.php b/inc/ticket_list.inc.php
index c787d876..117a6e53 100644
--- a/inc/ticket_list.inc.php
+++ b/inc/ticket_list.inc.php
@@ -246,7 +246,7 @@ if ($total > 0) {
             }
 
             // Set message (needed for row title)
-            $ticket['message'] = $first_line . substr(strip_tags($ticket['message']), 0, 200) . '...';
+            $ticket['message'] = $first_line . hesk_mb_substr(strip_tags($ticket['message']),0,200).'...';
 
             // Start ticket row
             echo '
diff --git a/inc/tiny_mce/3.5.11/plugins/autolink/editor_plugin.js b/inc/tiny_mce/3.5.12/plugins/autolink/editor_plugin.js
similarity index 100%
rename from inc/tiny_mce/3.5.11/plugins/autolink/editor_plugin.js
rename to inc/tiny_mce/3.5.12/plugins/autolink/editor_plugin.js
diff --git a/inc/tiny_mce/3.5.11/plugins/autolink/editor_plugin_src.js b/inc/tiny_mce/3.5.12/plugins/autolink/editor_plugin_src.js
similarity index 100%
rename from inc/tiny_mce/3.5.11/plugins/autolink/editor_plugin_src.js
rename to inc/tiny_mce/3.5.12/plugins/autolink/editor_plugin_src.js
diff --git a/knowledgebase.php b/knowledgebase.php
index 22e86586..6e5a4f9c 100644
--- a/knowledgebase.php
+++ b/knowledgebase.php
@@ -173,7 +173,7 @@ if (!$show['show']) {
             define('HESK_NO_ROBOTS', 1);
 
             /* Print header */
-            $hesk_settings['tmp_title'] = $hesklang['sr'] . ': ' . substr(hesk_htmlspecialchars(stripslashes($query)), 0, 20);
+            $hesk_settings['tmp_title'] = $hesklang['sr'] . ': ' . hesk_mb_substr(hesk_htmlspecialchars(stripslashes($query)),0,20);
             require_once(HESK_PATH . 'inc/header.inc.php');
             hesk_kb_header($hesk_settings['kb_link']);
 
diff --git a/suggest_articles.php b/suggest_articles.php
index 13002665..07b84d66 100644
--- a/suggest_articles.php
+++ b/suggest_articles.php
@@ -59,8 +59,8 @@ if (hesk_isREQUEST('p')) {
             }
 
             $txt = strip_tags($article['content']);
-            if (strlen($txt) > $hesk_settings['kb_substrart']) {
-                $txt = substr($txt, 0, $hesk_settings['kb_substrart']) . '...';
+            if (hesk_mb_strlen($txt) > $hesk_settings['kb_substrart']) {
+                $txt = hesk_mb_substr($txt, 0, $hesk_settings['kb_substrart']).'...';
             }
 
             echo '
diff --git a/ticket.php b/ticket.php
index 316dac96..1c7e6109 100644
--- a/ticket.php
+++ b/ticket.php
@@ -65,7 +65,7 @@ $is_form = hesk_SESSION('t_form');
 $trackingID = hesk_cleanID('', hesk_SESSION('t_track'));
 
 /* Email required to view ticket? */
-$my_email = hesk_getCustomerEmail(1, 't_email');
+$my_email = hesk_getCustomerEmail(1, 't_email', 1);
 
 /* Remember email address? */
 $do_remember = strlen($do_remember) || strlen(hesk_SESSION('t_remember')) ? ' checked="checked" ' : '';

From 8bad3ed188be4b2b299f4fc847b53d1373e95fff Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 28 Feb 2018 21:49:04 -0500
Subject: [PATCH 67/74] Update HESK version in install_functions

---
 install/install_functions.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/install_functions.inc.php b/install/install_functions.inc.php
index 8dcae5c0..f8765ce0 100644
--- a/install/install_functions.inc.php
+++ b/install/install_functions.inc.php
@@ -15,7 +15,7 @@
 if (!defined('IN_SCRIPT')) {die('Invalid attempt');}
 
 // We will be installing this HESK version:
-define('HESK_NEW_VERSION','2.7.5');
+define('HESK_NEW_VERSION','2.7.6');
 define('MODS_FOR_HESK_NEW_VERSION','3.2.4');
 define('REQUIRE_PHP_VERSION','5.3.0');
 define('REQUIRE_MYSQL_VERSION','5.0.7');

From f11353c41b5d23afac5f07deac8088f22e6f58c5 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Wed, 28 Feb 2018 21:54:29 -0500
Subject: [PATCH 68/74] CI should use 7.2 for testing, add 7.2 to validation

---
 .gitlab-ci.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 76921748..8a47c6e9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -6,6 +6,12 @@ stages:
 before_script:
   - bash ci/docker_install.sh > /dev/null
 
+validate:7.2:
+  image: php:7.2
+  stage: validate
+  script:
+    - bash ci/php_lint.sh ./
+
 validate:7.1:
   image: php:7.1
   stage: validate
@@ -55,8 +61,8 @@ test:7.1:
     - cd Tests
     - phpunit
 
-test:7.0:
-  image: php:7.0
+test:7.2:
+  image: php:7.2
   stage: test
   script:
     - cd api

From 7350c5105d00c2d922f26ff727b34fc3b744b8b5 Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 1 Mar 2018 20:07:03 -0500
Subject: [PATCH 69/74] Fix tesets

---
 .../TicketCreatorTests/CreateTicketForCustomerTest.php      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php b/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
index 69d817d6..e911ee4b 100644
--- a/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
+++ b/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
@@ -19,6 +19,7 @@ use BusinessLogic\Tickets\VerifiedEmailChecker;
 use BusinessLogic\ValidationModel;
 use Core\Constants\Priority;
 use DataAccess\AuditTrail\AuditTrailGateway;
+use DataAccess\CustomFields\CustomFieldsGateway;
 use DataAccess\Security\UserGateway;
 use DataAccess\Settings\ModsForHeskSettingsGateway;
 use DataAccess\Statuses\StatusGateway;
@@ -101,6 +102,9 @@ class CreateTicketTest extends TestCase {
     /* @var $auditTrailGateway \PHPUnit_Framework_MockObject_MockObject|AuditTrailGateway */
     private $auditTrailGateway;
 
+    /* @var $customFieldsGateway \PHPUnit_Framework_MockObject_MockObject|CustomFieldsGateway */
+    private $customFieldsGateway;
+
     protected function setUp() {
         $this->ticketGateway = $this->createMock(TicketGateway::clazz());
         $this->newTicketValidator = $this->createMock(NewTicketValidator::clazz());
@@ -115,7 +119,7 @@ class CreateTicketTest extends TestCase {
 
         $this->ticketCreator = new TicketCreator($this->newTicketValidator, $this->trackingIdGenerator,
             $this->autoassigner, $this->statusGateway, $this->ticketGateway, $this->verifiedEmailChecker,
-            $this->emailSenderHelper, $this->userGateway, $this->modsForHeskSettingsGateway, $this->auditTrailGateway);
+            $this->emailSenderHelper, $this->userGateway, $this->modsForHeskSettingsGateway, $this->auditTrailGateway, $this->customFieldsGateway);
 
         $this->ticketRequest = new CreateTicketByCustomerModel();
         $this->ticketRequest->name = 'Name';

From 34b32761ce37765f32033a283e32e13c214ac68b Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Thu, 1 Mar 2018 20:12:56 -0500
Subject: [PATCH 70/74] Fix tests... again

---
 .../Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php b/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
index e911ee4b..5269a7b4 100644
--- a/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
+++ b/api/Tests/BusinessLogic/Tickets/TicketCreatorTests/CreateTicketForCustomerTest.php
@@ -116,6 +116,7 @@ class CreateTicketTest extends TestCase {
         $this->userGateway = $this->createMock(UserGateway::clazz());
         $this->modsForHeskSettingsGateway = $this->createMock(ModsForHeskSettingsGateway::clazz());
         $this->auditTrailGateway = $this->createMock(AuditTrailGateway::clazz());
+        $this->customFieldsGateway = $this->createMock(CustomFieldsGateway::clazz());
 
         $this->ticketCreator = new TicketCreator($this->newTicketValidator, $this->trackingIdGenerator,
             $this->autoassigner, $this->statusGateway, $this->ticketGateway, $this->verifiedEmailChecker,

From af5ba09d3858a58fabef7a72f7d49b6463e91fb0 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Fri, 2 Mar 2018 12:25:37 -0500
Subject: [PATCH 71/74] Default to english if status name is not found for the
 given language

---
 .../Emails/EmailTemplateParser.php            | 23 +++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/api/BusinessLogic/Emails/EmailTemplateParser.php b/api/BusinessLogic/Emails/EmailTemplateParser.php
index 13cf48cf..563a993e 100644
--- a/api/BusinessLogic/Emails/EmailTemplateParser.php
+++ b/api/BusinessLogic/Emails/EmailTemplateParser.php
@@ -5,10 +5,12 @@ namespace BusinessLogic\Emails;
 
 use BusinessLogic\Exceptions\EmailTemplateNotFoundException;
 use BusinessLogic\Exceptions\InvalidEmailTemplateException;
+use BusinessLogic\Security\UserContext;
 use BusinessLogic\Statuses\DefaultStatusForAction;
 use BusinessLogic\Tickets\Ticket;
 use Core\Constants\Priority;
 use DataAccess\Categories\CategoryGateway;
+use DataAccess\Logging\LoggingGateway;
 use DataAccess\Security\UserGateway;
 use DataAccess\Statuses\StatusGateway;
 
@@ -34,14 +36,21 @@ class EmailTemplateParser extends \BaseClass {
      */
     private $emailTemplateRetriever;
 
+    /**
+     * @var $logger LoggingGateway
+     */
+    private $logger;
+
     function __construct(StatusGateway $statusGateway,
                          CategoryGateway $categoryGateway,
                          UserGateway $userGateway,
-                         EmailTemplateRetriever $emailTemplateRetriever) {
+                         EmailTemplateRetriever $emailTemplateRetriever,
+                         LoggingGateway $loggingGateway) {
         $this->statusGateway = $statusGateway;
         $this->categoryGateway = $categoryGateway;
         $this->userGateway = $userGateway;
         $this->emailTemplateRetriever = $emailTemplateRetriever;
+        $this->logger = $loggingGateway;
     }
 
     /**
@@ -129,7 +138,17 @@ class EmailTemplateParser extends \BaseClass {
 
         // Status name and category name
         $defaultStatus = $this->statusGateway->getStatusForDefaultAction(DefaultStatusForAction::NEW_TICKET, $heskSettings);
-        $statusName = $defaultStatus->localizedNames[$language];
+
+        if (key_exists($language, $defaultStatus->localizedNames)) {
+            $statusName = $defaultStatus->localizedNames[$language];
+        } elseif (key_exists('English', $defaultStatus->localizedNames)) {
+            $statusName = $defaultStatus->localizedNames['English'];
+            $this->logger->logWarning('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}' and language '{$language}'. Defaulted to English.", "", new UserContext(), $heskSettings);
+        } else {
+            $statusName = "[ERROR: No localized status found for status '{$defaultStatus->id}']";
+            $this->logger->logError('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}'", "",  new UserContext(), $heskSettings);
+        }
+
         $categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
         $category = null;
         foreach ($categories as $innerCategory) {

From 318462164d09ba9f7a9e07345881ae90187c508f Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Fri, 2 Mar 2018 12:34:11 -0500
Subject: [PATCH 72/74] Default status translation to english if it doesn't
 exist

---
 .../InsertTextToStatusXrefValues.php           | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/install/migrations/v240/CreateNewStatusNameTable/InsertTextToStatusXrefValues.php b/install/migrations/v240/CreateNewStatusNameTable/InsertTextToStatusXrefValues.php
index b2ef866d..7ec6a0ce 100644
--- a/install/migrations/v240/CreateNewStatusNameTable/InsertTextToStatusXrefValues.php
+++ b/install/migrations/v240/CreateNewStatusNameTable/InsertTextToStatusXrefValues.php
@@ -17,10 +17,26 @@ class InsertTextToStatusXrefValues extends \AbstractMigration {
         $oldSetting = $hesk_settings['can_sel_lang'];
         $hesk_settings['can_sel_lang'] = 1;
         while ($row = hesk_dbFetchAssoc($statusesRs)) {
+            $englishText = '';
             foreach ($languages as $language => $languageCode) {
                 hesk_setLanguage($language);
+
+                if ($language === 'English') {
+                    if (key_exists($row['Key'], $hesklang)) {
+                        $englishText = $hesklang[$row['Key']];
+                    } else {
+                        $englishText = $row['Key'];
+                    }
+                }
+
+                if (key_exists($row['Key'], $hesklang)) {
+                    $textToInsert = $hesklang[$row['Key']];
+                } else {
+                    $textToInsert = $englishText;
+                }
+
                 $sql = "INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "text_to_status_xref` (`language`, `text`, `status_id`)
-                VALUES ('" . hesk_dbEscape($language) . "', '" . hesk_dbEscape($hesklang[$row['Key']]) . "', " . intval($row['ID']) . ")";
+                VALUES ('" . hesk_dbEscape($language) . "', '" . hesk_dbEscape($textToInsert) . "', " . intval($row['ID']) . ")";
                 $this->executeQuery($sql);
             }
         }

From 7fe96fda96f310788e057294b1edf413a3ccae98 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Fri, 2 Mar 2018 12:43:22 -0500
Subject: [PATCH 73/74] Update install files

---
 install/install_functions.inc.php | 2 +-
 install/js/install-script.js      | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/install_functions.inc.php b/install/install_functions.inc.php
index f8765ce0..894bb47e 100644
--- a/install/install_functions.inc.php
+++ b/install/install_functions.inc.php
@@ -16,7 +16,7 @@ if (!defined('IN_SCRIPT')) {die('Invalid attempt');}
 
 // We will be installing this HESK version:
 define('HESK_NEW_VERSION','2.7.6');
-define('MODS_FOR_HESK_NEW_VERSION','3.2.4');
+define('MODS_FOR_HESK_NEW_VERSION','3.3.0');
 define('REQUIRE_PHP_VERSION','5.3.0');
 define('REQUIRE_MYSQL_VERSION','5.0.7');
 
diff --git a/install/js/install-script.js b/install/js/install-script.js
index 0e6eda7a..04835fc0 100644
--- a/install/js/install-script.js
+++ b/install/js/install-script.js
@@ -104,10 +104,10 @@ function executeMigration(startingMigrationNumber, migrationNumber, latestMigrat
             console.log('latestMigrationNumber: ' + latestMigrationNumber);
             console.info('---');
             if (migrationNumber === latestMigrationNumber || (migrationNumber === startingMigrationNumber && direction === 'down')) {
-                updateProgressBar(migrationNumber, latestMigrationNumber, direction === 'down', true);
+                updateProgressBar(migrationNumber - startingMigrationNumber, latestMigrationNumber - startingMigrationNumber, direction === 'down', true);
                 console.log('%c Success! ', 'color: white; background-color: green; font-size: 2em');
             } else {
-                updateProgressBar(migrationNumber, latestMigrationNumber, false, false);
+                updateProgressBar(migrationNumber - startingMigrationNumber, latestMigrationNumber - startingMigrationNumber, false, false);
                 var newMigrationNumber = direction === 'up' ? migrationNumber + 1 : migrationNumber - 1;
                 executeMigration(startingMigrationNumber, newMigrationNumber, latestMigrationNumber, direction);
             }
@@ -121,7 +121,7 @@ function executeMigration(startingMigrationNumber, migrationNumber, latestMigrat
             $errorBlock = $('#error-block');
             $errorBlock.html($errorBlock.html() + "<br><br>An error occurred! (Error Code: " + migrationNumber + ")<br>" + message).show();
 
-            updateProgressBar(migrationNumber, latestMigrationNumber, true, false);
+            updateProgressBar(migrationNumber - startingMigrationNumber, latestMigrationNumber - startingMigrationNumber, true, false);
 
             if (direction === 'up') {
                 // Revert!

From 37156a8ac7e1d9199eb2f197da04319a477ae616 Mon Sep 17 00:00:00 2001
From: Mike Koch <Mike.Koch@emerson.com>
Date: Fri, 2 Mar 2018 12:43:50 -0500
Subject: [PATCH 74/74] Add update migration

---
 install/migrations/core.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/migrations/core.php b/install/migrations/core.php
index 888ae9f6..4a22c4b7 100644
--- a/install/migrations/core.php
+++ b/install/migrations/core.php
@@ -226,6 +226,6 @@ function getAllMigrations() {
         168 => new \v330\CalendarImprovements\AddBusinessHoursTable(168),
         169 => new \v330\CalendarImprovements\InsertDefaultBusinessHours(169),
         170 => new \v330\CalendarImprovements\AddShowStartTimeSetting(170),
-        171 => new UpdateMigration('3.2.5', '3.2.4', 171),
+        171 => new UpdateMigration('3.3.0', '3.2.5', 171),
     );
 }
\ No newline at end of file