Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

#30 Only validate emails if the help desk is configured to do so

Browse Source
This commit is contained in:
Mike Koch 2015-01-01 14:13:11 -05:00
parent 94b2b97994
commit efce82d1d6
2 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modsForHesk_settings.inc.php
View File

@ -24,3 +24,6 @@ $modsForHesk_settings['maintenance_mode'] = 0;
//-- Set this to 1 to enable custom field names as keys //-- Set this to 1 to enable custom field names as keys
$modsForHesk_settings['custom_field_setting'] = 0; $modsForHesk_settings['custom_field_setting'] = 0;
//-- Set this to 1 to enable email verification for new customers
$modsForHesk_settings['customer_email_verification_required'] = 0;

37
submit_ticket.php
View File

@ -37,6 +37,7 @@ define('HESK_PATH','./');
// Get all the required files and functions // Get all the required files and functions
require(HESK_PATH . 'hesk_settings.inc.php'); require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'modsForHesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php'); require(HESK_PATH . 'inc/common.inc.php');
hesk_load_database_functions(); hesk_load_database_functions();
require(HESK_PATH . 'inc/email_functions.inc.php'); require(HESK_PATH . 'inc/email_functions.inc.php');
@ -360,26 +361,32 @@ if ($hesk_settings['attachments']['use'] && ! empty($attachments) )
} }
} }
// Check to see if the email address of the user is verified. If not, add the ticket to the stage_ticket table and send verification email // Should the helpdesk validate emails?
$verifiedEmailSql = "SELECT `Email` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."verified_emails` WHERE `Email` = '".hesk_dbEscape($tmpvar['email'])."'"; $createTicket = true;
$verifiedEmailRS = hesk_dbQuery($verifiedEmailSql); if ($modsForHesk_settings['customer_email_verification_required'])
if ($verifiedEmailRS->num_rows == 0)
{ {
//-- email has not yet been verified. $verifiedEmailSql = "SELECT `Email` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."verified_emails` WHERE `Email` = '".hesk_dbEscape($tmpvar['email'])."'";
$ticket = hesk_newTicket($tmpvar, false); $verifiedEmailRS = hesk_dbQuery($verifiedEmailSql);
if ($verifiedEmailRS->num_rows == 0)
{
//-- email has not yet been verified.
$ticket = hesk_newTicket($tmpvar, false);
//-- generate the activation key, which is a hash of their email address along with the current time. //-- generate the activation key, which is a hash of their email address along with the current time.
$unhashedKey = $tmpvar['email'].time(); $unhashedKey = $tmpvar['email'].time();
$key = hash('sha512', $unhashed); $key = hash('sha512', $unhashed);
$escapedEmail = hesk_dbEscape($tmpvar['email']); $escapedEmail = hesk_dbEscape($tmpvar['email']);
$escapedKey = hesk_dbEscape($key); $escapedKey = hesk_dbEscape($key);
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."pending_verification_emails` (`Email`, `ActivationKey`) hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."pending_verification_emails` (`Email`, `ActivationKey`)
VALUES ('".$escapedEmail."', '".$escapedKey."')"); VALUES ('".$escapedEmail."', '".$escapedKey."')");
require(HESK_PATH . 'inc/email_functions.inc.php'); require(HESK_PATH . 'inc/email_functions.inc.php');
hesk_notifyCustomer('verify_email'); hesk_notifyCustomer('verify_email');
} else $createTicket = false;
}
}
if ($createTicket)
{ {
//-- email has been verified, and a ticket can be created //-- email has been verified, and a ticket can be created
$ticket = hesk_newTicket($tmpvar); $ticket = hesk_newTicket($tmpvar);