#544 Start updating to HESK 2.7.3
This commit is contained in:
Mike Koch
Mike Koch
parent
c606be50ef
commit
f4dbffa7e4
@ -116,7 +116,7 @@ else {
|
||||
F9ub3RpY2UnXS4nXCcpIj4nLiRoZXNrbGFuZ1snc2gnXS4nPC9hPjwvdGQ+PC90cj48L3RhYmxlPjxwP
|
||||
icuJGhlc2tsYW5nWydzdXBwb3J0X3JlbW92ZSddLicuIDxhIGhyZWY9Imh0dHBzOi8vd3d3Lmhlc2suY
|
||||
29tL2J1eS5waHAiIHRhcmdldD0iX2JsYW5rIj4nLiRoZXNrbGFuZ1snY2xpY2tfaW5mbyddLic8L2E+P
|
||||
C9wPic7DQp9DQo=', "\112");
|
||||
C9wPjxociAvPic7DQp9DQo=', "\112");
|
||||
|
||||
/* Clean unneeded session variables */
|
||||
hesk_cleanSessionVars('hide');
|
||||
|
||||
@ -758,6 +758,12 @@ if (!$pop3_OK) {
|
||||
$tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['pop3e'] . ':</span> ' . $pop3_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'pop3log\')">' . $hesklang['pop3log'] . '</a><div id="pop3log" style="display:none"> <br /><textarea name="log" rows="10" cols="60">' . $pop3_log . '</textarea></div>';
|
||||
}
|
||||
|
||||
// Clear the cache folder
|
||||
hesk_purge_cache('kb');
|
||||
hesk_purge_cache('cf');
|
||||
hesk_purge_cache('export', 14400);
|
||||
hesk_purge_cache('status');
|
||||
|
||||
// Show the settings page and display any notices or success
|
||||
if (count($tmp)) {
|
||||
$errors = implode('<br /><br />', $tmp);
|
||||
|
||||
@ -123,9 +123,9 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) {
|
||||
$tmpvar[$k] = hesk_POST($k);
|
||||
$_SESSION["as_$k"] = '';
|
||||
if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
|
||||
$date = strtotime($tmpvar[$k] . ' t00:00:00');
|
||||
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false;
|
||||
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false;
|
||||
$date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
|
||||
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
|
||||
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
|
||||
|
||||
$_SESSION["as_$k"] = $tmpvar[$k];
|
||||
|
||||
|
||||
@ -1604,7 +1604,7 @@ function mfh_print_message() {
|
||||
<br> <i class="fa fa-fw fa-globe" data-toggle="tooltip" title="<?php echo $hesklang['ip']; ?>"></i>
|
||||
<?php
|
||||
// Format IP for lookup
|
||||
if ($ticket['ip'] == 'Unknown' || $ticket['ip'] == $hesklang['unknown']) {
|
||||
if ($ticket['ip'] == '' || $ticket['ip'] == 'Unknown' || $ticket['ip'] == $hesklang['unknown']) {
|
||||
echo $hesklang['unknown'];
|
||||
} else {
|
||||
echo '<a href="../ip_whois.php?ip=' . urlencode($ticket['ip']) . '">' . $ticket['ip'] . '</a>';
|
||||
|
||||
@ -239,7 +239,7 @@ function ban_email()
|
||||
hesk_token_check();
|
||||
|
||||
// Get the email
|
||||
$email = strtolower(hesk_input(hesk_REQUEST('email')));
|
||||
$email = hesk_emailCleanup(strtolower(hesk_input(hesk_REQUEST('email'))));
|
||||
|
||||
// Nothing entered?
|
||||
if (!strlen($email)) {
|
||||
|
||||
@ -732,7 +732,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
$num_before = 0;
|
||||
$num_after = 0;
|
||||
|
||||
foreach ($hesk_settings['custom_fields'] as $id => $cf) {
|
||||
foreach ($hesk_settings['custom_fields'] as $tmp_id => $cf) {
|
||||
if ($cf['place']) {
|
||||
$num_after++;
|
||||
} else {
|
||||
@ -741,8 +741,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
}
|
||||
|
||||
$k = 1;
|
||||
foreach ($hesk_settings['custom_fields'] as $id => $cf) {
|
||||
$id = intval(str_replace('custom', '', $id));
|
||||
foreach ($hesk_settings['custom_fields'] as $tmp_id => $cf) {
|
||||
$tmp_id = intval(str_replace('custom', '', $tmp_id));
|
||||
|
||||
if ($hide_up) {
|
||||
$hide_up = false;
|
||||
@ -771,7 +771,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
$cf['category'] = count($cf['category']) ? $hesklang['cf_cat'] : $hesklang['cf_all'];
|
||||
?>
|
||||
<tr>
|
||||
<td><?php echo $id; ?></td>
|
||||
<td><?php echo $tmp_id; ?></td>
|
||||
<td><?php echo $cf['name']; ?></td>
|
||||
<td><?php echo $cf['type']; ?></td>
|
||||
<td><?php echo $cf['use']; ?></td>
|
||||
@ -791,33 +791,33 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
} elseif ($k == 1 || $hide_up) {
|
||||
?>
|
||||
<i class="fa fa-fw icon-link"> </i>
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $id; ?>&move=15&token=<?php hesk_token_echo(); ?>">
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $tmp_id; ?>&move=15&token=<?php hesk_token_echo(); ?>">
|
||||
<i class="fa fa-arrow-down fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_dn']; ?>"></i>
|
||||
</a>
|
||||
<?php
|
||||
} elseif ($k == $hesk_settings['num_custom_fields'] || $k == $num_before) {
|
||||
?>
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $id; ?>&move=-15&token=<?php hesk_token_echo(); ?>">
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $tmp_id; ?>&move=-15&token=<?php hesk_token_echo(); ?>">
|
||||
<i class="fa fa-arrow-up fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
|
||||
</a>
|
||||
<i class="fa fa-fw icon-link"> </i>
|
||||
<?php
|
||||
} else {
|
||||
?>
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $id; ?>&move=-15&token=<?php hesk_token_echo(); ?>">
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $tmp_id; ?>&move=-15&token=<?php hesk_token_echo(); ?>">
|
||||
<i class="fa fa-arrow-up fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_up']; ?>"></i>
|
||||
</a>
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $id; ?>&move=15&token=<?php hesk_token_echo(); ?>">
|
||||
<a href="custom_fields.php?a=order_cf&id=<?php echo $tmp_id; ?>&move=15&token=<?php hesk_token_echo(); ?>">
|
||||
<i class="fa fa-arrow-down fa-fw icon-link green" data-toggle="tooltip" title="<?php echo $hesklang['move_dn']; ?>"></i>
|
||||
</a>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
<a href="custom_fields.php?a=edit_cf&id=<?php echo $id; ?>">
|
||||
<a href="custom_fields.php?a=edit_cf&id=<?php echo $tmp_id; ?>">
|
||||
<i class="fa fa-pencil fa-fw icon-link orange" data-toggle="tooltip" title="<?php echo $hesklang['edit']; ?>"></i>
|
||||
</a>
|
||||
<a href="custom_fields.php?a=remove_cf&id=<?php echo $id; ?>&token=<?php hesk_token_echo(); ?>"
|
||||
<a href="custom_fields.php?a=remove_cf&id=<?php echo $tmp_id; ?>&token=<?php hesk_token_echo(); ?>"
|
||||
onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_cf']); ?>');">
|
||||
<i class="fa fa-times fa-fw icon-link red" data-toggle="tooltip" title="<?php echo $hesklang['delete']; ?>"></i>
|
||||
</a>
|
||||
|
||||
@ -24,6 +24,8 @@ require(HESK_PATH . 'inc/admin_functions.inc.php');
|
||||
require(HESK_PATH . 'inc/mail_functions.inc.php');
|
||||
require(HESK_PATH . 'inc/custom_fields.inc.php');
|
||||
hesk_load_database_functions();
|
||||
require(HESK_PATH . 'inc/posting_functions.inc.php');
|
||||
require(HESK_PATH . 'inc/view_attachment_functions.inc.php');
|
||||
|
||||
hesk_session_start();
|
||||
hesk_dbConnect();
|
||||
@ -76,16 +78,51 @@ if (hesk_isREQUEST('reply')) {
|
||||
$is_reply = 1;
|
||||
}
|
||||
|
||||
// Count number of existing attachments for this post
|
||||
$number_of_attachments = $is_reply ? hesk_countAttachments($reply['attachments']) : hesk_countAttachments($ticket['attachments']);
|
||||
|
||||
if (isset($_POST['save'])) {
|
||||
/* A security check */
|
||||
hesk_token_check('POST');
|
||||
|
||||
$hesk_error_buffer = array();
|
||||
|
||||
// Add attachments?
|
||||
if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) {
|
||||
require_once(HESK_PATH . 'inc/attachments.inc.php');
|
||||
|
||||
$attachments = array();
|
||||
|
||||
$use_legacy_attachments = hesk_POST('use-legacy-attachments', 0);
|
||||
|
||||
if ($use_legacy_attachments) {
|
||||
for ($i = $number_of_attachments + 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
|
||||
$att = hesk_uploadFile($i);
|
||||
if ($att !== false && !empty($att)) {
|
||||
$attachments[$i] = $att;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// The user used the new drag-and-drop system.
|
||||
$temp_attachment_ids = hesk_POST_array('attachment-ids');
|
||||
foreach ($temp_attachment_ids as $temp_attachment_id) {
|
||||
// Simply get the temp info and move it to the attachments table
|
||||
$temp_attachment = mfh_getTemporaryAttachment($temp_attachment_id);
|
||||
$attachments[] = $temp_attachment;
|
||||
mfh_deleteTemporaryAttachment($temp_attachment_id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($is_reply) {
|
||||
$tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];
|
||||
|
||||
if (count($hesk_error_buffer)) {
|
||||
// Remove any successfully uploaded attachments
|
||||
if ($hesk_settings['attachments']['use'] && isset($attachments)) {
|
||||
hesk_removeAttachments($attachments);
|
||||
}
|
||||
|
||||
$myerror = '<ul>';
|
||||
foreach ($hesk_error_buffer as $error) {
|
||||
$myerror .= "<li>$error</li>\n";
|
||||
@ -101,7 +138,14 @@ if (isset($_POST['save'])) {
|
||||
|
||||
$tmpvar['html'] = hesk_POST('html');
|
||||
|
||||
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "' WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
|
||||
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
|
||||
foreach ($attachments as $myatt) {
|
||||
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
|
||||
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
|
||||
}
|
||||
}
|
||||
|
||||
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `html`='" . $tmpvar['html'] . "', `message`='" . hesk_dbEscape($tmpvar['message']) . "', `attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."') WHERE `id`='" . intval($tmpvar['id']) . "' AND `replyto`='" . intval($ticket['id']) . "'");
|
||||
} else {
|
||||
$tmpvar['language'] = hesk_POST('customerLanguage');
|
||||
$tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
|
||||
@ -161,9 +205,9 @@ if (isset($_POST['save'])) {
|
||||
$_SESSION["as_$k"] = '';
|
||||
|
||||
if (preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $tmpvar[$k])) {
|
||||
$date = strtotime($tmpvar[$k] . ' t00:00:00');
|
||||
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00') : false;
|
||||
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00') : false;
|
||||
$date = strtotime($tmpvar[$k] . ' t00:00:00 UTC');
|
||||
$dmin = strlen($v['value']['dmin']) ? strtotime($v['value']['dmin'] . ' t00:00:00 UTC') : false;
|
||||
$dmax = strlen($v['value']['dmax']) ? strtotime($v['value']['dmax'] . ' t00:00:00 UTC') : false;
|
||||
|
||||
$_SESSION["as_$k"] = $tmpvar[$k];
|
||||
|
||||
@ -208,6 +252,11 @@ if (isset($_POST['save'])) {
|
||||
}
|
||||
|
||||
if (count($hesk_error_buffer)) {
|
||||
// Remove any successfully uploaded attachments
|
||||
if ($hesk_settings['attachments']['use'] && isset($attachments)) {
|
||||
hesk_removeAttachments($attachments);
|
||||
}
|
||||
|
||||
$myerror = '<ul>';
|
||||
foreach ($hesk_error_buffer as $error) {
|
||||
$myerror .= "<li>$error</li>\n";
|
||||
@ -221,6 +270,13 @@ if (isset($_POST['save'])) {
|
||||
$tmpvar['message'] = nl2br($tmpvar['message']);
|
||||
}
|
||||
|
||||
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
|
||||
foreach ($attachments as $myatt) {
|
||||
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."')");
|
||||
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . '#' . $myatt['saved_name'] . ',';
|
||||
}
|
||||
}
|
||||
|
||||
$custom_SQL = '';
|
||||
for ($i = 1; $i <= 50; $i++) {
|
||||
$custom_SQL .= '`custom'.$i.'`=' . (isset($tmpvar['custom'.$i]) ? "'".hesk_dbEscape($tmpvar['custom'.$i])."'" : "''") . ',';
|
||||
@ -232,6 +288,7 @@ if (isset($_POST['save'])) {
|
||||
`email`='" . hesk_dbEscape($tmpvar['email']) . "',
|
||||
`subject`='" . hesk_dbEscape($tmpvar['subject']) . "',
|
||||
`message`='" . hesk_dbEscape($tmpvar['message']) . "',
|
||||
`attachments`=CONCAT(`attachments`, '".hesk_dbEscape($myattachments)."'),
|
||||
`language`='" . hesk_dbEscape($tmpvar['language']) . "',
|
||||
`html`='" . hesk_dbEscape($tmpvar['html']) . "',
|
||||
$custom_SQL
|
||||
@ -278,7 +335,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
$onsubmit = 'onsubmit="return validateRichText(\'message-help-block\', \'message-group\', \'message\', \''.htmlspecialchars($hesklang['this_field_is_required']).'\')"';
|
||||
}
|
||||
?>
|
||||
<form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" <?php echo $onsubmit; ?>>
|
||||
<form role="form" class="form-horizontal" method="post" action="edit_post.php" name="form1" enctype="multipart/form-data" <?php echo $onsubmit; ?>>
|
||||
<?php
|
||||
/* If it's not a reply edit all the fields */
|
||||
if (!$is_reply) {
|
||||
@ -542,6 +599,19 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
<div class="help-block with-errors" id="message-help-block"></div>
|
||||
</div>
|
||||
</div>
|
||||
<?php if ($hesk_settings['attachments']['use'] && $number_of_attachments < $hesk_settings['attachments']['max_number']) : ?>
|
||||
<div class="form-group">
|
||||
<label for="attachments" class="control-label col-sm-3"><?php echo $hesklang['attachments']; ?>:</label>
|
||||
|
||||
<div class="col-sm-9">
|
||||
<?php build_dropzone_markup(true, 'filedrop', $number_of_attachments + 1); ?>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
display_dropzone_field($hesk_settings['hesk_url'] . '/internal-api/ticket/upload-attachment.php',
|
||||
'filedrop',
|
||||
$hesk_settings['attachments']['max_number'] - $number_of_attachments);
|
||||
endif; ?>
|
||||
<div class="form-group">
|
||||
<input type="hidden" name="save" value="1">
|
||||
<input type="hidden" name="track" value="<?php echo $trackingID; ?>">
|
||||
@ -598,4 +668,15 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
|
||||
</div>
|
||||
<?php
|
||||
require_once(HESK_PATH . 'inc/footer.inc.php');
|
||||
exit();
|
||||
exit();
|
||||
|
||||
function hesk_countAttachments($attachments_string) {
|
||||
if ( ! strlen($attachments_string) || strpos($attachments_string, ',') === false) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
$att = explode(',', substr($attachments_string, 0, -1));
|
||||
|
||||
return count($att);
|
||||
|
||||
} // END hesk_countAttachments()
|
||||
@ -145,21 +145,21 @@ LEFT(`message`, 400) AS `message`,
|
||||
$sql .= " ( `trackid` = '" . hesk_dbEscape($q) . "' OR `merged` LIKE '%#" . hesk_dbEscape($q) . "#%' ) ";
|
||||
break;
|
||||
case 'name':
|
||||
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
|
||||
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
|
||||
break;
|
||||
case 'email':
|
||||
$sql .= "`email` LIKE '%" . hesk_dbEscape($q) . "%' ";
|
||||
break;
|
||||
case 'subject':
|
||||
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
|
||||
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
|
||||
break;
|
||||
case 'message':
|
||||
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "'
|
||||
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "'
|
||||
OR
|
||||
`id` IN (
|
||||
SELECT DISTINCT `replyto`
|
||||
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`
|
||||
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )
|
||||
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
|
||||
)
|
||||
";
|
||||
break;
|
||||
@ -170,12 +170,12 @@ LEFT(`message`, 400) AS `message`,
|
||||
$sql .= "`id` IN (
|
||||
SELECT DISTINCT `ticket`
|
||||
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`
|
||||
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )
|
||||
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
|
||||
";
|
||||
break;
|
||||
default:
|
||||
if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) {
|
||||
$sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
|
||||
$sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
|
||||
} else {
|
||||
$hesk_error_buffer .= '<br />' . $hesklang['invalid_search'];
|
||||
}
|
||||
|
||||
@ -69,7 +69,7 @@ function do_login()
|
||||
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
|
||||
|
||||
$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
|
||||
$_SERVER['REMOTE_ADDR'],
|
||||
hesk_getClientIP(),
|
||||
hesk_POST('recaptcha_challenge_field', ''),
|
||||
hesk_POST('recaptcha_response_field', '')
|
||||
);
|
||||
@ -88,7 +88,7 @@ function do_login()
|
||||
|
||||
// Was there a reCAPTCHA response?
|
||||
if (isset($_POST["g-recaptcha-response"])) {
|
||||
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response"));
|
||||
$resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));
|
||||
}
|
||||
|
||||
if ($resp != null && $resp->success) {
|
||||
|
||||
@ -146,8 +146,6 @@ function hesk_kb_search($query)
|
||||
{
|
||||
global $hesk_settings, $hesklang;
|
||||
|
||||
define('HESK_NO_ROBOTS',1);
|
||||
|
||||
$res = hesk_dbQuery('SELECT t1.`id`, t1.`subject`, LEFT(`t1`.`content`, '.max(200, $hesk_settings['kb_substrart'] * 2).') AS `content`, t1.`rating` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'kb_articles` AS t1 LEFT JOIN `'.hesk_dbEscape($hesk_settings['db_pfix']).'kb_categories` AS t2 ON t1.`catid` = t2.`id` '." WHERE t1.`type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('".hesk_dbEscape($query)."') LIMIT ".intval($hesk_settings['kb_search_limit']));
|
||||
$num = hesk_dbNumRows($res);
|
||||
$show_default_category = false;
|
||||
|
||||
@ -1080,6 +1080,9 @@ function edit_category()
|
||||
// Now delete the category
|
||||
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` WHERE `id`='".intval($catid)."'");
|
||||
|
||||
// Clear KB cache
|
||||
hesk_purge_cache('kb');
|
||||
|
||||
$_SESSION['hide'] = array(
|
||||
//'treemenu' => 1,
|
||||
'new_article' => 1,
|
||||
@ -1252,6 +1255,9 @@ function save_article()
|
||||
// Update article order
|
||||
update_article_order($catid);
|
||||
|
||||
// Clear KB cache
|
||||
hesk_purge_cache('kb');
|
||||
|
||||
// Redirect to the correct page
|
||||
switch ($from) {
|
||||
case 'draft':
|
||||
@ -2174,6 +2180,9 @@ function remove_article()
|
||||
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_categories` SET `articles_draft`=`articles_draft`-1 WHERE `id`='{$catid}'");
|
||||
}
|
||||
|
||||
// Clear KB cache
|
||||
hesk_purge_cache('kb');
|
||||
|
||||
// Redirect to the correct page
|
||||
switch ($from) {
|
||||
case 'draft':
|
||||
|
||||
@ -51,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
|
||||
|
||||
$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
|
||||
$_SERVER['REMOTE_ADDR'],
|
||||
hesk_getClientIP(),
|
||||
hesk_POST('recaptcha_challenge_field', ''),
|
||||
hesk_POST('recaptcha_response_field', '')
|
||||
);
|
||||
@ -70,7 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
|
||||
// Was there a reCAPTCHA response?
|
||||
if (isset($_POST["g-recaptcha-response"])) {
|
||||
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], hesk_POST("g-recaptcha-response"));
|
||||
$resp = $reCaptcha->verifyResponse(hesk_getClientIP(), hesk_POST("g-recaptcha-response"));
|
||||
}
|
||||
|
||||
if ($resp != null && $resp->success) {
|
||||
@ -121,7 +121,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
hesk_process_messages($hesklang['noace'], 'NOREDIRECT');
|
||||
} else {
|
||||
$row = hesk_dbFetchAssoc($res);
|
||||
$hash = sha1(microtime() . $_SERVER['REMOTE_ADDR'] . mt_rand() . $row['id'] . $row['name'] . $row['pass']);
|
||||
$hash = sha1(microtime() . hesk_getClientIP() . mt_rand() . $row['id'] . $row['name'] . $row['pass']);
|
||||
|
||||
// Insert the verification hash into the database
|
||||
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` (`user`, `hash`, `ip`) VALUES (" . intval($row['id']) . ", '{$hash}', '" . hesk_dbEscape($_SERVER['REMOTE_ADDR']) . "') ");
|
||||
|
||||
@ -34,6 +34,8 @@ $hesk_settings['possible_ticket_list'] = array(
|
||||
'time_worked' => $hesklang['ts'],
|
||||
);
|
||||
|
||||
define('HESK_NO_ROBOTS', true);
|
||||
|
||||
/*** FUNCTIONS ***/
|
||||
|
||||
|
||||
@ -564,6 +566,8 @@ function hesk_verifyGoto()
|
||||
'banned_emails.php' => '',
|
||||
'banned_ips.php' => '',
|
||||
'change_status.php' => '',
|
||||
'custom_fields.php' => '',
|
||||
'custom_statuses.php' => '',
|
||||
'edit_post.php' => '',
|
||||
'email_templates.php' => '',
|
||||
'export.php' => '',
|
||||
@ -572,6 +576,7 @@ function hesk_verifyGoto()
|
||||
'knowledgebase_private.php' => '',
|
||||
'lock.php' => '',
|
||||
'mail.php' => '',
|
||||
'mail.php?a=read&id=1' => '',
|
||||
'manage_canned.php' => '',
|
||||
'manage_categories.php' => '',
|
||||
'manage_knowledgebase.php' => '',
|
||||
@ -715,6 +720,9 @@ function hesk_purge_cache($type = '', $expire_after_seconds = 0)
|
||||
case 'cf':
|
||||
$files = glob($cache_dir.'cf_*', GLOB_NOSORT);
|
||||
break;
|
||||
case 'kb':
|
||||
$files = array($cache_dir.'kb.cache.php');
|
||||
break;
|
||||
default:
|
||||
hesk_rrmdir(trim($cache_dir, '/'), true);
|
||||
return true;
|
||||
|
||||
@ -103,7 +103,7 @@ function hesk_fileError($error)
|
||||
} // End hesk_fileError()
|
||||
|
||||
|
||||
function hesk_removeAttachments($attachments, $isTicket)
|
||||
function hesk_removeAttachments($attachments, $isTicket = true)
|
||||
{
|
||||
global $hesk_settings, $hesklang, $modsForHesk_settings;
|
||||
|
||||
|
||||
@ -207,14 +207,14 @@ function output_attachment_id_holder_container($id) {
|
||||
echo '<div id="attachment-holder-' . $id . '" class="hide"></div>';
|
||||
}
|
||||
|
||||
function build_dropzone_markup($admin = false, $id = 'filedrop') {
|
||||
function build_dropzone_markup($admin = false, $id = 'filedrop', $startingId = 1) {
|
||||
global $hesklang, $hesk_settings;
|
||||
|
||||
$directory_separator = $admin ? '../' : '';
|
||||
echo '<div class="dropzone" id="' . $id . '">
|
||||
<div class="fallback">
|
||||
<input type="hidden" name="use-legacy-attachments" value="1">';
|
||||
for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
|
||||
for ($i = $startingId; $i <= $hesk_settings['attachments']['max_number']; $i++) {
|
||||
$cls = ($i == 1 && isset($_SESSION['iserror']) && in_array('attachments', $_SESSION['iserror'])) ? ' class="isError" ' : '';
|
||||
echo '<input type="file" name="attachment[' . $i . ']" size="50" ' . $cls . ' /><br />';
|
||||
}
|
||||
@ -225,7 +225,7 @@ function build_dropzone_markup($admin = false, $id = 'filedrop') {
|
||||
onclick="Javascript:hesk_window(\'' . $directory_separator . 'file_limits.php\',250,500);return false;">'. $hesklang['ful'] . '</a>';
|
||||
}
|
||||
|
||||
function display_dropzone_field($url, $id = 'filedrop') {
|
||||
function display_dropzone_field($url, $id = 'filedrop', $max_files_override = -1) {
|
||||
global $hesk_settings, $hesklang;
|
||||
|
||||
output_dropzone_window();
|
||||
@ -233,7 +233,7 @@ function display_dropzone_field($url, $id = 'filedrop') {
|
||||
|
||||
$acceptedFiles = implode(',', $hesk_settings['attachments']['allowed_types']);
|
||||
$size = mfh_bytesToUnits($hesk_settings['attachments']['max_size']);
|
||||
$max_files = $hesk_settings['attachments']['max_number'];
|
||||
$max_files = $max_files_override > -1 ? $max_files_override : $hesk_settings['attachments']['max_number'];
|
||||
|
||||
echo "
|
||||
<script type=\"text/javascript\">
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user