Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: Netsyms:master
Branches Tags
Netsyms:master
Netsyms:captcheck
Netsyms:bootswatch
Netsyms:summernote
Netsyms:inline-attachment-viewing
Netsyms:353-ability-to-resend-response
Netsyms:3.1.0
Netsyms:3.0.7
Netsyms:3.0.6
Netsyms:3.0.5
Netsyms:3.0.4
Netsyms:3.0.3
Netsyms:3.0.2
Netsyms:3.0.1
Netsyms:3.0.0
Netsyms:3.0.0-rc-1
Netsyms:3.0.0-beta-1
Netsyms:2.6.4
Netsyms:2.6.3
Netsyms:2.6.2
Netsyms:2.6.1
Netsyms:2.6.0
Netsyms:2.5.5
Netsyms:2.5.4
Netsyms:2.5.3
Netsyms:2.5.2
Netsyms:2.5.1
Netsyms:2.5.0
Netsyms:v2.4.2
Netsyms:v2.4.1
Netsyms:v2.4.0
Netsyms:v2.3.2
Netsyms:v2.3.1
Netsyms:v2.3.0
Netsyms:v2.2.1
Netsyms:v2.2.0
Netsyms:v2.1.1
Netsyms:v2.1.0
Netsyms:v2.0.1
Netsyms:v2.0.0
Netsyms:v2.0.0-BETA-2
Netsyms:v2.0.0-BETA
Netsyms:v1.7.0
Netsyms:v1.6.1
Netsyms:v1.6.0
Netsyms:v1.5.0
Netsyms:v1.4.1
Netsyms:v1.4.0
Netsyms:v1.3.0
Netsyms:v1.2.4
Netsyms:v1.2.3
Netsyms:v1.2.2
Netsyms:RELEASE_v1.2.1
Netsyms:RELEASE_v1.2.0
Netsyms:RELEASE_v1.1.6
Netsyms:RELEASE_v1.1.5
Netsyms:RELEASE_v1.1.3
Netsyms:RELEASE_v1.1.0
Netsyms:RELEASE_v1.0.3
Netsyms:RELEASE_v1.0.2
Netsyms:RELEASE_v1.0.1
Netsyms:RELEASE_v1.0.0
..
compare: Netsyms:summernote
Branches Tags
Netsyms:master
Netsyms:captcheck
Netsyms:bootswatch
Netsyms:summernote
Netsyms:inline-attachment-viewing
Netsyms:353-ability-to-resend-response
Netsyms:3.1.0
Netsyms:3.0.7
Netsyms:3.0.6
Netsyms:3.0.5
Netsyms:3.0.4
Netsyms:3.0.3
Netsyms:3.0.2
Netsyms:3.0.1
Netsyms:3.0.0
Netsyms:3.0.0-rc-1
Netsyms:3.0.0-beta-1
Netsyms:2.6.4
Netsyms:2.6.3
Netsyms:2.6.2
Netsyms:2.6.1
Netsyms:2.6.0
Netsyms:2.5.5
Netsyms:2.5.4
Netsyms:2.5.3
Netsyms:2.5.2
Netsyms:2.5.1
Netsyms:2.5.0
Netsyms:v2.4.2
Netsyms:v2.4.1
Netsyms:v2.4.0
Netsyms:v2.3.2
Netsyms:v2.3.1
Netsyms:v2.3.0
Netsyms:v2.2.1
Netsyms:v2.2.0
Netsyms:v2.1.1
Netsyms:v2.1.0
Netsyms:v2.0.1
Netsyms:v2.0.0
Netsyms:v2.0.0-BETA-2
Netsyms:v2.0.0-BETA
Netsyms:v1.7.0
Netsyms:v1.6.1
Netsyms:v1.6.0
Netsyms:v1.5.0
Netsyms:v1.4.1
Netsyms:v1.4.0
Netsyms:v1.3.0
Netsyms:v1.2.4
Netsyms:v1.2.3
Netsyms:v1.2.2
Netsyms:RELEASE_v1.2.1
Netsyms:RELEASE_v1.2.0
Netsyms:RELEASE_v1.1.6
Netsyms:RELEASE_v1.1.5
Netsyms:RELEASE_v1.1.3
Netsyms:RELEASE_v1.1.0
Netsyms:RELEASE_v1.0.3
Netsyms:RELEASE_v1.0.2
Netsyms:RELEASE_v1.0.1
Netsyms:RELEASE_v1.0.0

No commits in common. "master" and "summernote" have entirely different histories.
master ... summernote

427 changed files with 12398 additions and 21423 deletions
Show Stats Expand all files Collapse all files

102
.gitignore vendored
View File

@ -8,7 +8,7 @@ admin/archive.php
admin/custom_statuses.php
admin/email_templates.php
admin/generate_spam_question.php
admin/resend_notification.php
admin/priority.php
admin/test_connection.php
attachments/index.htm
cache/
@ -20,7 +20,6 @@ header.txt
hesk_settings.inc.php
img/add_article.png
img/add_category.png
img/anonymize.png
img/article_text.png
img/autoassign_off.png
img/autoassign_on.png
@ -36,10 +35,8 @@ img/delete.png
img/delete_off.png
img/delete_ticket.png
img/edit.png
img/email.png
img/error.png
img/existingticket.png
img/export.png
img/flag_critical.png
img/flag_high.png
img/flag_low.png
@ -85,7 +82,6 @@ img/lock.png
img/login.png
img/mail.png
img/manage.png
img/menu.png
img/minus.gif
img/minusbottom.gif
img/minustop.gif
@ -202,52 +198,52 @@ inc/tabs/tabber-minimized.js
inc/tabs/tabber.css
inc/timer/hesk_timer.js
inc/timer/index.htm
inc/tiny_mce/3.5.12/langs/en.js
inc/tiny_mce/3.5.12/license.txt
inc/tiny_mce/3.5.12/themes/advanced/about.htm
inc/tiny_mce/3.5.12/themes/advanced/anchor.htm
inc/tiny_mce/3.5.12/themes/advanced/charmap.htm
inc/tiny_mce/3.5.12/themes/advanced/color_picker.htm
inc/tiny_mce/3.5.12/themes/advanced/editor_template.js
inc/tiny_mce/3.5.12/themes/advanced/image.htm
inc/tiny_mce/3.5.12/themes/advanced/img/colorpicker.jpg
inc/tiny_mce/3.5.12/themes/advanced/img/flash.gif
inc/tiny_mce/3.5.12/themes/advanced/img/icons.gif
inc/tiny_mce/3.5.12/themes/advanced/img/iframe.gif
inc/tiny_mce/3.5.12/themes/advanced/img/pagebreak.gif
inc/tiny_mce/3.5.12/themes/advanced/img/quicktime.gif
inc/tiny_mce/3.5.12/themes/advanced/img/realmedia.gif
inc/tiny_mce/3.5.12/themes/advanced/img/shockwave.gif
inc/tiny_mce/3.5.12/themes/advanced/img/trans.gif
inc/tiny_mce/3.5.12/themes/advanced/img/video.gif
inc/tiny_mce/3.5.12/themes/advanced/img/windowsmedia.gif
inc/tiny_mce/3.5.12/themes/advanced/js/about.js
inc/tiny_mce/3.5.12/themes/advanced/js/anchor.js
inc/tiny_mce/3.5.12/themes/advanced/js/charmap.js
inc/tiny_mce/3.5.12/themes/advanced/js/color_picker.js
inc/tiny_mce/3.5.12/themes/advanced/js/image.js
inc/tiny_mce/3.5.12/themes/advanced/js/link.js
inc/tiny_mce/3.5.12/themes/advanced/js/source_editor.js
inc/tiny_mce/3.5.12/themes/advanced/langs/en.js
inc/tiny_mce/3.5.12/themes/advanced/langs/en_dlg.js
inc/tiny_mce/3.5.12/themes/advanced/link.htm
inc/tiny_mce/3.5.12/themes/advanced/shortcuts.htm
inc/tiny_mce/3.5.12/themes/advanced/skins/default/content.css
inc/tiny_mce/3.5.12/themes/advanced/skins/default/dialog.css
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/buttons.png
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/items.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_arrow.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/menu_check.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/progress.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/img/tabs.gif
inc/tiny_mce/3.5.12/themes/advanced/skins/default/ui.css
inc/tiny_mce/3.5.12/themes/advanced/source_editor.htm
inc/tiny_mce/3.5.12/tiny_mce.js
inc/tiny_mce/3.5.12/tiny_mce_popup.js
inc/tiny_mce/3.5.12/utils/editable_selects.js
inc/tiny_mce/3.5.12/utils/form_utils.js
inc/tiny_mce/3.5.12/utils/mctabs.js
inc/tiny_mce/3.5.12/utils/validate.js
inc/tiny_mce/3.5.11/langs/en.js
inc/tiny_mce/3.5.11/license.txt
inc/tiny_mce/3.5.11/themes/advanced/about.htm
inc/tiny_mce/3.5.11/themes/advanced/anchor.htm
inc/tiny_mce/3.5.11/themes/advanced/charmap.htm
inc/tiny_mce/3.5.11/themes/advanced/color_picker.htm
inc/tiny_mce/3.5.11/themes/advanced/editor_template.js
inc/tiny_mce/3.5.11/themes/advanced/image.htm
inc/tiny_mce/3.5.11/themes/advanced/img/colorpicker.jpg
inc/tiny_mce/3.5.11/themes/advanced/img/flash.gif
inc/tiny_mce/3.5.11/themes/advanced/img/icons.gif
inc/tiny_mce/3.5.11/themes/advanced/img/iframe.gif
inc/tiny_mce/3.5.11/themes/advanced/img/pagebreak.gif
inc/tiny_mce/3.5.11/themes/advanced/img/quicktime.gif
inc/tiny_mce/3.5.11/themes/advanced/img/realmedia.gif
inc/tiny_mce/3.5.11/themes/advanced/img/shockwave.gif
inc/tiny_mce/3.5.11/themes/advanced/img/trans.gif
inc/tiny_mce/3.5.11/themes/advanced/img/video.gif
inc/tiny_mce/3.5.11/themes/advanced/img/windowsmedia.gif
inc/tiny_mce/3.5.11/themes/advanced/js/about.js
inc/tiny_mce/3.5.11/themes/advanced/js/anchor.js
inc/tiny_mce/3.5.11/themes/advanced/js/charmap.js
inc/tiny_mce/3.5.11/themes/advanced/js/color_picker.js
inc/tiny_mce/3.5.11/themes/advanced/js/image.js
inc/tiny_mce/3.5.11/themes/advanced/js/link.js
inc/tiny_mce/3.5.11/themes/advanced/js/source_editor.js
inc/tiny_mce/3.5.11/themes/advanced/langs/en.js
inc/tiny_mce/3.5.11/themes/advanced/langs/en_dlg.js
inc/tiny_mce/3.5.11/themes/advanced/link.htm
inc/tiny_mce/3.5.11/themes/advanced/shortcuts.htm
inc/tiny_mce/3.5.11/themes/advanced/skins/default/content.css
inc/tiny_mce/3.5.11/themes/advanced/skins/default/dialog.css
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/buttons.png
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/items.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_arrow.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/menu_check.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/progress.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/img/tabs.gif
inc/tiny_mce/3.5.11/themes/advanced/skins/default/ui.css
inc/tiny_mce/3.5.11/themes/advanced/source_editor.htm
inc/tiny_mce/3.5.11/tiny_mce.js
inc/tiny_mce/3.5.11/tiny_mce_popup.js
inc/tiny_mce/3.5.11/utils/editable_selects.js
inc/tiny_mce/3.5.11/utils/form_utils.js
inc/tiny_mce/3.5.11/utils/mctabs.js
inc/tiny_mce/3.5.11/utils/validate.js
inc/treemenu/TreeMenu.php
inc/treemenu/index.htm
inc/zip/Zip.php
@ -255,7 +251,6 @@ inc/zip/index.htm
inc/zip/pclzip.lib.php
install/hesk.png
install/update.php
language/en/help_files
language/en/emails/category_moved.txt
language/en/emails/forgot_ticket_id.txt
language/en/emails/index.htm
@ -266,8 +261,9 @@ language/en/emails/new_ticket.txt
language/en/emails/new_ticket_staff.txt
language/en/emails/ticket_assigned_to_you.txt
language/en/index.htm
language/en/text.php
language/index.htm
language/*
!language/en
print_sec_img.php
rate.php
readme.html

88
.gitlab-ci.yml
View File

@ -1,90 +1,32 @@
image: tetraweb/php
stages:
- validate
- test
- package
- deploy
before_script:
- bash ci/docker_install.sh > /dev/null
- apt-get update
- apt-get install zip unzip
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
validate:7.2:
image: php:7.2
stage: validate
script:
- bash ci/php_lint.sh ./
validate:7.1:
image: php:7.1
stage: validate
script:
- bash ci/php_lint.sh ./
validate:7.0:
image: php:7.0
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.6:
image: php:5.6
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.5:
image: php:5.5
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.4:
image: php:5.4
stage: validate
script:
- bash ci/php_lint.sh ./
validate:5.3:
image: php:5.3
stage: validate
script:
- bash ci/php_lint.sh ./
test:7.1:
image: php:7.1
test:
stage: test
script:
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
- php composer.phar install
- composer install
- cd Tests
- phpunit
test:7.2:
image: php:7.2
stage: test
script:
- cd api
- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
- php composer-setup.php
- php -r "unlink('composer-setup.php');"
- php composer.phar update
- php composer.phar install
- cd Tests
- phpunit
package:
image: tetraweb/php
deploy:
when: manual
stage: package
stage: deploy
script:
- apt-get update
- apt-get install zip unzip
- cd api
- composer install --no-dev
- cd ../ci
- bash build_zip.sh
artifacts:
paths:
- release.zip
- release.zip

38
admin/admin_main.php
View File

@ -54,15 +54,7 @@ else {
?>
<div class="content-wrapper">
<section class="content">
<?php
// Service messages
$service_messages = mfh_get_service_messages('STAFF_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
hesk_handle_messages();
?>
<?php hesk_handle_messages(); ?>
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">
@ -108,17 +100,23 @@ else {
</div>
</div>
<?php
/*******************************************************************************
The code below handles HESK licensing. Removing or modifying this code without
purchasing a HESK license is strictly prohibited.
To purchase a HESK license and support future HESK development please visit:
https://www.hesk.com/buy.php
*******************************************************************************/
$x1a="\142a".chr(0163).chr(847249408>>23)."\66\x34".chr(796917760>>23)."\x65\156\143".chr(0157)."\x64\145";$hesk_settings['hesk_license']($x1a("\x3c\150r\x20\57\76".chr(503316480>>23)."\x74\141\142l\x65\40".chr(0142).chr(0157).chr(0162)."\144\145r\x3d\42\60".chr(285212672>>23)."\x20\x77\x69".chr(0144)."th".chr(511705088>>23)."\x22".chr(061)."\60\60\x25\42".chr(520093696>>23)."\x3c\164".chr(0162).">\74t\x64\x3e\x3c".chr(0142).chr(076).$hesklang[chr(956301312>>23)."\145\155\157\x76e".chr(796917760>>23)."\x73ta\164e\x6d".chr(847249408>>23)."\156\x74"].chr(503316480>>23)."\x2f\142\x3e".chr(074)."\57t\x64\76".chr(074)."td".chr(268435456>>23)."\x73ty\154\x65\x3d\x22te".chr(1006632960>>23)."t\x2d\141\x6c\x69".chr(0147).chr(922746880>>23)."\x3ar\151\x67ht\"\76".chr(503316480>>23)."\141 \x68\162\145\146\x3d\42".chr(0112).chr(813694976>>23)."v\141".chr(0163).chr(830472192>>23)."\162\x69".chr(0160).chr(0164)."\x3a".chr(989855744>>23)."\157\151d\50\x30".chr(343932928>>23).chr(042)."\40onc\154\151\143\153\x3d".chr(042)."\x61\x6c\145\x72t(\x27".$hesklang["\163".chr(981467136>>23)."\x70".chr(939524096>>23).chr(0157)."\162\164\137n".chr(931135488>>23)."\x74\151".chr(0143)."\x65"].chr(047)."\51\42\x3e".$hesklang["\x73\x68"]."\74".chr(394264576>>23)."\x61\x3e\74\57\164d\76\x3c/\x74\162\76".chr(503316480>>23).chr(057)."t\x61\x62\x6ce\x3e\x3c\x70\x3e".$hesklang[chr(0163)."\x75ppo\x72\x74\137".chr(956301312>>23).chr(847249408>>23)."\155".chr(931135488>>23)."v\x65"]."\x2e\x20\x3c".chr(813694976>>23)."\40\x68re\x66\x3d".chr(285212672>>23)."\150".chr(973078528>>23).chr(973078528>>23)."\160\x73".chr(486539264>>23)."\57\x2f".chr(998244352>>23)."\x77\167".chr(056)."\150".chr(847249408>>23)."s\153\56\x63\157".chr(0155)."/".chr(0142)."\165\171.".chr(0160)."h\x70".chr(285212672>>23)."\x20\x74\141".chr(0162)."g".chr(847249408>>23)."\164\x3d".chr(042)."\137b\x6c".chr(813694976>>23)."\x6ek\x22\76".$hesklang["\x63\154\151\143\153\x5f".chr(880803840>>23)."\x6e".chr(855638016>>23).chr(0157)]."\x3c/\141\x3e\x3c\x2fp".chr(076)."<\150\162\x20\x2f\x3e"),"");
/*******************************************************************************
END LICENSE CODE
*******************************************************************************/
$hesk_settings['hesk_license']('HMgPSAxOw0KaWYgKGZpbGVfZXhpc3RzKEhFU0tfUEFUSCAuI
CdoZXNrX2xpY2Vuc2UucGhwJykpDQp7DQokaCA9ICghZW1wdHkoJF9TRVJWRVJbJ0hUVFBfSE9TVCddK
SkgPyAkX1NFUlZFUlsnSFRUUF9IT1NUJ10gOiAoKCFlbXB0eSgkX1NFUlZFUlsnU0VSVkVSX05BTUUnX
SkpID8gJF9TRVJWRVJbJ1NFUlZFUl9OQU1FJ10gOiBnZXRlbnYoJ1NFUlZFUl9OQU1FJykpOw0KJGggP
SBzdHJfcmVwbGFjZSgnd3d3LicsJycsc3RydG9sb3dlcigkaCkpOw0KaW5jbHVkZShIRVNLX1BBVEggL
iAnaGVza19saWNlbnNlLnBocCcpOw0KaWYgKGlzc2V0KCRoZXNrX3NldHRpbmdzWydsaWNlbnNlJ10pI
CYmIHN0cnBvcygkaGVza19zZXR0aW5nc1snbGljZW5zZSddLHNoYTEoJGguJ2gzJkZwMiNMYUEmNTkhd
yg4LlpjXSordVI1MTInKSkgIT09IGZhbHNlKQ0Kew0KJHMgPSAwOw0KfQ0KZWxzZQ0Kew0KZWNobyAnP
HAgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyO2NvbG9yOnJlZDsiPklOVkFMSUQgTElDRU5TRSAoTk9UI
FJFR0lTVEVSRUQgRk9SICcuJGguJykhPC9wPic7DQp9DQp9DQppZiAoJHMpDQp7DQplY2hvICc8aHIgL
z48dGFibGUgYm9yZGVyPSIwIiB3aWR0aD0iMTAwJSI+PHRyPjx0ZD48Yj4nLiRoZXNrbGFuZ1sncmVtb
3ZlX3N0YXRlbWVudCddLic8L2I+PC90ZD48dGQgc3R5bGU9InRleHQtYWxpZ246cmlnaHQiPjxhIGhyZ
WY9IkphdmFzY3JpcHQ6dm9pZCgwKSIgb25jbGljaz0iYWxlcnQoXCcnLiRoZXNrbGFuZ1snc3VwcG9yd
F9ub3RpY2UnXS4nXCcpIj4nLiRoZXNrbGFuZ1snc2gnXS4nPC9hPjwvdGQ+PC90cj48L3RhYmxlPjxwP
icuJGhlc2tsYW5nWydzdXBwb3J0X3JlbW92ZSddLicuIDxhIGhyZWY9Imh0dHBzOi8vd3d3Lmhlc2suY
29tL2J1eS5waHAiIHRhcmdldD0iX2JsYW5rIj4nLiRoZXNrbGFuZ1snY2xpY2tfaW5mbyddLic8L2E+P
C9wPjxociAvPic7DQp9DQo=', "\112");
/* Clean unneeded session variables */
hesk_cleanSessionVars('hide');

76
admin/admin_reply_ticket.php
View File

@ -189,20 +189,15 @@ if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
// Add reply
$html = $modsForHesk_settings['rich_text_for_tickets'];
if ($submit_as_customer) {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($ticket['name'])) . "','" . hesk_dbEscape($message . "<br /><br /><i>{$hesklang['creb']} {$_SESSION['name']}</i>") . "', NOW(),'" . hesk_dbEscape($myattachments) . "', '" . $html . "')");
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($ticket['name'])) . "','" . hesk_dbEscape($message . "<br /><br /><i>{$hesklang['creb']} {$_SESSION['name']}</i>") . "',NOW(),'" . hesk_dbEscape($myattachments) . "', '" . $html . "')");
} else {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "', NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "', '" . $html . "')");
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`,`html`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "',NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "', '" . $html . "')");
}
/* Track ticket status changes for history */
$revision = '';
/* Change the status of priority? */
$audit_priority = null;
$audit_closed = null;
$audit_status = null;
$audit_customer_status = null;
$audit_assigned_self = null;
if (!empty($_POST['set_priority'])) {
$priority = intval(hesk_POST('priority'));
if ($priority < 0 || $priority > 3) {
@ -216,17 +211,9 @@ if (!empty($_POST['set_priority'])) {
3 => $hesklang['low']
);
$plain_options = array(
0 => 'critical',
1 => 'high',
2 => 'medium',
3 => 'low'
);
$revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$priority_sql = ",`priority`='$priority' ";
$audit_priority = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $plain_options[$priority]);
$priority_sql = ",`priority`='$priority', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
} else {
$priority_sql = "";
}
@ -251,11 +238,8 @@ if ($ticket['locked']) {
$newStatus = hesk_dbFetchAssoc($newStatusRs);
if ($newStatus['IsClosed'] && hesk_checkPermission('can_resolve', 0)) {
$audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status)
);
$sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " ";
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
// Lock the ticket if customers are not allowed to reopen tickets
if ($hesk_settings['custopen'] != 1) {
@ -263,8 +247,8 @@ if ($ticket['locked']) {
}
} else {
// Ticket isn't being closed, just add the history to the sql query (or tried to close but doesn't have permission)
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status));
$revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang[$newStatus['Key']], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
}
}
} // -> Submit as Customer reply
@ -275,8 +259,8 @@ elseif ($submit_as_customer) {
$new_status = $customerReplyStatus['ID'];
if ($ticket['status'] != $new_status) {
$audit_customer_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => mfh_getDisplayTextForStatusId($new_status));
$revision = sprintf($hesklang['thist9'], hesk_date(), $hesklang['wait_reply'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql_status = " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
}
} // -> Default: submit as "Replied by staff"
else {
@ -294,21 +278,12 @@ $sql .= $submit_as_customer ? "`lastreplier`='0', `replierid`='0' " : "`lastrepl
if ($time_worked == '00:00:00') {
$sql .= ", `lastchange` = NOW() ";
} else {
$parts = explode(':', $ticket['time_worked']);
$seconds = ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
$parts = explode(':', $time_worked);
$seconds += ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2];
require(HESK_PATH . 'inc/reporting_functions.inc.php');
$ticket['time_worked'] = hesk_SecondsToHHMMSS($seconds);
$sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
}
if (!empty($_POST['assign_self']) && (hesk_checkPermission('can_assign_self', 0) || (isset($_REQUEST['isManager']) && $_REQUEST['isManager']))) {
$audit_assigned_self = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . " ";
$revision = sprintf($hesklang['thist2'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
}
$sql .= " $priority_sql ";
@ -331,29 +306,6 @@ unset($sql);
/* Update number of replies in the users table */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `replies`=`replies`+1 WHERE `id`='" . intval($_SESSION['id']) . "'");
//-- Insert necessary audit trail records
if ($audit_priority != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_priority', hesk_date(), $audit_priority);
}
if ($audit_closed != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_closed', hesk_date(), $audit_closed);
}
if ($audit_status != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(), $audit_status);
}
if ($audit_customer_status != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_status', hesk_date(),
$audit_customer_status);
}
if ($audit_assigned_self != null) {
mfh_insert_audit_trail_record($replyto, 'TICKET', 'audit_assigned_self', hesk_date(), $audit_assigned_self);
}
// --> Prepare reply message
// 1. Generate the array with ticket info that can be used in emails
@ -372,9 +324,7 @@ $info = array(
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'language' => $ticket['language'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => ($submit_as_customer ? $ticket['name'] : $_SESSION['name']),
'language' => $ticket['language']
);
// 2. Add custom fields to the array

700
admin/admin_settings.php
View File

@ -30,7 +30,6 @@ $hesk_settings['language_default'] = $hesk_settings['language'];
require(HESK_PATH . 'inc/common.inc.php');
$hesk_settings['language'] = $hesk_settings['language_default'];
require(HESK_PATH . 'inc/admin_functions.inc.php');
require(HESK_PATH . 'inc/setup_functions.inc.php');
require(HESK_PATH . 'inc/mail_functions.inc.php');
hesk_load_database_functions();
@ -55,6 +54,8 @@ $help_folder = '../language/' . $hesk_settings['languages'][$hesk_settings['lang
$enable_save_settings = 0;
$enable_use_attachments = 0;
$server_time = date('H:i', strtotime(hesk_date()));
// Print header
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@ -81,6 +82,62 @@ if (defined('HESK_DEMO')) {
$hesk_settings['imap_password'] = $hesklang['hdemo'];
}
// Check file attachment limits
if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
// Check number of attachments per post
if (version_compare(phpversion(), '5.2.12', '>=') && @ini_get('max_file_uploads') && @ini_get('max_file_uploads') < $hesk_settings['attachments']['max_number']) {
hesk_show_notice($hesklang['fatte1']);
}
// Check max attachment size
$tmp = @ini_get('upload_max_filesize');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
switch ($last) {
case 'K':
$tmp = $tmp * 1024;
break;
case 'M':
$tmp = $tmp * 1048576;
break;
case 'G':
$tmp = $tmp * 1073741824;
break;
default:
$tmp = $tmp;
}
if ($tmp < $hesk_settings['attachments']['max_size']) {
hesk_show_notice($hesklang['fatte2']);
}
}
// Check max post size
$tmp = @ini_get('post_max_size');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
switch ($last) {
case 'K':
$tmp = $tmp * 1024;
break;
case 'M':
$tmp = $tmp * 1048576;
break;
case 'G':
$tmp = $tmp * 1073741824;
break;
default:
$tmp = $tmp;
}
if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) {
hesk_show_notice($hesklang['fatte3']);
}
}
}
$hesklang['err_custname'] = addslashes($hesklang['err_custname']);
@ -191,6 +248,32 @@ $modsForHesk_settings = mfh_getSettings();
}
};
var server_time = "<?php echo $server_time; ?>";
var today = new Date();
today.setHours(server_time.substr(0, server_time.indexOf(":")));
today.setMinutes(server_time.substr(server_time.indexOf(":") + 1));
function startTime() {
var h = today.getHours();
var m = today.getMinutes();
var s = today.getSeconds();
h = checkTime(h);
m = checkTime(m);
document.getElementById('servertime').innerHTML = h + ":" + m;
s = s + 1;
today.setSeconds(s);
t = setTimeout(function() { startTime(); },1000);
}
function checkTime(i) {
if (i < 10) {
i = "0" + i;
}
return i;
}
function checkRequiredEmail(field) {
if (document.getElementById('s_require_email_0').checked && document.getElementById('s_email_view_ticket').checked) {
if (field == 's_require_email_0' && confirm('<?php echo addslashes($hesklang['re_confirm1']); ?>')) {
@ -254,87 +337,6 @@ $modsForHesk_settings = mfh_getSettings();
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
// Check file attachment limits
if ($hesk_settings['attachments']['use'] && !defined('HESK_DEMO')) {
// Check number of attachments per post
if (version_compare(phpversion(), '5.2.12', '>=') && @ini_get('max_file_uploads') && @ini_get('max_file_uploads') < $hesk_settings['attachments']['max_number']) {
hesk_show_notice($hesklang['fatte1']);
}
// Check max attachment size
$tmp = @ini_get('upload_max_filesize');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
$number = substr($tmp, 0, -1);
switch ($last) {
case 'K':
$tmp = $number * 1024;
break;
case 'M':
$tmp = $number * 1048576;
break;
case 'G':
$tmp = $number * 1073741824;
break;
default:
$tmp = $number;
}
if ($tmp < $hesk_settings['attachments']['max_size']) {
hesk_show_notice($hesklang['fatte2']);
}
}
// Check max post size
$tmp = @ini_get('post_max_size');
if ($tmp) {
$last = strtoupper(substr($tmp, -1));
$number = substr($tmp, 0, -1);
switch ($last) {
case 'K':
$tmp = $number * 1024;
break;
case 'M':
$tmp = $number * 1048576;
break;
case 'G':
$tmp = $number * 1073741824;
break;
default:
$tmp = $number;
}
if ($tmp < ($hesk_settings['attachments']['max_size'] * $hesk_settings['attachments']['max_number'] + 524288)) {
hesk_show_notice($hesklang['fatte3']);
}
}
// If SMTP server is used, "From email" should match SMTP username
if ($hesk_settings['smtp'] && strtolower($hesk_settings['smtp_user']) != strtolower($hesk_settings['noreply_mail']) && hesk_validateEmail($hesk_settings['smtp_user'], 'ERR', 0)) {
hesk_show_notice(sprintf($hesklang['from_warning'], $hesklang['email_noreply'], $hesklang['tab_1'], $hesk_settings['smtp_user']));
}
// If POP3 fetching is active, no user should have the same email address
if ($hesk_settings['pop3'] && hesk_validateEmail($hesk_settings['pop3_user'], 'ERR', 0)) {
$res = hesk_dbQuery("SELECT `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($hesk_settings['pop3_user'])."'");
if (hesk_dbNumRows($res) > 0) {
hesk_show_notice(sprintf($hesklang['pop3_warning'], hesk_dbResult($res,0,0), $hesk_settings['pop3_user']) . "<br /><br />" . $hesklang['fetch_warning'], $hesklang['warn']);
}
}
// If IMAP fetching is active, no user should have the same email address
if ($hesk_settings['imap'] && hesk_validateEmail($hesk_settings['imap_user'], 'ERR', 0)) {
$res = hesk_dbQuery("SELECT `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($hesk_settings['imap_user'])."'");
if (hesk_dbNumRows($res) > 0) {
hesk_show_notice(sprintf($hesklang['imap_warning'], hesk_dbResult($res,0,0), $hesk_settings['imap_user']) . "<br /><br />" . $hesklang['fetch_warning'], $hesklang['warn']);
}
}
}
?>
<div class="box">
<div class="box-header with-border">
@ -353,121 +355,86 @@ $modsForHesk_settings = mfh_getSettings();
<td class="text-right">
<?php echo $hesklang['v']; ?>:
</td>
<td class="pad-right-10" id="hesk-version-status">
<?php
$cellClass = '';
if ($hesk_settings['check_updates']) {
$latest = hesk_checkVersion();
if ($latest === true) {
$cellClass = 'success';
} elseif ($latest != -1) {
$cellClass = 'warning';
}
}
?>
<td class="pad-right-10 <?php echo $cellClass; ?>">
<?php echo $hesk_settings['hesk_version']; ?>
<?php if ($hesk_settings['check_updates']) : ?>
-
<i class="spinner fa fa-spin fa-spinner"></i>
<span class="up-to-date green" style="display: none">
<?php echo $hesklang['hud']; ?>
</span>
<span class="beta-version orange" style="display: none">
<?php echo $hesklang['beta']; ?>
<a href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
</span>
<span class="update-available orange" style="display: none">
<?php echo $hesklang['hnw']; ?>
<a href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank">
<?php echo $hesklang['getup']; ?>
</a>
</span>
<a class="response-error" href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank" style="display: none"><?php echo $hesklang['check4updates']; ?></a>
<script>
var heskUrl = $('p#hesk-path').text();
var $versionStatus = $('#hesk-version-status');
$.ajax({
url: heskUrl + 'api/index.php/v1-public/hesk-version',
method: 'GET',
success: function(data) {
if ('<?php echo $hesk_settings['hesk_version']; ?>' === data.version) {
$versionStatus.addClass('success');
$versionStatus.find('.up-to-date').show();
} else if (<?php echo strpos($hesk_settings['hesk_version'], 'beta') ||
strpos($hesk_settings['hesk_version'], 'dev') ||
strpos($hesk_settings['hesk_version'], 'RC') ? 'true' : 'false'; ?>) {
$versionStatus.addClass('warning');
$versionStatus.find('.beta-version').show();
} else {
$versionStatus.addClass('warning');
$versionStatus.find('.update-available').show();
}
},
error: function() {
$versionStatus.find('.response-error').show();
},
complete: function(data) {
$versionStatus.find('.spinner').hide();
}
});
</script>
<?php else: ?>
- <a
<?php
if ($hesk_settings['check_updates']) {
if ($latest === true) {
echo ' - <span class="green">' . $hesklang['hud'] . '</span> ';
} elseif ($latest != -1) {
// Is this a beta/dev version?
if (strpos($hesk_settings['hesk_version'], 'beta') || strpos($hesk_settings['hesk_version'], 'dev') || strpos($hesk_settings['hesk_version'], 'RC')) {
echo ' <span class="dark-orange">' . $hesklang['beta'] . '</span> '; ?> <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
} else {
echo ' - <span class="dark-orange bold">' . $hesklang['hnw'] . '</span> '; ?> <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['getup']; ?></a><?php
}
} else {
?> - <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
}
} else {
?> - <a
href="https://www.hesk.com/update.php?v=<?php echo $hesk_settings['hesk_version']; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
<?php endif; ?>
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
}
?>
</td>
</tr>
<tr>
<td class="text-right pad-up-5">
<?php echo $hesklang['mods_for_hesk_version']; ?>:
</td>
<td class="pad-right-10 pad-up-5" id="mfh-version-status">
<?php
$cellClass = '';
if ($hesk_settings['check_updates']) {
$latest = hesk_checkMfhVersion($modsForHeskVersion);
if ($latest === true) {
$cellClass = 'success';
} elseif ($latest != -1) {
$cellClass = 'warning';
}
}
?>
<td class="pad-right-10 pad-up-5 <?php echo $cellClass; ?>">
<?php echo $modsForHeskVersion; ?>
<?php if ($hesk_settings['check_updates']) : ?>
-
<i class="spinner fa fa-spin fa-spinner"></i>
<span class="up-to-date green" style="display: none">
<?php echo $hesklang['mfh_up_to_date']; ?>
</span>
<span class="beta-version orange" style="display: none">
<?php echo $hesklang['beta']; ?>
<a href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
</span>
<span class="update-available" style="display: none">
<a class="orange" href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank">
<?php echo $hesklang['hnw']; ?>
</a>
</span>
<a class="response-error" href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank" style="display: none"><?php echo $hesklang['check4updates']; ?></a>
<?php else: ?>
- <a
href="https://www.mods-for-hesk.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
<?php
if ($hesk_settings['check_updates']) {
if (strpos($modsForHeskVersion, 'beta') || strpos($modsForHeskVersion, 'dev') || strpos($modsForHeskVersion, 'RC')) {
echo ' <span class="dark-orange">' . $hesklang['beta'] . '</span> '; ?> <a
href="https://mods-for-hesk.mkochcs.com/versioncheck.php?v=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a><?php
} elseif ($latest === true) {
echo ' - <span class="green">' . $hesklang['mfh_up_to_date'] . '</span>';
} else {
?> - <a href="https://mods-for-hesk.mkochcs.com" target="_blank"
class="orange bold"><?php echo $hesklang['hnw']; ?></a>
<?php
}
} else {
?> - <a
href="https://mods-for-hesk.mkochcs.com/versioncheck.php?version=<?php echo $modsForHeskVersion; ?>"
target="_blank"><?php echo $hesklang['check4updates']; ?></a>
<?php endif; ?>
<script>
var heskUrl = $('p#hesk-path').text();
var $mfhVersionStatus = $('#mfh-version-status');
$.ajax({
url: heskUrl + 'api/index.php/v1-public/mods-for-hesk-version',
method: 'GET',
success: function(data) {
if ('<?php echo $modsForHeskVersion; ?>' === data.version) {
$mfhVersionStatus.addClass('success');
$mfhVersionStatus.find('.up-to-date').show();
} else if (<?php echo strpos($modsForHeskVersion, 'beta') ||
strpos($modsForHeskVersion, 'dev') ||
strpos($modsForHeskVersion, 'RC') ? 'true' : 'false'; ?>) {
$mfhVersionStatus.addClass('warning');
$mfhVersionStatus.find('.beta-version').show();
} else {
$mfhVersionStatus.addClass('warning');
$mfhVersionStatus.find('.update-available').show();
}
},
error: function() {
$mfhVersionStatus.find('.response-error').show();
},
complete: function(data) {
$mfhVersionStatus.find('.spinner').hide();
}
});
</script>
<?php
}
?>
</td>
</tr>
<tr>
@ -1472,7 +1439,6 @@ $modsForHesk_settings = mfh_getSettings();
$on = '';
$on2 = '';
$on3 = '';
$off = '';
$div = 'block';
@ -1480,9 +1446,6 @@ $modsForHesk_settings = mfh_getSettings();
$on = 'checked="checked"';
} elseif ($hesk_settings['recaptcha_use'] == 2) {
$on2 = 'checked="checked"';
} elseif ($hesk_settings['recaptcha_use'] == 3) {
$on3 = 'checked="checked"';
$div = 'none';
} else {
$off = 'checked="checked"';
$div = 'none';
@ -1495,25 +1458,19 @@ $modsForHesk_settings = mfh_getSettings();
<br/>
<div class="radio"><label><input type="radio" name="s_recaptcha_use" value="2"
onclick="javascript:hesk_toggleLayer('recaptcha','block')" <?php echo $on2; ?> /> <?php echo $hesklang['recaptcha']; ?>
onclick="javascript:hesk_toggleLayer('recaptcha','block')" <?php echo $on2; ?> /> <?php echo $hesklang['sir2']; ?>
</label> <a href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>helpdesk.html#64','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></div>
<br/>
<div class="radio"><label><input type="radio" name="s_recaptcha_use" value="1"
onclick="javascript:hesk_toggleLayer('recaptcha','block')" <?php echo $on; ?> /> <?php echo $hesklang['sir3']; ?>
onclick="javascript:hesk_toggleLayer('recaptcha','block')" <?php echo $on; ?> /> <?php echo $hesklang['sir']; ?>
</label> <a href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>helpdesk.html#64','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></div>
<br/>
<div class="radio"><label><input type="radio" name="s_recaptcha_use" value="3"
onclick="javascript:hesk_toggleLayer('recaptcha','none')" <?php echo $on3; ?> /> <?php echo $hesklang['sir3']; ?>
</label>
</div>
<br/>
<div id="recaptcha" style="display: <?php echo $div; ?>;">
&nbsp;<br/>
@ -2228,106 +2185,6 @@ $modsForHesk_settings = mfh_getSettings();
</select>
</div>
</div>
<div class="form-group">
<label for="show-start-time" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['show_event_start_time']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['show_event_start_time']; ?>"
data-content="<?php echo $hesklang['show_event_start_time_help']; ?>"></i>
</label>
<div class="col-sm-8 form-inline">
<?php
$on = $modsForHesk_settings['calendar_show_start_time'] == 'true' ? 'checked="checked"' : '';
$off = $modsForHesk_settings['calendar_show_start_time'] == 'false' ? 'checked="checked"' : '';
echo '
<div class="radio"><label><input type="radio" name="calendar-show-start-time" value="true" ' . $on . ' /> ' . $hesklang['yes'] . '</label></div><br>
<div class="radio"><label><input type="radio" name="calendar-show-start-time" value="false" ' . $off . ' /> ' . $hesklang['no'] . '</label></div><br>'; ?>
</div>
</div>
<h4 class="bold">
<?php echo $hesklang['business_hours']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['business_hours']; ?>"
data-content="<?php echo $hesklang['business_hours_help']; ?>"></i>
</h4>
<?php
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
$business_hours = array();
while ($row = hesk_dbFetchAssoc($rs)) {
$business_hours[intval($row['day_of_week'])]['start'] = $row['start_time'];
$business_hours[intval($row['day_of_week'])]['end'] = $row['end_time'];
}
?>
<div class="form-group">
<label for="business-hours-sunday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d0']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[0]" value="<?php echo $business_hours[0]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-sunday[1]" value="<?php echo $business_hours[0]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-monday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d1']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[0]" value="<?php echo $business_hours[1]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-monday[1]" value="<?php echo $business_hours[1]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-tuesday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d2']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[0]" value="<?php echo $business_hours[2]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-tuesday[1]" value="<?php echo $business_hours[2]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-wednesday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d3']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[0]" value="<?php echo $business_hours[3]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-wednesday[1]" value="<?php echo $business_hours[3]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-thursday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d4']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[0]" value="<?php echo $business_hours[4]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-thursday[1]" value="<?php echo $business_hours[4]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-friday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d5']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[0]" value="<?php echo $business_hours[5]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-friday[1]" value="<?php echo $business_hours[5]['end']; ?>">
</div>
</div>
<div class="form-group">
<label for="business-hours-saturday" class="col-sm-4 col-xs-12 control-label">
<?php echo $hesklang['d6']; ?>
</label>
<div class="col-sm-8 col-xs-12 form-inline">
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[0]" value="<?php echo $business_hours[6]['start']; ?>">
<?php echo $hesklang['to']; ?>
<input type="text" class="form-control clockpicker" data-autoclose="true" name="business-hours-saturday[1]" value="<?php echo $business_hours[6]['end']; ?>">
</div>
</div>
</div>
</div>
@ -2868,17 +2725,10 @@ $modsForHesk_settings = mfh_getSettings();
$onload_status = ' disabled ';
}
// Is IMAP extension loaded?
if ( ! function_exists('imap_open')) {
echo '<i>'. $hesklang['disabled'] . '</i> - ' . $hesklang['imap_not'];
$onload_div = 'none';
} else {
echo '
echo '
<div class="radio"><label><input type="radio" name="s_imap" value="0" onclick="hesk_attach_disable(new Array(\'i0\',\'i1\',\'i2\',\'i3\',\'i4\',\'i5\',\'i6\',\'i7\',\'i8\',\'i9\'))" onchange="hesk_toggleLayerDisplay(\'imap_settings\');" ' . $off . '> ' . $hesklang['off'] . '</label></div>&nbsp;&nbsp;&nbsp;
<div class="radio"><label><input type="radio" name="s_imap" value="1" onclick="hesk_attach_enable(new Array(\'i0\',\'i1\',\'i2\',\'i3\',\'i4\',\'i5\',\'i6\',\'i7\',\'i8\',\'i9\'))" onchange="hesk_toggleLayerDisplay(\'imap_settings\');" ' . $on . '> ' . $hesklang['on'] . '</label></div>';
}
?>
<input type="hidden" name="tmp_imap_job_wait" value="<?php echo $hesk_settings['imap_job_wait']; ?>" />
<input type="hidden" name="tmp_imap_host_name" value="<?php echo $hesk_settings['imap_host_name']; ?>">
<input type="hidden" name="tmp_imap_host_port" value="<?php echo $hesk_settings['imap_host_port']; ?>">
<input type="hidden" name="tmp_imap_user" value="<?php echo $hesk_settings['imap_user']; ?>">
@ -3387,27 +3237,6 @@ $modsForHesk_settings = mfh_getSettings();
</div>
</div>
</div>
<div class="form-group">
<label for="show_number_merged" class="col-sm-4 control-label">
<span class="label label-primary"
data-toggle="tooltip"
title="<?php echo $hesklang['added_in_mods_for_hesk'] ?>"><?php echo $hesklang['mods_for_hesk_acronym']; ?></span>
<?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover"
title="<?php echo $hesklang['highlight_ticket_rows_based_on_priority']; ?>"
data-content="<?php echo $hesklang['highlight_ticket_rows_based_on_priority_help']; ?>"></i>
</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input type="checkbox"
name="highlight_ticket_rows_based_on_priority" <?php if ($modsForHesk_settings['highlight_ticket_rows_based_on_priority']) {
echo 'checked';
} ?>> <?php echo $hesklang['highlight_ticket_rows_based_on_priority_descr']; ?>
</label>
</div>
</div>
</div>
<div class="form-group">
<label for="s_submittedformat" class="col-sm-4 control-label"><?php echo $hesklang['sdf']; ?> <a
href="Javascript:void(0)"
@ -3459,28 +3288,53 @@ $modsForHesk_settings = mfh_getSettings();
<div class="box-body">
<h4 class="bold"><?php echo $hesklang['dat']; ?></h4>
<div class="form-group">
<label for="s_timezone" class="col-sm-4 control-label"><?php echo $hesklang['TZ']; ?> <a
href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#63','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></label>
<label for="servertime" class="col-sm-4 control-label"><?php echo $hesklang['server_time']; ?>
<a href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#18','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></label>
<div class="col-sm-8">
<?php
// Get list of supported timezones
$timezone_list = hesk_generate_timezone_list();
<p class="form-control-static"><?php echo $hesklang['csrt'] . ' <span id="servertime">' . $server_time . '</span>'; ?></p>
<script language="javascript" type="text/javascript"><!--
startTime();
//-->
</script>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-sm-2 col-sm-offset-4">
<input type="text" class="form-control" name="s_diff_hours" size="5" maxlength="3"
value="<?php echo $hesk_settings['diff_hours']; ?>"/>
</div>
<div class="col-sm-6 pad-right-0">
<p class="form-control-static"><?php echo $hesklang['t_h']; ?></p>
</div>
</div>
<div class="row pad-right-0">
<div class="col-sm-2 col-sm-offset-4">
<input type="text" class="form-control" name="s_diff_minutes" size="5" maxlength="3"
value="<?php echo $hesk_settings['diff_minutes']; ?>"/>
</div>
<div class="col-sm-6 pad-right-0">
<p class="form-control-static"><?php echo $hesklang['t_m']; ?></p>
</div>
</div>
</div>
<div class="form-group">
<label for="s_daylight" class="col-sm-4 control-label"><?php echo $hesklang['day']; ?> <a
href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#19','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></label>
// Do we need to localize month names?
if ($hesk_settings['language'] != 'English') {
$timezone_list = hesk_translate_timezone_list($timezone_list);
}
<div class="col-sm-8 form-inline">
<?php
$on = $hesk_settings['daylight'] ? 'checked="checked"' : '';
$off = $hesk_settings['daylight'] ? '' : 'checked="checked"';
echo '
<div class="radio"><label><input type="radio" name="s_daylight" value="0" ' . $off . ' /> ' . $hesklang['off'] . '</label></div>&nbsp;&nbsp;&nbsp;
<div class="radio"><label><input type="radio" name="s_daylight" value="1" ' . $on . ' /> ' . $hesklang['on'] . '</label></div>';
?>
<select class="form-control" name="s_timezone">
<?php foreach ($timezone_list as $timezone => $description): ?>
<option value="<?php echo $timezone; ?>" <?php if ($hesk_settings['timezone'] == $timezone) {echo 'selected';} ?>>
<?php echo $description; ?>
</option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="form-group">
@ -3498,13 +3352,13 @@ $modsForHesk_settings = mfh_getSettings();
<h4 class="bold"><?php echo $hesklang['other']; ?></h4>
<div class="form-group">
<label for="s_ip_whois_url" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
<label for="s_ip_whois" class="col-sm-4 control-label"><?php echo $hesklang['ip_whois']; ?> <a
href="Javascript:void(0)"
onclick="Javascript:hesk_window('<?php echo $help_folder; ?>misc.html#61','400','500')"><i
class="fa fa-question-circle settingsquestionmark"></i></a></label>
<div class="col-sm-8">
<input type="text" class="form-control" name="s_ip_whois_url" size="40" maxlength="255"
<input type="text" class="form-control" name="s_ip_whois" size="40" maxlength="255"
value="<?php echo $hesk_settings['ip_whois']; ?>"/>
</div>
</div>
@ -3728,32 +3582,6 @@ $modsForHesk_settings = mfh_getSettings();
buildColorSchemeColorpicker('dropdownItemTextHoverColor', 'dropdownItemTextHoverColor', $modsForHesk_settings['dropdownItemTextHoverColor'], 'Help');
?>
</div>
<div class="col-sm-6 col-xs-12">
<div class="form-group">
<label for="bootswatch-theme"
class="col-sm-4 col-xs-6 control-label"><?php echo $hesklang['bootswatch_theme']; ?>
</label>
<div class="col-sm-8 col-xs-6">
<select name="bootswatch-theme" id="bootswatch-theme" class="form-control">
<option value="DEFAULT">Default</option>
<?php
$bootswatch_themes = json_decode(file_get_contents("https://bootswatch.com/api/3.json"), TRUE)['themes'];
foreach ($bootswatch_themes as $theme) {
$themename = $theme['name'];
$themedesc = $theme['description'];
$themeurl = $theme['cssCdn'];
$selected = "";
if ($modsForHesk_settings['bootswatch_theme'] == $themeurl) {
$selected = " selected";
}
echo "<option value=\"$themeurl\"$selected>$themename: $themedesc</option>";
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-6 col-xs-12">
@ -4107,6 +3935,130 @@ $modsForHesk_settings = mfh_getSettings();
}
function hesk_checkVersion()
{
global $hesk_settings;
if ($latest = hesk_getLatestVersion()) {
if (strlen($latest) > 12) {
return -1;
} elseif ($latest == $hesk_settings['hesk_version']) {
return true;
} else {
return $latest;
}
} else {
return -1;
}
} // END hesk_checkVersion()
function hesk_getLatestVersion()
{
global $hesk_settings;
// Do we have a cached version file?
if (file_exists(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt')) {
if (preg_match('/^(\d+)\|([\d.]+)+$/', @file_get_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt'), $matches) && (time() - intval($matches[1])) < 3600) {
return $matches[2];
}
}
// No cached file or older than 3600 seconds, try to get an update
$hesk_version_url = 'https://hesk.com/version';
// Try using cURL
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $hesk_version_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 6);
$latest = curl_exec($ch);
curl_close($ch);
return hesk_cacheLatestVersion($latest);
}
// Try using a simple PHP function instead
if ($latest = @file_get_contents($hesk_version_url)) {
return hesk_cacheLatestVersion($latest);
}
// Can't check automatically, will need a manual check
return false;
} // END hesk_getLatestVersion()
function hesk_cacheLatestVersion($latest)
{
global $hesk_settings;
@file_put_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest.txt', time() . '|' . $latest);
return $latest;
} // END hesk_cacheLatestVersion()
function hesk_checkMfhVersion($currentVersion)
{
if ($latest = hesk_getMfhLatestVersion()) {
if (strlen($latest) > 12) {
return -1;
} elseif ($latest == $currentVersion) {
return true;
} else {
return $latest;
}
} else {
return -1;
}
}
function hesk_getMfhLatestVersion()
{
global $hesk_settings;
// Do we have a cached version file?
if (file_exists(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt')) {
if (preg_match('/^(\d+)\|([\d.]+)+$/', @file_get_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt'), $matches) && (time() - intval($matches[1])) < 3600) {
return $matches[2];
}
}
// No cached file or older than 3600 seconds, try to get an update
$hesk_version_url = 'http://mods-for-hesk.mkochcs.com/latestversion.php';
// Try using cURL
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $hesk_version_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 6);
$latest = curl_exec($ch);
curl_close($ch);
return hesk_cacheMfhLatestVersion($latest);
}
// Try using a simple PHP function instead
if ($latest = file_get_contents($hesk_version_url)) {
return hesk_cacheMfhLatestVersion($latest);
}
// Can't check automatically, will need a manual check
return false;
}
function hesk_cacheMfhLatestVersion($latest)
{
global $hesk_settings;
@file_put_contents(HESK_PATH . $hesk_settings['cache_dir'] . '/__latest-mfh.txt', time() . '|' . $latest);
return $latest;
}
function hesk_testLanguage($return_options = 0)
{
global $hesk_settings, $hesklang, $modsForHesk_settings;

55
admin/admin_settings_save.php
View File

@ -62,7 +62,6 @@ $set['noreply_mail'] = hesk_validateEmail(hesk_POST('s_noreply_mail'), $hesklang
$set['noreply_name'] = hesk_input(hesk_POST('s_noreply_name'));
$set['noreply_name'] = str_replace(array('\\&quot;', '&lt;', '&gt;'), '', $set['noreply_name']);
$set['noreply_name'] = trim(preg_replace('/\s{2,}/', ' ', $set['noreply_name']));
$set['noreply_name'] = preg_replace("/\n|\r|\t|%0A|%0D|%08|%09/", '', $set['noreply_name']);
/* --> Language settings */
$set['can_sel_lang'] = empty($_POST['s_can_sel_lang']) ? 0 : 1;
@ -141,7 +140,7 @@ $set['secimg_sum'] = '';
for ($i = 1; $i <= 10; $i++) {
$set['secimg_sum'] .= substr('AEUYBDGHJLMNPQRSTVWXZ123456789', rand(0, 29), 1);
}
$set['recaptcha_use'] = hesk_checkMinMax(intval(hesk_POST('s_recaptcha_use')), 0, 3, 0);
$set['recaptcha_use'] = hesk_checkMinMax(intval(hesk_POST('s_recaptcha_use')), 0, 2, 0);
$set['recaptcha_public_key'] = hesk_input(hesk_POST('s_recaptcha_public_key'));
$set['recaptcha_private_key'] = hesk_input(hesk_POST('s_recaptcha_private_key'));
$set['question_use'] = empty($_POST['s_question_use']) ? 0 : 1;
@ -419,14 +418,13 @@ $set['updatedformat'] = hesk_checkMinMax(intval(hesk_POST('s_updatedformat')), 0
/*** MISC ***/
/* --> Date & Time */
$set['timezone'] = hesk_input(hesk_POST('s_timezone'));
if (!in_array($set['timezone'], timezone_identifiers_list())) {
$set['timezone'] = 'UTC';
}
$set['diff_hours'] = floatval(hesk_POST('s_diff_hours', 0));
$set['diff_minutes'] = floatval(hesk_POST('s_diff_minutes', 0));
$set['daylight'] = empty($_POST['s_daylight']) ? 0 : 1;
$set['timeformat'] = hesk_input(hesk_POST('s_timeformat')) or $set['timeformat'] = 'Y-m-d H:i:s';
/* --> Other */
$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois_url', 'http://whois.domaintools.com/{IP}'));
$set['ip_whois'] = hesk_input(hesk_POST('s_ip_whois', 'http://whois.domaintools.com/{IP}'));
// If no {IP} tag append it to the end
if (strlen($set['ip_whois']) == 0) {
@ -459,7 +457,6 @@ $set['use_bootstrap_theme'] = empty($_POST['use_bootstrap_theme']) ? 0 : 1;
$set['new_kb_article_visibility'] = hesk_checkMinMax(intval(hesk_POST('new_kb_article_visibility')), 0, 2, 2);
$set['mfh_attachments'] = empty($_POST['email_attachments']) ? 0 : 1;
$set['show_number_merged'] = empty($_POST['show_number_merged']) ? 0 : 1;
$set['highlight_ticket_rows_based_on_priority'] = empty($_POST['highlight_ticket_rows_based_on_priority']) ? 0 : 1;
$set['request_location'] = empty($_POST['request_location']) ? 0 : 1;
$set['category_order_column'] = empty($_POST['category_order_column']) ? 'cat_order' : 'name';
@ -482,7 +479,6 @@ $set['navbar_title_url'] = hesk_POST('navbar_title_url');
$set['enable_calendar'] = hesk_checkMinMax(intval(hesk_POST('enable_calendar')), 0, 2, 2);
$set['first_day_of_week'] = hesk_POST('first-day-of-week', 0);
$set['default_view'] = hesk_POST('default-view', 'month');
$set['calendar_show_start_time'] = hesk_POST('calendar-show-start-time', 'true');
if ($set['customer-email-verification-required']) {
//-- Don't allow multiple emails if verification is required
@ -499,9 +495,6 @@ $set['dropdownItemTextColor'] = hesk_input(hesk_POST('dropdownItemTextColor'));
$set['dropdownItemTextHoverColor'] = hesk_input(hesk_POST('dropdownItemTextHoverColor'));
$set['questionMarkColor'] = hesk_input(hesk_POST('questionMarkColor'));
$set['dropdownItemTextHoverBackgroundColor'] = hesk_input(hesk_POST('dropdownItemTextHoverBackgroundColor'));
$set['bootswatch_theme'] = hesk_POST('bootswatch-theme');
$set['admin_navbar_background'] = hesk_input(hesk_POST('admin-navbar-background-color'));
$set['admin_navbar_background_hover'] = hesk_input(hesk_POST('admin-navbar-background-hover-color'));
$set['admin_navbar_brand_background'] = hesk_input(hesk_POST('admin-navbar-brand-background-color'));
@ -520,13 +513,6 @@ $set['admin_sidebar_text_hover'] = hesk_input(hesk_POST('admin-sidebar-text-hove
$set['login_background_type'] = hesk_input(hesk_POST('login-background'));
$set['login_box_header'] = hesk_input(hesk_POST('login-box-header'));
$set['business_hours_sunday'] = hesk_POST_array('business-hours-sunday');
$set['business_hours_monday'] = hesk_POST_array('business-hours-monday');
$set['business_hours_tuesday'] = hesk_POST_array('business-hours-tuesday');
$set['business_hours_wednesday'] = hesk_POST_array('business-hours-wednesday');
$set['business_hours_thursday'] = hesk_POST_array('business-hours-thursday');
$set['business_hours_friday'] = hesk_POST_array('business-hours-friday');
$set['business_hours_saturday'] = hesk_POST_array('business-hours-saturday');
$changedBackground = false;
$loadedAttachmentFuncs = false;
@ -626,7 +612,6 @@ mfh_updateSetting('use_bootstrap_theme', $set['use_bootstrap_theme']);
mfh_updateSetting('new_kb_article_visibility', $set['new_kb_article_visibility']);
mfh_updateSetting('attachments', $set['mfh_attachments']);
mfh_updateSetting('show_number_merged', $set['show_number_merged']);
mfh_updateSetting('highlight_ticket_rows_based_on_priority', $set['highlight_ticket_rows_based_on_priority']);
mfh_updateSetting('request_location', $set['request_location']);
mfh_updateSetting('category_order_column', $set['category_order_column'], true);
mfh_updateSetting('rich_text_for_tickets', $set['rich_text_for_tickets']);
@ -669,7 +654,6 @@ mfh_updateSetting('use_mailgun', $set['use_mailgun'], false);
mfh_updateSetting('enable_calendar', $set['enable_calendar'], false);
mfh_updateSetting('first_day_of_week', $set['first_day_of_week'], false);
mfh_updateSetting('default_calendar_view', $set['default_view'], true);
mfh_updateSetting('calendar_show_start_time', $set['calendar_show_start_time'], true);
mfh_updateSetting('admin_color_scheme', $set['admin_color_scheme'], true);
mfh_updateSetting('login_background_type', $set['login_background_type'], true);
@ -682,31 +666,6 @@ if ($changedLoginImage) {
mfh_updateSetting('login_box_header_image', $set['login_box_header_image'], true);
}
mfh_updateSetting('bootswatch_theme', $set['bootswatch_theme'], true);
// Update business hours
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_sunday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_sunday'][1]) . "' WHERE `day_of_week` = " . intval(0));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_monday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_monday'][1]) . "' WHERE `day_of_week` = " . intval(1));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_tuesday'][1]) . "' WHERE `day_of_week` = " . intval(2));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_wednesday'][1]) . "' WHERE `day_of_week` = " . intval(3));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_thursday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_thursday'][1]) . "' WHERE `day_of_week` = " . intval(4));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_friday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_friday'][1]) . "' WHERE `day_of_week` = " . intval(5));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`
SET `start_time` = '" . hesk_dbEscape($set['business_hours_saturday'][0]) . "',
`end_time` = '" . hesk_dbEscape($set['business_hours_saturday'][1]) . "' WHERE `day_of_week` = " . intval(6));
// Prepare settings file and save it
$settings_file_content = '<?php
// Settings file for HESK ' . $set['hesk_version'] . '
@ -887,7 +846,9 @@ $hesk_settings[\'updatedformat\']=' . $set['updatedformat'] . ';
// ==> MISC
// --> Date & Time
$hesk_settings[\'timezone\']=\'' . $set['timezone'] . '\';
$hesk_settings[\'diff_hours\']=' . $set['diff_hours'] . ';
$hesk_settings[\'diff_minutes\']=' . $set['diff_minutes'] . ';
$hesk_settings[\'daylight\']=' . $set['daylight'] . ';
$hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\';
// --> Other

16
admin/admin_submit_ticket.php
View File

@ -176,11 +176,11 @@ foreach ($hesk_settings['custom_fields'] as $k=>$v) {
$tmpvar['trackid'] = hesk_createID();
// Log who submitted ticket
$tmpvar['history'] = sprintf($hesklang['thist7'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$tmpvar['openedby'] = $_SESSION['id'];
// Owner
$tmpvar['owner'] = 0;
$autoassign_owner = null;
if (hesk_checkPermission('can_assign_others', 0)) {
$tmpvar['owner'] = intval(hesk_POST('owner'));
@ -192,6 +192,7 @@ if (hesk_checkPermission('can_assign_others', 0)) {
$autoassign_owner = hesk_autoAssignTicket($tmpvar['category']);
if ($autoassign_owner) {
$tmpvar['owner'] = intval($autoassign_owner['id']);
$tmpvar['history'] .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')');
} else {
$tmpvar['owner'] = 0;
}
@ -300,11 +301,6 @@ if (!$modsForHesk_settings['rich_text_for_tickets']) {
$tmpvar['message'] = nl2br($tmpvar['message']);
}
// Track who assigned the ticket
if ($tmpvar['owner'] > 0) {
$tmpvar['assignedby'] = !empty($autoassign_owner) ? -1 : $_SESSION['id'];
}
$tmpvar['latitude'] = hesk_POST('latitude', 'E-4');
$tmpvar['longitude'] = hesk_POST('longitude', 'E-4');
@ -319,14 +315,6 @@ $tmpvar['screen_resolution_width'] = "NULL";
// Insert ticket to database
$ticket = hesk_newTicket($tmpvar);
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_created', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
if ($autoassign_owner) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(),
array(0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'));
}
// Notify the customer about the ticket?
if ($notify && $email_available) {
hesk_notifyCustomer($modsForHesk_settings);

502
admin/admin_ticket.php
View File

@ -50,10 +50,6 @@ $can_unban_emails = hesk_checkPermission('can_unban_emails', 0);
$can_ban_ips = hesk_checkPermission('can_ban_ips', 0);
$can_unban_ips = hesk_checkPermission('can_unban_ips', 0);
$can_resolve = hesk_checkPermission('can_resolve', 0);
$can_view_ass_by = hesk_checkPermission('can_view_ass_by', 0);
$can_privacy = hesk_checkPermission('can_privacy',0);
$can_export = hesk_checkPermission('can_export',0);
$can_change_due_date = hesk_checkPermission('can_change_due_date', 0);
// Get ticket ID
$trackingID = hesk_cleanID() or print_form();
@ -94,47 +90,13 @@ if (hesk_dbNumRows($res) != 1) {
/* Permission to view this ticket? */
if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) {
// Maybe this user is allowed to view tickets he/she assigned?
if (!$can_view_ass_by || $ticket['assignedby'] != $_SESSION['id']) {
hesk_error($hesklang['ycvtao']);
}
hesk_error($hesklang['ycvtao']);
}
if (!$ticket['owner'] && !$can_view_unassigned) {
hesk_error($hesklang['ycovtay']);
}
// Get audit information
$audit_sort = $hesk_settings['new_top'] ? "ASC" : "DESC";
$auditRes = hesk_dbQuery("SELECT `audit`.`id`, `audit`.`language_key`, `audit`.`date`,
`values`.`replacement_index`, `values`.`replacement_value`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail` AS `audit`
LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail_to_replacement_values` AS `values`
ON `audit`.`id` = `values`.`audit_trail_id`
WHERE `entity_type` = 'TICKET' AND `entity_id` = " . intval($ticket['id']) . "
ORDER BY `audit`.`date` {$audit_sort}");
$audit_records = array();
$current_audit_record = null;
while ($row = hesk_dbFetchAssoc($auditRes)) {
if ($current_audit_record == null || $current_audit_record['id'] != $row['id']) {
if ($current_audit_record != null) {
$audit_records[] = $current_audit_record;
}
$current_audit_record['id'] = $row['id'];
$current_audit_record['language_key'] = $row['language_key'];
$current_audit_record['date'] = $row['date'];
$current_audit_record['replacement_values'] = array();
}
if ($row['replacement_index'] != null) {
$current_audit_record['replacement_values'][intval($row['replacement_index'])] = $row['replacement_value'];
}
}
if ($current_audit_record != null) {
$audit_records[] = $current_audit_record;
}
/* Set last replier name */
if ($ticket['lastreplier']) {
if (empty($ticket['repliername'])) {
@ -158,23 +120,19 @@ $managerRow = hesk_dbFetchAssoc($managerRS);
$isManager = $managerRow['id'] == $category['manager'];
if ($isManager) {
$can_del_notes =
$can_reply =
$can_delete =
$can_edit =
$can_archive =
$can_assign_self =
$can_view_unassigned =
$can_change_own_cat =
$can_change_cat =
$can_ban_emails =
$can_unban_emails =
$can_ban_ips =
$can_unban_ips =
$can_resolve =
$can_view_ass_by =
$can_privacy =
$can_export =
$can_change_due_date = true;
$can_reply =
$can_delete =
$can_edit =
$can_archive =
$can_assign_self =
$can_view_unassigned =
$can_change_own_cat =
$can_change_cat =
$can_ban_emails =
$can_unban_emails =
$can_ban_ips =
$can_unban_ips =
$can_resolve = true;
}
/* Is this user allowed to view tickets inside this category? */
@ -434,14 +392,13 @@ if (isset($_POST['notemsg']) && hesk_token_check('POST')) {
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $_SESSION['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => stripslashes($msg),
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'attachments' => $myattachments,
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => $ticket['repliername'],
);
// 2. Add custom fields to the array
@ -482,10 +439,8 @@ if ($hesk_settings['time_worked'] && ($can_reply || $can_edit) && isset($_POST['
$time_worked = hesk_getTime($h . ':' . $m . ':' . $s);
/* Update database */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_time_worked', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $time_worked));
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
/* Show ticket */
hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
@ -521,26 +476,13 @@ if (($can_reply || $can_edit) && isset($_POST['childTrackingId'])) {
}
hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` SET `parent` = ' . intval($ticket['id']) . ' WHERE `trackid` = \'' . hesk_dbEscape(hesk_POST('childTrackingId')) . '\'');
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_linked_ticket', hesk_date(),
array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => hesk_POST('childTrackingId')
));
hesk_process_messages(sprintf($hesklang['link_added'], $_POST['childTrackingId']), 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete child action */
if (($can_reply || $can_edit) && isset($_GET['deleteChild'])) {
//-- Delete the relationship
$innerTrackingRs = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id` = " . hesk_dbEscape($_GET['deleteChild']));
$innerTrackingId = hesk_dbFetchAssoc($innerTrackingRs);
hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` SET `parent` = NULL WHERE `ID` = ' . hesk_dbEscape($_GET['deleteChild']));
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlinked_ticket', hesk_date(),
array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $innerTrackingId['trackid']
));
hesk_process_messages($hesklang['ticket_no_longer_linked'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
} elseif (($can_reply || $can_edit) && isset($_GET['deleteParent'])) {
@ -586,6 +528,7 @@ if (isset($_GET['delatt']) && hesk_token_check()) {
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "'");
/* Update ticket or reply in the database */
$revision = sprintf($hesklang['thist12'], hesk_date(), $att['real_name'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
if ($reply) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($reply) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'");
@ -596,9 +539,6 @@ if (isset($_GET['delatt']) && hesk_token_check()) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name'] . '#' . $att['saved_name']) . ",','') WHERE `id`='" . intval($ticket['id']) . "'");
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `attachments`=REPLACE(`attachments`,'" . hesk_dbEscape($att_id . '#' . $att['real_name']) . ",',''), `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($ticket['id']) . "'");
}
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_attachment_deleted', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $att['real_name']));
hesk_process_messages($hesklang['kb_att_rem'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
@ -759,11 +699,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
</span>
</b><br>
<?php if ($can_change_due_date): ?>
<button class="btn btn-default btn-sm" id="change-button">
<?php echo $hesklang['chg']; ?>
</button>
<?php endif; ?>
</div>
<div id="editable-due-date" style="display: none">
<span class="form-group">
@ -952,11 +890,6 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
/* This will handle error, success and notice messages */
hesk_handle_messages();
$service_messages = mfh_get_service_messages('STAFF_VIEW_TICKET');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
// Prepare special custom fields
foreach ($hesk_settings['custom_fields'] as $k=>$v) {
if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) {
@ -1015,42 +948,25 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
);
$options = array();
for ($i = 0; $i < 4; $i++) {
if ($ticket['priority'] == $i) {
if ($i === 0) {
$cssClass = 'critical-priority';
} elseif ($i === 1) {
$cssClass = 'high-priority';
} elseif ($i === 2) {
$cssClass = 'medium-priority';
} else {
$cssClass = 'low-priority';
}
}
$selected = $ticket['priority'] == $i ? 'selected' : '';
$content = "<i class='fa fa-fw fa-%s %s' style='font-size: 1em'></i> {$priorityLanguages[$i]}";
if ($i === 0) {
$content = sprintf($content, 'long-arrow-up', 'critical');
} elseif ($i === 1) {
$content = sprintf($content, 'angle-double-up', 'orange');
} elseif ($i === 2) {
$content = sprintf($content, 'angle-double-down', 'green');
} else {
$content = sprintf($content, 'long-arrow-down', 'blue');
}
array_push($options, '<option data-content="' . $content . '" value="' . $i . '" ' . $selected . '>' . $priorityLanguages[$i] . '</option>');
array_push($options, '<option value="' . $i . '" ' . $selected . '>' . $priorityLanguages[$i] . '</option>');
}
echo '<div class="ticket-cell-admin col-md-3 col-sm-12 ' . $cssClass . '">';
echo '<div class="ticket-cell-admin col-md-3 col-sm-12 ';
if ($ticket['priority'] == 0) {
echo 'critical-priority">';
} elseif ($ticket['priority'] == 1) {
echo 'high-priority">';
} else {
echo 'med-low-priority">';
}
echo '<p class="ticket-property-title">' . $hesklang['priority'] . '</p>';
echo '<form style="margin-bottom:0;" id="changePriorityForm" action="priority.php" method="post">
<span style="white-space:nowrap;">
<select class="selectpicker form-control" name="priority" onchange="document.getElementById(\'changePriorityForm\').submit();">';
<select class="form-control" name="priority" onchange="document.getElementById(\'changePriorityForm\').submit();">';
echo implode('', $options);
echo '
</select>
@ -1071,13 +987,13 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$results = mfh_getAllStatuses();
foreach ($results as $row) {
$selected = $ticket['status'] == $row['ID'] ? 'selected' : '';
$status_options[$row['ID']] = '<option style="color: ' . $row['TextColor'] . '" value="' . $row['ID'] . '" ' . $selected . '>' . mfh_getDisplayTextForStatusId($row['ID']) . '</option>';
$status_options[$row['ID']] = '<option value="' . $row['ID'] . '" ' . $selected . '>' . mfh_getDisplayTextForStatusId($row['ID']) . '</option>';
}
echo '
<form role="form" id="changeStatusForm" style="margin-bottom:0;" action="change_status.php" method="post">
<span style="white-space:nowrap;">
<select class="selectpicker form-control" onchange="document.getElementById(\'changeStatusForm\').submit();" name="s">
<select class="form-control" onchange="document.getElementById(\'changeStatusForm\').submit();" name="s">
' . implode('', $status_options) . '
</select>
@ -1095,7 +1011,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '
<form style="margin-bottom:0;" id="changeOwnerForm" action="assign_owner.php" method="post">
<span style="white-space:nowrap;">
<select class="selectpicker form-control" name="owner" onchange="document.getElementById(\'changeOwnerForm\').submit();">';
<select class="form-control" name="owner" onchange="document.getElementById(\'changeOwnerForm\').submit();">';
$selectedForUnassign = 'selected';
foreach ($admins as $k => $v) {
$selected = '';
@ -1130,7 +1046,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<form style="margin-bottom:0;" id="changeCategory" action="move_category.php" method="post">
<span style="white-space:nowrap;">
<select name="category" class="selectpicker form-control" onchange="document.getElementById(\'changeCategory\').submit();">
<select name="category" class="form-control" onchange="document.getElementById(\'changeCategory\').submit();">
' . $categories_options . '
</select>
@ -1206,9 +1122,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">
<i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . '"></i>
<i class="fa fa-paperclip" style="font-size:16px;" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['dnl'] . ' ' . $att_name . '"></i>
</a>
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . ' (' . mfh_getAttachmentFileSize($att_id) . ')' . '</a><br />
<a href="../download_attachment.php?att_id=' . $att_id . '&amp;track=' . $trackingID . '">' . $att_name . '</a><br />
';
}
}
@ -1334,7 +1250,7 @@ require_once(HESK_PATH . 'inc/footer.inc.php');
function hesk_getAdminButtons($category_id)
{
global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve, $can_privacy, $can_export, $isManager;
global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve, $isManager;
$options = '';
@ -1342,12 +1258,12 @@ function hesk_getAdminButtons($category_id)
if ($can_edit) {
$tmp = $reply ? '&amp;reply=' . $reply['id'] : '';
$mgr = $isManager ? '&amp;isManager=true' : '';
$options .= '<a id="editticket" title="'.$hesklang['edtt'].'" class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['btn_edit'] . '</a> ';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edit'] . '</a> ';
}
/* Print ticket button */
$options .= '<a class="btn btn-default" title="'.$hesklang['printer_friendly'].'" href="../print.php?track=' . $trackingID . '"><i class="fa fa-print"></i> ' . $hesklang['btn_print'] . '</a> ';
$options .= '<a class="btn btn-default" href="../print.php?track=' . $trackingID . '"><i class="fa fa-print"></i> ' . $hesklang['printer_friendly'] . '</a> ';
/* Copy ticket button */
$strippedName = strip_tags($ticket['name']);
@ -1502,7 +1418,7 @@ function hesk_getAdminButtons($category_id)
/* Lock ticket button */
if ($can_resolve) {
$template =
'<div class="col-md-6 col-sm-12"><a id="%s" title="%s" class="button-link" href="lock.php?track=' . $trackingID . '&amp;locked=%s&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '">
'<div class="col-md-6 col-sm-12"><a class="button-link" href="lock.php?track=' . $trackingID . '&amp;locked=%s&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '">
<div class="panel panel-default">
<div class="panel-body">
<h4>
@ -1512,14 +1428,14 @@ function hesk_getAdminButtons($category_id)
</div>
</a></div>';
$dropdown .= $ticket['locked']
? sprintf($template, 'unlock', $hesklang['tul'] . ' - ' . $hesklang['isloc'], 0, 'unlock', $hesklang['btn_unlock'])
: sprintf($template, 'lock', $hesklang['tlo'] . ' - ' . $hesklang['isloc'], 1, 'lock', $hesklang['btn_lock']);
? sprintf($template, 0, 'unlock', $hesklang['tul'])
: sprintf($template, 1, 'lock', $hesklang['tlo']);
}
/* Tag ticket button */
if ($can_archive) {
$template =
'<div class="col-md-6 col-sm-12"><a id="%s" title="%s" class="button-link" href="archive.php?track=' . $trackingID . '&amp;archived=%s&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '">
'<div class="col-md-6 col-sm-12"><a class="button-link" href="archive.php?track=' . $trackingID . '&amp;archived=%s&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '">
<div class="panel panel-default">
<div class="panel-body">
<h4>
@ -1530,51 +1446,18 @@ function hesk_getAdminButtons($category_id)
</a></div>';
$dropdown .= $ticket['archive']
? sprintf($template, 'untag', $hesklang['remove_archive'], 0, $hesklang['btn_untag'])
: sprintf($template, 'tag', $hesklang['add_archive'], 1, $hesklang['btn_tag']);
? sprintf($template, 0, $hesklang['remove_archive'])
: sprintf($template, 1, $hesklang['add_archive']);
}
/* Import to knowledgebase button */
if ($hesk_settings['kb_enable'] && hesk_checkPermission('can_man_kb', 0)) {
$dropdown .=
'<div class="col-md-6 col-sm-12"><a id="addtoknow" title="'.$hesklang['import_kb'].'" href="manage_knowledgebase.php?a=import_article&amp;track=' . $trackingID . '" class="button-link">
'<div class="col-md-6 col-sm-12"><a href="manage_knowledgebase.php?a=import_article&amp;track=' . $trackingID . '" class="button-link">
<div class="panel panel-default">
<div class="panel-body">
<h4>
<i class="fa fa-lightbulb-o fa-fw"></i> ' . $hesklang['btn_import_kb'] . '
</h4>
</div>
</div>
</a></div>';
}
// Export ticket
if ($can_export) {
$dropdown .=
'<div class="col-md-6 col-sm-12">
<a id="exportticket" href="export_ticket.php?track='.$trackingID.'&amp;Refresh='.mt_rand(10000,99999).'&amp;token='.hesk_token_echo(0).'"
title="'.$hesklang['btn_export'].'" class="button-link">
<div class="panel panel-default">
<div class="panel-body">
<h4>
<i class="fa fa-download fa-fw"></i> '.$hesklang['btn_export'].'
</h4>
</div>
</div>
</a></div>';
}
// Anonymize ticket
if ($can_privacy) {
$dropdown .=
'<div class="col-md-6 col-sm-12">
<a id="exportticket" href="anonymize_ticket.php?track='.$trackingID.'&amp;Refresh='.mt_rand(10000,99999).'&amp;token='.hesk_token_echo(0).'"
onclick="return hesk_confirmExecute(\''.hesk_makeJsString($hesklang['confirm_anony']).'?\\n\\n'.hesk_makeJsString($hesklang['privacy_anon_info']).'\');"
title="'.$hesklang['confirm_anony'].'" class="button-link">
<div class="panel panel-default">
<div class="panel-body warning">
<h4>
<i class="fa fa-shield fa-fw"></i> '.$hesklang['btn_anony'].'
<i class="fa fa-lightbulb-o fa-fw"></i> ' . $hesklang['import_kb'] . '
</h4>
</div>
</div>
@ -1586,11 +1469,11 @@ function hesk_getAdminButtons($category_id)
if ($reply) {
$url = 'admin_ticket.php';
$tmp = 'delete_post=' . $reply['id'];
$txt = $hesklang['btn_delr'];
$txt = $hesklang['delt'];
} else {
$url = 'delete_tickets.php';
$tmp = 'delete_ticket=1';
$txt = $hesklang['btn_delt'];
$txt = $hesklang['dele'];
}
$dropdown .=
'<div class="col-md-6 col-sm-12"><a class="button-link" href="' . $url . '?track=' . $trackingID . '&amp;' . $tmp . '&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($txt) . '?\');">
@ -1613,7 +1496,7 @@ function hesk_getAdminButtons($category_id)
function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
{
global $hesk_settings, $hesklang, $ticket, $trackingID, $can_edit, $can_archive, $can_delete, $isManager;
global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $isManager;
$options = $reply ? '' : '<div class="pull-right">';
@ -1637,7 +1520,7 @@ function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
if ($can_edit) {
$tmp = $reply ? '&amp;reply=' . $reply['id'] : '';
$mgr = $isManager ? '&amp;isManager=true' : '';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['btn_edit'] . '</a> ';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edtt'] . '</a> ';
}
@ -1646,13 +1529,13 @@ function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
if ($reply) {
$url = 'admin_ticket.php';
$tmp = 'delete_post=' . $reply['id'];
$txt = $hesklang['btn_delr'];
$txt = $hesklang['delt'];
} else {
$url = 'delete_tickets.php';
$tmp = 'delete_ticket=1';
$txt = $hesklang['btn_delt'];
$txt = $hesklang['dele'];
}
$options .= '<a id="deleteticket" class="btn btn-default" href="' . $url . '?track=' . $trackingID . '&amp;' . $tmp . '&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '" onclick="return hesk_confirmExecute(\'' . $txt . '?\');"><i class="fa fa-times red"></i> ' . $txt . '</a> ';
$options .= '<a class="btn btn-default" href="' . $url . '?track=' . $trackingID . '&amp;' . $tmp . '&amp;Refresh=' . mt_rand(10000, 99999) . '&amp;token=' . hesk_token_echo(0) . '" onclick="return hesk_confirmExecute(\'' . $txt . '?\');"><i class="fa fa-times red"></i> ' . $txt . '</a> ';
}
/* Return generated HTML */
@ -1705,7 +1588,7 @@ function print_form()
} // End print_form()
function mfh_print_message() {
global $ticket, $hesklang, $hesk_settings, $can_ban_emails, $can_ban_ips, $can_unban_emails, $can_unban_ips, $trackingID, $modsForHesk_settings;
global $ticket, $hesklang, $hesk_settings, $can_ban_emails, $can_ban_ips, $trackingID, $modsForHesk_settings;
?>
<li><i class="fa fa-comment bg-red" data-toggle="tooltip" title="<?php echo $hesklang['original_message']; ?>"></i>
<div class="timeline-item">
@ -1866,46 +1749,7 @@ function mfh_print_message() {
function hesk_printTicketReplies()
{
global $hesklang, $hesk_settings, $result, $reply, $audit_records;
// Sort replies and audit messages. They'll be in the proper order already
$combined_records = array();
foreach ($audit_records as $audit_record) {
$audit_record['SORT_TYPE'] = 'AUDIT_RECORD';
$combined_records[] = $audit_record;
}
while ($reply = hesk_dbFetchAssoc($result)) {
$reply['SORT_TYPE'] = 'REPLY';
$combined_records[] = $reply;
}
// Re-sort them so they're in order by date
usort($combined_records, function ($a, $b) use (&$hesk_settings) {
$a_date = null;
$b_date = null;
if ($a['SORT_TYPE'] == 'REPLY') {
$a_date = strtotime($a['dt']);
} else {
$a_date = strtotime($a['date']);
}
if ($b['SORT_TYPE'] == 'REPLY') {
$b_date = strtotime($b['dt']);
} else {
$b_date = strtotime($b['date']);
}
if ($a_date === $b_date && $a['SORT_TYPE'] != $b['SORT_TYPE']) {
if ($hesk_settings['new_top']) {
return $a['SORT_TYPE'] == 'REPLY' ? 1 : -1;
}
return $a['SORT_TYPE'] == 'REPLY' ? -1 : 1;
}
return $hesk_settings['new_top'] ? $b_date - $a_date : $a_date - $b_date;
});
global $hesklang, $hesk_settings, $result, $reply;
echo '<ul class="timeline">';
if (!$hesk_settings['new_top']) {
@ -1914,12 +1758,66 @@ function hesk_printTicketReplies()
echo '<li class="today-top"><i class="fa fa-clock-o bg-gray" data-toggle="tooltip" title="' . $hesklang['timeline_today'] . '"></i></li>';
}
foreach ($combined_records as $record) {
if ($record['SORT_TYPE'] == 'REPLY') {
mfh_print_reply($record);
} else {
mfh_print_audit_record($record);
}
while ($reply = hesk_dbFetchAssoc($result)) {
$reply['dt'] = hesk_date($reply['dt'], true);
?>
<li>
<?php if ($reply['staffid']): ?>
<i class="fa fa-reply bg-orange" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_staff']; ?>"></i>
<?php else: ?>
<i class="fa fa-share bg-blue" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_customer']; ?>"></i>
<?php endif; ?>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $reply['dt']; ?></span>
<h3 class="timeline-header"><?php echo $reply['name']; ?></h3>
<div class="timeline-body">
<div class="row">
<div class="col-md-3 text-right">
<strong><?php echo $hesklang['message_colon']; ?></strong>
</div>
<div class="col-md-9">
<?php
if ($reply['html']) {
echo hesk_html_entity_decode($reply['message']);
} else {
echo $reply['message'];
} ?>
</div>
</div>
</div>
<?php
if ($hesk_settings['attachments']['use'] && strlen($reply['attachments'])):
?>
<div class="timeline-footer">
<?php mfh_listAttachments($reply['attachments'], $reply['id'], true); ?>
</div>
<?php endif; ?>
<div class="timeline-footer">
<div class="row">
<div class="col-md-6">
<?php
/* Staff rating */
if ($hesk_settings['rating'] && $reply['staffid']) {
if ($reply['rating'] == 1) {
echo '<p class="rate">' . $hesklang['rnh'] . '</p>';
} elseif ($reply['rating'] == 5) {
echo '<p class="rate">' . $hesklang['rh'] . '</p>';
}
}
/* Show "unread reply" message? */
if ($reply['staffid'] && !$reply['read']) {
echo '<p class="rate">' . $hesklang['unread'] . '</p>';
}
?>
</div>
<div class="col-md-6 text-right">
<?php echo hesk_getAdminButtonsInTicket(); ?>
</div>
</div>
</div>
</div>
</li>
<?php
}
if ($hesk_settings['new_top']) {
@ -1933,179 +1831,10 @@ function hesk_printTicketReplies()
} // End hesk_printTicketReplies()
function mfh_print_reply($reply) {
global $hesklang, $hesk_settings;
$reply['dt'] = hesk_date($reply['dt'], true);
?>
<li>
<?php if ($reply['staffid']): ?>
<i class="fa fa-reply bg-orange" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_staff']; ?>"></i>
<?php else: ?>
<i class="fa fa-share bg-blue" data-toggle="tooltip" title="<?php echo $hesklang['reply_by_customer']; ?>"></i>
<?php endif; ?>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $reply['dt']; ?></span>
<h3 class="timeline-header"><?php echo $reply['name']; ?></h3>
<div class="timeline-body">
<div class="row">
<div class="col-md-3 text-right">
<strong><?php echo $hesklang['message_colon']; ?></strong>
</div>
<div class="col-md-9">
<?php
if ($reply['html']) {
echo hesk_html_entity_decode($reply['message']);
} else {
echo $reply['message'];
} ?>
</div>
</div>
</div>
<?php
if ($hesk_settings['attachments']['use'] && strlen($reply['attachments'])):
?>
<div class="timeline-footer">
<?php mfh_listAttachments($reply['attachments'], $reply['id'], true); ?>
</div>
<?php endif; ?>
<div class="timeline-footer">
<div class="row">
<div class="col-md-6">
<?php
/* Staff rating */
if ($hesk_settings['rating'] && $reply['staffid']) {
if ($reply['rating'] == 1) {
echo '<p class="rate">' . $hesklang['rnh'] . '</p>';
} elseif ($reply['rating'] == 5) {
echo '<p class="rate">' . $hesklang['rh'] . '</p>';
}
}
/* Show "unread reply" message? */
if ($reply['staffid'] && !$reply['read']) {
echo '<p class="rate">' . $hesklang['unread'] . '</p>';
}
?>
</div>
<div class="col-md-6 text-right">
<?php echo hesk_getAdminButtonsInTicket($reply); ?>
</div>
</div>
</div>
</div>
</li>
<?php
}
function mfh_print_audit_record($record) {
global $hesklang;
$record['date'] = hesk_date($record['date'], true);
$font_icon = null;
switch ($record['language_key']) {
case 'audit_moved_category':
$font_icon = 'fa-pie-chart';
break;
case 'audit_assigned':
case 'audit_assigned_self':
$font_icon = 'fa-user-plus';
break;
case 'audit_unassigned':
$font_icon = 'fa-user-times';
break;
case 'audit_autoassigned':
$font_icon = 'fa-bolt';
break;
case 'audit_closed':
case 'audit_automatically_closed':
$font_icon = 'fa-check-circle';
break;
case 'audit_opened':
$font_icon = 'fa-circle-o';
break;
case 'audit_locked':
case 'audit_automatically_locked':
$font_icon = 'fa-lock';
break;
case 'audit_unlocked':
$font_icon = 'fa-unlock-alt';
break;
case 'audit_created':
case 'audit_submitted_by':
$font_icon = 'fa-user';
break;
case 'audit_priority':
// The new priority is in arg[1]
$priority = $record['replacement_values'][1];
if ($priority === 'critical') {
$font_icon = 'fa-long-arrow-up';
} elseif ($priority === 'high') {
$font_icon = 'fa-angle-double-up';
} elseif ($priority === 'medium') {
$font_icon = 'fa-angle-double-down';
} else {
$font_icon = 'fa-long-arrow-down';
}
// Now localize the text for display
$record['replacement_values'][1] = $hesklang[$priority];
break;
case 'audit_status':
$font_icon = 'fa-exchange';
break;
case 'audit_submitted_via_piping':
case 'audit_submitted_via_pop':
case 'audit_submitted_via_imap':
$font_icon = 'fa-envelope-o';
break;
case 'audit_attachment_deleted':
$font_icon = 'fa-paperclip';
break;
case 'audit_merged':
$font_icon = 'fa-code-fork';
break;
case 'audit_time_worked':
$font_icon = 'fa fa-clock-o';
break;
case 'audit_due_date_removed':
$font_icon = 'fa fa-calendar-minus-o';
break;
case 'audit_due_date_changed':
$font_icon = 'fa fa-calendar';
//-- Format the date
$record['replacement_values'][1] = date('Y-m-d', strtotime($record['replacement_values'][1]));
break;
case 'audit_linked_ticket':
$font_icon = 'fa fa-link';
break;
case 'audit_unlinked_ticket':
$font_icon = 'fa fa-chain-broken';
break;
case 'audit_anonymized':
$font_icon = 'fa fa-shield';
break;
default:
$font_icon = 'fa-question-circle';
break;
}
?>
<li>
<i class="fa <?php echo $font_icon; ?> bg-gray"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> <?php echo $record['date']; ?></span>
<h3 class="timeline-header audit-record">
<?php echo vsprintf($hesklang[$record['language_key']], $record['replacement_values']); ?>
</h3>
</div>
</li>
<?php
}
function hesk_printReplyForm()
{
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $modsForHesk_settings, $isManager;
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $isManager, $modsForHesk_settings;
// Force assigning a ticket before allowing to reply?
if ($hesk_settings['require_owner'] && ! $ticket['owner'])
@ -2390,7 +2119,6 @@ function hesk_printCanned()
myMsg = myMsg.replace(/%%HESK_TRACKID%%/g, '<?php echo hesk_jsString($ticket['trackid']); ?>');
myMsg = myMsg.replace(/%%HESK_TRACK_ID%%/g, '<?php echo hesk_jsString($ticket['trackid']); ?>');
myMsg = myMsg.replace(/%%HESK_NAME%%/g, '<?php echo hesk_jsString($ticket['name']); ?>');
myMsg = myMsg.replace(/%%HESK_FIRST_NAME%%/g, '<?php echo hesk_jsString(hesk_full_name_to_first_name($ticket['name'])); ?>');
myMsg = myMsg.replace(/%%HESK_EMAIL%%/g, '<?php echo hesk_jsString($ticket['email']); ?>');
myMsg = myMsg.replace(/%%HESK_OWNER%%/g, '<?php echo hesk_jsString( isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : ''); ?>');

43
admin/anonymize_ticket.php
View File

@ -1,43 +0,0 @@
<?php
/**
*
* This file is part of HESK - PHP Help Desk Software.
*
* (c) Copyright Klemen Stirn. All rights reserved.
* https://www.hesk.com
*
* For the full copyright and license agreement information visit
* https://www.hesk.com/eula.php
*
*/
define('IN_SCRIPT',1);
define('HESK_PATH','../');
/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php');
require(HESK_PATH . 'inc/admin_functions.inc.php');
require(HESK_PATH . 'inc/privacy_functions.inc.php');
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
// Check permissions for this feature
hesk_checkPermission('can_privacy');
// A security check
hesk_token_check();
// Tracking ID
$trackingID = hesk_cleanID() or die($hesklang['int_error'].': '.$hesklang['no_trackID']);
// Anonymize the ticket and redirect back
if (hesk_anonymizeTicket(0, $trackingID))
{
hesk_process_messages($hesklang['success_anon'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS');
}
hesk_error($hesklang['no_permission']);

29
admin/assign_owner.php
View File

@ -52,9 +52,8 @@ $owner = intval(hesk_REQUEST('owner'));
/* If ID is -1 the ticket will be unassigned */
if ($owner == -1) {
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0, `assignedby`=NULL WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unassigned', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
$revision = sprintf($hesklang['thist2'], hesk_date(), '<i>' . $hesklang['unas'] . '</i>', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
hesk_process_messages($hesklang['tunasi2'], $_SERVER['PHP_SELF'], 'SUCCESS');
} elseif ($owner < 1) {
@ -97,25 +96,8 @@ if ($ticket['owner'] && $ticket['owner'] != $owner && hesk_REQUEST('unassigned')
/* Assigning to self? */
if ($can_assign_others || ($owner == $_SESSION['id'] && $can_assign_self)) {
$assignedby = intval(hesk_SESSION('id'));
if ($assignedby > 0) {
$assignedby = ',`assignedby`=' . $assignedby;
} else {
$assignedby = '';
}
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} {$assignedby} WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($owner == $_SESSION['id'] && $can_assign_self) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned_self', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
} else {
// current user -> assigned user
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_assigned', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $row['name'] . ' (' . $row['user'] . ')'));
}
$revision = sprintf($hesklang['thist2'], hesk_date(), $row['name'] . ' (' . $row['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($owner != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) {
$_SERVER['PHP_SELF'] = 'admin_main.php';
@ -137,14 +119,13 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array

2
admin/banned_emails.php
View File

@ -200,7 +200,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
if ($can_unban) {
echo '
<td class="' . $color . ' text-left">
<a name="Unban '.$ban['email'].'" href="banned_emails.php?a=unban&amp;id=' . $ban['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();">
<a href="banned_emails.php?a=unban&amp;id=' . $ban['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();">
<i class="fa fa-times red font-size-16p" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['delban'] . '"></i>
</a>
</td>

2
admin/banned_ips.php
View File

@ -263,7 +263,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
if ($can_unban) {
echo '
<td class="' . $color . ' text-left">
<a name="Unban '.$ban['ip_display'].'" href="banned_ips.php?a=unban&amp;id=' . $ban['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();">
<a href="banned_ips.php?a=unban&amp;id=' . $ban['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();">
<i class="fa fa-times red font-size-16p" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['delban'] . '"></i></a>
</td>
';

339
admin/calendar.php
View File

@ -282,10 +282,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
<option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
</div>
</div>
@ -334,168 +334,147 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<form id="edit-form" class="form-horizontal" data-toggle="validator">
<div class="modal-body">
<ul class="nav nav-tabs" role="tablist" id="edit-modal-tabs">
<li role="presentation" class="active"><a href="#edit-contents" aria-controls="home" role="tab" data-toggle="tab"><?php echo $hesklang['information']; ?></a></li>
<li role="presentation"><a href="#edit-history" aria-controls="profile" role="tab" data-toggle="tab"><?php echo $hesklang['thist']; ?></a></li>
</ul>
<div class="tab-content" id="information-tab">
<div role="tabpanel" class="tab-pane active" id="edit-contents">
<br>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="name" class="col-sm-3 control-label">
<?php echo $hesklang['event_title']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
<div class="col-sm-9">
<input type="text" name="name" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="location" class="col-sm-3 control-label">
<?php echo $hesklang['event_location']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<input type="text" name="location" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="category" class="col-sm-3 control-label">
<?php echo $hesklang['category']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<select name="category" class="form-control"
pattern="[0-9]+"
data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
<?php
if ($hesk_settings['select_cat']) {
echo '<option value="">'.$hesklang['select'].'</option>';
}
foreach ($categories as $category): ?>
<option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
<?php echo $category['name']; ?>
</option>
<?php endforeach; ?>
</select>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="name" class="col-sm-3 control-label">
<?php echo $hesklang['event_title']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_title_tooltip']); ?>"></i></label>
<div class="col-sm-9">
<input type="text" name="name" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_title']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="start-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_start']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="start-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="start-time" class="form-control clockpicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
data-placement="left" data-align="top" data-autoclose="true">
<div class="help-block with-errors"></div>
<div class="form-group">
<label for="location" class="col-sm-3 control-label">
<?php echo $hesklang['event_location']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_location_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<input type="text" name="location" class="form-control"
placeholder="<?php echo htmlspecialchars($hesklang['event_location']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label for="category" class="col-sm-3 control-label">
<?php echo $hesklang['category']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_category_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<select name="category" class="form-control"
pattern="[0-9]+"
data-error="<?php echo htmlspecialchars($hesklang['sel_app_cat']); ?>" required>
<?php
if ($hesk_settings['select_cat']) {
echo '<option value="">'.$hesklang['select'].'</option>';
}
foreach ($categories as $category): ?>
<option value="<?php echo $category['id']; ?>" data-background-color="<?php echo htmlspecialchars($category['background_color']); ?>"
data-foreground-color="<?php echo htmlspecialchars($category['foreground_color']); ?>"
data-display-border="<?php echo htmlspecialchars($category['display_border_outline']); ?>">
<?php echo $category['name']; ?>
</option>
<?php endforeach; ?>
</select>
<div class="help-block with-errors"></div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="start-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_start']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_start_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="start-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="start-time" class="form-control clockpicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_start_time']); ?>"
data-placement="left" data-align="top" data-autoclose="true">
<div class="help-block with-errors"></div>
<div class="checkbox">
<label>
<input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
</label>
</div>
</div>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="end-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_end']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
<div class="checkbox">
<label>
<input type="checkbox" name="all-day"> <?php echo $hesklang['event_all_day']; ?>
</label>
<div class="col-sm-6">
<input type="text" name="end-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="end-time" class="form-control clockpicker"
data-placement="left" data-align="top" data-autoclose="true"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="reminder" class="col-sm-3 control-label">
<?php echo $hesklang['event_reminder']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
</label>
<div class="col-sm-2">
<input type="text" name="reminder-value" class="form-control" placeholder="#">
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="MINUTE"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="HOUR"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="DAY"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="WEEK"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="comments" class="col-sm-3 control-label">
<?php echo $hesklang['event_comments']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
</div>
</div>
</div>
</div>
</div>
<div role="tabpanel" class="tab-pane" id="edit-history">
<br>
<table class="table table-striped">
<thead>
<tr>
<th><?php echo $hesklang['date']; ?></th>
<th><?php echo $hesklang['description']; ?></th>
</tr>
</thead>
<tbody id="history-table"></tbody>
</table>
<div class="col-md-6">
<div class="form-group">
<label for="end-date" class="col-sm-6 control-label">
<?php echo $hesklang['event_end']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_end_tooltip']); ?>"></i>
</label>
<div class="col-sm-6">
<input type="text" name="end-date" class="form-control datepicker"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_date']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<input type="text" name="end-time" class="form-control clockpicker"
data-placement="left" data-align="top" data-autoclose="true"
placeholder="<?php echo htmlspecialchars($hesklang['event_end_time']); ?>">
<div class="help-block with-errors"></div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="reminder" class="col-sm-3 control-label">
<?php echo $hesklang['event_reminder']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_reminder_tooltip']); ?>"></i>
</label>
<div class="col-sm-2">
<input type="text" name="reminder-value" class="form-control" placeholder="#">
</div>
<div class="col-sm-4">
<select name="reminder-unit" class="form-control">
<option value="0"><?php echo $hesklang['event_min_before_event']; ?></option>
<option value="1"><?php echo $hesklang['event_hours_before_event']; ?></option>
<option value="2"><?php echo $hesklang['event_days_before_event']; ?></option>
<option value="3"><?php echo $hesklang['event_weeks_before_event']; ?></option>
</select>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="comments" class="col-sm-3 control-label">
<?php echo $hesklang['event_comments']; ?>
<i class="fa fa-question-circle settingsquestionmark"
data-toggle="tooltip"
title="<?php echo htmlspecialchars($hesklang['event_comments_tooltip']); ?>"></i>
</label>
<div class="col-sm-9">
<textarea name="comments" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['event_comments']); ?>"></textarea>
</div>
</div>
</div>
</div>
</div>
@ -566,34 +545,22 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<strong><?php echo $hesklang['category']; ?></strong>
<span></span>
</div>
<div class="popover-status">
<strong><?php echo $hesklang['status']; ?></strong>
<span></span>
</div>
<div class="popover-priority">
<strong><?php echo $hesklang['priority']; ?></strong>
<span></span>
</div>
</div>
</div>
<?php
echo mfh_get_hidden_fields_for_language(array('error_loading_events',
'error_deleting_event',
'event_deleted',
'event_created',
'error_creating_event',
'event_updated',
'error_updating_event',
'ticket_due_date_updated',
'error_updating_ticket_due_date',
'critical',
'high',
'medium',
'low',
'audit_event_created',
'audit_event_updated'));
?>
<div style="display: none">
<p id="lang_error_loading_events"><?php echo $hesklang['error_loading_events']; ?></p>
<p id="lang_error_deleting_event"><?php echo $hesklang['error_deleting_event']; ?></p>
<p id="lang_event_deleted"><?php echo $hesklang['event_deleted']; ?></p>
<p id="lang_event_created"><?php echo $hesklang['event_created']; ?></p>
<p id="lang_error_creating_event"><?php echo $hesklang['error_creating_event']; ?></p>
<p id="lang_event_updated"><?php echo $hesklang['event_updated']; ?></p>
<p id="lang_error_updating_event"><?php echo $hesklang['error_updating_event']; ?></p>
<p id="lang_ticket_due_date_updated"><?php echo $hesklang['ticket_due_date_updated']; ?></p>
<p id="lang_error_updating_ticket_due_date"><?php echo $hesklang['error_updating_ticket_due_date']; ?></p>
<p id="setting_first_day_of_week"><?php echo $modsForHesk_settings['first_day_of_week']; ?></p>
<p id="setting_default_view">
<?php
@ -605,21 +572,7 @@ echo mfh_get_hidden_fields_for_language(array('error_loading_events',
echo $view_array[$_SESSION['default_calendar_view']];
?>
</p>
<p id="setting_show_start_time"><?php echo $modsForHesk_settings['calendar_show_start_time']; ?></p>
<?php
$businessHoursRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mfh_calendar_business_hours`");
while ($row = hesk_dbFetchAssoc($businessHoursRs)):
?>
<p id="business_hours_<?php echo $row['day_of_week']; ?>_start"><?php echo $row['start_time']; ?></p>
<p id="business_hours_<?php echo $row['day_of_week']; ?>_end"><?php echo $row['end_time']; ?></p>
<?php endwhile; ?>
</div>
<script type="text/html" id="audit-trail-template">
<tr>
<td data-property="date"></td>
<td data-property="description"></td>
</tr>
</script>
<?php
require_once(HESK_PATH . 'inc/footer.inc.php');

43
admin/change_status.php
View File

@ -37,10 +37,6 @@ hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
$ticket_id_rs = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($trackingID) . "'");
$ticket_id_row = hesk_dbFetchAssoc($ticket_id_rs);
$ticket_id = $ticket_id_row['id'];
/* Valid statuses */
$statusSql = "SELECT `ID` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses`";
$status_options = array();
@ -58,11 +54,6 @@ if (!isset($status_options[$status])) {
$locked = 0;
$audit_closed = null;
$audit_locked = null;
$audit_status = null;
$audit_opened = null;
$statusRow = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `ID`, `IsClosed` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE ID = " . $status));
if ($statusRow['IsClosed']) // Closed
{
@ -71,14 +62,10 @@ if ($statusRow['IsClosed']) // Closed
}
$action = $hesklang['ticket_been'] . ' ' . $hesklang['close'];
$audit_closed = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $status_options[$status]);
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
if ($hesk_settings['custopen'] != 1) {
$locked = 1;
$audit_locked = array();
}
// Notify customer of closed ticket?
@ -104,43 +91,21 @@ if ($statusRow['IsClosed']) // Closed
} elseif ($statusRow['IsNewTicketStatus'] == 0) //Ticket is still open, but not new
{
$action = sprintf($hesklang['tsst'], $status_options[$status]);
$audit_status = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $status_options[$status]);
$revision = sprintf($hesklang['thist9'], hesk_date(), $status_options[$status], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else // Ticket is marked as "NEW"
{
$action = $hesklang['ticket_been'] . ' ' . $hesklang['opened'];
$audit_opened = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$revision = sprintf($hesklang['thist4'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($audit_status !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_status', hesk_date(),
$audit_status);
}
if ($audit_closed !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_closed', hesk_date(),
$audit_closed);
}
if ($audit_locked !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_automatically_locked', hesk_date(),
array());
}
if ($audit_opened !== null) {
mfh_insert_audit_trail_record($ticket_id, 'TICKET', 'audit_opened', hesk_date(),
$audit_opened);
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if (hesk_dbAffectedRows() != 1) {
hesk_error("$hesklang[int_error]: $hesklang[trackID_not_found].");

77
admin/custom_fields.php
View File

@ -166,31 +166,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
<?php
}
$descriptions = hesk_SESSION(array('new_cf','descriptions')); ?>
</div>
<div class="form-group">
<label for="description[]" class="col-sm-3 control-label">
<?php echo $hesklang['description']; ?>
</label>
<?php if ($hesk_settings['can_sel_lang'] && count($hesk_settings['languages']) > 1): ?>
<table border="0">
<?php foreach ($hesk_settings['languages'] as $lang => $info): ?>
<tr>
<td><?php echo $lang; ?></td>
<td>
<textarea class="form-control"
name="description[<?php echo $lang; ?>]"><?php echo (isset($descriptions[$lang]) ? $descriptions[$lang] : ''); ?></textarea>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php else: ?>
<div class="col-sm-9">
<textarea class="form-control"
name="description[<?php echo $hesk_settings['language']; ?>]"><?php echo (isset($descriptions[$hesk_settings['language']]) ? $descriptions[$hesk_settings['language']] : ''); ?></textarea>
</div>
<?php endif; ?>
?>
</div>
<div class="form-group">
<label for="name[]" class="col-sm-3 control-label">
@ -519,9 +495,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<?php echo $hesklang['email_custom_field_label']; ?>
</label>
<div class="col-sm-8">
<?php
$address_type = empty($value['email_type']) ? 'none' : $value['email_type'];
?>
<?php $address_type = empty($value['email_type']) ? 'none' : $value['email_type']; ?>
<div class="radio">
<label>
<input type="radio" name="email_type" value="none"
@ -798,16 +772,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<tr>
<td><?php echo $tmp_id; ?></td>
<td>
<?php
echo $cf['name'];
if ($cf['mfh_description'] !== null && trim($cf['mfh_description']) !== '') {
echo ' <i class="fa fa-info-circle" data-toggle="popover"
data-title="' . htmlspecialchars($hesklang['description']) . '"
data-content="' . htmlspecialchars($cf['mfh_description']) . '"></i>';
}
?>
</td>
<td><?php echo $cf['name']; ?></td>
<td><?php echo $cf['type']; ?></td>
<td><?php echo $cf['use']; ?></td>
<td><?php echo $cf['req']; ?></td>
@ -849,10 +814,10 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
}
}
?>
<a name="Edit <?php echo $cf['name']; ?>" href="custom_fields.php?a=edit_cf&amp;id=<?php echo $tmp_id; ?>">
<a href="custom_fields.php?a=edit_cf&amp;id=<?php echo $tmp_id; ?>">
<i class="fa fa-pencil fa-fw icon-link orange" data-toggle="tooltip" title="<?php echo $hesklang['edit']; ?>"></i>
</a>
<a name="Delete <?php echo $cf['name']; ?>" href="custom_fields.php?a=remove_cf&amp;id=<?php echo $tmp_id; ?>&amp;token=<?php hesk_token_echo(); ?>"
<a href="custom_fields.php?a=remove_cf&amp;id=<?php echo $tmp_id; ?>&amp;token=<?php hesk_token_echo(); ?>"
onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_cf']); ?>');">
<i class="fa fa-times fa-fw icon-link red" data-toggle="tooltip" title="<?php echo $hesklang['delete']; ?>"></i>
</a>
@ -920,7 +885,6 @@ function save_cf()
`req` = '{$cf['req']}',
`category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').",
`name` = '".hesk_dbEscape($cf['names'])."',
`mfh_description` = '".hesk_dbEscape($cf['descriptions'])."',
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL')."
WHERE `id`={$id}");
@ -952,9 +916,6 @@ function edit_cf()
$cf['names'] = json_decode($cf['name'], true);
unset($cf['name']);
$cf['descriptions'] = json_decode($cf['mfh_description'], true);
unset($cf['mfh_description']);
if (strlen($cf['category']))
{
$cf['categories'] = json_decode($cf['category'], true);
@ -1033,7 +994,7 @@ function remove_cf()
$id = intval( hesk_GET('id') ) or hesk_error($hesklang['cf_e_id']);
// Reset the custom field
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `mfh_description`=NULL, `value`=NULL, `order`=1000 WHERE `id`={$id}");
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."custom_fields` SET `use`='0', `place`='0', `type`='text', `req`='0', `category`=NULL, `name`='', `value`=NULL, `order`=1000 WHERE `id`={$id}");
// Were we successful?
if ( hesk_dbAffectedRows() == 1 )
@ -1096,27 +1057,6 @@ function cf_validate()
$hesk_error_buffer[] = $hesklang['err_custname'];
}
// Descriptions
$cf['descriptions'] = hesk_POST_array('description');
// Make sure only non-empty descriptions pass
foreach ($cf['descriptions'] as $key => $description) {
if (!isset($hesk_settings['languages'][$key])) {
unset($cf['descriptions'][$key]);
} else {
$description = is_array($description) ? '' : hesk_input($description, 0, 0, HESK_SLASH);
if (strlen($description) < 1)
{
unset($cf['descriptions'][$key]);
}
else
{
$cf['descriptions'][$key] = stripslashes($description);
}
}
}
// Get type and values
$cf['type'] = hesk_POST('type');
switch ($cf['type'])
@ -1324,10 +1264,8 @@ function cf_validate()
}
$cf['names'] = addslashes(json_encode($cf['names']));
$cf['descriptions'] = addslashes(json_encode($cf['descriptions']));
$cf['value'] = $cf['type'] == 'date' ? json_encode($cf['value']) : addslashes(json_encode($cf['value']));
return $cf;
} // END cf_validate()
@ -1367,8 +1305,7 @@ function new_cf()
`req` = '{$cf['req']}',
`category` = ".(count($cf['categories']) ? "'".json_encode($cf['categories'])."'" : 'NULL').",
`name` = '".hesk_dbEscape($cf['names'])."',
`mfh_description` = '".hesk_dbEscape($cf['descriptions'])."',
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').",
`value` = ".(strlen($cf['value']) ? "'".hesk_dbEscape($cf['value'])."'" : 'NULL').",
`order` = 990
WHERE `id`={$_SESSION['cford']}");

330
admin/delete_tickets.php
View File

@ -81,130 +81,12 @@ $i = 0;
// Possible priorities
$priorities = array(
'critical' => array('value' => 0, 'lang' => 'critical', 'text' => $hesklang['critical'], 'formatted' => '<font class="critical">' . $hesklang['critical'] . '</font>'),
'high' => array('value' => 1, 'lang' => 'high', 'text' => $hesklang['high'], 'formatted' => '<font class="important">' . $hesklang['high'] . '</font>'),
'medium' => array('value' => 2, 'lang' => 'medium', 'text' => $hesklang['medium'], 'formatted' => '<font class="medium">' . $hesklang['medium'] . '</font>'),
'low' => array('value' => 3, 'lang' => 'low', 'text' => $hesklang['low'], 'formatted' => $hesklang['low']),
'critical' => array('value' => 0, 'text' => $hesklang['critical'], 'formatted' => '<font class="critical">' . $hesklang['critical'] . '</font>'),
'high' => array('value' => 1, 'text' => $hesklang['high'], 'formatted' => '<font class="important">' . $hesklang['high'] . '</font>'),
'medium' => array('value' => 2, 'text' => $hesklang['medium'], 'formatted' => '<font class="medium">' . $hesklang['medium'] . '</font>'),
'low' => array('value' => 3, 'text' => $hesklang['low'], 'formatted' => $hesklang['low']),
);
// Assign tickets to
if ( isset($_POST['assign']) && $_POST['assign'] == $hesklang['assi']) {
if ( ! isset($_POST['owner']) || $_POST['owner'] == '') {
hesk_process_messages($hesklang['assign_no'], $referer, 'NOTICE');
}
$end_message = array();
$num_assigned = 0;
// Permissions
$can_assign_others = hesk_checkPermission('can_assign_others',0);
if ($can_assign_others) {
$can_assign_self = true;
} else {
$can_assign_self = hesk_checkPermission('can_assign_self',0);
}
$owner = intval( hesk_POST('owner') );
if ($owner == -1) {
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
}
$this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0, `assignedby`=NULL WHERE `id`={$this_id} LIMIT 1");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_unassigned', hesk_date(), array(0 => $_SESSION['name'].' ('.$_SESSION['user'].')'));
$end_message[] = sprintf($hesklang['assign_2'], $this_id);
$i++;
}
hesk_process_messages($hesklang['assign_1'],$referer,'SUCCESS');
}
$res = hesk_dbQuery("SELECT `id`,`user`,`name`,`email`,`isadmin`,`categories`,`notify_assigned` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='{$owner}' LIMIT 1");
$owner_data = hesk_dbFetchAssoc($res);
if (!$owner_data['isadmin']) {
$owner_data['categories']=explode(',',$owner_data['categories']);
}
require(HESK_PATH . 'inc/email_functions.inc.php');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
}
$this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`={$this_id} LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
continue;
}
$ticket = hesk_dbFetchAssoc($result);
if ($ticket['owner'] == $owner) {
$end_message[] = sprintf($hesklang['assign_3'], $ticket['trackid'], $owner_data['name']);
$i++;
continue;
}
if ($owner_data['isadmin'] || in_array($ticket['category'],$owner_data['categories'])) {
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`={$owner}, `assignedby`=".intval($_SESSION['id'])." WHERE `id`={$this_id} LIMIT 1");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_assigned', hesk_date(), array(0 => $_SESSION['name'].' ('.$_SESSION['user'].')',
1 => $owner_data['name'].' ('.$owner_data['user'].')'));
$end_message[] = sprintf($hesklang['assign_4'], $ticket['trackid'], $owner_data['name']);
$num_assigned++;
$ticket['owner'] = $owner;
/* --> Prepare message */
// 1. Generate the array with ticket info that can be used in emails
$info = array(
'email' => $ticket['email'],
'category' => $ticket['category'],
'priority' => $ticket['priority'],
'owner' => $ticket['owner'],
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],
'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
);
// 2. Add custom fields to the array
foreach ($hesk_settings['custom_fields'] as $k => $v) {
$info[$k] = $v['use'] ? $ticket[$k] : '';
}
// 3. Make sure all values are properly formatted for email
$ticket = hesk_ticketToPlain($info, 1, 0);
/* Notify the new owner? */
if ($ticket['owner'] != intval($_SESSION['id'])) {
hesk_notifyAssignedStaff(false, 'ticket_assigned_to_you', $modsForHesk_settings);
}
} else {
$end_message[] = sprintf($hesklang['assign_5'], $ticket['trackid'], $owner_data['name']);
}
$i++;
}
hesk_process_messages(sprintf($hesklang['assign_log'], $num_assigned, ($i - $num_assigned), implode("\n", $end_message)),$referer,($num_assigned == 0) ? 'ERROR' : ($num_assigned < $i ? 'NOTICE' : 'SUCCESS'));
}
// Change priority
if (array_key_exists($_POST['a'], $priorities)) {
// A security check
@ -231,10 +113,8 @@ if (array_key_exists($_POST['a'], $priorities)) {
hesk_okCategory($ticket['category']);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}' WHERE `id`={$this_id}");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_priority', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $priority['lang']));
$revision = sprintf($hesklang['thist8'], hesk_date(), $priority['formatted'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority['value']}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`={$this_id}");
$i++;
}
@ -253,6 +133,8 @@ elseif ($_POST['a'] == 'delete') {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
@ -329,185 +211,7 @@ elseif ($_POST['a'] == 'tag' || $_POST['a'] == 'untag') {
}
hesk_process_messages(sprintf($action, $i), $referer, 'SUCCESS');
}
/* EXPORT */
elseif ($_POST['a']=='export') {
/* Check permissions for this feature */
hesk_checkPermission('can_export');
/* A security check */
hesk_token_check('POST');
$ids_to_export = array();
foreach ($_POST['id'] as $this_id) {
if ( is_array($this_id) ) {
continue;
}
$ids_to_export[] = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$i++;
}
if ($i < 1) {
hesk_process_messages($hesklang['no_selected'], $referer, 'NOTICE');
}
// Start SQL statement for selecting tickets
$sql = "SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id` IN (".implode(',', $ids_to_export).") ";
$sql .= " AND " . hesk_myCategories();
$sql .= " AND " . hesk_myOwnership();
require_once(HESK_PATH . 'inc/custom_fields.inc.php');
require(HESK_PATH . 'inc/export_functions.inc.php');
list($success_msg, $tickets_exported) = hesk_export_to_XML($sql, true);
if ($tickets_exported > 0) {
hesk_process_messages($success_msg,$referer,'SUCCESS');
} else {
hesk_process_messages($hesklang['n2ex'],$referer,'NOTICE');
}
}
/* ANONYMIZE */
elseif ($_POST['a']=='anonymize') {
/* Check permissions for this feature */
hesk_checkPermission('can_privacy');
/* A security check */
hesk_token_check('POST');
require(HESK_PATH . 'inc/privacy_functions.inc.php');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
}
$this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$result = hesk_dbQuery("SELECT `id`,`trackid`,`name`,`category` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($this_id)."' AND ".hesk_myOwnership()." LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
continue;
}
$ticket = hesk_dbFetchAssoc($result);
hesk_okCategory($ticket['category']);
hesk_anonymizeTicket(null, null, true);
$i++;
}
hesk_process_messages(sprintf($hesklang['num_tickets_anon'],$i),$referer,'SUCCESS');
}
/* PRINT */
elseif ($_POST['a']=='print') {
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
/* A security check */
hesk_token_check('POST');
// Load custom fields
require_once(HESK_PATH . 'inc/custom_fields.inc.php');
// List of staff
if (!isset($admins)) {
$admins = array();
$res2 = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `id` ASC");
while ($row=hesk_dbFetchAssoc($res2)) {
$admins[$row['id']]=$row['name'];
}
}
// List of categories
$hesk_settings['categories'] = array();
$res2 = hesk_dbQuery('SELECT `id`, `name` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` WHERE ' . hesk_myCategories('id') . ' ORDER BY `cat_order` ASC');
while ($row=hesk_dbFetchAssoc($res2)) {
$hesk_settings['categories'][$row['id']] = $row['name'];
}
// Print page head
header('Content-Type: text/html; charset=utf-8');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title><?php echo $hesk_settings['hesk_title']; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $hesklang['ENCODING']; ?>">
<style type="text/css">
body, table, td, p {
color : black;
font-family : Verdana, Geneva, Arial, Helvetica, sans-serif;
font-size : <?php echo $hesk_settings['print_font_size']; ?>px;
}
table {
border-collapse:collapse;
}
hr {
border: 0;
color: #9e9e9e;
background-color: #9e9e9e;
height: 1px;
width: 100%;
text-align: left;
}
</style>
</head>
<body onload="window.print()">
<?php
// Loop through ticket IDs and print them
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
}
$this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$result = hesk_dbQuery("SELECT `t1`.* , `ticketStatus`.`IsClosed` AS `isClosed`, `ticketStatus`.`Key` AS `statusKey`, `t2`.name AS `repliername`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` AS `t1` LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` AS `t2` ON `t1`.`replierid` = `t2`.`id`
INNER JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` AS `ticketStatus` ON `t1`.`status` = `ticketStatus`.`ID`
WHERE `t1`.`id`='{$this_id}' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
continue;
}
$ticket = hesk_dbFetchAssoc($result);
// Check that we have proper permissions to view this ticket
hesk_okCategory($ticket['category']);
$can_view_ass_by = hesk_checkPermission('can_view_ass_by', 0);
$can_view_unassigned = hesk_checkPermission('can_view_unassigned',0);
if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id'] && ! hesk_checkPermission('can_view_ass_others',0)) {
// Maybe this user is allowed to view tickets he/she assigned?
if ( ! $can_view_ass_by || $ticket['assignedby'] != $_SESSION['id']) {
hesk_error($hesklang['ycvtao']);
}
}
if (!$ticket['owner'] && ! $can_view_unassigned) {
hesk_error($hesklang['ycovtay']);
}
// All good, continue...
$category['name'] = isset($hesk_settings['categories'][$ticket['category']]) ? $hesk_settings['categories'][$ticket['category']] : $hesklang['catd'];
// Get replies
$res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='{$ticket['id']}' ORDER BY `id` ASC");
$replies = hesk_dbNumRows($res);
// Print ticket
require(HESK_PATH . 'inc/print_template.inc.php');
flush();
}
?>
</body>
</html>
<?php
exit();
}
/* JUST CLOSE */
} /* JUST CLOSE */
else {
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
@ -518,6 +222,8 @@ else {
hesk_token_check('POST');
require(HESK_PATH . 'inc/email_functions.inc.php');
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
@ -533,11 +239,7 @@ else {
$closedStatusRS = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "statuses` WHERE `IsStaffClosedOption` = 1");
$closedStatus = hesk_dbFetchAssoc($closedStatusRS);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='" . $closedStatus['ID'] . "', `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . " WHERE `id`='" . intval($this_id) . "'");
mfh_insert_audit_trail_record($this_id, 'TICKET', 'audit_closed', hesk_date(),
array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='" . $closedStatus['ID'] . "', `closedat`=NOW(), `closedby`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($this_id) . "'");
$i++;
// Notify customer of closed ticket?
@ -582,14 +284,6 @@ function hesk_fullyDeleteTicket()
/* Delete ticket notes */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `ticket`='" . intval($ticket['id']) . "'");
/* Delete audit trail records */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail_to_replacement_values`
WHERE `audit_trail_id` IN (
SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail`
WHERE `entity_type` = 'TICKET' AND `entity_id` = " . intval($ticket['id']) . ")");
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "audit_trail` WHERE `entity_type`='TICKET'
AND `entity_id` = " . intval($ticket['id']));
/* Delete ticket reply drafts */
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` WHERE `ticket`=" . intval($ticket['id']));

76
admin/edit_post.php
View File

@ -36,7 +36,6 @@ if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_edit_tickets');
}
$modsForHesk_settings = mfh_getSettings();
/* Ticket ID */
@ -66,7 +65,6 @@ if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_okCategory($ticket['category']);
}
if (hesk_isREQUEST('reply')) {
$tmpvar['id'] = intval(hesk_REQUEST('reply')) or die($hesklang['id_not_valid']);
@ -368,7 +366,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['subject'] . $required; ?></label>
<div class="col-sm-9">
<input class="form-control" type="text" name="subject" size="40" maxlength="70"
<input class="form-control" type="text" name="subject" size="40" maxlength="40"
value="<?php echo $ticket['subject']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"/>
</div>
@ -380,7 +378,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</label>
<div class="col-sm-9">
<input class="form-control" type="text" name="name" size="40" maxlength="50"
<input class="form-control" type="text" name="name" size="40" maxlength="30"
value="<?php echo $ticket['name']; ?>"
placeholder="<?php echo htmlspecialchars($hesklang['name']); ?>"
data-error="<?php echo $hesklang['this_field_is_required']; ?>"
@ -445,9 +443,6 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div>
</div>';
@ -478,11 +473,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<option ' . $selected . '>' . $option . '</option>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '</select>';
echo '<div class="help-block with-errors"></div>
echo '</select>
<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -503,9 +496,6 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
echo '<div class="checkbox"><label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
</div>
</div>';
@ -520,11 +510,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<textarea name="' . $k . '" class="form-control" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -543,11 +530,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" name="' . $k . '" value="' . $k_value . '" class="datepicker form-control" size="10" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -562,11 +546,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input class="form-control" type="text" name="' . $k . '" id="' . $k . '" value="' . $k_value . '" size="40" ' . $suggest . ' ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
<div id="' . $k . '_suggestions"></div>
</div>
@ -577,7 +558,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
case 'hidden':
case 'readonly':
default:
$k_value = hesk_msgToPlain($k_value,0,0);
if (strlen($k_value) != 0) {
$v['value']['default_value'] = $k_value;
}
$cls = in_array($k, $_SESSION['iserror']) ? ' isError' : '';
@ -585,11 +568,8 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<div class="form-group' . $cls . '">
<label for="' . $k . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" class="form-control" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>
';
@ -644,20 +624,16 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
}
?>
</div>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<?php
$html = $ticket['html'] ? 1 : 0;
?>
<input type="hidden" name="html" value="<?php echo $html; ?>">
<div class="btn-group">
<input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-primary">
<a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
</div>
<?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
</div>
<div class="form-group" style="text-align: center">
<?php
$html = $ticket['html'] ? 1 : 0;
?>
<input type="hidden" name="html" value="<?php echo $html; ?>">
<input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-default">
<?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
<a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
</div>
</form>
</div>

347
admin/export.php
View File

@ -37,7 +37,7 @@ $modsForHesk_settings = mfh_getSettings();
$delete = hesk_GET('delete');
if (strlen($delete) && preg_match('/^hesk_export_[0-9_\-]+$/', $delete)) {
hesk_unlink(HESK_PATH.$hesk_settings['cache_dir'].'/'.$delete.'.zip');
hesk_process_messages($hesklang['fd'], hesk_verifyGoto(),'SUCCESS');
hesk_process_messages($hesklang['fd'], 'export.php','SUCCESS');
}
// Set default values
@ -291,15 +291,350 @@ $orderBy = $modsForHesk_settings['category_order_column'];
$res2 = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE " . hesk_myCategories('id') . " ORDER BY `" . $orderBy . "` ASC");
while ($row = hesk_dbFetchAssoc($res2)) {
$my_cat[$row['id']] = hesk_msgToPlain($row['name'], 1);
$row['name'] = (hesk_mb_strlen($row['name']) > 50) ? hesk_mb_substr($row['name'],0,50) . '...' : $row['name'];
$row['name'] = (strlen($row['name']) > 50) ? substr($row['name'], 0, 50) . '...' : $row['name'];
$cat_selected = ($row['id'] == $category) ? 'selected="selected"' : '';
$category_options .= '<option value="' . $row['id'] . '" ' . $cat_selected . '>' . $row['name'] . '</option>';
}
// Generate export file
if (isset($_GET['w'])) {
require_once(HESK_PATH . 'inc/export_functions.inc.php');
list($success_msg, $tickets_exported) = hesk_export_to_XML($sql);
// We'll need HH:MM:SS format for hesk_date() here
$hesk_settings['timeformat'] = 'H:i:s';
// Get staff names
$admins = array();
$result = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `name` ASC");
while ($row = hesk_dbFetchAssoc($result)) {
$admins[$row['id']] = $row['name'];
}
// This will be the export directory
$export_dir = HESK_PATH.$hesk_settings['cache_dir'].'/';
// This will be the name of the export and the XML file
$export_name = 'hesk_export_' . date('Y-m-d_H-i-s') . '_' . mt_rand(10000, 99999);
$save_to = $export_dir . $export_name . '.xml';
// Do we have the export directory?
if (is_dir($export_dir) || (@mkdir($export_dir, 0777) && is_writable($export_dir))) {
// Is there an index.htm file?
if (!file_exists($export_dir.'index.htm')) {
@file_put_contents($export_dir.'index.htm', '');
}
// Cleanup old files
hesk_purge_cache('export', 86400);
} else {
hesk_error($hesklang['ede']);
}
// Make sure the file can be saved and written to
@file_put_contents($save_to, '');
if (!file_exists($save_to)) {
hesk_error($hesklang['eef']);
}
// Start generating the report message and generating the export
$success_msg = '';
$flush_me = '<br /><br />';
$flush_me .= hesk_date() . " | {$hesklang['inite']} ";
if ($date_from == $date_to) {
$flush_me .= "(" . hesk_dateToString($date_from, 0) . ")<br />\n";
} else {
$flush_me .= "(" . hesk_dateToString($date_from, 0) . " - " . hesk_dateToString($date_to, 0) . ")<br />\n";
}
// Start generating file contents
$tmp = '<?xml version="1.0" encoding="UTF-8"?>
<?mso-application progid="Excel.Sheet"?>
<Workbook xmlns="urn:schemas-microsoft-com:office:spreadsheet"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:x="urn:schemas-microsoft-com:office:excel"
xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet"
xmlns:html="http://www.w3.org/TR/REC-html40">
<OfficeDocumentSettings xmlns="urn:schemas-microsoft-com:office:office">
<AllowPNG/>
</OfficeDocumentSettings>
<ExcelWorkbook xmlns="urn:schemas-microsoft-com:office:excel">
<WindowHeight>8250</WindowHeight>
<WindowWidth>16275</WindowWidth>
<WindowTopX>360</WindowTopX>
<WindowTopY>90</WindowTopY>
<ProtectStructure>False</ProtectStructure>
<ProtectWindows>False</ProtectWindows>
</ExcelWorkbook>
<Styles>
<Style ss:ID="Default" ss:Name="Normal">
<Alignment ss:Vertical="Bottom"/>
<Borders/>
<Font ss:FontName="Calibri" x:CharSet="238" x:Family="Swiss" ss:Size="11"
ss:Color="#000000"/>
<Interior/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="s62">
<NumberFormat ss:Format="General Date"/>
</Style>
<Style ss:ID="s63">
<NumberFormat ss:Format="Short Date"/>
</Style>
<Style ss:ID="s65">
<NumberFormat ss:Format="[h]:mm:ss"/>
</Style>
</Styles>
<Worksheet ss:Name="Sheet1">
<Table>
';
// Define column width
$tmp .= '
<Column ss:AutoFitWidth="0" ss:Width="50"/>
<Column ss:AutoFitWidth="0" ss:Width="84" ss:Span="1"/>
<Column ss:AutoFitWidth="0" ss:Width="110"/>
<Column ss:AutoFitWidth="0" ss:Width="110"/>
<Column ss:AutoFitWidth="0" ss:Width="90"/>
<Column ss:AutoFitWidth="0" ss:Width="90"/>
<Column ss:AutoFitWidth="0" ss:Width="87"/>
<Column ss:AutoFitWidth="0" ss:Width="57.75"/>
<Column ss:AutoFitWidth="0" ss:Width="57.75"/>
<Column ss:AutoFitWidth="0" ss:Width="100"/>
<Column ss:AutoFitWidth="0" ss:Width="100"/>
<Column ss:AutoFitWidth="0" ss:Width="80"/>
<Column ss:AutoFitWidth="0" ss:Width="80"/>
';
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use']) {
$tmp .= '<Column ss:AutoFitWidth="0" ss:Width="80"/>' . "\n";
}
}
// Define first row (header)
$tmp .= '
<Row>
<Cell><Data ss:Type="String">#</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['trackID'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['date'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['last_update'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['name'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['email'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['category'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['priority'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['status'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['subject'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['message'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['owner'] . '</Data></Cell>
<Cell><Data ss:Type="String">' . $hesklang['ts'] . '</Data></Cell>
';
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use']) {
$tmp .= '<Cell><Data ss:Type="String">' . $v['name'] . '</Data></Cell>' . "\n";
}
}
$tmp .= "</Row>\n";
// Write what we have by now into the XML file
file_put_contents($save_to, $tmp, FILE_APPEND);
$flush_me .= hesk_date() . " | {$hesklang['gXML']}<br />\n";
// OK, now start dumping data and writing it into the file
$tickets_exported = 0;
$save_after = 100;
$this_round = 0;
$tmp = '';
$result = hesk_dbQuery($sql);
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['status'] = mfh_getDisplayTextForStatusId($ticket['status']);
switch ($ticket['priority']) {
case 0:
$ticket['priority'] = $hesklang['critical'];
break;
case 1:
$ticket['priority'] = $hesklang['high'];
break;
case 2:
$ticket['priority'] = $hesklang['medium'];
break;
default:
$ticket['priority'] = $hesklang['low'];
}
$ticket['archive'] = !($ticket['archive']) ? $hesklang['no'] : $hesklang['yes'];
$ticket['message'] = hesk_msgToPlain($ticket['message'], 1, 0);
$ticket['subject'] = hesk_msgToPlain($ticket['subject'], 1, 0);
$ticket['owner'] = isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : '';
$ticket['category'] = isset($my_cat[$ticket['category']]) ? $my_cat[$ticket['category']] : '';
// Format for export dates
$hesk_settings['timeformat'] = "Y-m-d\TH:i:s\.000";
// Create row for the XML file
$tmp .= '
<Row>
<Cell><Data ss:Type="Number">' . $ticket['id'] . '</Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['trackid'] . ']]></Data></Cell>
<Cell ss:StyleID="s62"><Data ss:Type="DateTime">' . hesk_date($ticket['dt'], true) . '</Data></Cell>
<Cell ss:StyleID="s62"><Data ss:Type="DateTime">' . hesk_date($ticket['lastchange'], true) . '</Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . hesk_msgToPlain($ticket['name'], 1) . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['email'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['category'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['priority'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['status'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['subject'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['message'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['owner'] . ']]></Data></Cell>
<Cell><Data ss:Type="String"><![CDATA[' . $ticket['time_worked'] . ']]></Data></Cell>
';
// Add custom fields
foreach ($hesk_settings['custom_fields'] as $k=>$v) {
if ($v['use']) {
switch ($v['type']) {
case 'date':
$tmp_dt = hesk_custom_date_display_format($ticket[$k], 'Y-m-d\T00:00:00.000');
$tmp .= strlen($tmp_dt) ? '<Cell ss:StyleID="s63"><Data ss:Type="DateTime">'.$tmp_dt : '<Cell><Data ss:Type="String">';
$tmp .= "</Data></Cell> \n";
break;
default:
$tmp .= '<Cell><Data ss:Type="String"><![CDATA['.hesk_msgToPlain($ticket[$k], 1, 0).']]></Data></Cell> ' . "\n";
}
}
}
$tmp .= "</Row>\n";
// Write every 100 rows into the file
if ($this_round >= $save_after) {
file_put_contents($save_to, $tmp, FILE_APPEND);
$this_round = 0;
$tmp = '';
usleep(1);
}
$tickets_exported++;
$this_round++;
} // End of while loop
// Go back to the HH:MM:SS format for hesk_date()
$hesk_settings['timeformat'] = 'H:i:s';
// Append any remaining rows into the file
if ($this_round > 0) {
file_put_contents($save_to, $tmp, FILE_APPEND);
}
// If any tickets were exported, continue, otherwise cleanup
if ($tickets_exported > 0) {
// Finish the XML file
$tmp = '
</Table>
<WorksheetOptions xmlns="urn:schemas-microsoft-com:office:excel">
<PageSetup>
<Header x:Margin="0.3"/>
<Footer x:Margin="0.3"/>
<PageMargins x:Bottom="0.75" x:Left="0.7" x:Right="0.7" x:Top="0.75"/>
</PageSetup>
<Selected/>
<Panes>
<Pane>
<Number>3</Number>
<ActiveRow>4</ActiveRow>
</Pane>
</Panes>
<ProtectObjects>False</ProtectObjects>
<ProtectScenarios>False</ProtectScenarios>
</WorksheetOptions>
</Worksheet>
<Worksheet ss:Name="Sheet2">
<Table ss:ExpandedColumnCount="1" ss:ExpandedRowCount="1" x:FullColumns="1"
x:FullRows="1" ss:DefaultRowHeight="15">
</Table>
<WorksheetOptions xmlns="urn:schemas-microsoft-com:office:excel">
<PageSetup>
<Header x:Margin="0.3"/>
<Footer x:Margin="0.3"/>
<PageMargins x:Bottom="0.75" x:Left="0.7" x:Right="0.7" x:Top="0.75"/>
</PageSetup>
<ProtectObjects>False</ProtectObjects>
<ProtectScenarios>False</ProtectScenarios>
</WorksheetOptions>
</Worksheet>
<Worksheet ss:Name="Sheet3">
<Table ss:ExpandedColumnCount="1" ss:ExpandedRowCount="1" x:FullColumns="1"
x:FullRows="1" ss:DefaultRowHeight="15">
</Table>
<WorksheetOptions xmlns="urn:schemas-microsoft-com:office:excel">
<PageSetup>
<Header x:Margin="0.3"/>
<Footer x:Margin="0.3"/>
<PageMargins x:Bottom="0.75" x:Left="0.7" x:Right="0.7" x:Top="0.75"/>
</PageSetup>
<ProtectObjects>False</ProtectObjects>
<ProtectScenarios>False</ProtectScenarios>
</WorksheetOptions>
</Worksheet>
</Workbook>
';
file_put_contents($save_to, $tmp, FILE_APPEND);
// Log how many rows we exported
$flush_me .= hesk_date() . " | " . sprintf($hesklang['nrow'], $tickets_exported) . "<br />\n";
// We will convert XML to Zip to save a lot of space
$save_to_zip = $export_dir . $export_name . '.zip';
// Log start of Zip creation
$flush_me .= hesk_date() . " | {$hesklang['cZIP']}<br />\n";
// Preferrably use the zip extension
if (extension_loaded('zip')) {
$save_to_zip = $export_dir . $export_name . '.zip';
$zip = new ZipArchive;
$res = $zip->open($save_to_zip, ZipArchive::CREATE);
if ($res === TRUE) {
$zip->addFile($save_to, "{$export_name}.xml");
$zip->close();
} else {
die("{$hesklang['eZIP']} <$save_to_zip>\n");
}
} // Some servers have ZipArchive class enabled anyway - can we use it?
elseif (class_exists('ZipArchive')) {
require(HESK_PATH . 'inc/zip/Zip.php');
$zip = new Zip();
$zip->addLargeFile($save_to, "{$export_name}.xml");
$zip->finalize();
$zip->setZipFile($save_to_zip);
} // If not available, use a 3rd party Zip class included with HESK
else {
require(HESK_PATH . 'inc/zip/pclzip.lib.php');
$zip = new PclZip($save_to_zip);
$zip->add($save_to, PCLZIP_OPT_REMOVE_ALL_PATH);
}
// Delete XML, just leave the Zip archive
hesk_unlink($save_to);
// Echo memory peak usage
$flush_me .= hesk_date() . " | " . sprintf($hesklang['pmem'], (@memory_get_peak_usage(true) / 1048576)) . "<br />\r\n";
// We're done!
$flush_me .= hesk_date() . " | {$hesklang['fZIP']}<br /><br />";
// Success message
$success_msg .= $hesk_settings['debug_mode'] ? $flush_me : '<br /><br />';
$success_msg .= $hesklang['step1'] . ': <a href="' . $save_to_zip . '">' . $hesklang['ch2d'] . '</a><br /><br />' . $hesklang['step2'] . ': <a href="export.php?delete='.urlencode($export_name).'">' . $hesklang['dffs'] . '</a>';
} // No tickets exported, cleanup
else {
hesk_unlink($save_to);
}
}
/* Print header */
@ -362,7 +697,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
)
</option>
<option value="5" <?php echo $selected['time'][5]; ?>><?php echo $hesklang['r5']; ?></option>
@ -559,7 +894,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
</div>
<div class="form-group">
<input type="submit" id="export" value="<?php echo $hesklang['export_btn']; ?>" class="btn btn-default"/>
<input type="submit" value="<?php echo $hesklang['export_btn']; ?>" class="btn btn-default"/>
<input type="hidden" name="cot" value="1"/>
</div>
</form>

54
admin/export_ticket.php
View File

@ -1,54 +0,0 @@
<?php
/**
*
* This file is part of HESK - PHP Help Desk Software.
*
* (c) Copyright Klemen Stirn. All rights reserved.
* https://www.hesk.com
*
* For the full copyright and license agreement information visit
* https://www.hesk.com/eula.php
*
*/
define('IN_SCRIPT',1);
define('HESK_PATH','../');
/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php');
require(HESK_PATH . 'inc/admin_functions.inc.php');
require(HESK_PATH . 'inc/privacy_functions.inc.php');
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
// Check permissions for this feature
hesk_checkPermission('can_export');
// A security check
hesk_token_check();
// Tracking ID
$trackingID = hesk_cleanID() or die($hesklang['int_error'].': '.$hesklang['no_trackID']);
// Generate SQL for the ticket, make sure the user has access to it
$sql = "SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `trackid`='".hesk_dbEscape($trackingID)."' AND ";
$sql .= hesk_myCategories();
$sql .= " AND " . hesk_myOwnership();
$sql .= " LIMIT 1";
require_once(HESK_PATH . 'inc/custom_fields.inc.php');
require_once(HESK_PATH . 'inc/statuses.inc.php');
require(HESK_PATH . 'inc/export_functions.inc.php');
list($success_msg, $tickets_exported) = hesk_export_to_XML($sql, true);
if ($tickets_exported == 1)
{
hesk_process_messages($success_msg,'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS');
}
hesk_error($hesklang['n2ex']);

16
admin/find_tickets.php
View File

@ -145,21 +145,21 @@ LEFT(`message`, 400) AS `message`,
$sql .= " ( `trackid` = '" . hesk_dbEscape($q) . "' OR `merged` LIKE '%#" . hesk_dbEscape($q) . "#%' ) ";
break;
case 'name':
$sql .= "`name` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`name` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'email':
$sql .= "`email` LIKE '%" . hesk_dbEscape($q) . "%' ";
break;
case 'subject':
$sql .= "`subject` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' ";
$sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
break;
case 'message':
$sql .= " ( `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "'
$sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "'
OR
`id` IN (
SELECT DISTINCT `replyto`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
)
";
break;
@ -170,12 +170,9 @@ LEFT(`message`, 400) AS `message`,
$sql .= "`id` IN (
SELECT DISTINCT `ticket`
FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`
WHERE `message` LIKE '%".hesk_dbEscape( hesk_dbLike($q) )."%' COLLATE '" . hesk_dbCollate() . "' )
WHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' )
";
break;
case 'ip':
$sql .= "`ip` LIKE '".preg_replace('/[^0-9\.\%]/', '', $q)."' ";
break;
default:
if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) {
$sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbCollate() . "' ";
@ -223,9 +220,6 @@ LEFT(`message`, 400) AS `message`,
$sql_count .= $sql;
$sql = $sql_final . $sql;
// Strip extra slashes
$q = stripslashes($q);
/* Prepare variables used in search and forms */
require_once(HESK_PATH . 'inc/prepare_ticket_search.inc.php');
?>

109
admin/index.php
View File

@ -65,7 +65,22 @@ function do_login()
if ($hesk_settings['secimg_use'] == 2 && !isset($_SESSION['img_a_verified'])) {
// Using ReCaptcha?
if ($hesk_settings['recaptcha_use']) {
if ($hesk_settings['recaptcha_use'] == 1) {
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
hesk_getClientIP(),
hesk_POST('recaptcha_challenge_field', ''),
hesk_POST('recaptcha_response_field', '')
);
if ($resp->is_valid) {
$_SESSION['img_a_verified'] = true;
} else {
$hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
}
} // Using ReCaptcha API v2?
elseif ($hesk_settings['recaptcha_use'] == 2) {
require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
$resp = null;
@ -143,7 +158,7 @@ function do_login()
exit();
}
$pass_enc = hesk_Pass2Hash($_SESSION['pass'].hesk_mb_strtolower($user).$_SESSION['pass']);
$pass_enc = hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass']);
/* Check if default password */
if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') {
@ -187,6 +202,7 @@ function do_login()
/* Close any old tickets here so Cron jobs aren't necessary */
if ($hesk_settings['autoclose']) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']);
$dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400);
@ -194,25 +210,22 @@ function do_login()
$closedStatus = hesk_dbFetchAssoc($closedStatusRs);
// Are we allowed to close tickets in this status?
if ($closedStatus['Closable'] == 'yes' || $closedStatus['Closable'] == 'sonly') {
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get list of tickets
$result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
if (hesk_dbNumRows($result) > 0) {
global $ticket;
$result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
if (hesk_dbNumRows($result) > 0) {
global $ticket;
// Load required functions?
if (!function_exists('hesk_notifyCustomer')) {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
// Load required functions?
if (!function_exists('hesk_notifyCustomer')) {
require(HESK_PATH . 'inc/email_functions.inc.php');
}
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_automatically_closed', hesk_date(), array());
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get list of tickets
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
hesk_notifyCustomer($modsForHesk_settings, 'ticket_closed');
}
}
@ -221,7 +234,7 @@ function do_login()
// Update ticket statuses and history in database if we're allowed to do so
$defaultCloseRs = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsAutocloseOption` = 1');
$defaultCloseStatus = hesk_dbFetchAssoc($defaultCloseRs);
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`=" . intval($defaultCloseStatus['ID']) . ", `closedat`=NOW(), `closedby`='-1' WHERE `status` = " . $closedStatus['ID'] . " AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`=" . intval($defaultCloseStatus['ID']) . ", `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '" . $closedStatus['ID'] . "' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
}
}
@ -236,7 +249,7 @@ function print_login()
global $hesk_settings, $hesklang, $modsForHesk_settings;
// Tell header to load reCaptcha API if needed
if ($hesk_settings['recaptcha_use'])
if ($hesk_settings['recaptcha_use'] == 2)
{
define('RECAPTCHA',1);
}
@ -263,12 +276,6 @@ function print_login()
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
// Service messages
$service_messages = mfh_get_service_messages('STAFF_LOGIN');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
?>
</div>
<div class="login-logo">
@ -282,7 +289,7 @@ function print_login()
<h4 class="login-box-msg">
<?php echo $hesklang['staff_login_title']; ?>
</h4>
<form class="form-horizontal" role="form" action="index.php" method="post" name="form1" id="form1">
<form class="form-horizontal" role="form" action="index.php" method="post" name="form1">
<?php
$has_error = '';
if (in_array('pass',$_SESSION['a_iserror'])) {
@ -321,7 +328,7 @@ function print_login()
<select class="form-control" name="user">
<?php
while ($row = hesk_dbFetchAssoc($res)):
$sel = (hesk_mb_strtolower($savedUser) == hesk_mb_strtolower($row['user'])) ? 'selected="selected"' : '';
$sel = (strtolower($savedUser) == strtolower($row['user'])) ? 'selected' : '';
?>
<option value="<?php echo $row['user']; ?>" <?php echo $sel; ?>>
<?php echo $row['user']; ?>
@ -350,7 +357,7 @@ function print_login()
</div>
</div>
<?php
if ($hesk_settings['secimg_use'] == 2 && $hesk_settings['recaptcha_use'] != 1)
if ($hesk_settings['secimg_use'] == 2)
{
// SPAM prevention verified for this session
@ -358,6 +365,34 @@ function print_login()
{
echo '<img src="'.HESK_PATH.'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> '.$hesklang['vrfy'];
}
// Not verified yet, should we use Recaptcha?
elseif ($hesk_settings['recaptcha_use'] == 1)
{
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : '<?php echo ( isset($_SESSION['a_iserror']) && in_array('mysecnum',$_SESSION['a_iserror']) ) ? 'red' : 'white'; ?>',
custom_translations : {
visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?>",
audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?>",
refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?>",
instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?>",
instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?>",
instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?>",
help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?>",
play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?>",
cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?>",
incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?>",
image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?>"
}
};
</script>
<?php
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">';
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true);
echo '</div></div>';
}
// Use reCaptcha API v2?
elseif ($hesk_settings['recaptcha_use'] == 2)
{
@ -415,7 +450,7 @@ function print_login()
?>
<div class="form-group">
<div class="col-md-offset-4 col-md-8">
<input type="submit" value="<?php echo $hesklang['click_login']; ?>" class="btn btn-default" id="recaptcha-submit">
<input type="submit" value="<?php echo $hesklang['click_login']; ?>" class="btn btn-default">
<input type="hidden" name="a" value="do_login">
<?php
if ( hesk_isREQUEST('goto') && $url=hesk_REQUEST('goto') )
@ -431,19 +466,7 @@ function print_login()
?>
</div>
</div>
<?php
// Use Invisible reCAPTCHA?
if ($hesk_settings['secimg_use'] == 2 && $hesk_settings['recaptcha_use'] == 1 && ! isset($_SESSION['img_a_verified'])) {
?>
<div class="g-recaptcha" data-sitekey="<?php echo $hesk_settings['recaptcha_public_key']; ?>" data-bind="recaptcha-submit" data-callback="recaptcha_submitForm"></div>
<?php
}
?>
</form>
<a class="btn btn-default" href="<?php echo $hesk_settings['hesk_url']; ?>">
<i class="fa fa-chevron-left"></i> <?php echo $hesklang['back']; ?>
</a>
</div>
</div>
</div>

19
admin/knowledgebase_private.php
View File

@ -121,9 +121,7 @@ function hesk_kb_header($kb_link, $catid=1)
</ol>
<?php
show_subnav('view', $catid);
echo '<div style="margin-left:40px;margin-right:40px">';
hesk_kbSearchLarge(1);
echo '</div>';
} // END hesk_kb_header()
@ -216,15 +214,7 @@ function hesk_show_kb_article($artid)
?>
<div class="content-wrapper">
<?php
hesk_kb_header($hesk_settings['kb_link'], $article['catid']);
echo '<div style="margin-left:40px;margin-right:40px">';
$service_messages = mfh_get_service_messages('STAFF_VIEW_KB_ARTICLE');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
echo '</div>';
?>
<?php hesk_kb_header($hesk_settings['kb_link'], $article['catid']); ?>
<section class="content">
<div class="box">
<div class="box-header with-border">
@ -407,13 +397,6 @@ function hesk_show_kb_category($catid, $is_search = 0) {
{
/* Print header */
hesk_kb_header($hesk_settings['kb_link'], $catid);
echo '<div style="margin-left:40px;margin-right:40px">';
$service_messages = mfh_get_service_messages('STAFF_KB_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
echo '</div>';
} ?>
<section class="content">
<?php if ($thiscat['parent']): ?>

34
admin/lock.php
View File

@ -37,31 +37,27 @@ hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
// Get ticket info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
$audit_unlocked = null;
$audit_locked = null;
/* New locked status */
if (empty($_GET['locked'])) {
$status = 0;
$tmp = $hesklang['tunlock'];
$audit_unlocked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$revision = sprintf($hesklang['thist6'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else {
$status = 1;
$tmp = $hesklang['tlock'];
$audit_locked = array(0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$revision = sprintf($hesklang['thist5'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval($_SESSION['id']) . ' ';
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get ticket info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
$closedStatusRS = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsClosed` = 1');
$ticketIsOpen = true;
while ($row = hesk_dbFetchAssoc($closedStatusRS)) {
@ -86,17 +82,7 @@ $statusRs = hesk_dbQuery($statusSql);
$statusRow = hesk_dbFetchAssoc($statusRs);
$statusId = $statusRow['ID'];
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
if ($audit_unlocked) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_unlocked', hesk_date(),
$audit_unlocked);
}
if ($audit_locked) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_locked', hesk_date(),
$audit_locked);
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`= {$statusId},`locked`='{$status}' $closedby_sql , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
/* Back to ticket page and show a success message */
hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');

8
admin/mail.php
View File

@ -32,7 +32,7 @@ $modsForHesk_settings = mfh_getSettings();
/* List of staff */
$admins = array();
$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1' ORDER BY `name` ASC");
$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `name` ASC");
while ($row = hesk_dbFetchAssoc($res)) {
$admins[$row['id']] = $row['name'];
}
@ -450,10 +450,10 @@ function show_message()
$folder = '&amp;folder=outbox';
if ($pm['to'] == $_SESSION['id'])
{
echo '<a name="MAU '.$pm['subject'].'" class="btn btn-default" href="mail.php?a=mark_unread&amp;id='.$id.'&amp;token='.hesk_token_echo(0).'"><i class="fa fa-envelope-o icon-link"></i> '.$hesklang['mau'].'</a> ';
echo '<a class="btn btn-default" href="mail.php?a=mark_unread&amp;id='.$id.'&amp;token='.hesk_token_echo(0).'"><i class="fa fa-envelope-o icon-link"></i> '.$hesklang['mau'].'</a> ';
$folder = '';
}
echo '<a name="Delete '.$pm['subject'].'" class="btn btn-danger" href="mail.php?a=delete&amp;id='.$id.'&amp;token='.hesk_token_echo(0).$folder.'" onclick="return hesk_confirmExecute(\''.hesk_makeJsString($hesklang['delm']).'?\');"><i class="fa fa-times icon-link"></i> '.$hesklang['delm'].'</a>';
echo '<a class="btn btn-danger" href="mail.php?a=delete&amp;id='.$id.'&amp;token='.hesk_token_echo(0).$folder.'" onclick="return hesk_confirmExecute(\''.hesk_makeJsString($hesklang['delm']).'?\');"><i class="fa fa-times icon-link"></i> '.$hesklang['delm'].'</a>';
?>
</div>
</div>
@ -571,7 +571,7 @@ function mail_list_messages()
$pm['dt'] = hesk_dateToString($pm['dt'], 0, 0, 0, true)
?>
<tr>
<td><input type="checkbox" name="id[]" id="<?php echo $pm['id']; ?>" value="<?php echo $pm['id']; ?>" />&nbsp;</td>
<td><input type="checkbox" name="id[]" value="<?php echo $pm['id']; ?>" />&nbsp;</td>
<td><?php echo $pm['subject']; ?></td>
<td><?php echo $pm['name']; ?></td>
<td><?php echo $pm['dt']; ?></td>

4
admin/manage_canned.php
View File

@ -190,7 +190,7 @@ $num = hesk_dbNumRows($result);
}
echo '
<a name="'.$mysaved['title'].'" href="manage_canned.php?a=remove&amp;id=' . $mysaved['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="' . $hesklang['delete'] . '"></i></a>&nbsp;</td>
<a href="manage_canned.php?a=remove&amp;id=' . $mysaved['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="' . $hesklang['delete'] . '"></i></a>&nbsp;</td>
</tr>
';
} // End while
@ -363,8 +363,6 @@ $num = hesk_dbNumRows($result);
onclick="hesk_insertTag('HESK_TRACK_ID')"><?php echo $hesklang['trackID']; ?></a> |
<a href="javascript:void(0)"
onclick="hesk_insertTag('HESK_NAME')"><?php echo $hesklang['name']; ?></a> |
<a href="javascript:void(0)"
onclick="hesk_insertTag('HESK_FIRST_NAME')"><?php echo $hesklang['fname']; ?></a> |
<a href="javascript:void(0)"
onclick="hesk_insertTag('HESK_EMAIL')"><?php echo $hesklang['email']; ?></a> |
<a href="javascript:void(0)"

1048
admin/manage_categories.php
View File

File diff suppressed because it is too large Load Diff

7
admin/manage_email_templates.php
View File

@ -274,12 +274,12 @@ function getTemplateMarkup($template, $languageCode, $html = false)
$templateUrl = urlencode($template);
$languageCodeUrl = urlencode($languageCode);
if ($html) {
$markup = '<a name="Edit '.$templateUrl.'" href="manage_email_templates.php?action=edit&template=' . $templateUrl . '&language=' . $languageCodeUrl . '&html=true">';
$markup = '<a href="manage_email_templates.php?action=edit&template=' . $templateUrl . '&language=' . $languageCodeUrl . '&html=true">';
$markup .= '<i class="fa fa-html5 font-size-150" data-toggle="tooltip" title="' . $hesklang['edit_html_template'] . '"></i>';
$markup .= '</a>';
return $markup;
} else {
$markup = '<a name="Edit '.$templateUrl.'" href="manage_email_templates.php?action=edit&template=' . $templateUrl . '&language=' . $languageCodeUrl . '&html=false">';
$markup = '<a href="manage_email_templates.php?action=edit&template=' . $templateUrl . '&language=' . $languageCodeUrl . '&html=false">';
$markup .= '<i class="fa fa-file-text-o font-size-150" data-toggle="tooltip" title="' . $hesklang['edit_plain_text_template'] . '"></i>';
$markup .= '</a>';
return $markup;
@ -310,7 +310,6 @@ function getSpecialTagMap()
$map = array();
$map['%%NAME%%'] = $hesklang['customer_name'];
$map['%%FIRST_NAME%%'] = $hesklang['fname'];
$map['%%EMAIL%%'] = $hesklang['customer_email'];
$map['%%SUBJECT%%'] = $hesklang['ticket_subject'];
$map['%%MESSAGE%%'] = $hesklang['ticket_message'];
@ -325,8 +324,6 @@ function getSpecialTagMap()
$map['%%OWNER%%'] = $hesklang['ticket_owner'];
$map['%%PRIORITY%%'] = $hesklang['ticket_priority'];
$map['%%STATUS%%'] = $hesklang['ticket_status'];
$map['%%LAST_REPLY_BY%%'] = $hesklang['last_replier'];
$map['%%TIME_WORKED%%'] = $hesklang['ts'];
$i = 1;
foreach ($hesk_settings['custom_fields'] as $key => $value) {

51
admin/manage_knowledgebase.php
View File

@ -185,9 +185,9 @@ while (count($kb_cat) > 0)
// Generate KB menu icons
$menu_icons =
'<a name="Add article to '.$cat['name'].'" href="manage_knowledgebase.php?a=add_article&amp;catid='.$my.'" onclick="document.getElementById(\'option'.$j.'\').selected=true;return true;"><i class="fa fa-plus font-size-16p green" ></i></a> '
.'<a name="Add sub to '.$cat['name'].'" href="manage_knowledgebase.php?a=add_category&amp;parent='.$my.'" onclick="document.getElementById(\'option'.$j.'_2\').selected=true;return true;"><i class="fa fa-caret-right font-size-16p blue"></i></a> '
.'<a name="Manage '.$cat['name'].'" href="manage_knowledgebase.php?a=manage_cat&amp;catid='.$my.'"><i class="fa fa-gear font-size-16p gray"></i></a> '
'<a href="manage_knowledgebase.php?a=add_article&amp;catid='.$my.'" onclick="document.getElementById(\'option'.$j.'\').selected=true;return true;"><i class="fa fa-plus font-size-16p green" ></i></a> '
.'<a href="manage_knowledgebase.php?a=add_category&amp;parent='.$my.'" onclick="document.getElementById(\'option'.$j.'_2\').selected=true;return true;"><i class="fa fa-caret-right font-size-16p blue"></i></a> '
.'<a href="manage_knowledgebase.php?a=manage_cat&amp;catid='.$my.'"><i class="fa fa-gear font-size-16p gray"></i></a> '
;
// Can this category be moved up?
@ -212,8 +212,7 @@ while (count($kb_cat) > 0)
if (isset($node[$up]))
{
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_selected' => $selected, 'text' => $text, 'text_short' => $text_short, 'menu_icons' => $menu_icons, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
}
else
{
@ -243,11 +242,8 @@ while (count($kb_cat) > 0)
$menu->addItem($node[1]);
// Create the presentation class
$HTML_TreeMenu_DHTML = new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true));
$treeMenu = & ref_new($HTML_TreeMenu_DHTML);
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
$treeMenu = & ref_new(new HTML_TreeMenu_DHTML($menu, array('images' => '../img', 'defaultClass' => 'treeMenuDefault', 'isDynamic' => true)));
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
/* Hide new article and new category forms by default */
if (!isset($_SESSION['hide']))
@ -274,12 +270,6 @@ if (!isset($_SESSION['hide']['treemenu']))
<?php
show_subnav();
// Service messages
$service_messages = mfh_get_service_messages('STAFF_KB_HOME');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
// Show a notice if total public articles is less than 5
if ($total_articles < 5)
{
@ -905,7 +895,7 @@ function import_article()
$_SESSION['new_article'] = array(
'html' => 0,
'subject' => $ticket['subject'],
'content' => hesk_msgToPlain($ticket['message'], 0, 0),
'content' => hesk_msgToPlain($ticket['message']),
);
}
@ -920,14 +910,10 @@ function import_article()
}
else
{
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message'], 0, 0);
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message']);
}
}
// Make sure everything is extra slashed as stripslashes will be called later
$_SESSION['new_article']['subject'] = addslashes($_SESSION['new_article']['subject']);
$_SESSION['new_article']['content'] = addslashes($_SESSION['new_article']['content']);
hesk_process_messages($hesklang['import'],'NOREDIRECT','NOTICE');
} // END add_article()
@ -1352,8 +1338,7 @@ function edit_article()
if (isset($node[$up]))
{
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
}
else
{
@ -1383,8 +1368,7 @@ function edit_article()
$menu->addItem($node[1]);
// Create the presentation class
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@ -1611,9 +1595,6 @@ function manage_category() {
foreach ($kb_cat as $k=>$cat)
{
if ($cat['id'] == $catid) {
continue;
}
if (in_array($cat['parent'],$thislevel))
{
@ -1626,8 +1607,7 @@ function manage_category() {
if (isset($node[$up]))
{
$HTML_TreeNode[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
$node[$my] = &$node[$up]->addItem($HTML_TreeNode[$my]);
$node[$my] = &$node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option'.$j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
}
else
{
@ -1657,8 +1637,7 @@ function manage_category() {
$menu->addItem($node[1]);
// Create the presentation class
$HTML_TreeMenu_Listbox = new HTML_TreeMenu_Listbox($menu);
$listBox = & ref_new($HTML_TreeMenu_Listbox);
$listBox = & ref_new(new HTML_TreeMenu_Listbox($menu));
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
@ -1879,10 +1858,10 @@ function manage_category() {
echo '<img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;vertical-align:text-bottom;" /> <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;vertical-align:text-bottom;" />';
}
?>
<a name="Sticky <?php echo $article['subject']; ?>" href="manage_knowledgebase.php?a=sticky&amp;s=<?php echo $article['sticky'] ? 0 : 1 ?>&amp;id=<?php echo $article['id']; ?>&amp;catid=<?php echo $catid; ?>&amp;token=<?php hesk_token_echo(); ?>"><i class="glyphicon glyphicon-pushpin icon-link" style="color:<?php if ( ! $article['sticky']) {echo 'gray';} else {echo 'red';} ?>" data-toggle="tooltip" data-placement="top" title="<?php if (!$article['sticky']) {echo $hesklang['stickyon'];} else {echo $hesklang['stickyoff'];} ?>"></i></a>
<a href="manage_knowledgebase.php?a=sticky&amp;s=<?php echo $article['sticky'] ? 0 : 1 ?>&amp;id=<?php echo $article['id']; ?>&amp;catid=<?php echo $catid; ?>&amp;token=<?php hesk_token_echo(); ?>"><i class="glyphicon glyphicon-pushpin icon-link" style="color:<?php if ( ! $article['sticky']) {echo 'gray';} else {echo 'red';} ?>" data-toggle="tooltip" data-placement="top" title="<?php if (!$article['sticky']) {echo $hesklang['stickyon'];} else {echo $hesklang['stickyoff'];} ?>"></i></a>
<a href="knowledgebase_private.php?article=<?php echo $article['id']; ?>&amp;back=1<?php if ($article['type'] == 2) {echo '&amp;draft=1';} ?>" target="_blank"><i class="fa fa-file-o icon-link" data-toggle="tooltip" data-placement="top" title="<?php echo $hesklang['viewart'] ?>"></i></a>
<a name="Edit <?php echo $article['subject']; ?>" href="manage_knowledgebase.php?a=edit_article&amp;id=<?php echo $article['id']; ?>"><i class="fa fa-pencil" style="color:orange;font-size:16px" data-toggle="tooltip" data-placement="top" title="<?php echo $hesklang['edit'] ?>"></i></a>
<a name="Delete <?php echo $article['subject']; ?>" href="manage_knowledgebase.php?a=remove_article&amp;id=<?php echo $article['id']; ?>&amp;token=<?php hesk_token_echo(); ?>" onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_art']); ?>');"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="<?php echo $hesklang['delete'] ?>"></i></a>&nbsp;</td>
<a href="manage_knowledgebase.php?a=edit_article&amp;id=<?php echo $article['id']; ?>"><i class="fa fa-pencil" style="color:orange;font-size:16px" data-toggle="tooltip" data-placement="top" title="<?php echo $hesklang['edit'] ?>"></i></a>
<a href="manage_knowledgebase.php?a=remove_article&amp;id=<?php echo $article['id']; ?>&amp;token=<?php hesk_token_echo(); ?>" onclick="return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['del_art']); ?>');"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="<?php echo $hesklang['delete'] ?>"></i></a>&nbsp;</td>
</tr>
<?php
$j++;

297
admin/manage_permission_groups.php → admin/manage_permission_templates.php
View File

@ -39,6 +39,10 @@ if ($action = hesk_REQUEST('a')) {
create();
} elseif ($action == 'delete') {
deleteTemplate();
} elseif ($action == 'addadmin') {
toggleAdmin(true);
} elseif ($action == 'deladmin') {
toggleAdmin(false);
}
}
@ -47,20 +51,34 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
/* Print main manage users page */
require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<script language="Javascript" type="text/javascript"><!--
function confirm_delete() {
if (confirm('<?php echo hesk_makeJsString($hesklang['confirm_del_cat']); ?>')) {
return true;
}
else {
return false;
}
}
//-->
</script>
<?php
$modsForHesk_settings = mfh_getSettings();
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` ORDER BY `name` ASC");
$templates = array();
while ($row = hesk_dbFetchAssoc($res)) {
$templates[] = $row;
array_push($templates, $row);
}
$featureArray = hesk_getFeatureArray();
$orderBy = $modsForHesk_settings['category_order_column'];
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `" . $orderBy . "` ASC");
$categories = array();
while ($row = hesk_dbFetchAssoc($res)) {
$categories[] = $row;
array_push($categories, $row);
}
?>
<div class="content-wrapper">
@ -69,9 +87,9 @@ while ($row = hesk_dbFetchAssoc($res)) {
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">
<?php echo $hesklang['manage_permission_groups']; ?>
<?php echo $hesklang['manage_permission_templates']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="tooltip" data-placement="right"
title="<?php echo $hesklang['manage_permission_groups_help']; ?>"></i>
title="<?php echo $hesklang['manage_permission_templates_help']; ?>"></i>
</h1>
<div class="box-tools pull-right">
<button type="button" class="btn btn-box-tool" data-widget="collapse">
@ -80,19 +98,14 @@ while ($row = hesk_dbFetchAssoc($res)) {
</div>
</div>
<div class="box-body">
<div class="text-right">
<a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new']; ?>
</a>
</div>
<a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new_template']; ?>
</a>
<table class="table table-striped">
<thead>
<tr>
<th><?php echo $hesklang['name']; ?></th>
<th><?php echo $hesklang['number_of_users']; ?></th>
<th><?php echo $hesklang['actions']; ?></th>
</tr>
<th><?php echo $hesklang['name']; ?></th>
<th><?php echo $hesklang['number_of_users']; ?></th>
<th><?php echo $hesklang['actions']; ?></th>
</thead>
<tbody>
<?php foreach ($templates as $row): ?>
@ -101,13 +114,30 @@ while ($row = hesk_dbFetchAssoc($res)) {
<td><?php echo getNumberOfUsersWithPermissionGroup($row['id']); ?></td>
<td>
<a href="#" data-toggle="modal" data-target="#modal-template-<?php echo $row['id'] ?>">
<i class="fa fa-fw fa-pencil icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['view_permissions_for_this_group'] ?>"></i></a>
<?php
<i class="fa fa-pencil icon-link" data-toggle="tooltip"
title="<?php echo $hesklang['view_permissions_for_this_template'] ?>"></i></a>
<?php if ($row['id'] == 1) { ?>
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['admin_cannot_be_staff']; ?>"></i></a>
<?php } elseif ($row['heskprivileges'] == 'ALL' && $row['categories'] == 'ALL'){ ?>
<a href="manage_permission_templates.php?a=deladmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_admin_privileges']; ?>"></i></a>
<?php } elseif ($row['id'] != 2) { ?>
<a href="manage_permission_templates.php?a=addadmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_no_admin_privileges']; ?>"></i></a>
<?php
} else {
?>
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['staff_cannot_be_admin']; ?>"></i>
<?php
}
if ($row['id'] != 1 && $row['id'] != 2):
?>
<a href="manage_permission_groups.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-fw fa-times icon-link red" data-toggle="tooltip"
<a href="manage_permission_templates.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-times icon-link red" data-toggle="tooltip"
title="<?php echo $hesklang['delete']; ?>"></i></a>
<?php endif; ?>
</td>
@ -142,9 +172,13 @@ function createEditModal($template, $features, $categories)
{
global $hesklang;
$showNotice = true;
$disabled = 'checked="checked" disabled';
$enabledFeatures = array();
$enabledCategories = array();
if ($template['heskprivileges'] !== 'ALL') {
if ($template['heskprivileges'] != 'ALL') {
$showNotice = false;
$disabled = '';
$enabledFeatures = explode(',', $template['heskprivileges']);
$enabledCategories = explode(',', $template['categories']);
}
@ -153,29 +187,30 @@ function createEditModal($template, $features, $categories)
aria-labelledby="myLargeModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_groups.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<form action="manage_permission_templates.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_group'], $template['name']); ?></h4>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_template'], $template['name']); ?></h4>
</div>
<div class="modal-body">
<?php if ($template['id'] == 1): ?>
<div class="alert alert-info">
<i class="fa fa-info-circle"></i>
<?php echo $hesklang['protected_group']; ?>
</div>
<?php endif; ?>
<div class="row">
<?php if ($showNotice): ?>
<div class="col-sm-12">
<div class="alert alert-info">
<i class="fa fa-info-circle"></i> <?php echo $hesklang['template_is_admin_cannot_change']; ?>
</div>
</div>
<?php endif; ?>
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['group_name']; ?></label>
class="control-label"><?php echo $hesklang['template_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
value="<?php echo htmlspecialchars($template['name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['group_name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['template_name']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
@ -188,34 +223,20 @@ function createEditModal($template, $features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php
foreach ($categories as $category):
$can_man_categories = hesk_checkPermission('can_man_cat', 0);
$checked = '';
$disabled = '';
if (in_array($category['id'], $enabledCategories) ||
$template['categories'] == 'ALL') {
$checked = 'checked ';
}
if ((!hesk_SESSION('isadmin') &&
!in_array($category['id'], $_SESSION['categories']) &&
!$can_man_categories) ||
$template['categories'] === 'ALL') {
$disabled = ' disabled';
}
if ($_SESSION['isadmin'] || $can_man_categories || in_array($category['id'], $_SESSION['categories']) || $checked): ?>
<?php foreach ($categories as $category): ?>
<div class="checkbox">
<label>
<?php
$checked = '';
if (in_array($category['id'], $enabledCategories) && !$showNotice) {
$checked = 'checked';
} ?>
<input type="checkbox" name="categories[]"
value="<?php echo $category['id']; ?>" <?php echo $checked . ' ' . $disabled; ?>>
value="<?php echo $category['id']; ?>" <?php echo $checked . $disabled; ?>>
<?php echo $category['name']; ?>
</label>
</div>
<?php
endif;
endforeach; ?>
<?php endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -224,30 +245,19 @@ function createEditModal($template, $features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php
foreach ($features as $feature): ?>
<?php
$checked = '';
$disabled = '';
if (in_array($feature, $enabledFeatures) ||
$template['heskprivileges'] === 'ALL') {
$checked = 'checked ';
}
if ((!hesk_SESSION('isadmin') &&
strpos($_SESSION['heskprivileges'], $feature) === false) ||
$template['heskprivileges'] === 'ALL') {
$disabled = ' disabled';
}
if ($_SESSION['isadmin'] || strpos($_SESSION['heskprivileges'], $feature) !== false || $checked): ?>
<?php foreach ($features as $feature): ?>
<div class="checkbox">
<label>
<label><?php
$checked = '';
if (in_array($feature, $enabledFeatures) && !$showNotice) {
$checked = 'checked';
} ?>
<input type="checkbox" name="features[]"
value="<?php echo $feature; ?>" <?php echo $checked . $disabled; ?>>
<?php echo $hesklang[$feature]; ?>
</label>
</div>
<?php endif;
endforeach; ?>
<?php endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -256,6 +266,9 @@ function createEditModal($template, $features, $categories)
<div class="modal-footer">
<input type="hidden" name="a" value="save">
<input type="hidden" name="template_id" value="<?php echo $template['id']; ?>">
<?php if ($showNotice): ?>
<input type="hidden" name="name_only" value="1">
<?php endif; ?>
<div class="btn-group">
<input type="submit" class="btn btn-success"
value="<?php echo $hesklang['save_changes']; ?>">
@ -278,22 +291,22 @@ function buildCreateModal($features, $categories)
aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_groups.php" role="form" method="post" id="createForm">
<form action="manage_permission_templates.php" role="form" method="post" id="createForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo $hesklang['create_new_group_title']; ?></h4>
<h4 class="modal-title"><?php echo $hesklang['create_new_template_title']; ?></h4>
</div>
<div class="modal-body">
<div class="row">
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['group_name']; ?></label>
class="control-label"><?php echo $hesklang['template_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
placeholder="<?php echo $hesklang['group_name']; ?>" required>
placeholder="<?php echo $hesklang['template_name']; ?>" required>
<div class="help-block with-errors"></div>
</div>
</div>
@ -304,9 +317,7 @@ function buildCreateModal($features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php
foreach ($categories as $category):
if (hesk_SESSION('isadmin') || in_array($category['id'], $_SESSION['categories'])): ?>
<?php foreach ($categories as $category): ?>
<div class="checkbox">
<label>
<input type="checkbox" name="categories[]"
@ -316,7 +327,7 @@ function buildCreateModal($features, $categories)
<?php echo $category['name']; ?>
</label>
</div>
<?php endif; endforeach; ?>
<?php endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -325,9 +336,7 @@ function buildCreateModal($features, $categories)
<div class="footerWithBorder blankSpace"></div>
<div class="form-group">
<?php foreach ($features as $feature):
if (strpos($_SESSION['heskprivileges'], $feature) !== false || hesk_SESSION('isadmin')):
?>
<?php foreach ($features as $feature): ?>
<div class="checkbox">
<label>
<input type="checkbox" name="features[]"
@ -337,7 +346,7 @@ function buildCreateModal($features, $categories)
<?php echo $hesklang[$feature]; ?>
</label>
</div>
<?php endif; endforeach; ?>
<?php endforeach; ?>
<div class="help-block with-errors"></div>
</div>
</div>
@ -372,68 +381,40 @@ function save()
WHERE `id` = " . intval($templateId));
$row = hesk_dbFetchAssoc($res);
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
if (hesk_POST('name_only', 0)) {
// We are only able to update the name
$name = hesk_POST('name');
// Only allow users to add what they are allowed to add
// Admins can handle anything
if (!$_SESSION['isadmin']) {
// Update categories based on user visibility
$originalCategories = explode(',', $row['categories']);
$newCategories = array();
foreach ($originalCategories as $innerCategory) {
if (in_array($innerCategory, $catArray) && in_array($innerCategory, $_SESSION['categories'])) {
$newCategories[] = $innerCategory;
} elseif (!in_array($innerCategory, $catArray) && !in_array($innerCategory, $_SESSION['categories'])) {
// The user can't modify this, so keep it in
$newCategories[] = $innerCategory;
}
// If neither, the user removed it.
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `name` = '" . hesk_dbEscape($name) . "' WHERE `id` = " . intval($templateId));
} else {
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
// Update features based on user visibility
$originalFeatures = explode(',', $row['heskprivileges']);
$newFeatures = array();
foreach ($originalFeatures as $innerFeature) {
if (in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) !== false) {
$newFeatures[] = $innerFeature;
} elseif (!in_array($innerFeature, $featArray) && strpos($_SESSION['heskprivileges'], $innerFeature) === false) {
// The user can't modify this, so keep it in
$newFeatures[] = $innerFeature;
}
// If neither, the user removed it.
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
$categories = implode(',', $newCategories);
$features = implode(',', $newFeatures);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should be switched to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($templateId));
}
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should have their permissions updated
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `heskprivileges` = '" . hesk_dbEscape($features) . "',
`categories` = '" . hesk_dbEscape($categories) . "'
WHERE `permission_template` = " . intval($templateId));
}
hesk_process_messages($hesklang['permission_group_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_process_messages($hesklang['permission_template_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function create()
@ -458,7 +439,7 @@ function create()
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` (`name`, `heskprivileges`, `categories`)
VALUES ('" . hesk_dbEscape($name) . "', '" . hesk_dbEscape($features) . "', '" . hesk_dbEscape($categories) . "')");
hesk_process_messages($hesklang['group_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_process_messages($hesklang['template_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function validate($features, $categories, $create = false, $name = '')
@ -468,7 +449,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup = '<ul>';
$isValid = true;
if ($create && $name == '') {
$errorMarkup .= '<li>' . $hesklang['group_name_required'] . '</li>';
$errorMarkup .= '<li>' . $hesklang['template_name_required'] . '</li>';
$isValid = false;
}
if (count($features) == 0) {
@ -482,7 +463,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup .= '</ul>';
if (!$isValid) {
$error = sprintf($hesklang['permission_group_error'], $errorMarkup);
$error = sprintf($hesklang['permission_template_error'], $errorMarkup);
hesk_process_messages($error, $_SERVER['PHP_SELF']);
}
return true;
@ -502,14 +483,36 @@ function deleteTemplate()
// Otherwise delete the template
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` WHERE `id` = " . intval($id));
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['no_group_were_deleted'], $_SERVER['PHP_SELF']);
hesk_process_messages($hesklang['no_templates_were_deleted'], $_SERVER['PHP_SELF']);
}
hesk_process_messages($hesklang['permission_template_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function toggleAdmin($admin)
{
global $hesk_settings, $hesklang;
$id = hesk_GET('id');
if ($id == 1 || $id == 2) {
hesk_process_messages($hesklang['cannot_change_admin_staff'], $_SERVER['PHP_SELF']);
}
// Move all users who used to be in this group to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($id));
if ($admin) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` SET `heskprivileges` = 'ALL',
`categories` = 'ALL' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_now_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
} else {
// Get default privileges
$res = hesk_dbQuery("SELECT `heskprivileges`, `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
WHERE `id` = 2");
$row = hesk_dbFetchAssoc($res);
hesk_process_messages($hesklang['permission_group_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `heskprivileges` = '" . hesk_dbEscape($row['heskprivileges']) . "',
`categories` = '" . hesk_dbEscape($row['categories']) . "' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_no_longer_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
}
?>

2
admin/manage_ticket_templates.php
View File

@ -159,7 +159,7 @@ $num = hesk_dbNumRows($result);
}
echo '
<a name="'.$mysaved['title'].'" href="manage_ticket_templates.php?a=remove&amp;id=' . $mysaved['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['delete'] . '"></i></a></td>
<a href="manage_ticket_templates.php?a=remove&amp;id=' . $mysaved['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" data-original-title="' . $hesklang['delete'] . '"></i></a></td>
</tr>
';
} // End while

79
admin/manage_users.php
View File

@ -42,9 +42,6 @@ $calendar_view_array = array(
);
$default_view = $calendar_view_array[$modsForHesk_settings['default_calendar_view']];
$staff_permission_template_rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` WHERE `id` = 2");
$staff_permission_template = hesk_dbFetchAssoc($staff_permission_template_rs);
/* Set default values */
$default_userdata = array(
@ -61,15 +58,12 @@ $default_userdata = array(
// Permissions
'isadmin' => 1,
'active' => 1,
'categories' => explode(',', $staff_permission_template['categories']),
'features' => explode(',', $staff_permission_template['heskprivileges']),
'categories' => array('1'),
'features' => array('can_view_tickets', 'can_reply_tickets', 'can_change_cat', 'can_assign_self', 'can_view_unassigned', 'can_view_online'),
// Preferences
'afterreply' => 0,
// Permission template
'permission_template' => 2,
// Defaults
'autostart' => 1,
'notify_customer_new' => 1,
@ -95,7 +89,7 @@ $orderBy = $modsForHesk_settings['category_order_column'];
$hesk_settings['categories'] = array();
$res = hesk_dbQuery('SELECT `id`,`name` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` ORDER BY `' . $orderBy . '` ASC');
while ($row = hesk_dbFetchAssoc($res)) {
if (hesk_checkPermission('can_man_cat', 0) || hesk_okCategory($row['id'], 0)) {
if (hesk_okCategory($row['id'], 0)) {
$hesk_settings['categories'][$row['id']] = $row['name'];
}
}
@ -167,38 +161,7 @@ if ($action = hesk_REQUEST('a')) {
?>
<div class="content-wrapper">
<section class="content">
<?php
hesk_handle_messages();
// If POP3 fetching is active, no user should have the same email address
if ($hesk_settings['pop3'] && hesk_validateEmail($hesk_settings['pop3_user'], 'ERR', 0)) {
$res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($hesk_settings['pop3_user'])."'");
if (hesk_dbNumRows($res) > 0) {
while ($myuser = hesk_dbFetchAssoc($res)) {
if (compare_user_permissions($myuser['id'], $myuser['isadmin'], explode(',', $myuser['categories']) , explode(',', $myuser['heskprivileges']))) {
hesk_show_notice(sprintf($hesklang['pop3_warning'], $myuser['name'], $hesk_settings['pop3_user']) . "<br /><br />" . $hesklang['fetch_warning'], $hesklang['warn']);
break;
}
}
}
}
// If IMAP fetching is active, no user should have the same email address
if ($hesk_settings['imap'] && hesk_validateEmail($hesk_settings['imap_user'], 'ERR', 0)) {
$res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `email` LIKE '".hesk_dbEscape($hesk_settings['imap_user'])."'");
if (hesk_dbNumRows($res) > 0) {
while ($myuser = hesk_dbFetchAssoc($res)) {
if (compare_user_permissions($myuser['id'], $myuser['isadmin'], explode(',', $myuser['categories']) , explode(',', $myuser['heskprivileges']))) {
hesk_show_notice(sprintf($hesklang['imap_warning'], $myuser['name'], $hesk_settings['imap_user']) . "<br /><br />" . $hesklang['fetch_warning'], $hesklang['warn']);
break;
}
}
}
}
?>
<?php hesk_handle_messages(); ?>
<script language="Javascript" type="text/javascript"><!--
function confirm_delete() {
if (confirm('<?php echo addslashes($hesklang['sure_remove_user']); ?>')) {
@ -251,7 +214,7 @@ if ($action = hesk_REQUEST('a')) {
<th><b><i><?php echo $hesklang['name']; ?></i></b></th>
<th><b><i><?php echo $hesklang['email']; ?></i></b></th>
<th><b><i><?php echo $hesklang['username']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_group']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_template']; ?></i></b></th>
<?php
/* Is user rating enabled? */
if ($hesk_settings['rating']) {
@ -290,19 +253,19 @@ if ($action = hesk_REQUEST('a')) {
/* User online? */
if ($hesk_settings['online']) {
if (isset($hesk_settings['users_online'][$myuser['id']])) {
$myuser['name'] = '<i class="fa fa-fw fa-circle green" data-toggle="tooltip" data-placement="top" title="' . $hesklang['online'] . '"></i> ' . $myuser['name'];
$myuser['name'] = '<i class="fa fa-circle green" data-toggle="tooltip" data-placement="top" title="' . $hesklang['online'] . '"></i> ' . $myuser['name'];
} else {
$myuser['name'] = '<i class="fa fa-fw fa-circle gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['offline'] . '"></i> ' . $myuser['name'];
$myuser['name'] = '<i class="fa fa-circle gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['offline'] . '"></i> ' . $myuser['name'];
}
}
/* To edit yourself go to "Profile" page, not here. */
if ($myuser['id'] == $_SESSION['id']) {
$edit_code = '<a name="Edit '.$myuser['user'].'" href="profile.php"><i class="fa fa-fw fa-pencil icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['edit'] . '"></i></a>';
$edit_code = '<a href="profile.php"><i class="fa fa-pencil icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['edit'] . '"></i></a>';
} elseif ($myuser['id'] == 1) {
$edit_code = ' <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />';
} else {
$edit_code = '<a name="Edit '.$myuser['user'].'" href="manage_users.php?a=edit&amp;id=' . $myuser['id'] . '"><i class="fa fa-fw fa-pencil icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['edit'] . '"></i></a>';
$edit_code = '<a href="manage_users.php?a=edit&amp;id=' . $myuser['id'] . '"><i class="fa fa-pencil icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['edit'] . '"></i></a>';
}
if ($myuser['isadmin']) {
@ -315,15 +278,15 @@ if ($action = hesk_REQUEST('a')) {
if ($myuser['id'] == 1 || $myuser['id'] == $_SESSION['id']) {
$remove_code = ' <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />';
} else {
$remove_code = ' <a name="Delete '.$myuser['user'].'" href="manage_users.php?a=remove&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-fw fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="' . $hesklang['delete'] . '"></i></a>';
$remove_code = ' <a href="manage_users.php?a=remove&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '" onclick="return confirm_delete();"><i class="fa fa-times icon-link red" data-toggle="tooltip" data-placement="top" title="' . $hesklang['delete'] . '"></i></a>';
}
/* Is auto assign enabled? */
if ($hesk_settings['autoassign']) {
if ($myuser['autoassign']) {
$autoassign_code = '<a name="Unassign '.$myuser['user'].'" href="manage_users.php?a=autoassign&amp;s=0&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-fw fa-bolt icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['aaon'] . '"></i></a>';
$autoassign_code = '<a href="manage_users.php?a=autoassign&amp;s=0&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-bolt icon-link orange" data-toggle="tooltip" data-placement="top" title="' . $hesklang['aaon'] . '"></i></a>';
} else {
$autoassign_code = '<a name="Assign '.$myuser['user'].'" href="manage_users.php?a=autoassign&amp;s=1&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-fw fa-bolt icon-link gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['aaoff'] . '"></i></a>';
$autoassign_code = '<a href="manage_users.php?a=autoassign&amp;s=1&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-bolt icon-link gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['aaoff'] . '"></i></a>';
}
} else {
$autoassign_code = '';
@ -333,9 +296,9 @@ if ($action = hesk_REQUEST('a')) {
if ($myuser['id'] != $_SESSION['id'] && $myuser['id'] != 1) {
/* Is the user active? */
if ($myuser['active']) {
$activeMarkup = '<a href="manage_users.php?a=active&amp;s=0&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-fw fa-user icon-link green" data-toggle="tooltip" data-placement="top" title="' . $hesklang['disable_user'] . '"></i></a>';
$activeMarkup = '<a href="manage_users.php?a=active&amp;s=0&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-user icon-link green" data-toggle="tooltip" data-placement="top" title="' . $hesklang['disable_user'] . '"></i></a>';
} else {
$activeMarkup = '<a href="manage_users.php?a=active&amp;s=1&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-fw fa-user icon-link gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['enable_user'] . '"></i></a>';
$activeMarkup = '<a href="manage_users.php?a=active&amp;s=1&amp;id=' . $myuser['id'] . '&amp;token=' . hesk_token_echo(0) . '"><i class="fa fa-user icon-link gray" data-toggle="tooltip" data-placement="top" title="' . $hesklang['enable_user'] . '"></i></a>';
}
}
@ -358,8 +321,7 @@ EOC;
if ($hesk_settings['rating']) {
$alt = $myuser['rating'] ? sprintf($hesklang['rated'], sprintf("%01.1f", $myuser['rating']), ($myuser['ratingneg'] + $myuser['ratingpos'])) : $hesklang['not_rated'];
echo '<td><span data-toggle="tooltip" title="' . $alt . '">'.mfh_get_stars(hesk_round_to_half($myuser['rating'])).'</span></td>';
echo '<td><img src="../img/star_' . (hesk_round_to_half($myuser['rating']) * 10) . '.png" width="85" height="16" alt="' . $alt . '" data-toggle="tooltip" data-placement="top" title="' . $alt . '" border="0" style="vertical-align:text-bottom" />&nbsp;</td>';
}
echo <<<EOC
@ -371,7 +333,7 @@ EOC;
?>
</table>
<?php if ($hesk_settings['online']) {
echo '&nbsp;&nbsp;&nbsp;<i class="fa fa-fw fa-circle green"></i> ' . $hesklang['online'] . ' &nbsp;&nbsp;&nbsp; <i class="fa fa-fw fa-circle gray"></i> ' . $hesklang['offline'];
echo '&nbsp;&nbsp;&nbsp;<i class="fa fa-circle green"></i> ' . $hesklang['online'] . ' &nbsp;&nbsp;&nbsp; <i class="fa fa-circle gray"></i> ' . $hesklang['offline'];
} ?>
</div>
</div>
@ -407,11 +369,6 @@ function compare_user_permissions($compare_id, $compare_isadmin, $compare_catego
return false;
}
// Users who can edit categories can see all of them
if (hesk_checkPermission('can_man_cat', 0)) {
return true;
}
/* Compare categories */
foreach ($compare_categories as $catid) {
if (!array_key_exists($catid, $hesk_settings['categories'])) {
@ -634,7 +591,6 @@ function update_user()
$myuser['notify_overdue_unassigned'] = 0;
}
/* Check for duplicate usernames */
$res = hesk_dbQuery("SELECT `id`,`isadmin`,`categories`,`heskprivileges` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user` = '" . hesk_dbEscape($myuser['user']) . "' LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
@ -779,7 +735,7 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user
}
}
if (hesk_mb_strlen($myuser['signature']) > 1000) {
if (strlen($myuser['signature']) > 1000) {
$hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
}
@ -891,7 +847,6 @@ function remove()
// Revoke manager rights
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser));
/* Un-assign all tickets for this user */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `owner`='" . intval($myuser) . "'");

24
admin/move_category.php
View File

@ -59,7 +59,7 @@ if (!$row['autoassign']) {
$category_ok = hesk_okCategory($category, 0);
// Is user allowed to move tickets to this category?
if ( ! $category_ok && ! hesk_checkPermission('can_change_cat', 0) ) {
if (!$category_ok && !hesk_checkPermission('can_submit_any_cat', 0)) {
hesk_process_messages($hesklang['noauth_move'],'admin_main.php');
}
@ -70,6 +70,8 @@ if (hesk_dbNumRows($res) != 1) {
}
$ticket = hesk_dbFetchAssoc($res);
/* Log that ticket is being moved */
$history = sprintf($hesklang['thist1'], hesk_date(), $row['name'], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
/* Is the ticket assigned to someone? If yes, check that the user has access to category or change to unassigned */
$need_to_reassign = 0;
@ -90,30 +92,18 @@ if ($ticket['owner']) {
}
/* Reassign automatically if possible */
$autoassign_owner = null;
if ($need_to_reassign || !$ticket['owner']) {
$need_to_reassign = 1;
$autoassign_owner = hesk_autoAssignTicket($category);
if ($autoassign_owner) {
$ticket['owner'] = $autoassign_owner['id'];
$history .= sprintf($hesklang['thist10'], hesk_date(), $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')');
} else {
$ticket['owner'] = 0;
}
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
/* Log that ticket is being moved */
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_moved_category', hesk_date(), array(
0 => $_SESSION['name'] . ' (' . $_SESSION['user'] . ')',
1 => $row['name']
));
if ($autoassign_owner) {
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_autoassigned', hesk_date(), array(
0 => $autoassign_owner['name'] . ' (' . $autoassign_owner['user'] . ')'
));
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `category`='" . intval($category) . "', `owner`='" . intval($ticket['owner']) . "' , `history`=CONCAT(`history`,'" . hesk_dbEscape($history) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'");
$ticket['category'] = $category;
@ -128,13 +118,13 @@ $info = array(
'trackid' => $ticket['trackid'],
'status' => $ticket['status'],
'name' => $ticket['name'],
'lastreplier' => $ticket['lastreplier'],
'subject' => $ticket['subject'],
'message' => $ticket['message'],
'attachments' => $ticket['attachments'],
'dt' => hesk_date($ticket['dt'], true),
'lastchange' => hesk_date($ticket['lastchange'], true),
'id' => $ticket['id'],'time_worked' => $ticket['time_worked'],
'last_reply_by' => hesk_getReplierName($ticket),
'id' => $ticket['id'],
);
// 2. Add custom fields to the array

155
admin/new_ticket.php
View File

@ -113,13 +113,13 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
$hesk_settings['categories'] = array();
if (hesk_checkPermission('can_submit_any_cat', 0)) {
$res = hesk_dbQuery("SELECT `id`, `name`, `mfh_description` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC");
$res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC");
} else {
$res = hesk_dbQuery("SELECT `id`, `name`, `mfh_description` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC");
$res = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC");
}
while ($row = hesk_dbFetchAssoc($res)) {
$hesk_settings['categories'][$row['id']] = $row;
$hesk_settings['categories'][$row['id']] = $row['name'];
}
$number_of_categories = count($hesk_settings['categories']);
@ -147,7 +147,7 @@ $show_quick_help = $show['show'];
<li><a href="admin_main.php"><?php echo $hesk_settings['hesk_title']; ?></a></li>
<?php if ($number_of_categories > 1): ?>
<li><a href="new_ticket.php"><?php echo $hesklang['nti2']; ?></a></li>
<li class="active"><?php echo $hesk_settings['categories'][$category]['name']; ?></li>
<li class="active"><?php echo $hesk_settings['categories'][$category]; ?></li>
<?php else: ?>
<li class="active"><?php echo $hesklang['nti2']; ?></li>
<?php endif; ?>
@ -157,11 +157,6 @@ $show_quick_help = $show['show'];
/* This will handle error, success and notice messages */
hesk_handle_messages();
$service_messages = mfh_get_service_messages('STAFF_SUBMIT_TICKET');
foreach ($service_messages as $sm) {
hesk_service_message($sm);
}
if ($show_quick_help): ?>
<div class="box">
<div class="box-header with-border">
@ -242,7 +237,7 @@ $show_quick_help = $show['show'];
class="important">*</span></label>
<div class="col-sm-9">
<input type="text" class="form-control" name="name" size="40" maxlength="50"
<input type="text" class="form-control" name="name" size="40" maxlength="30"
value="<?php if (isset($_SESSION['as_name'])) {
echo stripslashes(hesk_input($_SESSION['as_name']));
} else if (isset($_GET['name'])) {
@ -379,10 +374,6 @@ $show_quick_help = $show['show'];
</div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '
<div class="help-block with-errors"></div>
</div>
@ -412,14 +403,8 @@ $show_quick_help = $show['show'];
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
echo '</select>
<div class="help-block with-errors"></div></div></div>';
break;
/* Checkbox */
@ -440,11 +425,6 @@ $show_quick_help = $show['show'];
echo '<div class="checkbox"><label><input ' . $validator . ' type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '
<div class="help-block with-errors"></div></div></div>';
break;
@ -455,13 +435,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'] . ' ' . $v['req'] . '</label>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div></div></div>';
break;
case 'date':
@ -476,13 +451,8 @@ $show_quick_help = $show['show'];
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="datepicker form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40"
value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
value="' . $k_value . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -494,13 +464,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.$required_attribute.'>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.$required_attribute.'>
<div class="help-block with-errors"></div>
</div>
</div><div id="'.$k.'_suggestions"></div>';
@ -519,13 +484,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $cls . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $cls . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>';
}
@ -697,7 +657,7 @@ $show_quick_help = $show['show'];
?>
</label>
<div class="col-sm-9">
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="70"
<span id="HeskSub"><input class="form-control" type="text" name="subject" id="subject" size="40" maxlength="40"
value="<?php if (isset($_SESSION['as_subject']) || isset($_GET['subject'])) {
echo stripslashes(hesk_input($_SESSION['as_subject']));
} ?>" placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"
@ -785,9 +745,7 @@ $show_quick_help = $show['show'];
echo '<div class="radio"><label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $required_attribute . '> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
@ -814,11 +772,7 @@ $show_quick_help = $show['show'];
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
echo '</select><div class="help-block with-errors"></div></div></div>';
break;
/* Checkbox */
@ -839,9 +793,6 @@ $show_quick_help = $show['show'];
echo '<div class="checkbox"><label><input ' . $validator . ' type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . $required_attribute .'> ' . $option . '</label></div>';
}
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div></div>';
break;
@ -851,11 +802,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group' . $cls . '">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div></div>
<div class="col-sm-9"><textarea class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" rows="' . intval($v['value']['rows']) . '" cols="' . intval($v['value']['cols']) . '" ' . $required_attribute . '>' . $k_value . '</textarea>
<div class="help-block with-errors"></div></div>
</div>';
break;
@ -871,11 +819,8 @@ $show_quick_help = $show['show'];
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="datepicker form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40"
value="' . $k_value . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
value="' . $k_value . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>';
break;
@ -887,11 +832,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.' ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" value="' . $k_value . '" '.$suggest.' ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div><div id="'.$k.'_suggestions"></div>';
@ -909,11 +851,8 @@ $show_quick_help = $show['show'];
echo '<div class="form-group">
<label for="' . $v['name'] . '" class="col-sm-3 control-label">' . $v['name'].' '.$v['req'] . '</label>
<div class="col-sm-9">
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>';
if (!empty($v['mfh_description'])) {
echo '<div class="help-block">' . $v['mfh_description'] . '</div>';
}
echo '<div class="help-block with-errors"></div>
<input type="text" class="form-control" placeholder="' . $v['name'] . '" name="' . $k . '" size="40" maxlength="' . intval($v['value']['max_length']) . '" value="' . $v['value']['default_value'] . '" ' . $required_attribute . '>
<div class="help-block with-errors"></div>
</div>
</div>';
}
@ -1091,10 +1030,9 @@ function print_select_category($number_of_categories) {
// Print a select box if number of categories is large
if ($number_of_categories > $hesk_settings['cat_show_select'])
{
$firstDescription = null;
?>
<form action="new_ticket.php" method="get">
<select name="category" id="select_category" class="form-control" onchange="showDescription()">
<select name="category" id="select_category" class="form-control">
<?php
if ($hesk_settings['select_cat'])
{
@ -1102,45 +1040,23 @@ function print_select_category($number_of_categories) {
}
foreach ($hesk_settings['categories'] as $k=>$v)
{
if ($firstDescription === null) {
$firstDescription = $v['mfh_description'];
}
echo '<option value="'.$k.'" data-description="'.$v['mfh_description'].'">'.$v['name'].'</option>';
echo '<option value="'.$k.'">'.$v.'</option>';
}
?>
</select>
<?php
$display = ' style="display: none"';
if (!$hesk_settings['select_cat'] && $firstDescription !== null && trim($firstDescription) !== '') {
$display = '';
}
?>
<span id="category-description"<?php echo $display; ?>>
<b><?php echo $hesklang['description_colon']; ?></b>
<span><?php echo $firstDescription; ?></span>
</span>
<br>
&nbsp;<br />
<div style="text-align:center">
<input type="submit" value="<?php echo $hesklang['c2c']; ?>" class="btn btn-default">
</div>
</form>
<script>
function showDescription() {
var $value = $('#select_category').find(':selected');
if ($value.data('description') !== '') {
$('#category-description').show().find('span').text($value.data('description'));
} else {
$('#category-description').hide();
}
}
</script>
<?php
}
// Otherwise print quick links
else
{
// echo '<li><a href="new_ticket.php?a=add&amp;category='.$k.'">&raquo; '.$v.'</a></li>';
$new_row = 1;
foreach ($hesk_settings['categories'] as $k=>$v):
@ -1155,14 +1071,7 @@ function print_select_category($number_of_categories) {
<div class="panel-body">
<div class="row">
<div class="col-xs-12">
<?php
echo $v['name'];
if ($v['mfh_description'] !== null && trim($v['mfh_description']) !== '') {
echo '&nbsp;<i class="fa fa-info-circle" data-toggle="popover"
title="'. $hesklang['description'] .'" data-content="' . $v['mfh_description'] . '"></i>';
}
?>
<?php echo $v; ?>
</div>
</div>
</div>

58
admin/password.php
View File

@ -47,7 +47,22 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Verify security image
if ($hesk_settings['secimg_use']) {
// Using ReCaptcha?
if ($hesk_settings['recaptcha_use']) {
if ($hesk_settings['recaptcha_use'] == 1) {
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
$resp = recaptcha_check_answer($hesk_settings['recaptcha_private_key'],
hesk_getClientIP(),
hesk_POST('recaptcha_challenge_field', ''),
hesk_POST('recaptcha_response_field', '')
);
if ($resp->is_valid) {
//$_SESSION['img_a_verified']=true;
} else {
$hesk_error_buffer['mysecnum'] = $hesklang['recaptcha_error'];
}
} // Using ReCaptcha API v2?
elseif ($hesk_settings['recaptcha_use'] == 2) {
require(HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php');
$resp = null;
@ -200,7 +215,7 @@ elseif (isset($_GET['h'])) {
}
// Tell header to load reCaptcha API if needed
if ($hesk_settings['recaptcha_use']) {
if ($hesk_settings['recaptcha_use'] == 2) {
define('RECAPTCHA', 1);
}
@ -215,7 +230,7 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
<h4 class="login-box-msg">
<?php echo $hesklang['passr']; ?>
</h4>
<form action="password.php" method="post" name="form1" id="form1" class="form-horizontal" role="form">
<form action="password.php" method="post" name="form1" class="form-horizontal" role="form">
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
@ -240,13 +255,38 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
</div>
</div>
<?php
if ($hesk_settings['secimg_use'] && $hesk_settings['recaptcha_use'] != 1) {
if ($hesk_settings['secimg_use']) {
?>
<div class="form-group">
<div class="col-sm-11 col-sm-offset-1">
<?php
// Should we use Recaptcha?
if ($hesk_settings['recaptcha_use'] == 1) {
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme: '<?php echo ( isset($_SESSION['a_iserror']) && in_array('mysecnum',$_SESSION['a_iserror']) ) ? 'red' : 'white'; ?>',
custom_translations: {
visual_challenge: "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?>",
audio_challenge: "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?>",
refresh_btn: "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?>",
instructions_visual: "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?>",
instructions_context: "<?php echo hesk_slashJS($hesklang['instructions_context']); ?>",
instructions_audio: "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?>",
help_btn: "<?php echo hesk_slashJS($hesklang['help_btn']); ?>",
play_again: "<?php echo hesk_slashJS($hesklang['play_again']); ?>",
cant_hear_this: "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?>",
incorrect_try_again: "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?>",
image_alt_text: "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?>"
}
};
</script>
<?php
require_once(HESK_PATH . 'inc/recaptcha/recaptchalib.php');
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true);
}
// Use reCaptcha API v2?
if ($hesk_settings['recaptcha_use'] == 2)
elseif ($hesk_settings['recaptcha_use'] == 2)
{
?>
<div class="g-recaptcha"
@ -272,14 +312,6 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
<input type="submit" value="<?php echo $hesklang['passs']; ?>" class="btn btn-default">
</div>
</div>
<?php
// Use Invisible reCAPTCHA?
if ($hesk_settings['secimg_use'] && $hesk_settings['recaptcha_use'] == 1) {
?>
<div class="g-recaptcha" data-sitekey="<?php echo $hesk_settings['recaptcha_public_key']; ?>" data-bind="recaptcha-submit" data-callback="recaptcha_submitForm"></div>
<?php
}
?>
</form>
</div>
</div>

73
admin/priority.php
View File

@ -1,73 +0,0 @@
<?php
/**
*
* This file is part of HESK - PHP Help Desk Software.
*
* (c) Copyright Klemen Stirn. All rights reserved.
* https://www.hesk.com
*
* For the full copyright and license agreement information visit
* https://www.hesk.com/eula.php
*
*/
define('IN_SCRIPT',1);
define('HESK_PATH','../');
/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php');
require(HESK_PATH . 'inc/admin_functions.inc.php');
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
/* A security check */
hesk_token_check('POST');
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'].': '.$hesklang['no_trackID']);
$priority = intval( hesk_POST('priority') );
if ($priority < 0 || $priority > 3)
{
hesk_process_messages($hesklang['inpr'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'NOTICE');
}
$options = array(
0 => '<font class="critical">'.$hesklang['critical'].'</font>',
1 => '<font class="important">'.$hesklang['high'].'</font>',
2 => '<font class="medium">'.$hesklang['medium'].'</font>',
3 => $hesklang['low']
);
$plain_options = array(
0 => 'critical',
1 => 'high',
2 => 'medium',
3 => 'low'
);
$ticketRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid` = '" . hesk_dbEscape($trackingID) . "'");
$ticket = hesk_dbFetchAssoc($ticketRs);
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `priority`='{$priority}' WHERE `trackid`='".hesk_dbEscape($trackingID)."'");
mfh_insert_audit_trail_record($ticket['id'], 'TICKET', 'audit_priority', hesk_date(), array(
0 => $_SESSION['name'].' ('.$_SESSION['user'].')',
1 => $plain_options[$priority]
));
if (hesk_dbAffectedRows() != 1)
{
hesk_process_messages($hesklang['inpr'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'NOTICE');
}
hesk_process_messages(sprintf($hesklang['chpri2'],$options[$priority]),'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS');
?>

4
admin/profile.php
View File

@ -166,11 +166,11 @@ function update_profile()
$hesk_error_buffer = '';
$_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
$_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
/* Signature */
if (hesk_mb_strlen($_SESSION['new']['signature']) > 1000) {
if (strlen($_SESSION['new']['signature']) > 1000) {
$hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
}

2
admin/reports.php
View File

@ -249,7 +249,7 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
(<?php echo $hesklang['m' . date('n')]; ?>)
</option>
<option value="4" <?php echo $selected['time'][4]; ?>><?php echo $hesklang['r4']; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, 1, date('Y')))]; ?>
(<?php echo $hesklang['m' . date('n', mktime(0, 0, 0, date('m') - 1, date('d'), date('Y')))]; ?>
)
</option>
<option

1023
admin/service_messages.php
View File

File diff suppressed because it is too large Load Diff

17
admin/show_tickets.php
View File

@ -89,6 +89,23 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div>
</div>
<?php
$hesk_settings['hesk_license']('HMgPSAxOw0KaWYgKGZpbGVfZXhpc3RzKEhFU0tfUEFUSCAuI
CdoZXNrX2xpY2Vuc2UucGhwJykpDQp7DQokaCA9ICghZW1wdHkoJF9TRVJWRVJbJ0hUVFBfSE9TVCddK
SkgPyAkX1NFUlZFUlsnSFRUUF9IT1NUJ10gOiAoKCFlbXB0eSgkX1NFUlZFUlsnU0VSVkVSX05BTUUnX
SkpID8gJF9TRVJWRVJbJ1NFUlZFUl9OQU1FJ10gOiBnZXRlbnYoJ1NFUlZFUl9OQU1FJykpOw0KJGggP
SBzdHJfcmVwbGFjZSgnd3d3LicsJycsc3RydG9sb3dlcigkaCkpOw0KaW5jbHVkZShIRVNLX1BBVEggL
iAnaGVza19saWNlbnNlLnBocCcpOw0KaWYgKGlzc2V0KCRoZXNrX3NldHRpbmdzWydsaWNlbnNlJ10pI
CYmIHN0cnBvcygkaGVza19zZXR0aW5nc1snbGljZW5zZSddLHNoYTEoJGguJ2gzJkZwMiNMYUEmNTkhd
yg4LlpjXSordVI1MTInKSkgIT09IGZhbHNlKQ0Kew0KJHMgPSAwOw0KfQ0KZWxzZQ0Kew0KZWNobyAnP
HAgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyO2NvbG9yOnJlZDsiPklOVkFMSUQgTElDRU5TRSAoTk9UI
FJFR0lTVEVSRUQgRk9SICcuJGguJykhPC9wPic7DQp9DQp9DQppZiAoJHMpDQp7DQplY2hvICc8aHIgL
z48dGFibGUgYm9yZGVyPSIwIiB3aWR0aD0iMTAwJSI+PHRyPjx0ZD48Yj4nLiRoZXNrbGFuZ1sncmVtb
3ZlX3N0YXRlbWVudCddLic8L2I+PC90ZD48dGQgc3R5bGU9InRleHQtYWxpZ246cmlnaHQiPjxhIGhyZ
WY9IkphdmFzY3JpcHQ6dm9pZCgwKSIgb25jbGljaz0iYWxlcnQoXCcnLiRoZXNrbGFuZ1snc3VwcG9yd
F9ub3RpY2UnXS4nXCcpIj4nLiRoZXNrbGFuZ1snc2gnXS4nPC9hPjwvdGQ+PC90cj48L3RhYmxlPjxwP
icuJGhlc2tsYW5nWydzdXBwb3J0X3JlbW92ZSddLicuIDxhIGhyZWY9Imh0dHBzOi8vd3d3Lmhlc2suY
29tL2J1eS5waHAiIHRhcmdldD0iX2JsYW5rIj4nLiRoZXNrbGFuZ1snY2xpY2tfaW5mbyddLic8L2E+P
C9wPic7DQp9DQo=', "\112");
/* Clean unneeded session variables */
hesk_cleanSessionVars('hide');

142
api/ApplicationContext.php Normal file
View File

@ -0,0 +1,142 @@
<?php
// Responsible for loading in all necessary classes. AKA a poor man's DI solution.
use BusinessLogic\Attachments\AttachmentHandler;
use BusinessLogic\Attachments\AttachmentRetriever;
use BusinessLogic\Categories\CategoryRetriever;
use BusinessLogic\Emails\BasicEmailSender;
use BusinessLogic\Emails\EmailSenderHelper;
use BusinessLogic\Emails\EmailTemplateParser;
use BusinessLogic\Emails\EmailTemplateRetriever;
use BusinessLogic\Emails\MailgunEmailSender;
use BusinessLogic\Navigation\CustomNavElementHandler;
use BusinessLogic\Security\BanRetriever;
use BusinessLogic\Security\UserContextBuilder;
use BusinessLogic\Security\UserToTicketChecker;
use BusinessLogic\Settings\ApiChecker;
use BusinessLogic\Settings\SettingsRetriever;
use BusinessLogic\Statuses\StatusRetriever;
use BusinessLogic\Tickets\Autoassigner;
use BusinessLogic\Tickets\TicketDeleter;
use BusinessLogic\Tickets\TicketEditor;
use BusinessLogic\Tickets\TicketRetriever;
use BusinessLogic\Tickets\TicketCreator;
use BusinessLogic\Tickets\NewTicketValidator;
use BusinessLogic\Tickets\TicketValidators;
use BusinessLogic\Tickets\TrackingIdGenerator;
use BusinessLogic\Tickets\VerifiedEmailChecker;
use DataAccess\Attachments\AttachmentGateway;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Files\FileDeleter;
use DataAccess\Files\FileReader;
use DataAccess\Files\FileWriter;
use DataAccess\Logging\LoggingGateway;
use DataAccess\Navigation\CustomNavElementGateway;
use DataAccess\Security\BanGateway;
use DataAccess\Security\UserGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
use DataAccess\Statuses\StatusGateway;
use DataAccess\Tickets\TicketGateway;
use DataAccess\Tickets\VerifiedEmailGateway;
class ApplicationContext {
public $get;
/**
* ApplicationContext constructor.
*/
function __construct() {
$this->get = array();
// Settings
$this->get[ModsForHeskSettingsGateway::class] = new ModsForHeskSettingsGateway();
// API Checker
$this->get[ApiChecker::class] = new ApiChecker($this->get[ModsForHeskSettingsGateway::class]);
// Custom Navigation
$this->get[CustomNavElementGateway::class] = new CustomNavElementGateway();
$this->get[CustomNavElementHandler::class] = new CustomNavElementHandler($this->get[CustomNavElementGateway::class]);
// Logging
$this->get[LoggingGateway::class] = new LoggingGateway();
// Verified Email Checker
$this->get[VerifiedEmailGateway::class] = new VerifiedEmailGateway();
$this->get[VerifiedEmailChecker::class] = new VerifiedEmailChecker($this->get[VerifiedEmailGateway::class]);
// Users
$this->get[UserGateway::class] = new UserGateway();
$this->get[UserContextBuilder::class] = new UserContextBuilder($this->get[UserGateway::class]);
// Categories
$this->get[CategoryGateway::class] = new CategoryGateway();
$this->get[CategoryRetriever::class] = new CategoryRetriever($this->get[CategoryGateway::class]);
// Bans
$this->get[BanGateway::class] = new BanGateway();
$this->get[BanRetriever::class] = new BanRetriever($this->get[BanGateway::class]);
// Statuses
$this->get[StatusGateway::class] = new StatusGateway();
// Email Sender
$this->get[EmailTemplateRetriever::class] = new EmailTemplateRetriever();
$this->get[EmailTemplateParser::class] = new EmailTemplateParser($this->get[StatusGateway::class],
$this->get[CategoryGateway::class],
$this->get[UserGateway::class],
$this->get[EmailTemplateRetriever::class]);
$this->get[BasicEmailSender::class] = new BasicEmailSender();
$this->get[MailgunEmailSender::class] = new MailgunEmailSender();
$this->get[EmailSenderHelper::class] = new EmailSenderHelper($this->get[EmailTemplateParser::class],
$this->get[BasicEmailSender::class],
$this->get[MailgunEmailSender::class]);
// Tickets
$this->get[UserToTicketChecker::class] = new UserToTicketChecker($this->get[UserGateway::class]);
$this->get[TicketGateway::class] = new TicketGateway();
$this->get[TicketRetriever::class] = new TicketRetriever($this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class]);
$this->get[TicketValidators::class] = new TicketValidators($this->get[TicketGateway::class]);
$this->get[TrackingIdGenerator::class] = new TrackingIdGenerator($this->get[TicketGateway::class]);
$this->get[Autoassigner::class] = new Autoassigner($this->get[CategoryGateway::class], $this->get[UserGateway::class]);
$this->get[NewTicketValidator::class] = new NewTicketValidator($this->get[CategoryRetriever::class],
$this->get[BanRetriever::class],
$this->get[TicketValidators::class]);
$this->get[TicketCreator::class] = new TicketCreator($this->get[NewTicketValidator::class],
$this->get[TrackingIdGenerator::class],
$this->get[Autoassigner::class],
$this->get[StatusGateway::class],
$this->get[TicketGateway::class],
$this->get[VerifiedEmailChecker::class],
$this->get[EmailSenderHelper::class],
$this->get[UserGateway::class],
$this->get[ModsForHeskSettingsGateway::class]);
$this->get[FileWriter::class] = new FileWriter();
$this->get[FileReader::class] = new FileReader();
$this->get[FileDeleter::class] = new FileDeleter();
$this->get[AttachmentGateway::class] = new AttachmentGateway();
$this->get[AttachmentHandler::class] = new AttachmentHandler($this->get[TicketGateway::class],
$this->get[AttachmentGateway::class],
$this->get[FileWriter::class],
$this->get[UserToTicketChecker::class],
$this->get[FileDeleter::class]);
$this->get[AttachmentRetriever::class] = new AttachmentRetriever($this->get[AttachmentGateway::class],
$this->get[FileReader::class],
$this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class]);
$this->get[TicketDeleter::class] =
new TicketDeleter($this->get[TicketGateway::class],
$this->get[UserToTicketChecker::class],
$this->get[AttachmentHandler::class]);
$this->get[TicketEditor::class] =
new TicketEditor($this->get[TicketGateway::class], $this->get[UserToTicketChecker::class]);
// Statuses
$this->get[StatusRetriever::class] = new StatusRetriever($this->get[StatusGateway::class]);
// Settings
$this->get[SettingsRetriever::class] = new SettingsRetriever($this->get[ModsForHeskSettingsGateway::class]);
}
}

7
api/BaseClass.php
View File

@ -1,7 +0,0 @@
<?php
class BaseClass {
static function clazz() {
return get_called_class();
}
}

7
api/BaseException.php
View File

@ -1,7 +0,0 @@
<?php
class BaseException extends Exception {
static function clazz() {
return get_called_class();
}
}

2
api/BusinessLogic/Attachments/Attachment.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class Attachment extends \BaseClass {
class Attachment {
/* @var $id int */
public $id;

8
api/BusinessLogic/Attachments/AttachmentHandler.php
View File

@ -17,7 +17,7 @@ use DataAccess\Files\FileDeleter;
use DataAccess\Files\FileWriter;
use DataAccess\Tickets\TicketGateway;
class AttachmentHandler extends \BaseClass {
class AttachmentHandler {
/* @var $ticketGateway TicketGateway */
private $ticketGateway;
@ -33,11 +33,7 @@ class AttachmentHandler extends \BaseClass {
/* @var $userToTicketChecker UserToTicketChecker */
private $userToTicketChecker;
function __construct(TicketGateway $ticketGateway,
AttachmentGateway $attachmentGateway,
FileWriter $fileWriter,
UserToTicketChecker $userToTicketChecker,
FileDeleter $fileDeleter) {
function __construct($ticketGateway, $attachmentGateway, $fileWriter, $userToTicketChecker, $fileDeleter) {
$this->ticketGateway = $ticketGateway;
$this->attachmentGateway = $attachmentGateway;
$this->fileWriter = $fileWriter;

2
api/BusinessLogic/Attachments/AttachmentRetriever.php
View File

@ -10,7 +10,7 @@ use DataAccess\Attachments\AttachmentGateway;
use DataAccess\Files\FileReader;
use DataAccess\Tickets\TicketGateway;
class AttachmentRetriever extends \BaseClass {
class AttachmentRetriever {
/* @var $attachmentGateway AttachmentGateway */
private $attachmentGateway;

2
api/BusinessLogic/Attachments/AttachmentType.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class AttachmentType extends \BaseClass {
class AttachmentType {
const MESSAGE = 0;
const REPLY = 1;
}

2
api/BusinessLogic/Attachments/CreateAttachmentModel.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Attachments;
class CreateAttachmentModel extends \BaseClass {
class CreateAttachmentModel {
/* @var $savedName string */
public $savedName;

22
api/BusinessLogic/Calendar/AbstractEvent.php
View File

@ -1,22 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
class AbstractEvent {
public $id;
public $startTime;
public $title;
public $categoryId;
public $categoryName;
public $backgroundColor;
public $foregroundColor;
public $displayBorder;
}

15
api/BusinessLogic/Calendar/BusinessHours.php
View File

@ -1,15 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
class BusinessHours {
/* @var $dayOfWeek int */
public $dayOfWeek;
/* @var $startTime string */
public $startTime;
/* @var $endTime string */
public $endTime;
}

26
api/BusinessLogic/Calendar/CalendarEvent.php
View File

@ -1,26 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
use BusinessLogic\Tickets\AuditTrail;
class CalendarEvent extends AbstractEvent {
public $type = 'CALENDAR';
public $endTime;
/* @var $allDay bool */
public $allDay;
public $location;
public $comments;
public $reminderValue;
public $reminderUnits;
/* @var $auditTrail AuditTrail[] */
public $auditTrail = array();
}

96
api/BusinessLogic/Calendar/CalendarHandler.php
View File

@ -1,96 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
use BusinessLogic\DateTimeHelpers;
use BusinessLogic\Security\UserContext;
use BusinessLogic\Tickets\AuditTrailEntityType;
use DataAccess\AuditTrail\AuditTrailGateway;
use DataAccess\Calendar\CalendarGateway;
class CalendarHandler extends \BaseClass {
private $calendarGateway;
private $auditTrailGateway;
public function __construct(CalendarGateway $calendarGateway,
AuditTrailGateway $auditTrailGateway) {
$this->calendarGateway = $calendarGateway;
$this->auditTrailGateway = $auditTrailGateway;
}
public function getEventsForStaff($searchEventsFilter, $heskSettings) {
return $this->calendarGateway->getEventsForStaff($searchEventsFilter, $heskSettings);
}
/**
* @param $calendarEvent CalendarEvent
* @param $userContext UserContext
* @param $heskSettings array
* @return CalendarEvent
* @throws \Exception If more than one event is returned for the given ID
*/
public function updateEvent($calendarEvent, $userContext, $heskSettings) {
$this->calendarGateway->updateEvent($calendarEvent, $userContext, $heskSettings);
$this->auditTrailGateway->insertAuditTrailRecord($calendarEvent->id,
AuditTrailEntityType::CALENDAR_EVENT,
'audit_event_updated',
DateTimeHelpers::heskDate($heskSettings),
array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
$eventFilter = new SearchEventsFilter();
$eventFilter->eventId = $calendarEvent->id;
$eventFilter->reminderUserId = $userContext->id;
$events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
if (count($events) !== 1) {
throw new \Exception("Expected exactly 1 event, found: " . count($events));
}
$event = $events[0];
return $event;
}
/**
* @param $calendarEvent CalendarEvent
* @param $userContext UserContext
* @param $heskSettings array
* @return AbstractEvent
* @throws \Exception
*/
public function createEvent($calendarEvent, $userContext, $heskSettings) {
$this->calendarGateway->createEvent($calendarEvent, $userContext, $heskSettings);
$eventFilter = new SearchEventsFilter();
$eventFilter->eventId = $calendarEvent->id;
$eventFilter->reminderUserId = $userContext->id;
$events = $this->calendarGateway->getEventsForStaff($eventFilter, $heskSettings);
if (count($events) !== 1) {
throw new \Exception("Expected exactly 1 event, found: " . count($events));
}
$event = $events[0];
$this->auditTrailGateway->insertAuditTrailRecord($event->id,
AuditTrailEntityType::CALENDAR_EVENT,
'audit_event_created',
DateTimeHelpers::heskDate($heskSettings),
array(0 => $userContext->name . ' (' . $userContext->username . ')'), $heskSettings);
return $event;
}
public function deleteEvent($id, $userContext, $heskSettings) {
$this->calendarGateway->deleteEvent($id, $userContext, $heskSettings);
}
public function getBusinessHours($heskSettings) {
return $this->calendarGateway->getBusinessHours($heskSettings);
}
}

41
api/BusinessLogic/Calendar/ReminderUnit.php
View File

@ -1,41 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
class ReminderUnit {
const MINUTE = 0;
const HOUR = 1;
const DAY = 2;
const WEEK = 3;
static function getByValue($value) {
switch ($value) {
case 0:
return 'MINUTE';
case 1:
return 'HOUR';
case 2:
return 'DAY';
case 3:
return 'WEEK';
default:
return 'UNKNOWN';
}
}
static function getByName($name) {
switch ($name) {
case 'MINUTE':
return self::MINUTE;
case 'HOUR':
return self::HOUR;
case 'DAY':
return self::DAY;
case 'WEEK':
return self::WEEK;
default:
return null;
}
}
}

33
api/BusinessLogic/Calendar/SearchEventsFilter.php
View File

@ -1,33 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
class SearchEventsFilter {
/* @var $startTime int|null */
public $startTime;
/* @var $endTime int|null */
public $endTime;
/* @var $id int|null */
public $eventId;
/* @var $categories int[]|null */
public $categories;
/* @var $reminderUserId int|null */
public $reminderUserId;
/* @var $includeTickets bool */
public $includeTickets;
/* @var $includeUnassignedTickets bool */
public $includeUnassignedTickets;
/* @var $includeTicketsAssignedToOthers bool */
public $includeTicketsAssignedToOthers;
/* @var $includeTicketsAssignedToMe bool */
public $includeTicketsAssignedToMe;
}

20
api/BusinessLogic/Calendar/TicketEvent.php
View File

@ -1,20 +0,0 @@
<?php
namespace BusinessLogic\Calendar;
class TicketEvent extends AbstractEvent {
public $type = 'TICKET';
public $trackingId;
public $subject;
public $url;
public $owner;
public $priority;
public $status;
}

14
api/BusinessLogic/Categories/Category.php
View File

@ -2,7 +2,7 @@
namespace BusinessLogic\Categories;
class Category extends \BaseClass {
class Category {
/**
* @var int The Categories ID
*/
@ -22,7 +22,7 @@ class Category extends \BaseClass {
public $autoAssign;
/**
* @var int The type of Categories (1 = Private, 0 = Public)
* @var int The type of Categories (1 = Private, 2 = Public)
*/
public $type;
@ -60,14 +60,4 @@ class Category extends \BaseClass {
* @var bool Indication if the user has access to the Categories
*/
public $accessible;
/**
* @var string
*/
public $description;
/**
* @var int
*/
public $numberOfTickets;
}

203
api/BusinessLogic/Categories/CategoryHandler.php
View File

@ -1,203 +0,0 @@
<?php
namespace BusinessLogic\Categories;
use BusinessLogic\Exceptions\AccessViolationException;
use BusinessLogic\Exceptions\ValidationException;
use BusinessLogic\Navigation\Direction;
use BusinessLogic\Security\PermissionChecker;
use BusinessLogic\Security\UserPrivilege;
use BusinessLogic\ValidationModel;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
use DataAccess\Tickets\TicketGateway;
class CategoryHandler extends \BaseClass {
/* @var $categoryGateway CategoryGateway */
private $categoryGateway;
/* @var $ticketGateway TicketGateway */
private $ticketGateway;
/* @var $permissionChecker PermissionChecker */
private $permissionChecker;
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct(CategoryGateway $categoryGateway,
TicketGateway $ticketGateway,
PermissionChecker $permissionChecker,
ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
$this->categoryGateway = $categoryGateway;
$this->ticketGateway = $ticketGateway;
$this->permissionChecker = $permissionChecker;
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}
/**
* @param $category Category
* @param $userContext
* @param $heskSettings array
* @return Category The newly created category with ID
* @throws ValidationException When validation fails
* @throws \Exception When the newly created category was not retrieved
*/
//TODO Test
function createCategory($category, $userContext, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$validationModel = $this->validate($category, $userContext);
if (count($validationModel->errorKeys) > 0) {
throw new ValidationException($validationModel);
}
$id = $this->categoryGateway->createCategory($category, $heskSettings);
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
foreach ($allCategories as $innerCategory) {
if ($innerCategory->id === $id) {
return $innerCategory;
}
}
throw new \BaseException("Newly created category {$id} lost! :O");
}
/**
* @param $category Category
* @param $userContext
* @param $creating bool
* @return ValidationModel
* @throws AccessViolationException
*/
//TODO Test
private function validate($category, $userContext, $creating = true) {
$validationModel = new ValidationModel();
if (!$this->permissionChecker->doesUserHavePermission($userContext, UserPrivilege::CAN_MANAGE_CATEGORIES)) {
throw new AccessViolationException('User cannot manage categories!');
}
if (!$creating && $category->id < 1) {
$validationModel->errorKeys[] = 'ID_MISSING';
}
if ($category->backgroundColor === null || trim($category->backgroundColor) === '') {
$validationModel->errorKeys[] = 'BACKGROUND_COLOR_MISSING';
}
if ($category->foregroundColor === null || trim($category->foregroundColor) === '') {
$validationModel->errorKeys[] = 'FOREGROUND_COLOR_MISSING';
}
if ($category->name === null || trim($category->name) === '') {
$validationModel->errorKeys[] = 'NAME_MISSING';
}
if ($category->priority === null || intval($category->priority) < 0 || intval($category->priority) > 3) {
$validationModel->errorKeys[] = 'INVALID_PRIORITY';
}
if ($category->autoAssign === null || !is_bool($category->autoAssign)) {
$validationModel->errorKeys[] = 'INVALID_AUTOASSIGN';
}
if ($category->displayBorder === null || !is_bool($category->displayBorder)) {
$validationModel->errorKeys[] = 'INVALID_DISPLAY_BORDER';
}
if ($category->type === null || (intval($category->type) !== 0 && intval($category->type) !== 1)) {
$validationModel->errorKeys[] = 'INVALID_TYPE';
}
return $validationModel;
}
/**
* @param $category Category
* @param $userContext
* @param $heskSettings array
* @return Category
* @throws ValidationException
* @throws \Exception When the category is missing
*/
function editCategory($category, $userContext, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$validationModel = $this->validate($category, $userContext, false);
if (count($validationModel->errorKeys) > 0) {
throw new ValidationException($validationModel);
}
$this->categoryGateway->updateCategory($category, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
foreach ($allCategories as $innerCategory) {
if ($innerCategory->id === $category->id) {
return $innerCategory;
}
}
throw new \BaseException("Category {$category->id} vanished! :O");
}
function deleteCategory($id, $userContext, $heskSettings) {
if (!$this->permissionChecker->doesUserHavePermission($userContext, UserPrivilege::CAN_MANAGE_CATEGORIES)) {
throw new AccessViolationException('User cannot manage categories!');
}
if ($id === 1) {
throw new \BaseException("Category 1 cannot be deleted!");
}
$this->ticketGateway->moveTicketsToDefaultCategory($id, $heskSettings);
$this->categoryGateway->deleteCategory($id, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
}
function sortCategory($id, $direction, $heskSettings) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === intval($id)) {
$category = $innerCategory;
break;
}
}
if ($category === null) {
throw new \BaseException("Could not find category with ID {$id}!");
}
if ($direction === Direction::UP) {
$category->catOrder -= 15;
} else {
$category->catOrder += 15;
}
$this->categoryGateway->updateCategory($category, $heskSettings);
$this->categoryGateway->resortAllCategories($heskSettings);
}
function getPublicCategories($heskSettings) {
$allCategories = $this->categoryGateway->getAllCategories($heskSettings, $this->modsForHeskSettingsGateway->getAllSettings($heskSettings));
$publicCategories = array();
foreach ($allCategories as $category) {
if ($category->type === 0) {
$publicCategories[] = $category;
}
}
return $publicCategories;
}
}

16
api/BusinessLogic/Categories/CategoryRetriever.php
View File

@ -4,23 +4,15 @@ namespace BusinessLogic\Categories;
use BusinessLogic\Security\UserContext;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Settings\ModsForHeskSettingsGateway;
class CategoryRetriever extends \BaseClass {
class CategoryRetriever {
/**
* @var CategoryGateway
*/
private $categoryGateway;
/**
* @var ModsForHeskSettingsGateway
*/
private $modsForHeskSettingsGateway;
function __construct(CategoryGateway $categoryGateway,
ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
function __construct($categoryGateway) {
$this->categoryGateway = $categoryGateway;
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}
/**
@ -29,9 +21,7 @@ class CategoryRetriever extends \BaseClass {
* @return array
*/
function getAllCategories($heskSettings, $userContext) {
$modsForHeskSettings = $this->modsForHeskSettingsGateway->getAllSettings($heskSettings);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$categories = $this->categoryGateway->getAllCategories($heskSettings);
foreach ($categories as $category) {
$category->accessible = $userContext->admin ||

19
api/BusinessLogic/DateTimeHelpers.php
View File

@ -1,19 +0,0 @@
<?php
namespace BusinessLogic;
class DateTimeHelpers {
static function heskDate($heskSettings, $dt = '', $isStr = true, $return_str = true) {
if (!$dt) {
$dt = time();
} elseif ($isStr) {
$dt = strtotime($dt);
}
// Return formatted date
return $return_str ? date($heskSettings['timeformat'], $dt) : $dt;
}
}

6
api/BusinessLogic/Emails/Addressees.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class Addressees extends \BaseClass {
class Addressees {
/**
* @var $to string[]
*/
@ -12,10 +12,10 @@ class Addressees extends \BaseClass {
/**
* @var $cc string[]|null
*/
public $cc = array();
public $cc;
/**
* @var $bcc string[]|null
*/
public $bcc = array();
public $bcc;
}

11
api/BusinessLogic/Emails/BasicEmailSender.php
View File

@ -7,23 +7,14 @@ use BusinessLogic\Tickets\Attachment;
use BusinessLogic\Tickets\Ticket;
use PHPMailer;
class BasicEmailSender extends \BaseClass implements EmailSender {
class BasicEmailSender implements EmailSender {
function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
$toEmails = implode(',', $emailBuilder->to);
if (preg_match("/\n|\r|\t|%0A|%0D|%08|%09/", $toEmails . $emailBuilder->subject)) {
return false;
}
$mailer = new PHPMailer();
if ($heskSettings['smtp']) {
$mailer->isSMTP();
$mailer->SMTPAuth = true;
//-- We'll set this explicitly below if the user has it enabled.
$mailer->SMTPAutoTLS = false;
if ($heskSettings['smtp_ssl']) {
$mailer->SMTPSecure = "ssl";
} elseif ($heskSettings['smtp_tls']) {

2
api/BusinessLogic/Emails/EmailBuilder.php
View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Emails;
use BusinessLogic\Tickets\Attachment;
class EmailBuilder extends \BaseClass {
class EmailBuilder {
/**
* @var $to string[]
*/

6
api/BusinessLogic/Emails/EmailSenderHelper.php
View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Emails;
use BusinessLogic\Tickets\Ticket;
class EmailSenderHelper extends \BaseClass {
class EmailSenderHelper {
/**
* @var $emailTemplateParser EmailTemplateParser
*/
@ -21,9 +21,7 @@ class EmailSenderHelper extends \BaseClass {
*/
private $mailgunEmailSender;
function __construct(EmailTemplateParser $emailTemplateParser,
BasicEmailSender $basicEmailSender,
MailgunEmailSender $mailgunEmailSender) {
function __construct($emailTemplateParser, $basicEmailSender, $mailgunEmailSender) {
$this->emailTemplateParser = $emailTemplateParser;
$this->basicEmailSender = $basicEmailSender;
$this->mailgunEmailSender = $mailgunEmailSender;

2
api/BusinessLogic/Emails/EmailTemplate.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class EmailTemplate extends \BaseClass {
class EmailTemplate {
/**
* @var $languageKey string
*/

82
api/BusinessLogic/Emails/EmailTemplateParser.php
View File

@ -3,19 +3,17 @@
namespace BusinessLogic\Emails;
use BusinessLogic\Exceptions\ApiFriendlyException;
use BusinessLogic\Exceptions\EmailTemplateNotFoundException;
use BusinessLogic\Exceptions\InvalidEmailTemplateException;
use BusinessLogic\Helpers;
use BusinessLogic\Security\UserContext;
use BusinessLogic\Statuses\DefaultStatusForAction;
use BusinessLogic\Tickets\Ticket;
use Core\Constants\Priority;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Logging\LoggingGateway;
use DataAccess\Security\UserGateway;
use DataAccess\Statuses\StatusGateway;
class EmailTemplateParser extends \BaseClass {
class EmailTemplateParser {
/**
* @var $statusGateway StatusGateway
@ -37,21 +35,11 @@ class EmailTemplateParser extends \BaseClass {
*/
private $emailTemplateRetriever;
/**
* @var $logger LoggingGateway
*/
private $logger;
function __construct(StatusGateway $statusGateway,
CategoryGateway $categoryGateway,
UserGateway $userGateway,
EmailTemplateRetriever $emailTemplateRetriever,
LoggingGateway $loggingGateway) {
function __construct($statusGateway, $categoryGateway, $userGateway, $emailTemplateRetriever) {
$this->statusGateway = $statusGateway;
$this->categoryGateway = $categoryGateway;
$this->userGateway = $userGateway;
$this->emailTemplateRetriever = $emailTemplateRetriever;
$this->logger = $loggingGateway;
}
/**
@ -62,7 +50,6 @@ class EmailTemplateParser extends \BaseClass {
* @param $modsForHeskSettings array
* @return ParsedEmailProperties
* @throws InvalidEmailTemplateException
* @throws \Exception
*/
function getFormattedEmailForLanguage($templateId, $languageCode, $ticket, $heskSettings, $modsForHeskSettings) {
global $hesklang;
@ -86,10 +73,10 @@ class EmailTemplateParser extends \BaseClass {
}
if ($fullLanguageName === null) {
throw new \BaseException("Language code {$languageCode} did not return any valid HESK languages!");
throw new \Exception("Language code {$languageCode} did not return any valid HESK languages!");
}
$subject = $this->parseSubject($subject, $ticket, $fullLanguageName, $heskSettings, $modsForHeskSettings);
$subject = $this->parseSubject($subject, $ticket, $fullLanguageName, $heskSettings);
$message = $this->parseMessage($template, $ticket, $fullLanguageName, $emailTemplate->forStaff, $heskSettings, $modsForHeskSettings, false);
$htmlMessage = $this->parseMessage($htmlTemplate, $ticket, $fullLanguageName, $emailTemplate->forStaff, $heskSettings, $modsForHeskSettings, true);
@ -126,11 +113,11 @@ class EmailTemplateParser extends \BaseClass {
* @return string
* @throws \Exception if common.inc.php isn't loaded
*/
private function parseSubject($subjectTemplate, $ticket, $language, $heskSettings, $modsForHeskSettings) {
private function parseSubject($subjectTemplate, $ticket, $language, $heskSettings) {
global $hesklang;
if (!function_exists('hesk_msgToPlain')) {
throw new \BaseException("common.inc.php not loaded!");
throw new \Exception("common.inc.php not loaded!");
}
if ($ticket === null) {
@ -139,25 +126,8 @@ class EmailTemplateParser extends \BaseClass {
// Status name and category name
$defaultStatus = $this->statusGateway->getStatusForDefaultAction(DefaultStatusForAction::NEW_TICKET, $heskSettings);
if (key_exists($language, $defaultStatus->localizedNames)) {
$statusName = $defaultStatus->localizedNames[$language];
} elseif (key_exists('English', $defaultStatus->localizedNames)) {
$statusName = $defaultStatus->localizedNames['English'];
$this->logger->logWarning('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}' and language '{$language}'. Defaulted to English.", "", new UserContext(), $heskSettings);
} else {
$statusName = "[ERROR: No localized status found for status '{$defaultStatus->id}']";
$this->logger->logError('EmailTemplateParser', "No localized status found for status '{$defaultStatus->id}'", "", new UserContext(), $heskSettings);
}
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === $ticket->categoryId) {
$category = $innerCategory;
break;
}
}
$statusName = $defaultStatus->localizedNames[$language];
$category = $this->categoryGateway->getAllCategories($heskSettings)[$ticket->categoryId];
switch ($ticket->priorityId) {
case Priority::CRITICAL:
@ -199,7 +169,7 @@ class EmailTemplateParser extends \BaseClass {
global $hesklang;
if (!function_exists('hesk_msgToPlain')) {
throw new \BaseException("common.inc.php not loaded!");
throw new \Exception("common.inc.php not loaded!");
}
if ($ticket === null) {
@ -219,20 +189,8 @@ class EmailTemplateParser extends \BaseClass {
// Status name and category name
$defaultStatus = $this->statusGateway->getStatusForDefaultAction(DefaultStatusForAction::NEW_TICKET, $heskSettings);
$statusName = hesk_msgToPlain($defaultStatus->localizedNames[$language]);
$categories = $this->categoryGateway->getAllCategories($heskSettings, $modsForHeskSettings);
$category = null;
foreach ($categories as $innerCategory) {
if ($innerCategory->id === $ticket->categoryId) {
$category = $innerCategory;
break;
}
}
$category = hesk_msgToPlain($category->name);
$owner = $this->userGateway->getUserById($ticket->ownerId, $heskSettings);
$ownerName = $owner === null ? $hesklang['unas'] : hesk_msgToPlain($owner->name);
$category = hesk_msgToPlain($this->categoryGateway->getAllCategories($heskSettings)[$ticket->categoryId]->name);
$owner = hesk_msgToPlain($this->userGateway->getUserById($ticket->ownerId, $heskSettings)->name);
switch ($ticket->priorityId) {
case Priority::CRITICAL:
@ -259,26 +217,14 @@ class EmailTemplateParser extends \BaseClass {
$msg = str_replace('%%TRACK_URL%%', $trackingURL, $msg);
$msg = str_replace('%%SITE_TITLE%%', $heskSettings['site_title'], $msg);
$msg = str_replace('%%SITE_URL%%', $heskSettings['site_url'], $msg);
$msg = str_replace('%%FIRST_NAME%%', Helpers::fullNameToFirstName($ticket->name), $msg);
$msg = str_replace('%%CATEGORY%%', $category, $msg);
$msg = str_replace('%%PRIORITY%%', $priority, $msg);
$msg = str_replace('%%OWNER%%', $ownerName, $msg);
$msg = str_replace('%%OWNER%%', $owner, $msg);
$msg = str_replace('%%STATUS%%', $statusName, $msg);
$msg = str_replace('%%EMAIL%%', implode(';', $ticket->email), $msg);
$msg = str_replace('%%EMAIL%%', implode(';',$ticket->email), $msg);
$msg = str_replace('%%CREATED%%', $ticket->dateCreated, $msg);
$msg = str_replace('%%UPDATED%%', $ticket->lastChanged, $msg);
$msg = str_replace('%%ID%%', $ticket->id, $msg);
$msg = str_replace('%%TIME_WORKED%%', $ticket->timeWorked, $msg);
$lastReplyBy = '';
// Get the last reply by
if (!empty($ticket->lastReplier)) {
$lastReplyBy = $ticket->lastReplier;
} else {
$lastReplyBy = $ticket->name;
}
$msg = str_replace('%%LAST_REPLY_BY%%', $lastReplyBy, $msg);
/* All custom fields */
for ($i=1; $i<=50; $i++) {

2
api/BusinessLogic/Emails/EmailTemplateRetriever.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Emails;
class EmailTemplateRetriever extends \BaseClass {
class EmailTemplateRetriever {
/**
* @var $validTemplates EmailTemplate[]
*/

10
api/BusinessLogic/Emails/MailgunEmailSender.php
View File

@ -7,7 +7,7 @@ use BusinessLogic\Tickets\Attachment;
use BusinessLogic\Tickets\Ticket;
use Mailgun\Mailgun;
class MailgunEmailSender extends \BaseClass implements EmailSender {
class MailgunEmailSender implements EmailSender {
function sendEmail($emailBuilder, $heskSettings, $modsForHeskSettings, $sendAsHtml) {
$mailgunArray = array();
@ -18,11 +18,11 @@ class MailgunEmailSender extends \BaseClass implements EmailSender {
$mailgunArray['to'] = implode(',', $emailBuilder->to);
if ($emailBuilder->cc !== null && count($emailBuilder->cc) > 0) {
if ($emailBuilder->cc !== null) {
$mailgunArray['cc'] = implode(',', $emailBuilder->cc);
}
if ($emailBuilder->bcc !== null && count($emailBuilder->bcc) > 0) {
if ($emailBuilder->bcc !== null) {
$mailgunArray['bcc'] = implode(',', $emailBuilder->bcc);
}
@ -55,9 +55,7 @@ class MailgunEmailSender extends \BaseClass implements EmailSender {
}
private function sendMessage($mailgunArray, $attachments, $modsForHeskSettings) {
$ssl = !defined('NO_MAILGUN_SSL');
$messageClient = new Mailgun($modsForHeskSettings['mailgun_api_key'], 'api.mailgun.net', 'v2', $ssl);
$messageClient = new Mailgun($modsForHeskSettings['mailgun_api_key']);
$mailgunAttachments = array();
if (count($attachments) > 0) {

8
api/BusinessLogic/Emails/ParsedEmailProperties.php
View File

@ -1,9 +1,15 @@
<?php
/**
* Created by PhpStorm.
* User: mkoch
* Date: 2/28/2017
* Time: 9:36 PM
*/
namespace BusinessLogic\Emails;
class ParsedEmailProperties extends \BaseClass {
class ParsedEmailProperties {
function __construct($subject, $message, $htmlMessage) {
$this->subject = $subject;
$this->message = $message;

2
api/BusinessLogic/Exceptions/ApiFriendlyException.php
View File

@ -5,7 +5,7 @@ namespace BusinessLogic\Exceptions;
use Exception;
class ApiFriendlyException extends \BaseException {
class ApiFriendlyException extends Exception {
public $title;
public $httpResponseCode;

4
api/BusinessLogic/Exceptions/MissingAuthenticationTokenException.php
View File

@ -4,8 +4,8 @@ namespace BusinessLogic\Exceptions;
class MissingAuthenticationTokenException extends ApiFriendlyException {
function __construct() {
parent::__construct("An 'X-Auth-Token' is required for this request",
parent::__construct("An 'X-Auth-Token' is required for all requests",
'Security Exception',
401);
400);
}
}

217
api/BusinessLogic/Helpers.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic;
class Helpers extends \BaseClass {
class Helpers {
static function getHeader($key) {
$headers = getallheaders();
@ -26,219 +26,4 @@ class Helpers extends \BaseClass {
? $array[$key]
: null;
}
static function boolval($val) {
return $val == true;
}
static function heskHtmlSpecialCharsDecode($in) {
return str_replace(array('&amp;', '&lt;', '&gt;', '&quot;'), array('&', '<', '>', '"'), $in);
}
static function heskMakeUrl($text, $class = '', $shortenLinks = true) {
if (!defined('MAGIC_URL_EMAIL')) {
define('MAGIC_URL_EMAIL', 1);
define('MAGIC_URL_FULL', 2);
define('MAGIC_URL_LOCAL', 3);
define('MAGIC_URL_WWW', 4);
}
$class = ($class) ? ' class="' . $class . '"' : '';
// matches a xxxx://aaaaa.bbb.cccc. ...
$text = preg_replace_callback(
'#(^|[\n\t (>.])(' . "[a-z][a-z\d+]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?" . ')#iu',
function($matches) use ($class, $shortenLinks) {
return self::makeClickableCallback(MAGIC_URL_FULL, $matches[1], $matches[2], '', $class, $shortenLinks);
},
$text
);
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
$text = preg_replace_callback(
'#(^|[\n\t (>])(' . "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?" . ')#iu',
function($matches) use ($class, $shortenLinks) {
return self::makeClickableCallback(MAGIC_URL_WWW, $matches[1], $matches[2], '', $class, $shortenLinks);
},
$text
);
// matches an email address
$text = preg_replace_callback(
'/(^|[\n\t (>])(' . '((?:[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+)@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)' . ')/iu',
function($matches) use ($class, $shortenLinks) {
return self::makeClickableCallback(MAGIC_URL_EMAIL, $matches[1], $matches[2], '', $class, $shortenLinks);
},
$text
);
return $text;
}
static function makeClickableCallback($type, $whitespace, $url, $relative_url, $class, $shortenLinks)
{
global $hesk_settings;
$orig_url = $url;
$orig_relative = $relative_url;
$append = '';
$url = htmlspecialchars_decode($url);
$relative_url = htmlspecialchars_decode($relative_url);
// make sure no HTML entities were matched
$chars = array('<', '>', '"');
$split = false;
foreach ($chars as $char) {
$next_split = strpos($url, $char);
if ($next_split !== false) {
$split = ($split !== false) ? min($split, $next_split) : $next_split;
}
}
if ($split !== false) {
// an HTML entity was found, so the URL has to end before it
$append = substr($url, $split) . $relative_url;
$url = substr($url, 0, $split);
$relative_url = '';
} else if ($relative_url) {
// same for $relative_url
$split = false;
foreach ($chars as $char) {
$next_split = strpos($relative_url, $char);
if ($next_split !== false) {
$split = ($split !== false) ? min($split, $next_split) : $next_split;
}
}
if ($split !== false) {
$append = substr($relative_url, $split);
$relative_url = substr($relative_url, 0, $split);
}
}
// if the last character of the url is a punctuation mark, exclude it from the url
$last_char = ($relative_url) ? $relative_url[strlen($relative_url) - 1] : $url[strlen($url) - 1];
switch ($last_char) {
case '.':
case '?':
case '!':
case ':':
case ',':
$append = $last_char;
if ($relative_url) {
$relative_url = substr($relative_url, 0, -1);
} else {
$url = substr($url, 0, -1);
}
break;
// set last_char to empty here, so the variable can be used later to
// check whether a character was removed
default:
$last_char = '';
break;
}
$short_url = ($hesk_settings['short_link'] && strlen($url) > 70 && $shortenLinks) ? substr($url, 0, 54) . ' ... ' . substr($url, -10) : $url;
switch ($type) {
case MAGIC_URL_LOCAL:
$tag = 'l';
$relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url));
$url = $url . '/' . $relative_url;
$text = $relative_url;
// this url goes to http://domain.tld/path/to/board/ which
// would result in an empty link if treated as local so
// don't touch it and let MAGIC_URL_FULL take care of it.
if (!$relative_url) {
return $whitespace . $orig_url . '/' . $orig_relative; // slash is taken away by relative url pattern
}
break;
case MAGIC_URL_FULL:
$tag = 'm';
$text = $short_url;
break;
case MAGIC_URL_WWW:
$tag = 'w';
$url = 'http://' . $url;
$text = $short_url;
break;
case MAGIC_URL_EMAIL:
$tag = 'e';
$text = $short_url;
$url = 'mailto:' . $url;
break;
}
$url = htmlspecialchars($url);
$text = htmlspecialchars($text);
$append = htmlspecialchars($append);
$html = "$whitespace<a href=\"$url\" target=\"blank\" $class>$text</a>$append";
return $html;
} // END make_clickable_callback()
static function fullNameToFirstName($full_name) {
$name_parts = explode(' ', $full_name);
// Only one part, return back the original
if (count($name_parts) < 2){
return $full_name;
}
$first_name = self::heskMbStrToLower($name_parts[0]);
// Name prefixes without dots
$prefixes = array('mr', 'ms', 'mrs', 'miss', 'dr', 'rev', 'fr', 'sr', 'prof', 'sir');
if (in_array($first_name, $prefixes) || in_array($first_name, array_map(function ($i) {return $i . '.';}, $prefixes))) {
if(isset($name_parts[2])) {
// Mr James Smith -> James
$first_name = $name_parts[1];
} else {
// Mr Smith (no first name given)
return $full_name;
}
}
// Detect LastName, FirstName
if (self::heskMbSubstr($first_name, -1, 1) == ',') {
if (count($name_parts) == 2) {
$first_name = $name_parts[1];
} else {
return $full_name;
}
}
// If the first name doesn't have at least 3 chars, return the original
if(self::heskMbStrlen($first_name) < 3) {
return $full_name;
}
// Return the name with first character uppercase
return self::heskUcfirst($first_name);
}
static function heskMbStrToLower($in) {
return function_exists('mb_strtolower') ? mb_strtolower($in) : strtolower($in);
}
static function heskMbStrlen($in) {
return function_exists('mb_strlen') ? mb_strlen($in, 'UTF-8') : strlen($in);
}
static function heskMbSubstr($in, $start, $length) {
return function_exists('mb_substr') ? mb_substr($in, $start, $length, 'UTF-8') : substr($in, $start, $length);
}
static function heskUcfirst($in) {
return function_exists('mb_convert_case') ? mb_convert_case($in, MB_CASE_TITLE, 'UTF-8') : ucfirst($in);
}
}

2
api/BusinessLogic/Navigation/CustomNavElement.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class CustomNavElement extends \BaseClass {
class CustomNavElement {
/* @var $id int*/
public $id;

4
api/BusinessLogic/Navigation/CustomNavElementHandler.php
View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Navigation;
use BusinessLogic\Exceptions\ApiFriendlyException;
use DataAccess\Navigation\CustomNavElementGateway;
class CustomNavElementHandler extends \BaseClass {
class CustomNavElementHandler {
/* @var $customNavElementGateway CustomNavElementGateway */
private $customNavElementGateway;
function __construct(CustomNavElementGateway $customNavElementGateway) {
function __construct($customNavElementGateway) {
$this->customNavElementGateway = $customNavElementGateway;
}

2
api/BusinessLogic/Navigation/CustomNavElementPlace.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class CustomNavElementPlace extends \BaseClass {
class CustomNavElementPlace {
const HOMEPAGE_BLOCK = 1;
const CUSTOMER_NAVIGATION = 2;
const ADMIN_NAVIGATION = 3;

2
api/BusinessLogic/Navigation/Direction.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Navigation;
class Direction extends \BaseClass {
class Direction {
const UP = 'up';
const DOWN = 'down';
}

4
api/BusinessLogic/Security/BanRetriever.php
View File

@ -5,13 +5,13 @@ namespace BusinessLogic\Security;
use DataAccess\Security\BanGateway;
class BanRetriever extends \BaseClass {
class BanRetriever {
/**
* @var BanGateway
*/
private $banGateway;
function __construct(BanGateway $banGateway) {
function __construct($banGateway) {
$this->banGateway = $banGateway;
}

2
api/BusinessLogic/Security/BannedEmail.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class BannedEmail extends \BaseClass {
class BannedEmail {
/**
* @var int
*/

2
api/BusinessLogic/Security/BannedIp.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class BannedIp extends \BaseClass {
class BannedIp {
/**
* @var int
*/

23
api/BusinessLogic/Security/PermissionChecker.php
View File

@ -1,23 +0,0 @@
<?php
namespace BusinessLogic\Security;
class PermissionChecker extends \BaseClass {
/**
* @param $userContext UserContext
* @param $permission string
* @return bool
*/
function doesUserHavePermission($userContext, $permission) {
if ($userContext->admin) {
return true;
}
if (in_array($permission, $userContext->permissions)) {
return true;
}
return false;
}
}

55
api/BusinessLogic/Security/UserContext.php
View File

@ -3,9 +3,7 @@
namespace BusinessLogic\Security;
use BusinessLogic\Helpers;
class UserContext extends \BaseClass {
class UserContext {
/* @var $id int */
public $id;
@ -57,25 +55,6 @@ class UserContext extends \BaseClass {
/* @var $active bool */
public $active;
function isAnonymousUser() {
return $this->id === -1;
}
static function buildAnonymousUser() {
$userContext = new UserContext();
$userContext->id = -1;
$userContext->username = "API - ANONYMOUS USER"; // Usernames can't have spaces, so no one will take this username
$userContext->admin = false;
$userContext->name = "ANONYMOUS USER";
$userContext->email = "anonymous-user@example.com";
$userContext->categories = array();
$userContext->permissions = array();
$userContext->autoAssign = false;
$userContext->active = true;
return $userContext;
}
/**
* Builds a user context based on the current session. **The session must be active!**
* @param $dataRow array the $_SESSION superglobal or the hesk_users result set
@ -85,7 +64,7 @@ class UserContext extends \BaseClass {
$userContext = new UserContext();
$userContext->id = intval($dataRow['id']);
$userContext->username = $dataRow['user'];
$userContext->admin = Helpers::boolval($dataRow['isadmin']);
$userContext->admin = boolval($dataRow['isadmin']);
$userContext->name = $dataRow['name'];
$userContext->email = $dataRow['email'];
$userContext->signature = $dataRow['signature'];
@ -96,34 +75,34 @@ class UserContext extends \BaseClass {
$userContext->categories = explode(',', $dataRow['categories']);
}
$userContext->permissions = explode(',', $dataRow['heskprivileges']);
$userContext->autoAssign = Helpers::boolval($dataRow['autoassign']);
$userContext->autoAssign = boolval($dataRow['autoassign']);
$userContext->ratingNegative = intval($dataRow['ratingneg']);
$userContext->ratingPositive = intval($dataRow['ratingpos']);
$userContext->rating = floatval($dataRow['rating']);
$userContext->totalNumberOfReplies = intval($dataRow['replies']);
$userContext->active = Helpers::boolval($dataRow['active']);
$userContext->active = boolval($dataRow['active']);
$preferences = new UserContextPreferences();
$preferences->afterReply = intval($dataRow['afterreply']);
$preferences->autoStartTimeWorked = Helpers::boolval($dataRow['autostart']);
$preferences->autoStartTimeWorked = boolval($dataRow['autostart']);
$preferences->autoreload = intval($dataRow['autoreload']);
$preferences->defaultNotifyCustomerNewTicket = Helpers::boolval($dataRow['notify_customer_new']);
$preferences->defaultNotifyCustomerReply = Helpers::boolval($dataRow['notify_customer_reply']);
$preferences->showSuggestedKnowledgebaseArticles = Helpers::boolval($dataRow['show_suggested']);
$preferences->defaultNotifyCustomerNewTicket = boolval($dataRow['notify_customer_new']);
$preferences->defaultNotifyCustomerReply = boolval($dataRow['notify_customer_reply']);
$preferences->showSuggestedKnowledgebaseArticles = boolval($dataRow['show_suggested']);
$preferences->defaultCalendarView = intval($dataRow['default_calendar_view']);
$preferences->defaultTicketView = $dataRow['default_list'];
$userContext->preferences = $preferences;
$notifications = new UserContextNotifications();
$notifications->newUnassigned = Helpers::boolval($dataRow['notify_new_unassigned']);
$notifications->newAssignedToMe = Helpers::boolval($dataRow['notify_new_my']);
$notifications->replyUnassigned = Helpers::boolval($dataRow['notify_reply_unassigned']);
$notifications->replyToMe = Helpers::boolval($dataRow['notify_reply_my']);
$notifications->ticketAssignedToMe = Helpers::boolval($dataRow['notify_assigned']);
$notifications->privateMessage = Helpers::boolval($dataRow['notify_pm']);
$notifications->noteOnTicketAssignedToMe = Helpers::boolval($dataRow['notify_note']);
$notifications->noteOnTicketNotAssignedToMe = Helpers::boolval($dataRow['notify_note_unassigned']);
$notifications->overdueTicketUnassigned = Helpers::boolval($dataRow['notify_overdue_unassigned']);
$notifications->newUnassigned = boolval($dataRow['notify_new_unassigned']);
$notifications->newAssignedToMe = boolval($dataRow['notify_new_my']);
$notifications->replyUnassigned = boolval($dataRow['notify_reply_unassigned']);
$notifications->replyToMe = boolval($dataRow['notify_reply_my']);
$notifications->ticketAssignedToMe = boolval($dataRow['notify_assigned']);
$notifications->privateMessage = boolval($dataRow['notify_pm']);
$notifications->noteOnTicketAssignedToMe = boolval($dataRow['notify_note']);
$notifications->noteOnTicketNotAssignedToMe = boolval($dataRow['notify_note_unassigned']);
$notifications->overdueTicketUnassigned = boolval($dataRow['notify_overdue_unassigned']);
$userContext->notificationSettings = $notifications;
return $userContext;

4
api/BusinessLogic/Security/UserContextBuilder.php
View File

@ -8,13 +8,13 @@ use BusinessLogic\Exceptions\MissingAuthenticationTokenException;
use BusinessLogic\Helpers;
use DataAccess\Security\UserGateway;
class UserContextBuilder extends \BaseClass {
class UserContextBuilder {
/**
* @var UserGateway
*/
private $userGateway;
function __construct(UserGateway $userGateway) {
function __construct($userGateway) {
$this->userGateway = $userGateway;
}

2
api/BusinessLogic/Security/UserContextNotifications.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class UserContextNotifications extends \BaseClass {
class UserContextNotifications {
public $newUnassigned;
public $newAssignedToMe;
public $replyUnassigned;

2
api/BusinessLogic/Security/UserContextPreferences.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Security;
class UserContextPreferences extends \BaseClass {
class UserContextPreferences {
public $afterReply;
public $autoStartTimeWorked;
public $autoreload;

8
api/BusinessLogic/Security/UserPrivilege.php
View File

@ -9,15 +9,9 @@
namespace BusinessLogic\Security;
class UserPrivilege extends \BaseClass {
class UserPrivilege {
const CAN_VIEW_TICKETS = 'can_view_tickets';
const CAN_REPLY_TO_TICKETS = 'can_reply_tickets';
const CAN_EDIT_TICKETS = 'can_edit_tickets';
const CAN_DELETE_TICKETS = 'can_del_tickets';
const CAN_MANAGE_CATEGORIES = 'can_man_cat';
const CAN_VIEW_ASSIGNED_TO_OTHER = 'can_view_ass_others';
const CAN_VIEW_UNASSIGNED = 'can_view_unassigned';
const CAN_VIEW_ASSIGNED_BY_ME = 'can_view_ass_by';
const CAN_MANAGE_SERVICE_MESSAGES = 'can_service_msg';
const CAN_CHANGE_DUE_DATE = 'can_change_due_date';
}

15
api/BusinessLogic/Security/UserToTicketChecker.php
View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Security;
use BusinessLogic\Tickets\Ticket;
use DataAccess\Security\UserGateway;
class UserToTicketChecker extends \BaseClass {
class UserToTicketChecker {
/* @var $userGateway UserGateway */
private $userGateway;
function __construct(UserGateway $userGateway) {
function __construct($userGateway) {
$this->userGateway = $userGateway;
}
@ -27,18 +27,13 @@ class UserToTicketChecker extends \BaseClass {
return true;
}
if (in_array(UserPrivilege::CAN_VIEW_ASSIGNED_BY_ME, $user->permissions) &&
$ticket->assignedBy === $user->id) {
return true;
}
if (!in_array($ticket->categoryId, $user->categories)) {
return false;
}
$categoryManager = $this->userGateway->getManagerForCategory($ticket->categoryId, $heskSettings);
if ($categoryManager !== null && $user->id === $categoryManager->id) {
$categoryManagerId = $this->userGateway->getManagerForCategory($ticket->categoryId, $heskSettings);
if ($user->id === $categoryManagerId) {
return true;
}

12
api/BusinessLogic/ServiceMessages/GetServiceMessagesFilter.php
View File

@ -1,12 +0,0 @@
<?php
namespace BusinessLogic\ServiceMessages;
class GetServiceMessagesFilter {
/* @var $includeStaffServiceMessages bool */
public $includeStaffServiceMessages = true;
/* @var $includeDrafts bool */
public $includeDrafts = true;
}

39
api/BusinessLogic/ServiceMessages/ServiceMessage.php
View File

@ -1,39 +0,0 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessage extends \BaseClass {
/* @var $id int */
public $id;
/* @var $dateCreated string */
public $dateCreated;
/* @var $createdBy int */
public $createdBy;
/* @var $title string */
public $title;
/* @var $message string */
public $message;
/* @var $style string */
public $style;
/* @var $published bool */
public $published;
/* @var $order int */
public $order;
/* @var $icon string */
public $icon;
/* @var $locations string[] */
public $locations;
/* @var $language string */
public $language;
}

164
api/BusinessLogic/ServiceMessages/ServiceMessageHandler.php
View File

@ -1,164 +0,0 @@
<?php
namespace BusinessLogic\ServiceMessages;
// TODO Test
use BusinessLogic\Exceptions\ValidationException;
use BusinessLogic\Navigation\Direction;
use BusinessLogic\ValidationModel;
use DataAccess\ServiceMessages\ServiceMessagesGateway;
class ServiceMessageHandler extends \BaseClass {
/* @var $serviceMessageGateway ServiceMessagesGateway */
private $serviceMessageGateway;
function __construct(ServiceMessagesGateway $serviceMessagesGateway) {
$this->serviceMessageGateway = $serviceMessagesGateway;
}
function createServiceMessage($serviceMessage, $heskSettings) {
$this->validate($serviceMessage, $heskSettings);
if ($serviceMessage->icon === null) {
switch ($serviceMessage->style) {
case ServiceMessageStyle::NONE:
$serviceMessage->icon = '';
break;
case ServiceMessageStyle::INFO:
$serviceMessage->icon = 'fa fa-comment';
break;
case ServiceMessageStyle::NOTICE:
$serviceMessage->icon = 'fa fa-exclamation-triangle';
break;
case ServiceMessageStyle::ERROR:
$serviceMessage->icon = 'fa fa-times-circle';
break;
case ServiceMessageStyle::SUCCESS:
$serviceMessage->icon = 'fa fa-check-circle';
break;
}
}
return $this->serviceMessageGateway->createServiceMessage($serviceMessage, $heskSettings);
}
function getServiceMessages($heskSettings, $searchFilter) {
return $this->serviceMessageGateway->getServiceMessages($heskSettings, $searchFilter);
}
function editServiceMessage($serviceMessage, $heskSettings) {
$this->validate($serviceMessage, $heskSettings, false);
if ($serviceMessage->icon === null) {
switch ($serviceMessage->style) {
case ServiceMessageStyle::NONE:
$serviceMessage->icon = '';
break;
case ServiceMessageStyle::INFO:
$serviceMessage->icon = 'fa fa-comment';
break;
case ServiceMessageStyle::NOTICE:
$serviceMessage->icon = 'fa fa-exclamation-triangle';
break;
case ServiceMessageStyle::ERROR:
$serviceMessage->icon = 'fa fa-times-circle';
break;
case ServiceMessageStyle::SUCCESS:
$serviceMessage->icon = 'fa fa-check-circle';
break;
}
}
return $this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
}
function deleteServiceMessage($id, $heskSettings) {
$this->serviceMessageGateway->deleteServiceMessage($id, $heskSettings);
}
function sortServiceMessage($id, $direction, $heskSettings) {
$serviceMessages = $this->serviceMessageGateway->getServiceMessages($heskSettings, new GetServiceMessagesFilter());
$serviceMessage = null;
foreach ($serviceMessages as $innerServiceMessage) {
if (intval($innerServiceMessage->id) === intval($id)) {
$serviceMessage = $innerServiceMessage;
break;
}
}
if ($serviceMessage === null) {
throw new \BaseException("Could not find service message with ID {$id}!");
}
if ($direction === Direction::UP) {
$serviceMessage->order -= 15;
} else {
$serviceMessage->order += 15;
}
$this->serviceMessageGateway->updateServiceMessage($serviceMessage, $heskSettings);
$this->serviceMessageGateway->resortAllServiceMessages($heskSettings);
}
/**
* @param $serviceMessage ServiceMessage
* @param bool $isNew
* @throws ValidationException
*/
private function validate($serviceMessage, $heskSettings, $isNew = true) {
$validationModel = new ValidationModel();
if ($isNew && $serviceMessage->createdBy < 1) {
$validationModel->errorKeys[] = 'MISSING_CREATOR';
}
if ($serviceMessage->message === null || trim($serviceMessage->message) === '') {
$validationModel->errorKeys[] = 'MISSING_MESSAGE';
} else {
$htmlPurifier = new \HeskHTMLPurifier($heskSettings['cache_dir']);
$serviceMessage->message = $htmlPurifier->heskPurify($serviceMessage->message);
}
if ($serviceMessage->language === null || trim($serviceMessage->language) === '') {
$validationModel->errorKeys[] = 'MISSING_LANGUAGE';
}
$languageFound = false;
foreach ($heskSettings['languages'] as $key => $value) {
if ($value['folder'] === $serviceMessage->language || $serviceMessage->language === 'ALL') {
$languageFound = true;
break;
}
}
if (!$languageFound && !in_array('MISSING_LANGUAGE', $validationModel->errorKeys)) {
$validationModel->errorKeys[] = 'LANGUAGE_NOT_INSTALLED';
}
if ($serviceMessage->title === null || trim($serviceMessage->title) === '') {
$validationModel->errorKeys[] = 'MISSING_TITLE';
}
if ($serviceMessage->style === null || trim($serviceMessage->style) === '') {
$validationModel->errorKeys[] = 'MISSING_STYLE';
}
try {
ServiceMessageStyle::getIdForStyle($serviceMessage->style);
} catch (\Exception $e) {
$validationModel->errorKeys[] = 'INVALID_STYLE';
}
if ($serviceMessage->locations === null || count($serviceMessage->locations) === 0) {
$validationModel->errorKeys[] = 'MISSING_LOCATIONS';
} else {
$locations = ServiceMessageLocation::getAll();
foreach ($serviceMessage->locations as $location) {
if (!in_array($location, $locations)) {
$validationModel->errorKeys[] = 'INVALID_LOCATION';
break;
}
}
}
if (count($validationModel->errorKeys) > 0) {
// Validation failed
throw new ValidationException($validationModel);
}
}
}

34
api/BusinessLogic/ServiceMessages/ServiceMessageLocation.php
View File

@ -1,34 +0,0 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessageLocation {
const CUSTOMER_HOME = 'CUSTOMER_HOME';
const CUSTOMER_KB_HOME = 'CUSTOMER_KB_HOME';
const CUSTOMER_VIEW_KB_ARTICLE = 'CUSTOMER_VIEW_KB_ARTICLE';
const CUSTOMER_SUBMIT_TICKET = 'CUSTOMER_SUBMIT_TICKET';
const CUSTOMER_VIEW_TICKET = 'CUSTOMER_VIEW_TICKET';
const STAFF_LOGIN = 'STAFF_LOGIN';
const STAFF_HOME = 'STAFF_HOME';
const STAFF_KB_HOME = 'STAFF_KB_HOME';
const STAFF_VIEW_KB_ARTICLE = 'STAFF_VIEW_KB_ARTICLE';
const STAFF_SUBMIT_TICKET = 'STAFF_SUBMIT_TICKET';
const STAFF_VIEW_TICKET = 'STAFF_VIEW_TICKET';
static function getAll() {
return array(
self::CUSTOMER_HOME,
self::CUSTOMER_KB_HOME,
self::CUSTOMER_VIEW_KB_ARTICLE,
self::CUSTOMER_SUBMIT_TICKET,
self::CUSTOMER_VIEW_TICKET,
self::STAFF_LOGIN,
self::STAFF_HOME,
self::STAFF_KB_HOME,
self::STAFF_VIEW_KB_ARTICLE,
self::STAFF_SUBMIT_TICKET,
self::STAFF_VIEW_TICKET,
);
}
}

44
api/BusinessLogic/ServiceMessages/ServiceMessageStyle.php
View File

@ -1,44 +0,0 @@
<?php
namespace BusinessLogic\ServiceMessages;
class ServiceMessageStyle {
const NONE = 'NONE'; // 0
const SUCCESS = 'SUCCESS'; // 1
const INFO = 'INFO'; // 2
const NOTICE = 'NOTICE'; // 3
const ERROR = 'ERROR'; // 4
static function getStyleById($id) {
$styles = array(
0 => self::NONE,
1 => self::SUCCESS,
2 => self::INFO,
3 => self::NOTICE,
4 => self::ERROR
);
if (!isset($styles[$id])) {
throw new \Exception("Style {$id} is not a valid service message style.");
}
return $styles[$id];
}
static function getIdForStyle($style) {
$styles = array(
self::NONE => 0,
self::SUCCESS => 1,
self::INFO => 2,
self::NOTICE => 3,
self::ERROR => 4
);
if (!isset($styles[$style])) {
throw new \Exception("Style {$style} is not a valid service message style.");
}
return $styles[$style];
}
}

4
api/BusinessLogic/Settings/ApiChecker.php
View File

@ -5,11 +5,11 @@ namespace BusinessLogic\Settings;
use DataAccess\Settings\ModsForHeskSettingsGateway;
class ApiChecker extends \BaseClass {
class ApiChecker {
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct(ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
function __construct($modsForHeskSettingsGateway) {
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}

4
api/BusinessLogic/Settings/SettingsRetriever.php
View File

@ -5,11 +5,11 @@ namespace BusinessLogic\Settings;
// TODO Test!
use DataAccess\Settings\ModsForHeskSettingsGateway;
class SettingsRetriever extends \BaseClass {
class SettingsRetriever {
/* @var $modsForHeskSettingsGateway ModsForHeskSettingsGateway */
private $modsForHeskSettingsGateway;
function __construct(ModsForHeskSettingsGateway $modsForHeskSettingsGateway) {
function __construct($modsForHeskSettingsGateway) {
$this->modsForHeskSettingsGateway = $modsForHeskSettingsGateway;
}

2
api/BusinessLogic/Statuses/Closable.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class Closable extends \BaseClass {
class Closable {
const YES = "yes";
const STAFF_ONLY = "sonly";
const CUSTOMERS_ONLY = "conly";

2
api/BusinessLogic/Statuses/DefaultStatusForAction.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class DefaultStatusForAction extends \BaseClass {
class DefaultStatusForAction {
const NEW_TICKET = "IsNewTicketStatus";
const CLOSED_STATUS = "IsClosed";
const CLOSED_BY_CLIENT = "IsClosedByClient";

2
api/BusinessLogic/Statuses/Status.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Statuses;
class Status extends \BaseClass {
class Status {
static function fromDatabase($row, $languageRs) {
$status = new Status();
$status->id = intval($row['ID']);

4
api/BusinessLogic/Statuses/StatusRetriever.php
View File

@ -6,11 +6,11 @@ namespace BusinessLogic\Statuses;
use DataAccess\Statuses\StatusGateway;
// TODO Test!
class StatusRetriever extends \BaseClass {
class StatusRetriever {
/* @var $statusGateway StatusGateway */
private $statusGateway;
function __construct(StatusGateway $statusGateway) {
function __construct($statusGateway) {
$this->statusGateway = $statusGateway;
}

2
api/BusinessLogic/Tickets/Attachment.php
View File

@ -3,7 +3,7 @@
namespace BusinessLogic\Tickets;
class Attachment extends \BaseClass {
class Attachment {
/**
* @var int
*/

24
api/BusinessLogic/Tickets/AuditTrail.php
View File

@ -1,24 +0,0 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrail extends \BaseClass {
/* @var $id int */
public $id;
/* @var $entityId int */
public $entityId;
/* @var $entityType string */
public $entityType;
/* @var $languageKey string */
public $languageKey;
/* @var $date string */
public $date;
/* @var $replacementValues string[] */
public $replacementValues;
}

9
api/BusinessLogic/Tickets/AuditTrailEntityType.php
View File

@ -1,9 +0,0 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrailEntityType extends \BaseClass {
const TICKET = 'TICKET';
const CALENDAR_EVENT = 'CALENDAR_EVENT';
}

9
api/BusinessLogic/Tickets/AuditTrailEvent.php
View File

@ -1,9 +0,0 @@
<?php
namespace BusinessLogic\Tickets;
class AuditTrailEvent extends \BaseClass {
const DUE_DATE_REMOVED = 'audit_due_date_removed';
const DUE_DATE_CHANGED = 'audit_due_date_changed';
}

5
api/BusinessLogic/Tickets/Autoassigner.php
View File

@ -8,15 +8,14 @@ use BusinessLogic\Security\UserPrivilege;
use DataAccess\Categories\CategoryGateway;
use DataAccess\Security\UserGateway;
class Autoassigner extends \BaseClass {
class Autoassigner {
/* @var $categoryGateway CategoryGateway */
private $categoryGateway;
/* @var $userGateway UserGateway */
private $userGateway;
function __construct(CategoryGateway $categoryGateway,
UserGateway $userGateway) {
function __construct($categoryGateway, $userGateway) {
$this->categoryGateway = $categoryGateway;
$this->userGateway = $userGateway;
}

Some files were not shown because too many files have changed in this diff Show More