function getDept()
{
if (!$this->dept && $this->getDeptId()) {
$this->dept = Dept::lookup($this->getDeptId());
}
return $this->dept;
}
if ($ticket->isClosed() && $wasOpen) {
$ticket = null;
}
} elseif (!$errors['err']) {
$errors['err'] = 'Unable to post the reply. Correct the errors below and try again!';
}
break;
case 'transfer':
/** Transfer ticket **/
//Check permission
if ($thisstaff && $thisstaff->canTransferTickets()) {
if (!$_POST['deptId']) {
$errors['deptId'] = 'Select department';
} elseif ($_POST['deptId'] == $ticket->getDeptId()) {
$errors['deptId'] = 'Ticket already in the Dept.';
} elseif (!($dept = Dept::lookup($_POST['deptId']))) {
$errors['deptId'] = 'Unknown or invalid department';
}
if (!$_POST['transfer_message']) {
$errors['transfer_message'] = 'Transfer comments/notes required';
} elseif (strlen($_POST['transfer_message']) < 5) {
$errors['transfer_message'] = 'Transfer comments too short!';
}
$currentDept = $ticket->getDeptName();
//save current dept name.
if (!$errors && $ticket->transfer($_POST['deptId'], $_POST['transfer_message'])) {
$msg = 'Ticket transferred successfully to ' . $ticket->getDeptName();
//ticket->transfer does a reload...new dept at this point.
$title = 'Dept. Transfer from ' . $currentDept . ' to ' . $ticket->getDeptName();
/*** log the message as internal note - with alerts disabled - ***/
$ticket->postNote($title, $_POST['transfer_message'], false);
function getNameById($id)
{
if ($id && ($dept = Dept::lookup($id))) {
$name = $dept->getName();
}
return $name;
}
function create($vars, &$errors, $origin, $autorespond = true, $alertstaff = true)
{
global $cfg, $thisclient, $_FILES;
//Make sure the email is not banned
if ($vars['email'] && EmailFilter::isBanned($vars['email'])) {
$errors['err'] = 'Ticket denied. Error #403';
Sys::log(LOG_WARNING, 'Ticket denied', 'Banned email - ' . $vars['email']);
return 0;
}
$id = 0;
$fields = array();
$fields['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required');
$fields['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$fields['subject'] = array('type' => 'string', 'required' => 1, 'error' => 'Subject required');
$fields['message'] = array('type' => 'text', 'required' => 1, 'error' => 'Message required');
switch (strtolower($origin)) {
case 'web':
$fields['topicId'] = array('type' => 'int', 'required' => 1, 'error' => 'Select help topic');
break;
case 'staff':
$fields['deptId'] = array('type' => 'int', 'required' => 1, 'error' => 'Dept. required');
$fields['topicId'] = array('type' => 'int', 'required' => 1, 'error' => 'Topic required');
$fields['duedate'] = array('type' => 'date', 'required' => 0, 'error' => 'Invalid date - must be MM/DD/YY');
case 'api':
$fields['source'] = array('type' => 'string', 'required' => 1, 'error' => 'Indicate source');
break;
case 'email':
$fields['emailId'] = array('type' => 'int', 'required' => 1, 'error' => 'Email unknown');
break;
default:
# TODO: Return error message
$errors['origin'] = 'Invalid origin given';
}
$fields['pri'] = array('type' => 'int', 'required' => 0, 'error' => 'Invalid Priority');
$fields['phone'] = array('type' => 'phone', 'required' => 0, 'error' => 'Valid phone # required');
if (!Validator::process($fields, $vars, $errors) && !$errors['err']) {
$errors['err'] = 'Missing or invalid data - check the errors and try again';
}
//Make sure phone extension is valid
if ($vars['phone_ext']) {
if (!is_numeric($vars['phone_ext']) && !$errors['phone']) {
$errors['phone'] = 'Invalid phone ext.';
} elseif (!$vars['phone']) {
//make sure they just didn't enter ext without phone # XXX: reconsider allowing!
$errors['phone'] = 'Phone number required';
}
}
//Make sure the due date is valid
if ($vars['duedate']) {
if (!$vars['time'] || strpos($vars['time'], ':') === false) {
$errors['time'] = 'Select time';
} elseif (strtotime($vars['duedate'] . ' ' . $vars['time']) === false) {
$errors['duedate'] = 'Invalid duedate';
} elseif (strtotime($vars['duedate'] . ' ' . $vars['time']) <= time()) {
$errors['duedate'] = 'Due date must be in the future';
}
}
//check attachment..if any is set ...only set on webbased tickets..
//XXX:?? Create ticket anyway and simply drop the attachments?? We're already doing so with emails.
if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments()) {
if (!$cfg->canUploadFileType($_FILES['attachment']['name'])) {
$errors['attachment'] = 'Invalid file type [ ' . Format::htmlchars($_FILES['attachment']['name']) . ' ]';
} elseif ($_FILES['attachment']['size'] > $cfg->getMaxFileSize()) {
$errors['attachment'] = 'File is too big. Max ' . $cfg->getMaxFileSize() . ' bytes allowed';
}
}
# Perform email filter actions on the new ticket arguments XXX: Move filter to the top and check for reject...
if (!$errors && ($ef = new EmailFilter($vars))) {
$ef->apply($vars);
}
# Some things will need to be unpacked back into the scope of this
# function
if (isset($vars['autorespond'])) {
$autorespond = $vars['autorespond'];
}
//check ticket limits..if limit set is >0
//TODO: Base ticket limits on SLA... XXX: move it elsewhere??
if ($vars['email'] && !$errors && $cfg->getMaxOpenTickets() > 0 && strcasecmp($origin, 'staff')) {
$openTickets = Ticket::getOpenTicketsByEmail($vars['email']);
if ($openTickets >= $cfg->getMaxOpenTickets()) {
$errors['err'] = "You've reached the maximum open tickets allowed.";
//Send the notice only once (when the limit is reached) incase of autoresponders at client end.
if ($cfg->getMaxOpenTickets() == $openTickets && $cfg->sendOverlimitNotice()) {
if ($vars['deptId']) {
$dept = Dept::lookup($vars['deptId']);
}
if (!$dept || !($tpl = $dept->getTemplate())) {
$tpl = $cfg->getDefaultTemplate();
}
if (!$dept || !($email = $dept->getAutoRespEmail())) {
$email = $cfg->getDefaultEmail();
}
if ($tpl && ($msg = $tpl->getOverlimitMsgTemplate()) && $email) {
$body = str_replace('%name', $vars['name'], $msg['body']);
$body = str_replace('%email', $vars['email'], $msg['body']);
$body = str_replace('%url', $cfg->getBaseUrl(), $body);
$body = str_replace('%signature', $dept && $dept->isPublic() ? $dept->getSignature() : '', $body);
$email->send($vars['email'], $msg['subj'], $body);
}
//Log + Alert admin...this might be spammy (no option to disable)...but it is helpful..I think.
$msg = 'Support ticket request denied for ' . $vars['email'] . "\n" . 'Open ticket:' . $openTickets . "\n" . 'Max Allowed:' . $cfg->getMaxOpenTickets() . "\n\nNotice only sent once";
Sys::log(LOG_CRIT, 'Overlimit Notice', $msg);
}
}
}
//Any error above is fatal.
if ($errors) {
return 0;
}
// OK...just do it.
$deptId = $vars['deptId'];
//pre-selected Dept if any.
$priorityId = $vars['pri'];
$source = ucfirst($vars['source']);
$topic = NULL;
// Intenal mapping magic...see if we need to overwrite anything
if (isset($vars['topicId']) && ($topic = Topic::lookup($vars['topicId']))) {
//Ticket created via web by user/or staff
$deptId = $deptId ? $deptId : $topic->getDeptId();
$priorityId = $priorityId ? $priorityId : $topic->getPriorityId();
if ($autorespond) {
$autorespond = $topic->autoRespond();
}
$source = $vars['source'] ? $vars['source'] : 'Web';
} elseif ($vars['emailId'] && !$vars['deptId'] && ($email = Email::lookup($vars['emailId']))) {
//Emailed Tickets
$deptId = $email->getDeptId();
$priorityId = $priorityId ? $priorityId : $email->getPriorityId();
if ($autorespond) {
$autorespond = $email->autoRespond();
}
$email = null;
$source = 'Email';
} elseif ($vars['deptId']) {
//Opened by staff.
$deptId = $vars['deptId'];
$source = ucfirst($vars['source']);
}
//Last minute checks
$priorityId = $priorityId ? $priorityId : $cfg->getDefaultPriorityId();
$deptId = $deptId ? $deptId : $cfg->getDefaultDeptId();
$topicId = $vars['topicId'] ? $vars['topicId'] : 0;
$ipaddress = $vars['ip'] ? $vars['ip'] : $_SERVER['REMOTE_ADDR'];
//We are ready son...hold on to the rails.
$extId = Ticket::genExtRandID();
$sql = 'INSERT INTO ' . TICKET_TABLE . ' SET created=NOW() ' . ' ,lastmessage= NOW()' . ' ,ticketID=' . db_input($extId) . ' ,dept_id=' . db_input($deptId) . ' ,topic_id=' . db_input($topicId) . ' ,priority_id=' . db_input($priorityId) . ' ,email=' . db_input($vars['email']) . ' ,name=' . db_input(Format::striptags($vars['name'])) . ' ,subject=' . db_input(Format::striptags($vars['subject'])) . ' ,phone="' . db_input($vars['phone'], false) . '"' . ' ,phone_ext=' . db_input($vars['phone_ext'] ? $vars['phone_ext'] : '') . ' ,ip_address=' . db_input($ipaddress) . ' ,source=' . db_input($source);
//Make sure the origin is staff - avoid firebug hack!
if ($vars['duedate'] && !strcasecmp($origin, 'staff')) {
$sql .= ' ,duedate=' . db_input(date('Y-m-d G:i', Misc::dbtime($vars['duedate'] . ' ' . $vars['time'])));
}
if (!db_query($sql) || !($id = db_insert_id()) || !($ticket = Ticket::lookup($id))) {
return null;
}
/* -------------------- POST CREATE ------------------------ */
$dept = $ticket->getDept();
if (!$cfg->useRandomIds()) {
//Sequential ticketIDs support really..really suck arse.
$extId = $id;
//To make things really easy we are going to use autoincrement ticket_id.
db_query('UPDATE ' . TICKET_TABLE . ' SET ticketID=' . db_input($extId) . ' WHERE ticket_id=' . $id . ' LIMIT 1');
//TODO: RETHING what happens if this fails?? [At the moment on failure random ID is used...making stuff usable]
}
//post the message.
$msgid = $ticket->postMessage($vars['message'], $source, $vars['mid'], $vars['header'], true);
//TODO: recover from postMessage error??
//Upload attachments...web based. - XXX: Assumes user uploaded attachments!! XXX: move it to client interface.
if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments() && $msgid) {
if (!$cfg->allowAttachmentsOnlogin() || $cfg->allowAttachmentsOnlogin() && ($thisuser && $thisuser->isValid())) {
$ticket->uploadAttachment($_FILES['attachment'], $msgid, 'M');
}
}
// Configure service-level-agreement for this ticket
$ticket->selectSLAId($vars['slaId']);
//Auto assign staff or team - auto assignment based on filter rules.
if ($vars['staffId'] && !$vars['assignId']) {
$ticket->assignToStaff($vars['staffId'], 'auto-assignment');
}
if ($vars['teamId'] && !$vars['assignId']) {
$ticket->assignToTeam($vars['teamId'], 'auto-assignment');
}
/********** double check auto-response ************/
//Overwrite auto responder if the FROM email is one of the internal emails...loop control.
if ($autorespond && Email::getIdByEmail($ticket->getEmail())) {
$autorespond = false;
}
if ($autorespond && $dept && !$dept->autoRespONNewTicket()) {
$autorespond = false;
}
# Messages that are clearly auto-responses from email systems should
# not have a return 'ping' message
if ($autorespond && $vars['header'] && EmailFilter::isAutoResponse(Mail_Parse::splitHeaders($vars['header']))) {
$autorespond = false;
}
//Don't auto respond to mailer daemons.
if ($autorespond && (strpos(strtolower($vars['email']), 'mailer-daemon@') !== false || strpos(strtolower($vars['email']), 'postmaster@') !== false)) {
$autorespond = false;
}
/***** See if we need to send some alerts ****/
$ticket->onNewTicket($vars['message'], $autorespond, $alertstaff);
return $ticket;
}
function setDeptId($deptId)
{
//Make sure it's a valid department//
if (!($dept = Dept::lookup($deptId)) || $dept->getId() == $this->getDeptId()) {
return false;
}
$sql = 'UPDATE ' . TICKET_TABLE . ' SET updated=NOW(), dept_id=' . db_input($deptId) . ' WHERE ticket_id=' . db_input($this->getId());
return db_query($sql) && db_affected_rows();
}
$warn = sprintf(__('%1$d of %2$d %3$s made PRIVATE'), $num, $count, _N('selected department', 'selected departments', $count));
}
} else {
$errors['err'] = sprintf(__('Unable to make %s private. Possibly already private!'), _N('selected department', 'selected departments', $count));
}
break;
case 'delete':
//Deny all deletes if one of the selections has members in it.
$sql = 'SELECT count(staff_id) FROM ' . STAFF_TABLE . ' WHERE dept_id IN (' . implode(',', db_input($_POST['ids'])) . ')';
list($members) = db_fetch_row(db_query($sql));
if ($members) {
$errors['err'] = __('Departments with agents can not be deleted. Move the agents first.');
} else {
$i = 0;
foreach ($_POST['ids'] as $k => $v) {
if ($v != $cfg->getDefaultDeptId() && ($d = Dept::lookup($v)) && $d->delete()) {
$i++;
}
}
if ($i && $i == $count) {
$msg = sprintf(__('Successfully deleted %s'), _N('selected department', 'selected departments', $count));
} elseif ($i > 0) {
$warn = sprintf(__('%1$d of %2$d %3$s deleted'), $i, $count, _N('selected department', 'selected departments', $count));
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Unable to delete %s.'), _N('selected department', 'selected departments', $count));
}
}
break;
default:
$errors['err'] = __('Unknown action - get technical help.');
}
<?php
require('staff.inc.php');
require_once(INCLUDE_DIR.'class.ticket.php');
require_once(INCLUDE_DIR.'class.dept.php');
if($_REQUEST['transferDeptId']==0)
{
echo ("not an available department");
}
else{
$dept=Dept::lookup($_REQUEST['transferDeptId']);
$count = count($_REQUEST['tids']);
$i=0;
foreach ($_REQUEST['tids'] as $tid) {
if (($ticket=Ticket::lookup($tid)))
{
$ticket->setDeptId($_REQUEST['transferDeptId']);
$ticket->setStaffId(0);
$ticket->setTeamId(0);
$ticket->setSLAId($dept->getSLAId());
if($ticket->getTeamId()==0&&$ticket->getStaffId()==0)
$i++;
}
}
echo "Transferred ".$i." tickets successfully";
}
?>
function getSignature($type, $id = null)
{
global $thisstaff;
if (!$thisstaff) {
Http::response(403, 'Login Required');
}
switch ($type) {
case 'none':
break;
case 'mine':
echo Format::viewableImages($thisstaff->getSignature());
break;
case 'dept':
if (!($dept = Dept::lookup($id))) {
Http::response(404, 'No such department');
}
echo Format::viewableImages($dept->getSignature());
break;
default:
Http::response(400, 'Unknown signature type');
break;
}
}
