function DoPost() { $this->post['name'] = FSS_Input::getString('name', ''); $this->post['email'] = FSS_Input::getEMail('email', ''); $this->post['website'] = FSS_Input::getURL('website', ''); $this->post['body'] = FSS_Input::getString('body', ''); $this->post['itemid'] = FSS_Input::getInt('itemid', 0); $this->post['ident'] = FSS_Input::getInt('ident', 0); $published = 1; if ($this->moderate) { $published = 0; } $captcha = new FSS_Captcha(); $this->valid = 1; if ($this->post['name'] == "") { $this->errors['name'] = JText::_("YOU_MUST_ENTER_A_NAME"); $this->valid = 0; } if ($this->use_email && $this->post['email'] != "" && !JMailHelper::isEmailAddress($this->post['email'])) { $this->errors['email'] = JText::_("INVALID_EMAIL_ADDRESS_ENTERED"); $this->valid = 0; } if ($this->use_website && $this->post['website'] != "" && 0) { $this->errors['website'] = JText::_("INVALID_WEBSITE_ADDRESS_ENTERED"); $this->valid = 0; } if ($this->post['body'] == "") { $this->errors['body'] = JText::_("YOU_MUST_ENTER_A_COMMENT_TO_POST"); $this->valid = 0; } if ($this->handler->item_select_must_have) { if ($this->post['itemid'] == 0) { $this->errors['itemid'] = JText::_("YOU_MUST_SELECT_A") . $this->handler->email_article_type; $this->valid = 0; } } if (!$captcha->ValidateCaptcha()) { $this->errors['captcha'] = JText::_("INVALID_SECURITY_CODE"); $this->valid = 0; } if (!FSSCF::ValidateFields($this->customfields, $this->errors)) { $this->valid = 0; } $output['valid'] = $this->valid; if ($this->valid == 1) { $db = JFactory::getDBO(); $user = JFactory::getUser(); $userid = $user->id; $custom = FSSCF::Comm_StoreFields($this->customfields); $custom = serialize($custom); $now = FSS_Helper::CurDate(); $qry = "INSERT INTO " . $this->table . " (ident, itemid, name, email, website, body, published, created, userid, custom) VALUES ("; $qry .= $this->post['ident']; $qry .= " , " . $this->post['itemid']; $qry .= " , '" . FSSJ3Helper::getEscaped($db, $this->post['name']); $qry .= "' , '" . FSSJ3Helper::getEscaped($db, $this->post['email']); $qry .= "' , '" . FSSJ3Helper::getEscaped($db, $this->post['website']); $qry .= "' , '" . FSSJ3Helper::getEscaped($db, $this->post['body']); $qry .= "' , {$published}, '{$now}', '" . FSSJ3Helper::getEscaped($db, $userid) . "', '" . FSSJ3Helper::getEscaped($db, $custom) . "' )"; $db->SetQuery($qry); $db->Query(); $this->comment = $this->post; $this->comment['id'] = $db->insertid(); $this->comment['ident'] = $this->post['ident']; foreach ($this->customfields as $id => $field) { $this->comment["custom_{$id}"] = FSS_Input::getString("custom_{$id}", ""); JRequest::setVar("custom_{$id}", ''); } FSS_EMail::Send_Comment($this); //print_r($output); //exit(); //ob_clean(); //print_p($this); if ($this->moderate) { $this->comment['published'] = 0; include $this->tmplpath . DS . 'moderate.php'; } else { if ($this->opt_show_posted_message_only) { $this->comment['published'] = 0; include $this->tmplpath . DS . 'thanks.php'; } else { $this->comment['published'] = 1; include $this->tmplpath . DS . 'thanks.php'; include $this->tmplpath . DS . 'comment.php'; } } $output['comment'] = ob_get_contents(); if ($this->opt_display) { if ($this->opt_order == 0) { $output['display'] = 'before'; } else { $output['display'] = 'after'; } } else { $output['display'] = 'none'; } if ($this->opt_show_posted_message_only) { $output['display'] = "replace"; } $this->post['name'] = $this->GetName(); $this->post['email'] = ''; $this->post['website'] = ''; $this->post['body'] = ''; $this->post['created'] = 'now'; if ($this->opt_show_form_after_post) { ob_clean(); $this->captcha = $captcha->GetCaptcha(); include $this->tmplpath . DS . 'addcomment.php'; $output['form'] = ob_get_contents(); $output['form_display'] = "replace"; } else { $output['form'] = ''; $output['form_display'] = ""; if ($this->opt_form_clear_comment) { $output['form_display'] = "clear_comment"; } } ob_clean(); echo json_encode($output); exit; } else { $output['display'] = 'none'; $output['form_display'] = "replace"; ob_clean(); $this->comment = $this->post; include $this->tmplpath . DS . 'comment.php'; $output['comment'] = ob_get_contents(); ob_clean(); $this->captcha = $captcha->GetCaptcha(); include $this->tmplpath . DS . 'addcomment.php'; $output['form'] = ob_get_contents(); ob_clean(); echo json_encode($output); exit; } return true; }
function saveTicket() { $subject = FSS_Input::getString('subject'); $body = FSS_Input::getBBCode('body'); $prodid = FSS_Input::getInt('prodid'); $deptid = FSS_Input::getInt('deptid'); $catid = FSS_Input::getInt('catid'); $priid = FSS_Input::getInt('priid'); $handler = FSS_Input::getInt('handler'); $user = JFactory::getUser(); $userid = $user->get('id'); $name = ""; $session = JFactory::getSession(); $this->admin_create = 0; if ($session->Get('admin_create')) { $this->admin_create = $session->Get('admin_create'); } if ($this->admin_create == 1) { $this->admin_create = 1; $userid = $session->Get('admin_create_user_id'); } else { if ($this->admin_create == 2) { $userid = 0; } } $db = JFactory::getDBO(); if ($priid < 1) { $priid = FSS_Settings::get('support_default_priority'); } $ticket['subject'] = $subject; $ticket['body'] = $body; $ticket['priid'] = $priid; $ticket['handler'] = $handler; $ok = true; $errors['subject'] = ''; $errors['body'] = ''; $errors['cat'] = ''; $errors['captcha'] = ''; $fields = FSSCF::GetCustomFields(0, $prodid, $deptid); if (FSS_Settings::get('support_subject_message_hide') == "subject") { $ticket['subject'] = substr(strip_tags($ticket['body']), 0, 40); $subject = $ticket['subject']; } if (FSS_Settings::get('support_altcat')) { $cats = $this->get('Cats'); if (count($cats) > 0 && FSS_Input::getInt('catid') < 1) { $errors['cat'] = JText::_("YOU_MUST_SELECT_A_CATEGORY"); $ok = false; } } if ($body == "" && FSS_Settings::get('support_subject_message_hide') != "message" && FSS_Settings::get('support_subject_message_hide') != "both") { $errors['body'] = JText::_("YOU_MUST_ENTER_A_MESSAGE_FOR_YOUR_SUPPORT_TICKET"); $ok = false; } if (!FSSCF::ValidateFields($fields, $errors)) { $ok = false; } $email = ""; $password = ""; $now = FSS_Helper::CurDate(); $this->sortCaptchaType(); $captcha = new FSS_Captcha(); if (!$captcha->ValidateCaptcha('support_captcha_type')) { $errors['captcha'] = JText::_("INVALID_SECURITY_CODE"); $ok = false; } if ($userid < 1) { $email = FSSJ3Helper::getEscaped($db, $session->Get('ticket_email')); if ($session->Get('ticket_name')) { $name = FSSJ3Helper::getEscaped($db, $session->Get('ticket_name')); } if ($email == "" && $this->admin_create != 2) { $ok = false; } else { $password = FSS_Helper::createRandomPassword(); $session->Set('ticket_pass', $password); } } // assign handler to ticket $admin_id = $handler; if (!$admin_id) { $admin_id = FSS_Ticket_Helper::AssignHandler($prodid, $deptid, $catid); } $now = FSS_Helper::CurDate(); $def_open = FSS_Ticket_Helper::GetStatusID('def_open'); if (FSS_Settings::get('support_subject_format') != "") { $parser = new FSSParser(); foreach ($_POST as $var => $value) { $parser->setVar($var, FSS_Input::GetString($var)); } foreach ($fields as $field) { $parser->setVar('custom_' . $field['alias'], FSS_Input::GetString('custom_' . $field['id'])); } $user = JFactory::getUser($userid); $parser->setVar('userid', $userid); $parser->setVar('username', $user->username); $parser->setVar('name', $user->name); $parser->setVar('email', $user->email); $parser->setVar('subject', $subject); $parser->SetVar('product', FSS_EMail::GetProduct($prodid)); $parser->SetVar('department', FSS_EMail::GetDepartment($deptid)); $parser->SetVar('category', FSS_EMail::Getcategory($catid)); $parser->SetVar('date', FSS_Helper::Date($now, FSS_DATE_SHORT)); $parser->SetVar('time', FSS_Helper::Date($now, FSS_DATETIME_SHORT)); $parser->SetTemplate(FSS_Settings::get('support_subject_format')); $result = $parser->Parse(); if (trim($result) == "") { $sj = array(); foreach ($fields as $field) { $sj[] = FSS_Input::GetString('custom_' . $field['id']); } $result = implode(", ", $sj); } $ticket['subject'] = $result; $subject = $ticket['subject']; if ($subject == "") { $errors['subject'] = JText::_("YOU_MUST_ENTER_A_SUBJECT_FOR_YOUR_SUPPORT_TICKET"); $ok = false; } } if ($ok) { $qry = "INSERT INTO #__fss_ticket_ticket (reference, ticket_status_id, ticket_pri_id, ticket_cat_id, ticket_dept_id, prod_id, title, opened, lastupdate, user_id, admin_id, email, password, unregname, lang) VALUES "; $qry .= "('', {$def_open}, '" . FSSJ3Helper::getEscaped($db, $priid) . "', '" . FSSJ3Helper::getEscaped($db, $catid) . "', '" . FSSJ3Helper::getEscaped($db, $deptid) . "', '" . FSSJ3Helper::getEscaped($db, $prodid) . "', '" . FSSJ3Helper::getEscaped($db, $subject) . "', '{$now}', '{$now}', '" . FSSJ3Helper::getEscaped($db, $userid) . "', '" . FSSJ3Helper::getEscaped($db, $admin_id) . "', '{$email}', '" . FSSJ3Helper::getEscaped($db, $password) . "', '{$name}', '" . JFactory::getLanguage()->getTag() . "')"; $db->setQuery($qry); $db->Query(); $this->ticketid = $db->insertid(); $ref = FSS_Ticket_Helper::createRef($this->ticketid); $session->Set('ticket_reference', $ref); $qry = "UPDATE #__fss_ticket_ticket SET reference = '" . FSSJ3Helper::getEscaped($db, $ref) . "' WHERE id = '" . FSSJ3Helper::getEscaped($db, $this->ticketid) . "'"; $db->setQuery($qry); $db->Query(); if ($this->admin_create) { $curuser = JFactory::getUser(); $premsg = date("Y-m-d H:i:s", strtotime($now) - 1); $msg = JText::sprintf('TICKET_OPENED_BY', $curuser->name, $curuser->username); $qry = "INSERT INTO #__fss_ticket_messages (ticket_ticket_id, subject, body, user_id, posted, admin) VALUES ('"; $qry .= FSSJ3Helper::getEscaped($db, $this->ticketid) . "','" . FSSJ3Helper::getEscaped($db, $subject) . "','" . FSSJ3Helper::getEscaped($db, $msg) . "','" . FSSJ3Helper::getEscaped($db, $curuser->id) . "','{$premsg}', 6)"; $db->setQuery($qry); $db->Query(); } $qry = "INSERT INTO #__fss_ticket_messages (ticket_ticket_id, subject, body, user_id, posted) VALUES ('"; $qry .= FSSJ3Helper::getEscaped($db, $this->ticketid) . "','" . FSSJ3Helper::getEscaped($db, $subject) . "','" . FSSJ3Helper::getEscaped($db, $body) . "','" . FSSJ3Helper::getEscaped($db, $userid) . "','{$now}')"; $db->setQuery($qry); $db->Query(); $messageid = $db->insertid(); FSSCF::StoreFields($fields, $this->ticketid); // store tags if there are any posted $tags_input = FSS_Input::getString('tags'); $parts = explode("|", $tags_input); foreach ($parts as $part) { $tag = trim($part); if (!$tag || $tag == "") { continue; } $tags[] = $tag; $qry = "INSERT INTO #__fss_ticket_tags (ticket_id, tag) VALUES ('" . $this->ticketid . "', '" . $db->escape($tag) . "')"; $db->setQuery($qry); $db->Query(); } $t = new SupportTicket(); $t->load($this->ticketid, true); $files = $t->addFilesFromPost($messageid, $userid); $t->stripImagesFromMessage($messageid); $subject = FSS_Input::getString('subject'); $body = FSS_Input::getBBCode('body'); $action_name = "User_Open"; $action_params = array('subject' => $subject, 'user_message' => $body, 'files' => $files); SupportActions::DoAction($action_name, $t, $action_params); // additional users and emails if posted if ($this->admin_create > 0) { $additionalusers = JRequest::getVar('additionalusers'); $additionalusers = explode(",", $additionalusers); $t->addCC($additionalusers, 0, 0); $additionalemails = JRequest::getVar('additionalemails'); $additionalemails = explode(",", $additionalemails); foreach ($additionalemails as $email) { $email = trim($email); if ($email == "") { continue; } $t->addEMailCC($email); } if ($t->admin_id != JFactory::getUser()->id) { $t->addCC(JFactory::getUser()->id, 1, 0); } } $this->cleanAdminCreate(); // if related is passed as part of ticket open, relate the 2 tickets $related = JRequest::getVar('related'); if ($related > 0) { $t->addRelated($related); } } $this->errors = $errors; $this->ticket = $ticket; return $ok; }
// Require specific controller if requested if ($controller = FSS_Input::getCmd('controller')) { $path = JPATH_COMPONENT . DS . 'controllers' . DS . $controller . '.php'; if (file_exists($path)) { require_once $path; } else { $controller = ''; } } FSS_Helper::CheckTicketLink(); // Create the controller $classname = 'FssController' . $controller; $controller = new $classname(); $view = FSS_Input::getCmd('view'); if ($view != "csstest") { FSS_Helper::StylesAndJS(array('tooltip')); } // Perform the Request task $task = FSS_Input::getCmd('task'); if ($task == "captcha_image") { ob_clean(); require_once JPATH_SITE . DS . 'components' . DS . 'com_fss' . DS . 'helper' . DS . 'captcha.php'; $cap = new FSS_Captcha(); $cap->GetImage(); exit; } else { $controller->execute($task); // Redirect if set by the controller $controller->redirect(); } }