Ejemplos de hesk_dbEscape en PHP

Ejemplo n.º 1

Archivo: database_mysqli.inc.php Proyecto: ermedita-xhafaj/support

function hesk_dbFormatEmail($email, $field = 'email')
{
    global $hesk_settings;
    $email = hesk_dbLike($email);
    if ($hesk_settings['multi_eml']) {
        return " (`" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . ",%' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . ",%') ";
    } else {
        return " `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' ";
    }
}

Ejemplo n.º 2

Archivo: uninstallSql.php Proyecto: Orgoth/Mods-for-HESK

function removeOtherColumns()
{
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `autorefresh`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `parent`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `can_manage_settings`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `active`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `notify_note_unassigned`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `can_change_notification_settings`");
    executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings`");
    executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "verified_emails`");
    executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails`");
    executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` DROP COLUMN `icon`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `latitude`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `longitude`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets` DROP COLUMN `latitude`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets` DROP COLUMN `longitude`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` DROP COLUMN `manager`");
    executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `permission_template`");
    executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`");
    // These queries are ran in case someone used an unfortunate installation they may have not properly cleaned up tables
    executeQuery('DROP TABLE IF EXISTS `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'denied_ips`');
    executeQuery('DROP TABLE IF EXISTS `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'denied_emails`');
}

Ejemplo n.º 3

Archivo: ticket.php Proyecto: riansopian/hesk

</tr>
<tr>
	<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornersbottom"></td>
	<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>

<?php 
/* Print "Submit a reply" form? */
if ($ticket['locked'] != 1 && $ticket['status'] != 3 && !$hesk_settings['reply_top']) {
    hesk_printCustomerReplyForm();
}
/* If needed update unread replies as read for staff to know */
if (count($unread_replies)) {
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `read` = '1' WHERE `id` IN ('" . implode("','", $unread_replies) . "')");
}
/* Clear unneeded session variables */
hesk_cleanSessionVars('ticket_message');
require_once HESK_PATH . 'inc/footer.inc.php';
/*** START FUNCTIONS ***/
function print_form()
{
    global $hesk_settings, $hesklang;
    global $hesk_error_buffer, $my_email, $trackingID, $do_remember, $display;
    /* Print header */
    $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['view_ticket'];
    require_once HESK_PATH . 'inc/header.inc.php';
    ?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>

Ejemplo n.º 4

Archivo: profile.php Proyecto: riansopian/hesk

function update_profile()
{
    global $hesk_settings, $hesklang, $can_view_unassigned;
    /* A security check */
    hesk_token_check('POST');
    $sql_pass = '';
    $sql_username = '';
    $hesk_error_buffer = '';
    $_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
    $_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
    $_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
    /* Signature */
    if (strlen($_SESSION['new']['signature']) > 255) {
        $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
    }
    /* Admins can change username */
    if ($_SESSION['isadmin']) {
        $_SESSION['new']['user'] = hesk_input(hesk_POST('user')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_username'] . '</li>';
        /* Check for duplicate usernames */
        $result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user`='" . hesk_dbEscape($_SESSION['new']['user']) . "' AND `id`!='" . intval($_SESSION['id']) . "' LIMIT 1");
        if (hesk_dbNumRows($result) != 0) {
            $hesk_error_buffer .= '<li>' . $hesklang['duplicate_user'] . '</li>';
        } else {
            $sql_username = "******" . hesk_dbEscape($_SESSION['new']['user']) . "'";
        }
    }
    /* Change password? */
    $newpass = hesk_input(hesk_POST('newpass'));
    $passlen = strlen($newpass);
    if ($passlen > 0) {
        /* At least 5 chars? */
        if ($passlen < 5) {
            $hesk_error_buffer .= '<li>' . $hesklang['password_not_valid'] . '</li>';
        } else {
            $newpass2 = hesk_input(hesk_POST('newpass2'));
            if ($newpass != $newpass2) {
                $hesk_error_buffer .= '<li>' . $hesklang['passwords_not_same'] . '</li>';
            } else {
                $v = hesk_Pass2Hash($newpass);
                if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') {
                    define('WARN_PASSWORD', true);
                }
                $sql_pass = '******'' . $v . '\'';
            }
        }
    }
    /* After reply */
    $_SESSION['new']['afterreply'] = intval(hesk_POST('afterreply'));
    if ($_SESSION['new']['afterreply'] != 1 && $_SESSION['new']['afterreply'] != 2) {
        $_SESSION['new']['afterreply'] = 0;
    }
    /* Auto-start ticket timer */
    $_SESSION['new']['autostart'] = isset($_POST['autostart']) ? 1 : 0;
    /* Notifications */
    $_SESSION['new']['notify_new_unassigned'] = empty($_POST['notify_new_unassigned']) || !$can_view_unassigned ? 0 : 1;
    $_SESSION['new']['notify_new_my'] = empty($_POST['notify_new_my']) ? 0 : 1;
    $_SESSION['new']['notify_reply_unassigned'] = empty($_POST['notify_reply_unassigned']) || !$can_view_unassigned ? 0 : 1;
    $_SESSION['new']['notify_reply_my'] = empty($_POST['notify_reply_my']) ? 0 : 1;
    $_SESSION['new']['notify_assigned'] = empty($_POST['notify_assigned']) ? 0 : 1;
    $_SESSION['new']['notify_note'] = empty($_POST['notify_note']) ? 0 : 1;
    $_SESSION['new']['notify_pm'] = empty($_POST['notify_pm']) ? 0 : 1;
    /* Any errors? */
    if (strlen($hesk_error_buffer)) {
        /* Process the session variables */
        $_SESSION['new'] = hesk_stripArray($_SESSION['new']);
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
    } else {
        /* Update database */
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET\r\n\t    `name`='" . hesk_dbEscape($_SESSION['new']['name']) . "',\r\n\t    `email`='" . hesk_dbEscape($_SESSION['new']['email']) . "',\r\n\t\t`signature`='" . hesk_dbEscape($_SESSION['new']['signature']) . "'\r\n        {$sql_username}\r\n\t\t{$sql_pass} ,\r\n\t    `afterreply`='" . intval($_SESSION['new']['afterreply']) . "' ,\r\n        `autostart`='" . intval($_SESSION['new']['autostart']) . "' ,\r\n\t    `notify_new_unassigned`='" . intval($_SESSION['new']['notify_new_unassigned']) . "' ,\r\n        `notify_new_my`='" . intval($_SESSION['new']['notify_new_my']) . "' ,\r\n        `notify_reply_unassigned`='" . intval($_SESSION['new']['notify_reply_unassigned']) . "' ,\r\n        `notify_reply_my`='" . intval($_SESSION['new']['notify_reply_my']) . "' ,\r\n        `notify_assigned`='" . intval($_SESSION['new']['notify_assigned']) . "' ,\r\n        `notify_pm`='" . intval($_SESSION['new']['notify_pm']) . "',\r\n        `notify_note`='" . intval($_SESSION['new']['notify_note']) . "'\r\n\t    WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1");
        /* Process the session variables */
        $_SESSION['new'] = hesk_stripArray($_SESSION['new']);
        /* Update session variables */
        foreach ($_SESSION['new'] as $k => $v) {
            $_SESSION[$k] = $v;
        }
        unset($_SESSION['new']);
        hesk_process_messages($hesklang['profile_updated_success'], 'profile.php', 'SUCCESS');
    }
}

Ejemplo n.º 5

Archivo: lock.php Proyecto: riansopian/hesk

define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
hesk_checkPermission('can_edit_tickets');
/* A security check */
hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
/* New archived status */
if (empty($_GET['locked'])) {
    $status = 0;
    $tmp = $hesklang['tunlock'];
    $revision = sprintf($hesklang['thist6'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
} else {
    $status = 1;
    $tmp = $hesklang['tlock'];
    $revision = sprintf($hesklang['thist5'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
}
/* Update database */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='3',`locked`='{$status}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "')  WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
/* Back to ticket page and show a success message */
hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');

Ejemplo n.º 6

Archivo: reply_ticket.php Proyecto: ermedita-xhafaj/support

// array me vlerat e ticket_id
$params = array();
// array me vlerat e reply_message
$params1[0] = $ticket['id'];
$data = $oeapi->search_helpdeskID($valid_services["PIS"], $ticket['id']);
// gjejme ceshtjen ky helpdesk_id = ticket_id
//Ermedita -  lista e emaileve te staffit qe jan te lidhur me ceshtjen
$issue_id = hesk_dbQuery("SELECT `contract_ticket_id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`=" . $ticket['id']);
$i_id = mysqli_fetch_array($issue_id);
$users = hesk_dbQuery("SELECT `userId` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "userforcontract` WHERE `contractId`=" . $i_id[0]);
$u = array();
while ($user = mysqli_fetch_array($users)) {
    $u[] = $user['userId'];
}
$ulist = implode(',', $u);
$u_emails = hesk_dbQuery("SELECT `email` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id` IN (" . $ulist . ")");
$array_email = array();
while ($e = mysqli_fetch_array($u_emails)) {
    $array_email[] = $e['email'];
}
$ulist_emails = implode(',', $array_email);
//var_dump($ulist_emails);
//exit();
$params['subject'] = $ticket['subject'];
$params['user_id'] = 11;
// Do krijohet nga ERP nje user default dhe do vendosim ID e tij
$params['body_text'] = stripslashes($message);
$params['date'] = hesk_date($ticket['dt'], true);
$params['res_id'] = $data[0];
$params['model'] = "project.issue";
$params['email_from'] = $ticket['email'];

Ejemplo n.º 7

Archivo: index.php Proyecto: abuhannan/aduan

function forgot_tid()
{
    global $hesk_settings, $hesklang;
    require HESK_PATH . 'inc/email_functions.inc.php';
    $email = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or hesk_process_messages($hesklang['enter_valid_email'], 'ticket.php?remind=1');
    if (isset($_POST['open_only'])) {
        $hesk_settings['open_only'] = $_POST['open_only'] == 1 ? 1 : 0;
    }
    /* Prepare ticket statuses */
    $my_status = array(0 => $hesklang['open'], 1 => $hesklang['wait_staff_reply'], 2 => $hesklang['wait_cust_reply'], 3 => $hesklang['closed'], 4 => $hesklang['in_progress'], 5 => $hesklang['on_hold']);
    /* Get ticket(s) from database */
    hesk_load_database_functions();
    hesk_dbConnect();
    // Get tickets from the database
    $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` FORCE KEY (`statuses`) WHERE ' . ($hesk_settings['open_only'] ? "`status` IN ('0','1','2','4','5') AND " : '') . ' ' . hesk_dbFormatEmail($email) . ' ORDER BY `status` ASC, `lastchange` DESC ');
    $num = hesk_dbNumRows($res);
    if ($num < 1) {
        if ($hesk_settings['open_only']) {
            hesk_process_messages($hesklang['noopen'], 'ticket.php?remind=1&e=' . $email);
        } else {
            hesk_process_messages($hesklang['tid_not_found'], 'ticket.php?remind=1&e=' . $email);
        }
    }
    $tid_list = '';
    $name = '';
    $email_param = $hesk_settings['email_view_ticket'] ? '&e=' . rawurlencode($email) : '';
    while ($my_ticket = hesk_dbFetchAssoc($res)) {
        $name = $name ? $name : hesk_msgToPlain($my_ticket['name'], 1, 0);
        $tid_list .= "\n{$hesklang['trackID']}: " . $my_ticket['trackid'] . "\n{$hesklang['subject']}: " . hesk_msgToPlain($my_ticket['subject'], 1, 0) . "\n{$hesklang['status']}: " . $my_status[$my_ticket['status']] . "\n{$hesk_settings['hesk_url']}/ticket.php?track={$my_ticket['trackid']}{$email_param}\n";
    }
    /* Get e-mail message for customer */
    $msg = hesk_getEmailMessage('forgot_ticket_id', '', 0, 0, 1);
    $msg = str_replace('%%NAME%%', $name, $msg);
    $msg = str_replace('%%NUM%%', $num, $msg);
    $msg = str_replace('%%LIST_TICKETS%%', $tid_list, $msg);
    $msg = str_replace('%%SITE_TITLE%%', hesk_msgToPlain($hesk_settings['site_title'], 1), $msg);
    $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
    $subject = hesk_getEmailSubject('forgot_ticket_id');
    /* Send e-mail */
    hesk_mail($email, $subject, $msg);
    /* Show success message */
    $tmp = '<b>' . $hesklang['tid_sent'] . '!</b>';
    $tmp .= '<br />&nbsp;<br />' . $hesklang['tid_sent2'] . '.';
    $tmp .= '<br />&nbsp;<br />' . $hesklang['check_spambox'];
    hesk_process_messages($tmp, 'ticket.php?e=' . $email, 'SUCCESS');
    exit;
}

Ejemplo n.º 8

Archivo: admin_suggest_articles.php Proyecto: ermedita-xhafaj/support

define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Print XML header */
header('Content-Type: text/html; charset=' . $hesklang['ENCODING']);
/* Get the search query composed of the subject and message */
$query = hesk_REQUEST('q') or die('');
/* Get relevant articles from the database, include private ones */
$res = hesk_dbQuery("SELECT `id`, `subject`, `content` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('" . hesk_dbEscape($query) . "') LIMIT " . intval($hesk_settings['kb_search_limit']));
$num = hesk_dbNumRows($res);
/* Solve some spacing issues */
if (hesk_isREQUEST('p')) {
    echo '&nbsp;<br />';
}
/* Return found articles */
?>
<div class="conatiner notice">
<span style="font-size:12px;font-weight:bold"><?php 
echo $hesklang['sc'];
?>
:</span><br />&nbsp;<br />
    <?php 
if (!$num) {
    echo '<i>' . $hesklang['nsfo'] . '</i>';

Ejemplo n.º 9

Archivo: find_tickets.php Proyecto: ermedita-xhafaj/support

            break;
        case 'subject':
            $sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
            break;
        case 'message':
            $sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "'\n            \t\tOR\n                    `id` IN (\n            \t\tSELECT DISTINCT `replyto`\n                \tFROM   `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`\n                \tWHERE  `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )\n                    )\n                    ";
            break;
        case 'seqid':
            $sql .= "`id` = '" . intval($q) . "' ";
            break;
        case 'notes':
            $sql .= "`id` IN (\n            \t\tSELECT DISTINCT `ticket`\n                \tFROM   `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`\n                \tWHERE  `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )\n                \t";
            break;
        default:
            if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) {
                $sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' ";
            } else {
                $hesk_error_buffer .= '<br />' . $hesklang['invalid_search'];
            }
    }
}
// Owner
if ($tmp = intval(hesk_GET('owner', 0))) {
    $sql .= " AND `owner`={$tmp} ";
    $owner_input = $tmp;
    $hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer);
} else {
    $owner_input = 0;
}
/* Date */
/* -> Check for compatibility with old date format */

Ejemplo n.º 10

Archivo: mail.php Proyecto: ermedita-xhafaj/support

function mail_list_messages()
{
    global $hesk_settings, $hesklang, $admins;
    $href = 'mail.php';
    $query = '';
    if ($hesk_settings['mailtmp']['folder'] == 'outbox') {
        $query .= 'folder=outbox&';
    }
    $query .= 'page=';
    $maxresults = 30;
    $tmp = intval(hesk_POST('page', 1));
    $page = $tmp > 1 ? $tmp : 1;
    /* List of private messages */
    $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "'");
    $total = hesk_dbResult($res, 0, 0);
    if ($total > 0) {
        $pages = ceil($total / $maxresults) or $pages = 1;
        if ($page > $pages) {
            $page = $pages;
        }
        $limit_down = $page * $maxresults - $maxresults;
        $prev_page = $page - 1 <= 0 ? 0 : $page - 1;
        $next_page = $page + 1 > $pages ? 0 : $page + 1;
        if ($pages > 1) {
            echo $hesklang['pg'] . ': ';
            /* List pages */
            if ($pages >= 7) {
                if ($page > 2) {
                    echo '<a href="' . $href . '?' . $query . '1"><b>&laquo;</b></a> &nbsp; ';
                }
                if ($prev_page) {
                    echo '<a href="' . $href . '?' . $query . $prev_page . '"><b>&lsaquo;</b></a> &nbsp; ';
                }
            }
            for ($i = 1; $i <= $pages; $i++) {
                if ($i <= $page + 5 && $i >= $page - 5) {
                    if ($i == $page) {
                        echo ' <b>' . $i . '</b> ';
                    } else {
                        echo ' <a href="' . $href . '?' . $query . $i . '">' . $i . '</a> ';
                    }
                }
            }
            if ($pages >= 7) {
                if ($next_page) {
                    echo ' &nbsp; <a href="' . $href . '?' . $query . $next_page . '"><b>&rsaquo;</b></a> ';
                }
                if ($page < $pages - 1) {
                    echo ' &nbsp; <a href="' . $href . '?' . $query . $pages . '"><b>&raquo;</b></a>';
                }
            }
            echo '<br />&nbsp;';
        }
        // end PAGES > 1
        // Get messages from the database
        $res = hesk_dbQuery("SELECT `id`, `from`, `to`, `subject`, `dt`, `read` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' ORDER BY `id` DESC LIMIT " . intval($limit_down) . " , " . intval($maxresults) . " ");
        ?>

		<form action="mail.php<?php 
        if ($hesk_settings['mailtmp']['folder'] == 'outbox') {
            echo '?folder=outbox';
        }
        ?>
" name="form1" method="post">

		<div class="container table-responsive">
			<table class="table table-bordered table-hover" style="background: #E0EEEE;">
				<tr>
					<th class="admin_white" style="width:1px"><input type="checkbox" name="checkall" value="2" onclick="hesk_changeAll(this)" /></th>
					<th class="admin_white" style="text-align:left; white-space:nowrap;"><?php 
        echo $hesklang['m_sub'];
        ?>
</th>
					<th class="admin_white" style="text-align:left; white-space:nowrap;"><?php 
        echo $hesk_settings['mailtmp']['m_from'];
        ?>
</th>
					<th class="admin_white" style="text-align:left; white-space:nowrap;"><?php 
        echo $hesklang['date'];
        ?>
</th>
				</tr>

				<?php 
        $i = 0;
        while ($pm = hesk_dbFetchAssoc($res)) {
            if ($i) {
                $color = "admin_gray";
                $i = 0;
            } else {
                $color = "admin_white";
                $i = 1;
            }
            $pm['subject'] = '<a href="mail.php?a=read&amp;id=' . $pm['id'] . '">' . $pm['subject'] . '</a>';
            if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) {
                $pm['subject'] = '<b>' . $pm['subject'] . '</b>';
            }
            $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&amp;id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
            $pm['dt'] = hesk_dateToString($pm['dt'], 0, 0, 0, true);
            echo <<<EOC
\t\t\t\t\t<tr>
\t\t\t\t\t<td class="{$color}" style="text-align:left; white-space:nowrap;"><input type="checkbox" name="id[]" value="{$pm['id']}" />&nbsp;</td>
\t\t\t\t\t<td class="{$color}">{$pm['subject']}</td>
\t\t\t\t\t<td class="{$color}">{$pm['name']}</td>
\t\t\t\t\t<td class="{$color}">{$pm['dt']}</td>
\t\t\t\t\t</tr> 
EOC;
        }
        // End while
        ?>
				</table><!-- end table table-bordered table-hover table-responsive -->
			</div>

			<div class="container" align="right"><select name="a">
			<?php 
        if ($hesk_settings['mailtmp']['this'] == 'to') {
            ?>
				<option value="mark_read" selected="selected"><?php 
            echo $hesklang['mo1'];
            ?>
</option>
				<option value="mark_unread"><?php 
            echo $hesklang['mo2'];
            ?>
</option>
				<?php 
        }
        ?>
			<option value="delete"><?php 
        echo $hesklang['mo3'];
        ?>
</option>
			</select>
			<input type="hidden" name="token" value="<?php 
        hesk_token_echo();
        ?>
" />
			<input type="submit" value="<?php 
        echo $hesklang['execute'];
        ?>
" onclick="Javascript:if (document.form1.a.value=='delete') return hesk_confirmExecute('<?php 
        echo hesk_makeJsString($hesklang['mo3']);
        ?>
?');" class="btn btn-default" />

		</form>
<br/><br/>
		</div>
	    <?php 
    } else {
        echo '<div class="container"><i>' . $hesklang['npm'] . '</i></div><br/>';
    }
}

Ejemplo n.º 11

Archivo: manage_categories.php Proyecto: Eximagen/helpdesk

function toggle_type()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']);
    $_SESSION['selcat2'] = $catid;
    if (intval(hesk_GET('s'))) {
        $type = 1;
        $tmp = $hesklang['cpriv'];
    } else {
        $type = 0;
        $tmp = $hesklang['cpub'];
    }
    /* Update auto-assign settings */
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1");
    if (hesk_dbAffectedRows() != 1) {
        hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php');
    }
    hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS');
}

Ejemplo n.º 12

Archivo: install.php Proyecto: Orgoth/Mods-for-HESK

function hesk_iTables()
{
    global $hesk_settings;
    // -> Attachments
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (\n  `att_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `ticket_id` varchar(13) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `saved_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `real_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `size` int(10) unsigned NOT NULL DEFAULT '0',\n  `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  PRIMARY KEY (`att_id`),\n  KEY `ticket_id` (`ticket_id`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Banned emails
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_emails` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `email` varchar(255) NOT NULL,\n  `banned_by` smallint(5) unsigned NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  PRIMARY KEY (`id`),\n  KEY `email` (`email`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8\n");
    // -> Banned IPs
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `ip_from` int(10) unsigned NOT NULL DEFAULT '0',\n  `ip_to` int(10) unsigned NOT NULL DEFAULT '0',\n  `ip_display` varchar(100) NOT NULL,\n  `banned_by` smallint(5) unsigned NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  PRIMARY KEY (`id`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8\n");
    // -> Categories
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `name` varchar(60) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `cat_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3',\n  PRIMARY KEY (`id`),\n  KEY `type` (`type`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // ---> Insert default category
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` (`id`, `name`, `cat_order`) VALUES (1, 'General', 10)");
    // -> KB Articles
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `catid` smallint(5) unsigned NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  `author` smallint(5) unsigned NOT NULL,\n  `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n  `content` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `keywords` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `rating` float NOT NULL DEFAULT '0',\n  `votes` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  `views` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  `type` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `html` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `sticky` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `art_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `history` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  PRIMARY KEY (`id`),\n  KEY `catid` (`catid`),\n  KEY `sticky` (`sticky`),\n  KEY `type` (`type`),\n  FULLTEXT KEY `subject` (`subject`,`content`,`keywords`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> KB Attachments
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_attachments` (\n  `att_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `saved_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `real_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `size` int(10) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`att_id`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> KB Categories
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n  `parent` smallint(5) unsigned NOT NULL,\n  `articles` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `articles_private` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `articles_draft` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `cat_order` smallint(5) unsigned NOT NULL,\n  `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`),\n  KEY `type` (`type`),\n  KEY `parent` (`parent`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // ---> Insert default KB category
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` (`id`, `name`, `parent`, `cat_order`, `type`) VALUES (1, 'Knowledgebase', 0, 10, '0')");
    // -> Login attempts
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` (\n  `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL,\n  `number` tinyint(3) unsigned NOT NULL DEFAULT '1',\n  `last_attempt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n  UNIQUE KEY `ip` (`ip`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Private messages
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (\n  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,\n  `from` smallint(5) unsigned NOT NULL,\n  `to` smallint(5) unsigned NOT NULL,\n  `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `deletedby` smallint(5) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`),\n  KEY `from` (`from`),\n  KEY `to` (`to`,`read`,`deletedby`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // ---> Insert rate this script email
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (1, 9999, 1, 'Rate this script', '<div style=\"text-align:justify;padding:3px\">\r\n\r\n<p style=\"color:green;font-weight:bold\">Enjoy using HESK? Please let others know!</p>\r\n\r\n<p>You are invited to rate HESK or even write a short review here:<br />&nbsp;<br /><img src=\"../img/link.png\" width=\"16\" height=\"16\" border=\"0\" alt=\"\" style=\"vertical-align:text-bottom\" /> <a href=\"http://www.hotscripts.com/Detailed/46973.html\" target=\"_blank\">Rate this script @ Hot Scripts</a><br />&nbsp;<br /><img src=\"../img/link.png\" width=\"16\" height=\"16\" border=\"0\" alt=\"\" style=\"vertical-align:text-bottom\" /> <a href=\"http://php.resourceindex.com/detail/04946.html\" target=\"_blank\">Rate this script @ The PHP Resource Index</a></p>\r\n\r\n<p>Thank you,<br />&nbsp;<br />Klemen,<br />\r\n<a href=\"http://www.hesk.com/\" target=\"_blank\">www.hesk.com</a>\r\n\r\n<p>&nbsp;</p>', NOW(), '0', 9999)");
    // ---> Insert welcome email
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (2, 9999, 1, 'Welcome to HESK! Here are some quick tips...', '<p style=\"color:green;font-weight:bold\">HESK quick &quot;Getting Started&quot; tips:<br />&nbsp;</p>\r\n\r\n<ol style=\"padding-left:20px;padding-right:10px;text-align:justify\">\r\n<li>Click the Profile link to set your name, email, signature and password.<br />&nbsp;</li>\r\n<li>Click the Settings link in the top menu to get to the Settings page. For additional information about each setting, click the [?] link.<br />&nbsp;</li>\r\n<li>Add new categories (departments) on the Categories page. The default category cannot be deleted, but it can be renamed.<br />&nbsp;</li>\r\n<li>Create new staff accounts on the Users page. You can give them unlimited (Administrator) or restricted (Staff) access.<br />&nbsp;</li>\r\n<li>Use the integrated Knowledgebase. A comprehensive and well-written knowledgebase can drastically reduce the number of support tickets you receive and save a lot of your time in the long run.<br />&nbsp;</li>\r\n<li>You can create response and new ticket templates on the Canned page.<br />&nbsp;</li>\r\n<li>Subscribe to the <a href=\"http://www.hesk.com/newsletter.php\" target=\"_blank\">HESK Newsletter</a> to be notified of updates and new versions.<br />&nbsp;</li>\r\n<li>You should follow HESK on Twitter <a href=\"https://twitter.com/HESKdotCOM\" target=\"_blank\">here</a>.<br />&nbsp;</li>\r\n<li>To remove the &quot;<span class=\"smaller\">Powered by Help Desk Software HESK</span>&quot; links from the bottom of your help desk <a href=\"https://www.hesk.com/buy.php\" target=\"_blank\">buy a license here</a>.<br />&nbsp;</li></ol>\r\n\r\n<p>Enjoy using HESK and please feel free to share your constructive feedback and feature suggestions.</p>\r\n\r\n<p>Klemen Stirn<br />\r\nHESK owner and author<br />\r\n<a href=\"http://www.hesk.com/\" target=\"_blank\">www.hesk.com</a>', NOW(), '0', 9999)");
    // -> Notes
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` (\n  `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `ticket` mediumint(8) unsigned NOT NULL,\n  `who` smallint(5) unsigned NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  PRIMARY KEY (`id`),\n  KEY `ticketid` (`ticket`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Online
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` (\n  `user_id` smallint(5) unsigned NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n  `tmp` int(11) unsigned NOT NULL DEFAULT '0',\n  UNIQUE KEY `user_id` (`user_id`),\n  KEY `dt` (`dt`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Pipe loops
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` (\n  `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n  `hits` smallint(1) unsigned NOT NULL DEFAULT '0',\n  `message_hash` char(32) COLLATE utf8_unicode_ci NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  KEY `email` (`email`,`hits`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Replies
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (\n  `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `replyto` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  `attachments` mediumtext COLLATE utf8_unicode_ci,\n  `staffid` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `rating` enum('1','5') COLLATE utf8_unicode_ci DEFAULT NULL,\n  `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`),\n  KEY `replyto` (`replyto`),\n  KEY `dt` (`dt`),\n  KEY `staffid` (`staffid`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Reply drafts
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` (\n  `owner` smallint(5) unsigned NOT NULL,\n  `ticket` mediumint(8) unsigned NOT NULL,\n  `message` mediumtext CHARACTER SET utf8 NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  KEY `owner` (`owner`),\n  KEY `ticket` (`ticket`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Reset password
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` (\n  `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `user` smallint(5) unsigned NOT NULL,\n  `hash` char(40) NOT NULL,\n  `ip` varchar(45) NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  PRIMARY KEY (`id`),\n  KEY `user` (`user`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8;\n");
    // -> Service messages
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  `author` smallint(5) unsigned NOT NULL,\n  `title` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `style` enum('0','1','2','3','4') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `order` smallint(5) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`),\n  KEY `type` (`type`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;\n");
    // -> Canned Responses
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `reply_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Tickets
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` (\n  `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n  `trackid` varchar(13) COLLATE utf8_unicode_ci NOT NULL,\n  `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `email` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `category` smallint(5) unsigned NOT NULL DEFAULT '1',\n  `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3',\n  `subject` varchar(70) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `dt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',\n  `lastchange` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n  `firstreply` timestamp NULL DEFAULT NULL,\n  `closedat` timestamp NULL DEFAULT NULL,\n  `articles` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,\n  `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,\n  `status` enum('0','1','2','3','4','5') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `openedby` smallint(5) unsigned DEFAULT '0',\n  `firstreplyby` smallint(8) unsigned DEFAULT NULL,\n  `closedby` smallint(5) unsigned DEFAULT NULL,\n  `replies` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `staffreplies` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `owner` smallint(5) unsigned NOT NULL DEFAULT '0',\n  `time_worked` time NOT NULL DEFAULT '00:00:00',\n  `lastreplier` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `replierid` smallint(5) unsigned DEFAULT NULL,\n  `archive` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `locked` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `merged` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `history` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom1` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom2` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom3` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom4` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom5` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom6` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom7` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom8` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom9` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom10` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom11` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom12` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom13` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom14` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom15` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom16` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom17` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom18` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom19` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `custom20` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  PRIMARY KEY (`id`),\n  KEY `trackid` (`trackid`),\n  KEY `archive` (`archive`),\n  KEY `categories` (`category`),\n  KEY `statuses` (`status`),\n  KEY `owner` (`owner`),\n  KEY `openedby` (`openedby`,`firstreplyby`,`closedby`),\n  KEY `dt` (`dt`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Ticket templates
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n  `tpl_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    // -> Users
    hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` (\n  `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n  `user` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `pass` char(40) COLLATE utf8_unicode_ci NOT NULL,\n  `isadmin` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `signature` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,\n  `categories` varchar(500) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `afterreply` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n  `autostart` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_customer_new` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_customer_reply` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `show_suggested` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_new_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_new_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_reply_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_reply_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_assigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_pm` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `notify_note` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `default_list` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n  `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n  `heskprivileges` varchar(1000) COLLATE utf8_unicode_ci DEFAULT NULL,\n  `ratingneg` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  `ratingpos` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  `rating` float NOT NULL DEFAULT '0',\n  `replies` mediumint(8) unsigned NOT NULL DEFAULT '0',\n  PRIMARY KEY (`id`),\n  KEY `autoassign` (`autoassign`)\n) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n");
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` (`id`, `user`, `pass`, `isadmin`, `name`, `email`, `heskprivileges`) VALUES (1, '" . hesk_dbEscape($_SESSION['admin_user']) . "', '" . hesk_dbEscape($_SESSION['admin_hash']) . "', '1', 'Your name', '*****@*****.**', '')");
    return true;
}

Ejemplo n.º 13

Archivo: admin_main.php Proyecto: ermedita-xhafaj/support

			<input name="submitbutton_tickets" type="submit" class="btn btn-default filter-ticket-btn" value="Search"/>
			<button name="clearbutton_tickets" onclick="deleteticket_admin();return false;" class="btn btn-default filter-ticket-btn" value="">Clear</button>
		</form>
	</div> <!--end div i filtrave -->	
	<?php 
    if (!isset($_SESSION['hide']['ticket_list'])) {
        echo '<br/><br/>
        <div class="container open-new-ticket">
        <div class="form-inline col-sm-10"><img src="../img/open-tickets.png" alt="open-tickets" /><span id="openTicket">' . $hesklang['open_tickets'] . '</span></div>
        <span class="col-sm-2 newTicket"><a href="new_ticket.php"><button type="submit" class="btn btn-default new-ticket-btn">' . $hesklang['nti'] . '</button></a></span>
		</div>
        ';
    }
    /* Reset default settings? */
    if (isset($_GET['reset']) && hesk_token_check()) {
        $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1");
        $_SESSION['default_list'] = '';
    } else {
        parse_str($_SESSION['default_list'], $defaults);
        $_GET = isset($_GET) && is_array($_GET) ? array_merge($_GET, $defaults) : $defaults;
    }
    /* Print the list of tickets */
    require HESK_PATH . 'inc/print_tickets.inc.php';
    /* Print forms for listing and searching tickets */
    /*require(HESK_PATH . 'inc/show_search_form.inc.php');*/
} else {
    echo '<p><i>' . $hesklang['na_view_tickets'] . '</i></p>';
}
/* Clean unneeded session variables */
hesk_cleanSessionVars('hide');
require_once HESK_PATH . 'inc/footer.inc.php';

Ejemplo n.º 14

Archivo: reports.php Proyecto: Eximagen/helpdesk

function hesk_ticketsByDay()
{
    global $hesk_settings, $hesklang, $date_from, $date_to, $can_run_reports_full;
    $tickets = array();
    $totals = array('all' => 0, 'resolved' => 0, 'worked' => 0);
    $dt = DateArray($date_from, $date_to);
    // Pre-populate date values
    foreach ($dt as $day) {
        $tickets[$day] = array('all' => 0, 'resolved' => 0, 'worked' => '');
    }
    // SQL query for all
    $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt`" . ($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '') . " FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE " . ($can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'") . " AND {$hesk_settings['dt_sql']} GROUP BY `mydt`");
    // Update ticket values
    while ($row = hesk_dbFetchAssoc($res)) {
        if (!$hesk_settings['time_worked']) {
            $row['seconds_worked'] = 0;
        }
        $tickets[$row['mydt']]['all'] += $row['cnt'];
        $tickets[$row['mydt']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0;
        $totals['all'] += $row['cnt'];
        $totals['worked'] += $row['seconds_worked'];
    }
    // SQL query for resolved
    $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE " . ($can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'") . " AND `status`='3' AND {$hesk_settings['dt_sql']} GROUP BY `mydt`");
    // Update ticket values
    while ($row = hesk_dbFetchAssoc($res)) {
        $tickets[$row['mydt']]['resolved'] += $row['cnt'];
        $totals['resolved'] += $row['cnt'];
    }
    // Convert total seconds worked to HH:MM:SS
    $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0;
    ?>
	    <table width="100%" cellpadding="5" style="text-align:justify;border-collapse:collapse;padding:10px;">
	      <tr style="border-bottom:1px solid #000000;">
	        <td><?php 
    echo $hesklang['date'];
    ?>
</td>
	        <td><?php 
    echo $hesklang['atik'];
    ?>
</td>
	        <td><?php 
    echo $hesklang['topen'];
    ?>
</td>
	        <td><?php 
    echo $hesklang['closed'];
    ?>
</td>
			<?php 
    if ($hesk_settings['time_worked']) {
        echo '<td>' . $hesklang['ts'] . '</td>';
    }
    ?>
	      </tr>

	<?php 
    $num_tickets = count($tickets);
    if ($num_tickets > 10) {
        ?>
	      <tr style="border-bottom:1px solid #000000;">
	        <td><b><?php 
        echo $hesklang['totals'];
        ?>
</b></td>
	        <td><b><?php 
        echo $totals['all'];
        ?>
</b></td>
	        <td><b><?php 
        echo $totals['all'] - $totals['resolved'];
        ?>
</b></td>
	        <td><b><?php 
        echo $totals['resolved'];
        ?>
</b></td>
			<?php 
        if ($hesk_settings['time_worked']) {
            echo '<td><b>' . $totals['worked'] . '</b></td>';
        }
        ?>
	      </tr>
	<?php 
    }
    $cls = '';
    foreach ($tickets as $k => $d) {
        $cls = $cls ? '' : 'style="background:#EEEEE8;"';
        ?>
	      <tr <?php 
        echo $cls;
        ?>
>
	        <td><?php 
        echo hesk_dateToString($k);
        ?>
</td>
	        <td><?php 
        echo $d['all'];
        ?>
</td>
	        <td><?php 
        echo $d['all'] - $d['resolved'];
        ?>
</td>
	        <td><?php 
        echo $d['resolved'];
        ?>
</td>
			<?php 
        if ($hesk_settings['time_worked']) {
            echo '<td>' . $d['worked'] . '</td>';
        }
        ?>
	      </tr>
	    <?php 
    }
    ?>
	      <tr style="border-top:1px solid #000000;">
	        <td><b><?php 
    echo $hesklang['totals'];
    ?>
</b></td>
	        <td><b><?php 
    echo $totals['all'];
    ?>
</b></td>
	        <td><b><?php 
    echo $totals['all'] - $totals['resolved'];
    ?>
</b></td>
	        <td><b><?php 
    echo $totals['resolved'];
    ?>
</b></td>
			<?php 
    if ($hesk_settings['time_worked']) {
        echo '<td><b>' . $totals['worked'] . '</b></td>';
    }
    ?>
	      </tr>
	    </table>

	    <p>&nbsp;</p>
    <?php 
}

Ejemplo n.º 15

Archivo: show_search_form.inc.php Proyecto: Orgoth/Mods-for-HESK

<table width="100%" border="0" cellspacing="0" cellpadding="0">
    <tr>
        <td valign="top">
            <form name="showt" action="show_tickets.php" method="get">
                <table class="table" style="border-top: 0 !important" border="0" cellpadding="3" cellspacing="0" width="100%">
                    <tr>
                        <td style="border-top: 0px" width="20%" class="alignTop"><b><?php 
echo $hesklang['status'];
?>
</b>: &nbsp; </td>
                        <td style="border-top: 0px" width="80%">
                            <table border="0" cellpadding="0" cellspacing="0" width="100%">
                                <tr>
                                    <?php 
$rowCounter = 1;
$statusRS = hesk_dbQuery('SELECT `ID`, `Key`, `TextColor` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses`');
while ($row = $statusRS->fetch_assoc()) {
    if ($rowCounter > 3) {
        echo '</tr><tr>';
        $rowCounter = 1;
    }
    echo '<td width=';
    if ($rowCounter != 3) {
        echo '"33%"';
    } else {
        echo '"34%"';
    }
    echo '<label><input type="checkbox" name="s' . $row['ID'] . '" value="1"';
    if (isset($status[$row['ID']])) {
        echo 'checked="checked"';
    }

Ejemplo n.º 16

Archivo: export.php Proyecto: riansopian/hesk

$category_options = '';
$my_cat = array();
$res2 = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE " . hesk_myCategories('id') . " ORDER BY `cat_order` ASC");
while ($row = hesk_dbFetchAssoc($res2)) {
    $my_cat[$row['id']] = hesk_msgToPlain($row['name'], 1);
    $row['name'] = strlen($row['name']) > 50 ? substr($row['name'], 0, 50) . '...' : $row['name'];
    $cat_selected = $row['id'] == $category ? 'selected="selected"' : '';
    $category_options .= '<option value="' . $row['id'] . '" ' . $cat_selected . '>' . $row['name'] . '</option>';
}
// Generate export file
if (isset($_GET['w'])) {
    // We'll need HH:MM:SS format for hesk_date() here
    $hesk_settings['timeformat'] = 'H:i:s';
    // Get staff names
    $admins = array();
    $result = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `id` ASC");
    while ($row = hesk_dbFetchAssoc($result)) {
        $admins[$row['id']] = $row['name'];
    }
    // This will be the export directory
    $export_dir = HESK_PATH . $hesk_settings['attach_dir'] . '/export/';
    // This will be the name of the export and the XML file
    $export_name = 'hesk_export_' . date('Y-m-d_H-i-s') . '_' . mt_rand(10000, 99999);
    $save_to = $export_dir . $export_name . '.xml';
    // Do we have the export directory?
    if (is_dir($export_dir) || @mkdir($export_dir, 0777) && is_writable($export_dir)) {
        // Cleanup old files
        $files = glob($export_dir . '*', GLOB_NOSORT);
        if (is_array($files) && count($files)) {
            foreach ($files as $file) {
                hesk_unlink($file, 86400);

Ejemplo n.º 17

Archivo: edit_post.php Proyecto: ermedita-xhafaj/support

        foreach ($hesk_settings['custom_fields'] as $k => $v) {
            if ($v['use'] && isset($_POST[$k])) {
                if (is_array($_POST[$k])) {
                    $tmpvar[$k] = '';
                    foreach ($_POST[$k] as $myCB) {
                        $tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '<br />';
                    }
                    $tmpvar[$k] = substr($tmpvar[$k], 0, -6);
                } else {
                    $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k])));
                }
            } else {
                $tmpvar[$k] = '';
            }
        }
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET\n\t\t`name`='" . hesk_dbEscape($tmpvar['name']) . "',\n\t\t`email`='" . hesk_dbEscape($tmpvar['email']) . "',\n\t\t`subject`='" . hesk_dbEscape($tmpvar['subject']) . "',\n\t\t`message`='" . hesk_dbEscape($tmpvar['message']) . "',\n\t\t`custom1`='" . hesk_dbEscape($tmpvar['custom1']) . "',\n\t\t`custom2`='" . hesk_dbEscape($tmpvar['custom2']) . "',\n\t\t`custom3`='" . hesk_dbEscape($tmpvar['custom3']) . "',\n\t\t`custom4`='" . hesk_dbEscape($tmpvar['custom4']) . "',\n\t\t`custom5`='" . hesk_dbEscape($tmpvar['custom5']) . "',\n\t\t`custom6`='" . hesk_dbEscape($tmpvar['custom6']) . "',\n\t\t`custom7`='" . hesk_dbEscape($tmpvar['custom7']) . "',\n\t\t`custom8`='" . hesk_dbEscape($tmpvar['custom8']) . "',\n\t\t`custom9`='" . hesk_dbEscape($tmpvar['custom9']) . "',\n\t\t`custom10`='" . hesk_dbEscape($tmpvar['custom10']) . "',\n\t\t`custom11`='" . hesk_dbEscape($tmpvar['custom11']) . "',\n\t\t`custom12`='" . hesk_dbEscape($tmpvar['custom12']) . "',\n\t\t`custom13`='" . hesk_dbEscape($tmpvar['custom13']) . "',\n\t\t`custom14`='" . hesk_dbEscape($tmpvar['custom14']) . "',\n\t\t`custom15`='" . hesk_dbEscape($tmpvar['custom15']) . "',\n\t\t`custom16`='" . hesk_dbEscape($tmpvar['custom16']) . "',\n\t\t`custom17`='" . hesk_dbEscape($tmpvar['custom17']) . "',\n\t\t`custom18`='" . hesk_dbEscape($tmpvar['custom18']) . "',\n\t\t`custom19`='" . hesk_dbEscape($tmpvar['custom19']) . "',\n\t\t`custom20`='" . hesk_dbEscape($tmpvar['custom20']) . "'\n\t\tWHERE `id`='" . intval($ticket['id']) . "' LIMIT 1");
    }
    unset($tmpvar);
    hesk_cleanSessionVars('tmpvar');
    hesk_process_messages($hesklang['edt2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
$ticket['message'] = hesk_msgToPlain($ticket['message'], 0, 0);
/* Print header */
require_once HESK_PATH . 'inc/header.inc.php';
/* Print admin navigation */
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
?>

<!--
</td>
</tr>-->

Ejemplo n.º 18

Archivo: password.php Proyecto: Eximagen/helpdesk

 // Verify the hash exists
 $res = hesk_dbQuery("SELECT `user`, `ip` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` WHERE `hash` = '{$hash}' LIMIT 1");
 if (hesk_dbNumRows($res) != 1) {
     // Not a valid hash
     hesk_limitBfAttempts();
     hesk_process_messages($hesklang['ehash'], 'NOREDIRECT');
 } else {
     // Get info from database
     $row = hesk_dbFetchAssoc($res);
     // Only allow resetting password from the same IP address that submitted password reset request
     if ($row['ip'] != $_SERVER['REMOTE_ADDR']) {
         hesk_limitBfAttempts();
         hesk_process_messages($hesklang['ehaip'], 'NOREDIRECT');
     } else {
         // Expire all verification hashes for this user
         hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` WHERE `user`=" . intval($row['user']));
         // Load additional required functions
         require HESK_PATH . 'inc/admin_functions.inc.php';
         // Get user details
         $res = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `id`=" . intval($row['user']) . " LIMIT 1");
         $row = hesk_dbFetchAssoc($res);
         foreach ($row as $k => $v) {
             $_SESSION[$k] = $v;
         }
         // Set a tag that will be used to expire sessions after username or password change
         $_SESSION['session_verify'] = hesk_activeSessionCreateTag($_SESSION['user'], $_SESSION['pass']);
         // We don't need the password hash anymore
         unset($_SESSION['pass']);
         // Clean brute force attempts
         hesk_cleanBfAttempts();
         // Regenerate session ID (security)

Ejemplo n.º 19

Archivo: profile_functions.inc.php Proyecto: ermedita-xhafaj/support

function hesk_profile_tab($session_array = 'userdata', $is_profile_page = true, $action = "")
{
    global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned, $default_userdata;
    ?>
	<!-- TABS -->
<div class="container tab-content profile-functions-tab">
			<?php 
    if (!$is_profile_page) {
        ?>
			<div class="permissions">
				<div class="form-inline">
					<label class="col-sm-2 control-label"><?php 
        echo $hesklang['atype'];
        ?>
:</label>
					<div class="form-group">

					<?php 
        /* Only administrators can create new administrator accounts */
        if ($_SESSION['isadmin']) {
            if (!isset($_SESSION['userdata']['checked'])) {
                $_SESSION['userdata']['checked'] = "";
            }
            if ($_SESSION['userdata']['checked'] == 'admin') {
                ?>
							<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" checked /> <b><?php 
                echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
                ?>
</label><br />
							<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php 
                echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
                ?>
</label><br/>
							<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php 
                echo $hesklang['aclient'];
                ?>
</label>
						<?php 
            } elseif ($_SESSION['userdata']['checked'] == 'staff') {
                ?>
							<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php 
                echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
                ?>
</label><br />
							<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0"  checked /> <b><?php 
                echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
                ?>
</label><br/>
							<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php 
                echo $hesklang['aclient'];
                ?>
</label>
						<?php 
            } elseif ($_SESSION['userdata']['checked'] == 'client') {
                ?>
							<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php 
                echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
                ?>
</label><br />
							<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php 
                echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
                ?>
</label><br/>
							<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" checked /> <?php 
                echo $hesklang['aclient'];
                ?>
</label>
						<?php 
            } else {
                ?>
						<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" <?php 
                if (isset($_GET['a']) && $_GET['a'] == "edit") {
                    echo "checked";
                }
                ?>
 /> <b><?php 
                echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
                ?>
</label><br />
						<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0"  <?php 
                if (isset($_GET['a']) && $_GET['a'] == "editb") {
                    echo "checked";
                }
                ?>
 /> <b><?php 
                echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
                ?>
</label><br/>
						<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" <?php 
                if (isset($_GET['a']) && $_GET['a'] == "editc") {
                    echo "checked";
                }
                ?>
 /> <?php 
                echo $hesklang['aclient'];
                ?>
</label>
						<?php 
            }
        } else {
            echo '<b>' . $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
        }
        ?>

					</div>
				</div>
			</div><!-- end permissions -->
			<?php 
    }
    ?>
		<ul id="tabs" class="nav nav-tabs profile-functions" data-tabs="tabs">
			<li class="active" id="profile-info"><a href="#p-info" aria-controls="p-info" role="tab" data-toggle="tab"><?php 
    echo $hesklang['pinfo'];
    ?>
</a></li>
			<?php 
    if (!$is_profile_page) {
        ?>
			<!--<li id="permissions-info"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php 
        //echo $hesklang['permissions'];
        ?>
</a></li>-->
			<?php 
    }
    ?>
			<li id="signature-info"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php 
    echo $hesklang['sig'];
    ?>
</a></li>
			<li class="<?php 
    if (!isset($_GET['a'])) {
        echo "hidden";
    }
    ?>
" id="project_users-info"><a href="#project_users" aria-controls="project_users" role="tab" data-toggle="tab"><?php 
    echo $hesklang['project'];
    ?>
</a></li>
			<li class="<?php 
    if (!isset($_GET['a']) || $_GET['a'] == "editc") {
        echo "hidden";
    }
    ?>
" id="preferences-info"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php 
    echo $hesklang['pref'];
    ?>
</a></li>
			<li class="<?php 
    if (!isset($_GET['a']) || $_GET['a'] == "editc") {
        echo "hidden";
    }
    ?>
" id="notifications-info"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php 
    echo $hesklang['notn'];
    ?>
</a></li>
		</ul>
			<!-- PROFILE INFO -->
		<div role="tabpanel" class="tab-pane active" id="p-info">

			&nbsp;<br />

			<div class="profile-information">
			<div class="form-inline" id="profile-information-row">
			<label class="col-sm-2 control-label" for="profile-information-name"><?php 
    echo $hesklang['real_name'];
    ?>
: <font class="important">*</font></label>
			<input class="form-control" required="required" title="Required field" type="text" id="profile-information-name" name="name" size="40" maxlength="50" value="<?php 
    if (isset($_SESSION[$session_array]['name'])) {
        echo $_SESSION[$session_array]['name'];
    }
    ?>
"/>
			</div>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-email"><?php 
    echo $hesklang['email'];
    ?>
: <font class="important">*</font></label>
				<input class="form-control" required="required" title="Required field" type="email" id="profile-information-email" name="email" size="40" maxlength="255" value="<?php 
    if (isset($_SESSION[$session_array]['email'])) {
        echo $_SESSION[$session_array]['email'];
    }
    ?>
"/>
			</div>
			
			<?php 
    if (!$is_profile_page || $_SESSION['isadmin']) {
        ?>
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label control-label" for="profile-information-username"><?php 
        echo $hesklang['username'];
        ?>
: <font class="important">*</font></label>
				<input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php 
        if (isset($_SESSION[$session_array]['user'])) {
            echo $_SESSION[$session_array]['user'];
        }
        ?>
" />
			</div>
			<?php 
    } else {
        ?>
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label control-label" for="profile-information-username"><?php 
        echo $hesklang['username'];
        ?>
: <font class="important">*</font></label>
				<input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php 
        if (isset($_SESSION[$session_array]['user'])) {
            echo $_SESSION[$session_array]['user'];
        }
        ?>
" readonly>
			</div>
			<?php 
    }
    ?>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-address"><?php 
    echo 'Address';
    ?>
:</label>
				<input class="form-control" type="text" id="profile-information-adress" name="address" size="40" maxlength="255" value="<?php 
    if (isset($_SESSION[$session_array]['address'])) {
        echo $_SESSION[$session_array]['address'];
    }
    ?>
"/>
			</div>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-phonenumber"><?php 
    echo 'Phone Number';
    ?>
:</label>
				<input class="form-control" type="number" min="0" id="profile-information-phonenumber" name="phonenumber" size="40" maxlength="255" value="<?php 
    if (isset($_SESSION[$session_array]['phonenumber'])) {
        echo $_SESSION[$session_array]['phonenumber'];
    }
    ?>
"/>
			</div>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-poz_detyres"><?php 
    echo 'Pozicioni Detyres';
    ?>
</label>
				<input class="form-control" type="text" id="profile-information-poz_detyres" name="poz_detyres" size="40" maxlength="255" value="<?php 
    if (isset($_SESSION[$session_array]['poz_detyres'])) {
        echo $_SESSION[$session_array]['poz_detyres'];
    }
    ?>
"/>
			</div>
			
			<!--shtohim fushen "Active" kur celim nje departament -->
			<div class="clearfix"></div>
			<div class="form-inline project-row1" id="profile-information-row">
				<label class="col-sm-2 control-label"><?php 
    echo $hesklang['def_act'];
    ?>
: <font class="important">*</font></label>
				<input class="form-control" type="checkbox" name="prof_active" value="1" <?php 
    if (isset($_SESSION[$session_array]['active']) && $_SESSION[$session_array]['active'] == "1") {
        echo "checked";
    }
    ?>
 />

			</div>
			
			<?php 
    if (!isset($_GET['a'])) {
        ?>
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="newpass"><?php 
        echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass'];
        ?>
:</label>
				<input class="form-control" type="password" required="required" title="Required field" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" />
			</div>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="newpass2"><?php 
        echo $hesklang['confirm_pass'];
        ?>
:</label>
				<input class="form-control" required="required" title="Required field" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" />
			</div>
			<?php 
    } else {
        ?>
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-newpass"><?php 
        echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass'];
        ?>
:</label>
				<input class="form-control" type="password" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" />
			</div>
			
			<div class="form-inline" id="profile-information-row">
				<label class="col-sm-2 control-label" for="profile-information-confirmpass"><?php 
        echo $hesklang['confirm_pass'];
        ?>
:</label>
				<input class="form-control" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" />
				</div>
			<?php 
    }
    ?>
			<div class="form-inline" id="profile-information-pwdst-row">
				<label class="col-sm-2 control-label"><?php 
    echo $hesklang['pwdst'];
    ?>
:</label>
				<label style="vertical-align: top;">
				<div class="form-control" style="width: 336px;">
					<div id="progressBar" style="font-size: 1px; height: 20px; width: 0px; border: 1px solid white;"></div>
				</div>
				</label>
			</div>
			
			<div class="form-inline <?php 
    if (!isset($_GET['a']) || $_GET['a'] !== "editc") {
        echo "hidden";
    }
    ?>
" id="show-hide-kompani">
						<label class="col-sm-2 control-label" for=""><?php 
    echo $hesklang['company'];
    ?>
:<font class="important">*</font></label>
						<select class="form-control" id="select_company_manage_users" name="company_id" style="width: 336px;">
							<option></option>
							<?php 
    $res_comp = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'companies` ');
    while ($row_comp = mysqli_fetch_array($res_comp)) {
        if ($row_comp['active'] == 1) {
            $temp_data = array();
            $data_contract = hesk_dbQuery('SELECT id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE active=1 AND company_id =' . $row_comp['id']);
            while ($row_contract = mysqli_fetch_array($data_contract)) {
                $temp_data[] = $row_contract['id'];
            }
            if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) {
                echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" selected="selected">' . $row_comp['company_name'] . '</option>';
            } else {
                echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" >' . $row_comp['company_name'] . '</option>';
            }
        } else {
            if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) {
                echo '<option  selected="selected" disabled>' . $row_comp['company_name'] . '</option>';
            }
        }
    }
    ?>
		
						</select>
			</div>
				
			<br/>
			
			<div class="form-inline <?php 
    if (!isset($_GET['a']) || $_GET['a'] !== "editc") {
        echo "hidden";
    }
    ?>
" id="show-hide-kontrata">
				<label class="col-sm-2 control-label" for="select-kontrata"><?php 
    echo $hesklang['contract'];
    ?>
:<font class="important">*</font></label>
				<select class="multiple form-control" multiple="multiple" id="select-kontrata" name="contract_id[]" style="width: 336px;">
					<option></option>
					<?php 
    $res_contract = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` ');
    $temp = array();
    if (isset($_GET["id"])) {
        $res_contract_client = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contractforclient` WHERE client_Id=' . hesk_dbEscape($_GET["id"]));
        while ($row_contract_data = mysqli_fetch_array($res_contract_client)) {
            $temp[] = $row_contract_data['contract_Id'];
        }
    }
    while ($row_contract = mysqli_fetch_array($res_contract)) {
        if ($row_contract['active'] == 1) {
            if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) {
                echo '<option value="' . $row_contract['id'] . '" selected="selected">' . $row_contract['contract_name'] . '</option>';
            } else {
                echo '<option value="' . $row_contract['id'] . '" >' . $row_contract['contract_name'] . '</option>';
            }
        } else {
            if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) {
                echo '<option selected="selected" disabled>' . $row_contract['contract_name'] . '</option>';
            }
        }
    }
    ?>
		
				</select>
			</div>
			
			
<div id="options" class="<?php 
    if (!isset($_GET['a']) || $_GET['a'] !== "editb") {
        echo "hidden";
    }
    ?>
">

			<div class="permissions-category-features">
				<!--<div class="form-inline">
					<label class="col-sm-2 control-label"><?php 
    //echo $hesklang['allowed_cat'];
    ?>
: <font class="important">*</font></label>
					<label>-->
					<?php 
    /*foreach ($hesk_settings['categories'] as $catid => $catname)
    		{
    			echo '<label><input type="checkbox" name="categories[]" value="' . $catid . '" ';
    			if ( in_array($catid,$_SESSION[$session_array]['categories']) )
    			{
    				echo ' checked="checked" ';
    			}
    			echo ' />' . $catname . '</label>';
    		}*/
    ?>
					<!--</label>
				</div>-->
				
				<div class="form-inline" id="permissions-features">
				<label class="col-sm-2 control-label"><?php 
    echo $hesklang['allow_feat'];
    ?>
: <font class="important">*</font></label>
				<div class="form-group" style="vertical-align: top;">
				<?php 
    foreach ($hesk_settings['features'] as $k) {
        echo '<label><input type="checkbox" name="features[]" value="' . $k . '" ';
        if (in_array($k, $_SESSION[$session_array]['features'])) {
            echo ' checked="checked" ';
        }
        echo ' />' . $hesklang[$k] . '</label><br /> ';
    }
    ?>
</div>
				&nbsp;
				
				</div>
			</div><!-- end permissions-category-features -->			
</div>			
			<?php 
    if (!$is_profile_page && $hesk_settings['autoassign']) {
        ?>
				<div class="form-inline hidden" id="show-hide-optionsClient">
				&nbsp;
				&nbsp;&nbsp;
				&nbsp;<label class="col-sm-6 control-label"><input type="checkbox" name="autoassign" value="Y" <?php 
        if (isset($_SESSION[$session_array]['autoassign']) && !empty($_SESSION[$session_array]['autoassign'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['user_aa'];
        ?>
</label>
				</div>
				<?php 
    }
    ?>
			</div><!-- end profile-information -->


			</div>
			<!-- PROFILE INFO -->

			<!-- SIGNATURE -->
		<div role="tabpanel" class="tab-pane" id="signature">		
			<div class="form-inline signature-profile-func">
				<label class="control-label col-sm-3"><?php 
    echo $hesklang['signature_max'];
    ?>
:</label>
				<div class="form-group">
					<textarea class="form-control" name="signature" rows="10" cols="60"><?php 
    echo $_SESSION[$session_array]['signature'];
    ?>
</textarea><br />
					<?php 
    echo $hesklang['sign_extra'];
    ?>
				</div>
			</div><!-- end signature-profile-func -->
		</div>
			<!-- SIGNATURE -->
			
	<?php 
    if (!$is_profile_page) {
        ?>
		
			<!-- Projets for Users -->
			
	<div role="tabpanel" class="tab-pane" id="project_users">		
		<div class="project_contract_table">
			<table class="table table-bordered">
				<tr>
				<th class="admin_white" style="text-align:left"><b><i><?php 
        echo $hesklang['id'];
        ?>
</i></b></th>
				<th class="admin_white" style="text-align:left"><b><i><?php 
        echo $hesklang['name'];
        ?>
</i></b></th>
				<th class="admin_white" style="text-align:left"><b><i><?php 
        echo $hesklang['contract'];
        ?>
</i></b></th>
				<th class="admin_white" style="text-align:left"><b><i><?php 
        echo $hesklang['project'];
        ?>
</i></b></th>
				</tr>

				<?php 
        if (isset($_GET['a']) && $_GET['a'] == "edit") {
            $t1 = "users";
            $t2 = "userforcontract";
            $t3 = "userId";
            $t4 = "contractId";
        } else {
            $t1 = "clients";
            $t2 = "contractforclient";
            $t3 = "client_Id";
            $t4 = "contract_Id";
        }
        $result = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t1 . '` WHERE id=' . intval(hesk_GET('id')) . ' ORDER BY `id` ');
        $i = 1;
        while ($row = mysqli_fetch_array($result)) {
            $staff = hesk_dbQuery('SELECT ' . $t3 . ',' . $t4 . ' FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t2 . '` WHERE ' . $t3 . '=' . $row['id']);
            $staff_string = "";
            $project_string = "";
            while ($row1 = mysqli_fetch_array($staff)) {
                $contract_staff = hesk_dbQuery('SELECT contract_name, project_id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE `id` ="' . $row1[$t4] . '"');
                $contract = mysqli_fetch_array($contract_staff);
                $staff_string .= $contract['contract_name'] . "<br/>";
                $project_id = isset($contract['project_id']) ? $contract['project_id'] : "";
                if (!empty($project_id)) {
                    $project_staff = hesk_dbQuery('SELECT project_name FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'projects` WHERE `id` ="' . $project_id . '"');
                    $project = mysqli_fetch_array($project_staff);
                    $project_string .= $project['project_name'] . "<br/>";
                }
            }
            echo '<tr>
						<td class="$color">' . $row['id'] . '</td>
						<td class="$color">' . $row['name'] . '</td>
						<td class="$color">' . $staff_string . '</td>
						<td class="$color">' . $project_string . '</td>
						</tr>';
        }
        ?>
				
			</table>
		</div>
	</div>
	<?php 
    }
    ?>
			<!-- End Projets for Users -->

			<?php 
    if (!$is_profile_page || $can_reply_tickets) {
        ?>
			<!-- PREFERENCES -->
		<div role="tabpanel" class="tab-pane" id="preferences">
			<div class="form-group preferences-profile-func">
				<div class="form-inline">
					<label class="col-sm-3 control-label"><?php 
        echo $hesklang['aftrep'];
        ?>
:</label>
					<div class="form-group" style="vertical-align: top;">
						<label><input type="radio" name="afterreply" value="0" <?php 
        if (!$_SESSION[$session_array]['afterreply']) {
            echo 'checked="checked"';
        }
        ?>
/> <?php 
        echo $hesklang['showtic'];
        ?>
</label><br />
						<label><input type="radio" name="afterreply" value="1" <?php 
        if ($_SESSION[$session_array]['afterreply'] == 1) {
            echo 'checked="checked"';
        }
        ?>
/> <?php 
        echo $hesklang['gomain'];
        ?>
</label><br />
						<label><input type="radio" name="afterreply" value="2" <?php 
        if ($_SESSION[$session_array]['afterreply'] == 2) {
            echo 'checked="checked"';
        }
        ?>
/> <?php 
        echo $hesklang['shownext'];
        ?>
</label><br />
					</div>
				</div>

				<div class="form-inline preferences-profile-defaults">
					<label class="col-sm-3 control-label"><?php 
        echo $hesklang['defaults'];
        ?>
:</label>
					<div class="form-group" style="vertical-align: top;">
						<?php 
        if ($hesk_settings['time_worked']) {
            ?>
						<label><input type="checkbox" name="autostart" value="1" <?php 
            if (!empty($_SESSION[$session_array]['autostart'])) {
                echo 'checked="checked"';
            }
            ?>
 /> <?php 
            echo $hesklang['autoss'];
            ?>
</label><br />
						<?php 
        }
        ?>
						<label><input type="checkbox" name="notify_customer_new" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_customer_new'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['pncn'];
        ?>
</label><br />
						<label><input type="checkbox" name="notify_customer_reply" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_customer_reply'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['pncr'];
        ?>
</label><br />
						<label><input type="checkbox" name="show_suggested" value="1" <?php 
        if (!empty($_SESSION[$session_array]['show_suggested'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['pssy'];
        ?>
</label><br />
					</div>
				</div>
			</div><!-- end preferences-profile-func -->
		</div>
			<!-- PREFERENCES -->
			<?php 
    }
    ?>

			<!-- NOTIFICATIONS -->
		<div role="tabpanel" class="tab-pane" id="notifications">
			<div class="notif-mw"><?php 
    echo $hesklang['nomw'];
    ?>
</div>
			<div class="notifications-profile-func">
				<div class="form-inline">
					<div>
					<?php 
    if (!$is_profile_page || $can_view_tickets) {
        if (!$is_profile_page || $can_view_unassigned) {
            ?>
							<label><input type="checkbox" name="notify_new_unassigned" value="1" <?php 
            if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) {
                echo 'checked="checked"';
            }
            ?>
 /> <?php 
            echo $hesklang['nwts'];
            ?>
 <?php 
            echo $hesklang['unas'];
            ?>
</label><br />
							<?php 
        }
        ?>
						<label><input type="checkbox" name="notify_new_my" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_new_my'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['nwts'];
        ?>
 <?php 
        echo $hesklang['s_my'];
        ?>
</label><br />

						<?php 
        if (!$is_profile_page || $can_view_unassigned) {
            ?>
							<label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php 
            if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) {
                echo 'checked="checked"';
            }
            ?>
 /> <?php 
            echo $hesklang['ncrt'];
            ?>
 <?php 
            echo $hesklang['unas'];
            ?>
</label><br />
							<?php 
        }
        ?>
						<label><input type="checkbox" name="notify_reply_my" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_reply_my'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['ncrt'];
        ?>
 <?php 
        echo $hesklang['s_my'];
        ?>
</label><br />

						<label><input type="checkbox" name="notify_assigned" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_assigned'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['ntam'];
        ?>
</label><br />
						<label><input type="checkbox" name="notify_note" value="1" <?php 
        if (!empty($_SESSION[$session_array]['notify_note'])) {
            echo 'checked="checked"';
        }
        ?>
 /> <?php 
        echo $hesklang['ntnote'];
        ?>
</label><br />
						<?php 
    }
    ?>
					<label><input type="checkbox" name="notify_pm" value="1" <?php 
    if (!empty($_SESSION[$session_array]['notify_pm'])) {
        echo 'checked="checked"';
    }
    ?>
 /> <?php 
    echo $hesklang['npms'];
    ?>
</label><br />
					</div>
				</div>
			</div><!-- end notifications-profile-func -->
		</div>
			<!-- NOTIFICATIONS -->
</div>
	<!-- TABS -->

	<script language="Javascript" type="text/javascript"><!--
	hesk_checkPassword(document.form1.newpass.value);
	//-->
	</script>

	<?php 
    if (isset($_SESSION[$session_array])) {
        unset($_SESSION[$session_array]);
    }
}

Ejemplo n.º 20

Archivo: rate.php Proyecto: ermedita-xhafaj/support

$result = hesk_dbQuery("SELECT `replyto`,`rating`,`staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$reply_id}' LIMIT 1");
$reply = hesk_dbFetchAssoc($result);
// Does the ticket ID match the one in the request?
$result = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='{$reply['replyto']}' LIMIT 1");
// -> Ticket found?
if (hesk_dbNumRows($result) != 1) {
    die($hesklang['attempt']);
}
// -> Does the tracking ID match?
$ticket = hesk_dbFetchAssoc($result);
if ($ticket['trackid'] != $trackingID) {
    die($hesklang['attempt']);
}
// OK, tracking ID matches. Now check if this reply has already been rated
if (!empty($reply['rating'])) {
    die($hesklang['ar']);
}
// Update reply rating
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `rating`='{$rating}' WHERE `id`='{$reply_id}' LIMIT 1");
// Also update staff rating
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `rating`=((`rating`*(`ratingpos`+`ratingneg`))+{$rating})/(`ratingpos`+`ratingneg`+1), " . ($rating == 5 ? '`ratingpos`=`ratingpos`+1 ' : '`ratingneg`=`ratingneg`+1 ') . "WHERE `id`='{$reply['staffid']}'");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Content-type: text/plain; charset=utf-8');
if ($rating == 5) {
    echo $hesklang['rh'];
} else {
    echo $hesklang['rnh'];
}
exit;

Ejemplo n.º 21

Archivo: manage_categories.php Proyecto: Orgoth/Mods-for-HESK

function change_manager()
{
    global $hesklang, $hesk_settings;
    $catid = hesk_POST('catid');
    $newManagerId = hesk_POST('managerid');
    hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` SET `manager` = ' . intval($newManagerId) . ' WHERE `id` = ' . intval($catid));
    if (hesk_dbAffectedRows() != 1) {
        hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php');
    }
    if ($newManagerId == 0) {
        // There is no new manager.
        return;
    }
    // Add the category to the user's categories list, if not already present
    $currentCatRs = hesk_dbQuery('SELECT `categories` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = ' . intval($newManagerId));
    $currentCategories = hesk_dbFetchAssoc($currentCatRs);
    $categories = explode(',', $currentCategories['categories']);
    if (!in_array($catid, $categories)) {
        hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` SET `categories` = \'' . $currentCategories['categories'] . ',' . $catid . '\' WHERE `id` = ' . intval($newManagerId));
    }
    hesk_process_messages($hesklang['manager_updated'], './manage_categories.php', 'SUCCESS');
}

Ejemplo n.º 22

Archivo: admin_functions.inc.php Proyecto: ermedita-xhafaj/support

function hesk_myCompanies($what = 'company_ticket_id')
{
    if (!empty($_SESSION['isadmin'])) {
        return '1';
    } else {
        //return " `".hesk_dbEscape($what)."` IN ('" . implode("','", array_map('intval', $_SESSION['companies']) ) . "')";			/*koment per te hequr error-t kur login si staf*/
        return " `" . hesk_dbEscape($what) . "`";
    }
}

Ejemplo n.º 23

Archivo: print.php Proyecto: abuhannan/aduan

}
$ticket = hesk_dbFetchAssoc($res);
// Demo mode
if (defined('HESK_DEMO')) {
    $ticket['email'] = '*****@*****.**';
    $ticket['ip'] = '127.0.0.1';
}
/* Get category name and ID */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='{$ticket['category']}' LIMIT 1");
/* If this category has been deleted use the default category with ID 1 */
if (hesk_dbNumRows($res) != 1) {
    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1");
}
$category = hesk_dbFetchAssoc($res);
/* Get replies */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `replyto`='{$ticket['id']}' ORDER BY `id` ASC");
$replies = hesk_dbNumRows($res);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title><?php 
echo $hesk_settings['hesk_title'];
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
echo $hesklang['ENCODING'];
?>
">
<style type="text/css">
body, table, td, p

Ejemplo n.º 24

Archivo: users_online.inc.php Proyecto: ermedita-xhafaj/support

function hesk_cleanOnline()
{
    global $hesk_settings, $hesklang, $hesk_db_link;
    /* Delete old rows from the database */
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` WHERE `dt` < ( NOW() - INTERVAL " . intval($hesk_settings['online_min']) . " MINUTE) ");
    return true;
}

Ejemplo n.º 25

Archivo: service_messages.php Proyecto: abuhannan/aduan

function new_sm()
{
    global $hesk_settings, $hesklang, $listBox;
    global $hesk_error_buffer;
    // A security check
    # hesk_token_check('POST');
    $hesk_error_buffer = array();
    $style = intval(hesk_POST('style', 0));
    if ($style > 4 || $style < 0) {
        $style = 0;
    }
    $type = empty($_POST['type']) ? 0 : 1;
    $title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
    $message = hesk_getHTML(hesk_POST('message'));
    // Any errors?
    if (count($hesk_error_buffer)) {
        $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => hesk_input(hesk_POST('message')));
        $tmp = '';
        foreach ($hesk_error_buffer as $error) {
            $tmp .= "<li>{$error}</li>\n";
        }
        $hesk_error_buffer = $tmp;
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'service_messages.php');
    }
    // Just preview the message?
    if (isset($_POST['sm_preview'])) {
        $_SESSION['preview_sm'] = true;
        $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => $message);
        header('Location: service_messages.php');
        exit;
    }
    // Get the latest service message order
    $res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1");
    $row = hesk_dbFetchRow($res);
    $my_order = intval($row[0]) + 10;
    // Insert service message into database
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`) VALUES (\n    '" . intval($_SESSION['id']) . "',\n    '" . hesk_dbEscape($title) . "',\n    '" . hesk_dbEscape($message) . "',\n    '{$style}',\n    '{$type}',\n    '{$my_order}'\n    )");
    $_SESSION['smord'] = hesk_dbInsertID();
    hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS');
}

Ejemplo n.º 26

Archivo: manage_ticket_templates.php Proyecto: Eximagen/helpdesk

function order_saved()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']);
    $_SESSION['canned']['selcat2'] = $tplid;
    $tpl_move = intval(hesk_GET('move'));
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1");
    if (hesk_dbAffectedRows() != 1) {
        hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}.");
    }
    /* Update all category fields with new order */
    $result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC');
    $i = 10;
    while ($mytpl = hesk_dbFetchAssoc($result)) {
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1");
        $i += 10;
    }
    header('Location: manage_ticket_templates.php');
    exit;
}

Ejemplo n.º 27

Archivo: admin_functions.inc.php Proyecto: abuhannan/aduan

function hesk_myCategories($what = 'category')
{
    if (!empty($_SESSION['isadmin'])) {
        return '1';
    } else {
        return " `" . hesk_dbEscape($what) . "` IN ('" . implode("','", array_map('intval', $_SESSION['categories'])) . "')";
    }
}

Ejemplo n.º 28

Archivo: verifyemail.php Proyecto: Orgoth/Mods-for-HESK

            // Need to notify staff?
            // --> From autoassign?
            $getOwnerRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE ID = " . hesk_dbEscape($ticket['owner']));
            $autoassign_owner = $getOwnerRs->fetch_assoc();
            if ($ticket['owner'] && $autoassign_owner['notify_assigned']) {
                hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you');
            } elseif (!$ticket['owner']) {
                hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' ");
            }
            array_push($submittedTickets, $innerResult['trackid']);
            hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets`\n                        WHERE `id` = " . $innerResult['id']);
        }
        //Add email address to the verified emails table
        hesk_dbQuery('INSERT INTO `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'verified_emails` (`Email`) VALUES (\'' . hesk_dbEscape($email) . '\')');
    }
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails`\n                    WHERE `ActivationKey` = '" . hesk_dbEscape($key) . "'");
    //-- was there an email recorded for the key?
    if (!empty($email)) {
        $showForm = false;
        ?>
                <div class="alert alert-success">
                    <p><i class="fa fa-check"></i> <?php 
        echo sprintf($hesklang['email_verified'], $email);
        ?>
</p>
                    <ul>
                        <?php 
        foreach ($submittedTickets as $ticket) {
            echo '<li><a href="' . $hesk_settings['hesk_url'] . '/ticket.php?track=' . $ticket . '">' . $ticket . '</a></li>';
        }
        if (count($submittedTickets) == 0) {

Ejemplo n.º 29

Archivo: knowledgebase_private.php Proyecto: ermedita-xhafaj/support

function hesk_show_kb_category($catid, $is_search = 0)
{
    global $hesk_settings, $hesklang;
    if ($is_search == 0) {
        /* Print header */
        require_once HESK_PATH . 'inc/header.inc.php';
        hesk_kb_header($hesk_settings['kb_link'], $catid);
        if ($catid == 1) {
            echo '<br/><div class="container priv-kb-text">' . $hesklang['priv'] . '</div><br/>';
        }
    }
    $res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='" . intval($catid) . "' LIMIT 1");
    $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
    if ($thiscat['parent']) {
        $link = $thiscat['parent'] == 1 ? 'knowledgebase_private.php' : 'knowledgebase_private.php?category=' . $thiscat['parent'];
        echo '<br/><div class="container homepageh3"> ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</div><br/>
        <div class="container"><a href="javascript:history.go(-1)">' . '<button type="submit" class="btn btn-default goback-btn">' . $hesklang['back'] . '</button>' . '</a></div>
		';
    }
    $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='" . intval($catid) . "' ORDER BY `parent` ASC, `cat_order` ASC");
    if (hesk_dbNumRows($result) > 0) {
        ?>

		<div class="container"><b><?php 
        echo $hesklang['kb_cat_sub'];
        ?>
:</b></div><br/>

	<div class="container">
		<?php 
        $per_col = $hesk_settings['kb_cols'];
        $i = 1;
        while ($cat = hesk_dbFetchAssoc($result)) {
            if ($i == 1) {
                echo '<tr>';
            }
            $private = $cat['type'] == 1 ? ' *' : '';
            echo '
		    <td width="50%" valign="top">
			<table border="0">
			<tr><td><img src="../img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase_private.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a>' . $private . '</td></tr>
			';
            /* Print most popular/sticky articles */
            if ($hesk_settings['kb_numshow'] && $cat['articles']) {
                $res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($cat['id']) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
                $num = 1;
                while ($art = hesk_dbFetchAssoc($res)) {
                    $private = $art['type'] == 1 ? ' *' : '';
                    echo '
		            <tr>
		            <td><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" />
		            <a href="knowledgebase_private.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a>' . $private . '</td>
		            </tr>';
                    if ($num == $hesk_settings['kb_numshow']) {
                        break;
                    } else {
                        $num++;
                    }
                }
                if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
                    echo '<tr><td>&raquo; <a href="knowledgebase_private.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
                }
            }
            echo '
			</table>
		    </td>
			';
            if ($i == $per_col) {
                echo '</tr>';
                $i = 0;
            }
            $i++;
        }
        /* Finish the table if needed */
        if ($i != 1) {
            for ($j = 1; $j <= $per_col; $j++) {
                echo '<td width="50%">&nbsp;</td>';
                if ($i == $per_col) {
                    echo '</tr>';
                    break;
                }
                $i++;
            }
        }
        ?>
	</div>
	
	<?php 
    }
    // END if NumRows > 0
    ?>

	<br/>
	<div class="container articles_categ"><b><?php 
    echo $hesklang['ac'];
    ?>
</b></div>


	<div>
	<?php 
    $res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating`, `type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($catid) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `art_order` ASC");
    if (hesk_dbNumRows($res) == 0) {
        echo '<div class="container"><i>' . $hesklang['noac'] . '</i></div>';
    } else {
        echo '<div class="container table-responsive"><table class="table table-bordered" style="background-color: white;">';
        while ($article = hesk_dbFetchAssoc($res)) {
            $private = $article['type'] == 1 ? ' *' : '';
            $txt = hesk_kbArticleContentPreview($article['content']);
            echo '
				<tr>
				<td>
	                <table>
	                <tr>
	                <td width="1" valign="top"><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
	                <td valign="top"><a href="knowledgebase_private.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>' . $private . '</td>
                    </tr>
	                </table>
	                <table border="0" width="100%" cellspacing="0" cellpadding="1">
	                <tr>
	                <td width="1" valign="top"><img src="../img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td>
	                <td><span class="article_list" style="word-break: break-all;">' . $txt . '</span></td>
                    </tr>
	                </table>
	            </td>
				</tr>';
        }
        echo '</table></div>';
    }
    ?>

	</div>

<?php 
}

Ejemplo n.º 30

Archivo: knowledgebase_functions.inc.php Proyecto: Eximagen/helpdesk

function hesk_kbLatestArticles($how_many, $index = 1)
{
    global $hesk_settings, $hesklang;
    // Index page or KB main page?
    if ($index) {
        // Disabled?
        if (!$hesk_settings['kb_index_latest']) {
            return true;
        }
        // Show title in italics
        $font_weight = 'i';
    } else {
        // Disabled?
        if (!$hesk_settings['kb_latest']) {
            return true;
        }
        // Show title in bold
        $font_weight = 'b';
        // Print a line for spacing if we don't show popular articles
        if (!$hesk_settings['kb_popart']) {
            echo '<hr />';
        }
    }
    ?>

    <table border="0" width="100%">
	<tr>
	<td>&raquo; <<?php 
    echo $font_weight;
    ?>
><?php 
    echo $hesklang['latart'];
    ?>
</<?php 
    echo $font_weight;
    ?>
></td>

	<?php 
    /* Show number of views? */
    if ($hesk_settings['kb_date']) {
        echo '<td style="text-align:right"><i>' . $hesklang['dta'] . '</i></td>';
    }
    ?>

	</tr>
	</table>

	<?php 
    /* Get list of articles from the database */
    $res = hesk_dbQuery("SELECT `t1`.`id`,`t1`.`subject`,`t1`.`dt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\r\n\t\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\r\n\t\t\tWHERE `t1`.`type`='0' AND `t2`.`type`='0'\r\n\t\t\tORDER BY `t1`.`dt` DESC LIMIT " . intval($how_many));
    /* If no results found end here */
    if (hesk_dbNumRows($res) == 0) {
        echo '<p><i>' . $hesklang['noa'] . '</i><br />&nbsp;</p>';
        return true;
    }
    /* We have some results, print them out */
    ?>
    <div align="center">
    <table border="0" cellspacing="1" cellpadding="3" width="100%">
    <?php 
    while ($article = hesk_dbFetchAssoc($res)) {
        echo '
		<tr>
		<td>
		<table border="0" width="100%" cellspacing="0" cellpadding="0">
		<tr>
		<td width="1" valign="top"><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
		<td valign="top">&nbsp;<a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a></td>
		';
        if ($hesk_settings['kb_date']) {
            echo '<td valign="top" style="text-align:right" width="200">' . hesk_date($article['dt'], true) . '</td>';
        }
        echo '
		</tr>
		</table>
		</td>
		</tr>
		';
    }
    ?>

    </table>
    </div>

    &nbsp;

    <?php 
}