function hesk_autoLogin($noredirect = 0)
{
global $hesk_settings, $hesklang, $hesk_db_link;
if (!$hesk_settings['autologin']) {
return false;
}
$user = hesk_htmlspecialchars(hesk_COOKIE('hesk_username'));
$hash = hesk_htmlspecialchars(hesk_COOKIE('hesk_p'));
define('HESK_USER', $user);
if (empty($user) || empty($hash)) {
return false;
}
/* Login cookies exist, now lets limit brute force attempts */
hesk_limitBfAttempts();
/* Check username */
$result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
setcookie('hesk_username', '');
setcookie('hesk_p', '');
header('Location: index.php?a=login¬ice=1');
exit;
}
$res = hesk_dbFetchAssoc($result);
/* Check password */
if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass'])) {
setcookie('hesk_username', '');
setcookie('hesk_p', '');
header('Location: index.php?a=login¬ice=1');
exit;
}
// Set user details
foreach ($res as $k => $v) {
$_SESSION[$k] = $v;
}
/* Check if default password */
if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') {
hesk_process_messages($hesklang['chdp'], 'NOREDIRECT', 'NOTICE');
}
// Set a tag that will be used to expire sessions after username or password change
$_SESSION['session_verify'] = hesk_activeSessionCreateTag($user, $_SESSION['pass']);
// We don't need the password hash anymore
unset($_SESSION['pass']);
/* Login successful, clean brute force attempts */
hesk_cleanBfAttempts();
/* Regenerate session ID (security) */
hesk_session_regenerate_id();
/* Get allowed categories */
if (empty($_SESSION['isadmin'])) {
$_SESSION['categories'] = explode(',', $_SESSION['categories']);
}
/* Renew cookies */
setcookie('hesk_username', "{$user}", strtotime('+1 year'));
setcookie('hesk_p', "{$hash}", strtotime('+1 year'));
/* Close any old tickets here so Cron jobs aren't necessary */
if ($hesk_settings['autoclose']) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']);
$dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400);
// Notify customer of closed ticket?
if ($hesk_settings['notify_closed']) {
// Get list of tickets
$result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
if (hesk_dbNumRows($result) > 0) {
global $ticket;
// Load required functions?
if (!function_exists('hesk_notifyCustomer')) {
require HESK_PATH . 'inc/email_functions.inc.php';
}
while ($ticket = hesk_dbFetchAssoc($result)) {
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
hesk_notifyCustomer('ticket_closed');
}
}
}
// Update ticket statuses and history in database
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`='3', `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
}
/* If session expired while a HESK page is open just continue using it, don't redirect */
if ($noredirect) {
return true;
}
/* Redirect to the destination page */
header('Location: ' . hesk_verifyGoto());
exit;
}
function print_login()
{
global $hesk_settings, $hesklang;
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login'];
require_once HESK_PATH . 'inc/header.inc.php';
if (hesk_isREQUEST('notice')) {
hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT');
}
if (!isset($_SESSION['a_iserror'])) {
$_SESSION['a_iserror'] = array();
}
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="3"><img src="../img/headerleftsm.jpg" width="3" height="25" alt="" /></td>
<td class="headersm"><?php
echo $hesklang['login'];
?>
</td>
<td width="3"><img src="../img/headerrightsm.jpg" width="3" height="25" alt="" /></td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="smaller"><a href="<?php
echo $hesk_settings['site_url'];
?>
" class="smaller"><?php
echo $hesk_settings['site_title'];
?>
</a> >
<?php
echo $hesklang['admin_login'];
?>
</span></td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<br />
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
?>
<br />
<div align="center">
<table border="0" cellspacing="0" cellpadding="0" width="<?php
echo $hesk_settings['secimg_use'] == 2 ? '60' : '50';
?>
% ">
<tr>
<td width="7" height="7"><img src="../img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornerstop"></td>
<td><img src="../img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
<td class="roundcornersleft"> </td>
<td>
<form action="index.php" method="post" name="form1">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="60" style="text-align:center"><img src="../img/login.png" alt="" width="24" height="24" /></td>
<td>
<p><b><?php
echo $hesklang['admin_login'];
?>
</a></b></p>
</td>
</tr>
<tr>
<td width="60"> </td>
<td> </td>
</tr>
<tr>
<td width="60"> </td>
<td><?php
echo $hesklang['username'];
?>
:<br />
<?php
$cls = in_array('user', $_SESSION['a_iserror']) ? ' class="isError" ' : '';
if (defined('HESK_USER')) {
$savedUser = HESK_USER;
} else {
$savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username'));
}
$is_1 = '';
$is_2 = '';
$is_3 = '';
$remember_user = hesk_POST('remember_user');
if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) {
$is_1 = 'checked="checked"';
} elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') {
$is_2 = 'checked="checked"';
} else {
$is_3 = 'checked="checked"';
}
if ($hesk_settings['list_users']) {
echo '<select name="user" ' . $cls . '>';
$res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC');
while ($row = hesk_dbFetchAssoc($res)) {
$sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : '';
echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>';
}
echo '</select>';
} else {
echo '<input type="text" name="user" size="35" value="' . $savedUser . '" ' . $cls . ' />';
}
?>
</td>
</tr>
<tr>
<td width="60"> </td>
<td> </td>
</tr>
<tr>
<td width="60"> </td>
<td><?php
echo $hesklang['pass'];
?>
:<br /><input type="password" name="pass" size="35" <?php
if (in_array('pass', $_SESSION['a_iserror'])) {
echo ' class="isError" ';
}
?>
/></td>
</tr>
<?php
if ($hesk_settings['secimg_use'] == 2) {
?>
<tr>
<td width="60"> </td>
<td>
<hr />
<?php
// SPAM prevention verified for this session
if (isset($_SESSION['img_a_verified'])) {
echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy'];
} elseif ($hesk_settings['recaptcha_use']) {
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : '<?php
echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white';
?>
',
custom_translations : {
visual_challenge : "<?php
echo hesk_slashJS($hesklang['visual_challenge']);
?>
",
audio_challenge : "<?php
echo hesk_slashJS($hesklang['audio_challenge']);
?>
",
refresh_btn : "<?php
echo hesk_slashJS($hesklang['refresh_btn']);
?>
",
instructions_visual : "<?php
echo hesk_slashJS($hesklang['instructions_visual']);
?>
",
instructions_context : "<?php
echo hesk_slashJS($hesklang['instructions_context']);
?>
",
instructions_audio : "<?php
echo hesk_slashJS($hesklang['instructions_audio']);
?>
",
help_btn : "<?php
echo hesk_slashJS($hesklang['help_btn']);
?>
",
play_again : "<?php
echo hesk_slashJS($hesklang['play_again']);
?>
",
cant_hear_this : "<?php
echo hesk_slashJS($hesklang['cant_hear_this']);
?>
",
incorrect_try_again : "<?php
echo hesk_slashJS($hesklang['incorrect_try_again']);
?>
",
image_alt_text : "<?php
echo hesk_slashJS($hesklang['image_alt_text']);
?>
",
},
};
</script>
<?php
require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php';
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, $hesk_settings['recaptcha_ssl']);
} else {
$cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : '';
echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />';
}
?>
<hr />
</td>
</tr>
<?php
} else {
?>
<tr>
<td width="60"> </td>
<td> </td>
</tr>
<?php
}
// End if $hesk_settings['secimg_use'] == 2
if ($hesk_settings['autologin']) {
?>
<tr>
<td width="60"> </td>
<td><label><input type="radio" name="remember_user" value="AUTOLOGIN" <?php
echo $is_1;
?>
/> <?php
echo $hesklang['autologin'];
?>
</label><br />
<label><input type="radio" name="remember_user" value="JUSTUSER" <?php
echo $is_2;
?>
/> <?php
echo $hesklang['just_user'];
?>
</label><br />
<label><input type="radio" name="remember_user" value="NOTHANKS" <?php
echo $is_3;
?>
/> <?php
echo $hesklang['nothx'];
?>
</label></td>
</tr>
<?php
} else {
?>
<tr>
<td width="60"> </td>
<td><label><input type="checkbox" name="remember_user" value="JUSTUSER" <?php
echo $is_2;
?>
/> <?php
echo $hesklang['remember_user'];
?>
</label></td>
</tr>
<?php
}
// End if $hesk_settings['autologin']
?>
<tr>
<td width="60"> </td>
<td> </td>
</tr>
<tr>
<td width="60"> </td>
<td><input type="submit" value="<?php
echo $hesklang['click_login'];
?>
" class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" />
<input type="hidden" name="a" value="do_login" />
<?php
if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) {
echo '<input type="hidden" name="goto" value="' . $url . '" />';
}
?>
<br />
</td>
</tr>
</table>
</form>
</td>
<td class="roundcornersright"> </td>
</tr>
<tr>
<td><img src="../img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornersbottom"></td>
<td width="7" height="7"><img src="../img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>
</div>
<p> </p>
<?php
hesk_cleanSessionVars('a_iserror');
require_once HESK_PATH . 'inc/footer.inc.php';
exit;
}
function print_login()
{
global $hesk_settings, $hesklang;
// Tell header to load reCaptcha API if needed
if ($hesk_settings['recaptcha_use'] == 2) {
define('RECAPTCHA', 1);
}
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login'];
require_once HESK_PATH . 'inc/header.inc.php';
if (hesk_isREQUEST('notice')) {
hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT');
}
if (!isset($_SESSION['a_iserror'])) {
$_SESSION['a_iserror'] = array();
}
?>
<div class="loginError"><?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
?>
</div>
<div>
<div class="panel panel-default form-signin">
<div class="panel-heading">
<h4><span <?php
echo $iconDisplay;
?>
><span class="mega-octicon octicon-sign-in"></span> </span><?php
echo $hesklang['admin_login'];
?>
</a></h4>
</div>
<div class="panel-body">
<form class="form-signin form-horizontal" role="form" action="index.php" method="post" name="form1">
<?php
if (in_array('pass', $_SESSION['a_iserror'])) {
echo '<div class="form-group has-error">';
} else {
echo '<div class="form-group">';
}
?>
<label for="user" class="col-sm-4 control-label"><?php
echo $hesklang['username'];
?>
:</label>
<div class="col-sm-8">
<?php
if (defined('HESK_USER')) {
$savedUser = HESK_USER;
} else {
$savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username'));
}
$is_1 = '';
$is_2 = '';
$is_3 = '';
$remember_user = hesk_POST('remember_user');
if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) {
$is_1 = 'checked="checked"';
} elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') {
$is_2 = 'checked="checked"';
} else {
$is_3 = 'checked="checked"';
}
if ($hesk_settings['list_users']) {
echo '<select class="form-control" name="user">';
$res = hesk_dbQuery('SELECT `user` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC');
while ($row = hesk_dbFetchAssoc($res)) {
$sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : '';
echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>';
}
echo '</select>';
} else {
echo '<input class="form-control" type="text" name="user" size="35" placeholder="' . htmlspecialchars($hesklang['username']) . '" value="' . $savedUser . '" />';
}
?>
</div>
</div>
<?php
if (in_array('pass', $_SESSION['a_iserror'])) {
echo '<div class="form-group has-error">';
} else {
echo '<div class="form-group">';
}
?>
<label for="pass" class="col-sm-4 control-label"><?php
echo $hesklang['pass'];
?>
:</label>
<div class="col-sm-8">
<input type="password" class="form-control" id="pass" name="pass" size="35" placeholder="<?php
echo htmlspecialchars($hesklang['pass']);
?>
" />
</div>
</div>
<?php
if ($hesk_settings['secimg_use'] == 2) {
// SPAM prevention verified for this session
if (isset($_SESSION['img_a_verified'])) {
echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy'];
} elseif ($hesk_settings['recaptcha_use'] == 1) {
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : '<?php
echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white';
?>
',
custom_translations : {
visual_challenge : "<?php
echo hesk_slashJS($hesklang['visual_challenge']);
?>
",
audio_challenge : "<?php
echo hesk_slashJS($hesklang['audio_challenge']);
?>
",
refresh_btn : "<?php
echo hesk_slashJS($hesklang['refresh_btn']);
?>
",
instructions_visual : "<?php
echo hesk_slashJS($hesklang['instructions_visual']);
?>
",
instructions_context : "<?php
echo hesk_slashJS($hesklang['instructions_context']);
?>
",
instructions_audio : "<?php
echo hesk_slashJS($hesklang['instructions_audio']);
?>
",
help_btn : "<?php
echo hesk_slashJS($hesklang['help_btn']);
?>
",
play_again : "<?php
echo hesk_slashJS($hesklang['play_again']);
?>
",
cant_hear_this : "<?php
echo hesk_slashJS($hesklang['cant_hear_this']);
?>
",
incorrect_try_again : "<?php
echo hesk_slashJS($hesklang['incorrect_try_again']);
?>
",
image_alt_text : "<?php
echo hesk_slashJS($hesklang['image_alt_text']);
?>
"
}
};
</script>
<?php
require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php';
echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">';
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true);
echo '</div></div>';
} elseif ($hesk_settings['recaptcha_use'] == 2) {
?>
<div class="form-group">
<div class="col-md-8 col-md-offset-4">
<div class="g-recaptcha" data-sitekey="<?php
echo $hesk_settings['recaptcha_public_key'];
?>
"></div>
</div>
</div>
<?php
} else {
echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">';
$cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : '';
echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />';
echo '</div></div>';
}
}
// End if $hesk_settings['secimg_use'] == 2
if ($hesk_settings['autologin']) {
?>
<div class="form-group">
<div class="col-md-offset-4 col-md-8">
<div class="radio">
<label><input type="radio" name="remember_user" value="AUTOLOGIN" <?php
echo $is_1;
?>
/> <?php
echo $hesklang['autologin'];
?>
</label>
</div>
<div class="radio">
<label><input type="radio" name="remember_user" value="JUSTUSER" <?php
echo $is_2;
?>
/> <?php
echo $hesklang['just_user'];
?>
</label>
</div>
<div class="radio">
<label><input type="radio" name="remember_user" value="NOTHANKS" <?php
echo $is_3;
?>
/> <?php
echo $hesklang['nothx'];
?>
</label>
</div>
</div>
</div>
<?php
} else {
?>
<div class="form-group">
<div class="col-md-offset-4 col-md-8">
<div class="checkbox">
<label><input type="checkbox" name="remember_user" value="JUSTUSER" <?php
echo $is_2;
?>
/> <?php
echo $hesklang['remember_user'];
?>
</label>
</div>
</div>
</div>
<?php
}
// End if $hesk_settings['autologin']
?>
<div class="form-group">
<div class="col-md-offset-4 col-md-8">
<input type="submit" value="<?php
echo $hesklang['click_login'];
?>
" class="btn btn-default" />
<input type="hidden" name="a" value="do_login" />
<?php
if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) {
echo '<input type="hidden" name="goto" value="' . $url . '" />';
}
// Do we allow staff password reset?
if ($hesk_settings['reset_pass']) {
echo '<br /> <br /><a href="password.php" class="smaller">' . $hesklang['fpass'] . '</a>';
}
?>
</div>
</div>
</form>
</div>
</div>
</div>
<p> </p>
<?php
hesk_cleanSessionVars('a_iserror');
require_once HESK_PATH . 'inc/footer.inc.php';
exit;
}
function hesk_autoLogin($noredirect = 0)
{
global $hesk_settings, $hesklang, $hesk_db_link;
if (!$hesk_settings['autologin']) {
return false;
}
$user = hesk_htmlspecialchars(hesk_COOKIE('hesk_username'));
$hash = hesk_htmlspecialchars(hesk_COOKIE('hesk_p'));
define('HESK_USER', $user);
if (empty($user) || empty($hash)) {
return false;
}
/* Login cookies exist, now lets limit brute force attempts */
hesk_limitBfAttempts();
/* Check username */
$result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
setcookie('hesk_username', '');
setcookie('hesk_p', '');
header('Location: index.php?a=login¬ice=1');
exit;
}
$res = hesk_dbFetchAssoc($result);
foreach ($res as $k => $v) {
$_SESSION[$k] = $v;
}
/* Check password */
if ($hash != hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass'])) {
setcookie('hesk_username', '');
setcookie('hesk_p', '');
header('Location: index.php?a=login¬ice=1');
exit;
}
/* Check if default password */
if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') {
hesk_process_messages($hesklang['chdp'], 'NOREDIRECT', 'NOTICE');
}
unset($_SESSION['pass']);
/* Login successful, clean brute force attempts */
hesk_cleanBfAttempts();
/* Regenerate session ID (security) */
hesk_session_regenerate_id();
/* Get allowed categories */
if (empty($_SESSION['isadmin'])) {
$_SESSION['categories'] = explode(',', $_SESSION['categories']);
}
/* Renew cookies */
setcookie('hesk_username', "{$user}", strtotime('+1 year'));
setcookie('hesk_p', "{$hash}", strtotime('+1 year'));
/* Close any old tickets here so Cron jobs aren't necessary */
if ($hesk_settings['autoclose']) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']);
$dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400);
hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`='3', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' ");
}
/* If session expired while a HESK page is open just continue using it, don't redirect */
if ($noredirect) {
return true;
}
/* Redirect to the destination page */
if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) {
$url = str_replace('&', '&', $url);
header('Location: ' . $url);
} else {
header('Location: admin_main.php');
}
exit;
}
function hesk_getLanguage()
{
global $hesk_settings, $hesklang, $_SESSION;
$language = $hesk_settings['language'];
/* Remember what the default language is for some special uses like mass emails */
define('HESK_DEFAULT_LANGUAGE', $hesk_settings['language']);
/* Can users select language? */
if (empty($hesk_settings['can_sel_lang'])) {
return hesk_returnLanguage();
}
/* Is a non-default language selected? If not use default one */
if (isset($_GET['language'])) {
$language = hesk_input(hesk_GET('language')) or $language = $hesk_settings['language'];
} elseif (isset($_COOKIE['hesk_language'])) {
$language = hesk_input(hesk_COOKIE('hesk_language')) or $language = $hesk_settings['language'];
} else {
return hesk_returnLanguage();
}
/* non-default language selected. Check if it's a valid one, if not use default one */
if ($language != $hesk_settings['language'] && isset($hesk_settings['languages'][$language])) {
$hesk_settings['language'] = $language;
}
/* Remember and set the selected language */
setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/');
return hesk_returnLanguage();
}
function hesk_show_kb_article($artid)
{
global $hesk_settings, $hesklang, $article;
// Print header
$hesk_settings['tmp_title'] = $article['subject'];
require_once HESK_PATH . 'inc/header.inc.php';
hesk_kb_header($hesk_settings['kb_link']);
// Update views by 1 - exclude known bots and reloads because of ratings
if (!isset($_GET['rated']) && !hesk_detect_bots()) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `views`=`views`+1 WHERE `id`={$artid} LIMIT 1");
}
echo '<h1>' . $article['subject'] . '</h1>
<fieldset>
<legend>' . $hesklang['as'] . '</legend>
' . $article['content'];
if (!empty($article['attachments'])) {
echo '<p><b>' . $hesklang['attachments'] . ':</b><br />';
$att = explode(',', substr($article['attachments'], 0, -1));
foreach ($att as $myatt) {
list($att_id, $att_name) = explode('#', $myatt);
echo '<img src="img/clip.png" width="16" height="16" alt="' . $att_name . '" style="align:text-bottom" /> <a href="download_attachment.php?kb_att=' . $att_id . '" rel="nofollow">' . $att_name . '</a><br />';
}
echo '</p>';
}
// Article rating
if ($hesk_settings['kb_rating'] && strpos(hesk_COOKIE('hesk_kb_rate'), 'a' . $artid . '%') === false) {
echo '
<div id="rating" class="rate" align="right"> <br />' . $hesklang['rart'] . '
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['no']) . '</a>
</div>
';
}
echo '</fieldset>';
// Related articles
if ($hesk_settings['kb_related']) {
require HESK_PATH . 'inc/mail/email_parser.php';
$query = hesk_dbEscape($article['subject'] . ' ' . convert_html_to_text($article['content']));
// Get relevant articles from the database
$res = hesk_dbQuery("SELECT t1.`id`, t1.`subject`, MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') AS `score` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . 'kb_articles` AS t1 LEFT JOIN `' . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS t2 ON t1.`catid` = t2.`id` WHERE t1.`type`='0' AND t2.`type`='0' AND MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') LIMIT " . intval($hesk_settings['kb_related'] + 1));
// Array with related articles
$related_articles = array();
while ($related = hesk_dbFetchAssoc($res)) {
// Get base match score from the first article
if (!isset($base_score)) {
$base_score = $related['score'];
}
// Ignore this article
if ($related['id'] == $artid) {
continue;
}
// Stop when articles reach less than 10% of base score
if ($related['score'] / $base_score < 0.1) {
break;
}
// This is a valid related article
$related_articles[$related['id']] = $related['subject'];
}
// Print related articles if we have any valid matches
if (count($related_articles)) {
echo '<fieldset><legend>' . $hesklang['relart'] . '</legend>';
foreach ($related_articles as $id => $subject) {
echo '<img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle;padding:2px;" /> <a href="knowledgebase.php?article=' . $id . '">' . $subject . '</a><br />';
}
echo '</fieldset>';
}
}
if ($article['catid'] == 1) {
$link = 'knowledgebase.php';
} else {
$link = 'knowledgebase.php?category=' . $article['catid'];
}
?>
<fieldset>
<legend><?php
echo $hesklang['ad'];
?>
</legend>
<table border="0">
<tr>
<td><?php
echo $hesklang['aid'];
?>
: </td>
<td><?php
echo $article['id'];
?>
</td>
</tr>
<tr>
<td><?php
echo $hesklang['category'];
?>
: </td>
<td><a href="<?php
echo $link;
?>
"><?php
echo $article['cat_name'];
?>
</a></td>
</tr>
<?php
if ($hesk_settings['kb_date']) {
?>
<tr>
<td><?php
echo $hesklang['dta'];
?>
: </td>
<td><?php
echo hesk_date($article['dt'], true);
?>
</td>
</tr>
<?php
}
if ($hesk_settings['kb_views']) {
?>
<tr>
<td><?php
echo $hesklang['views'];
?>
: </td>
<td><?php
echo isset($_GET['rated']) ? $article['views'] : $article['views'] + 1;
?>
</td>
</tr>
<?php
}
if ($hesk_settings['kb_rating']) {
$alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
echo '
<tr>
<td>' . $hesklang['rating'] . ' (' . $hesklang['votes'] . '):</td>
<td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /> (' . $article['votes'] . ')</td>
</tr>
';
}
?>
</table>
</fieldset>
<?php
if (!isset($_GET['suggest'])) {
?>
<p> <br />« <a href="javascript:history.go(<?php
echo isset($_GET['rated']) ? '-2' : '-1';
?>
)"><?php
echo $hesklang['back'];
?>
</a></p>
<?php
} else {
?>
<p> </p>
<?php
}
}
function print_login()
{
global $hesk_settings, $hesklang;
// Tell header to load reCaptcha API if needed
if ($hesk_settings['recaptcha_use'] == 2) {
define('RECAPTCHA', 1);
}
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login'];
require_once HESK_PATH . 'inc/header.inc.php';
if (hesk_isREQUEST('notice')) {
hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT');
}
if (!isset($_SESSION['a_iserror'])) {
$_SESSION['a_iserror'] = array();
}
?>
<nav class="row navbar navbar-default" id="showTopBar-indexPhp">
<div class="menu-wrapper">
<div class="container showTopBar"><?php
hesk_showTopBar($hesk_settings['hesk_title']);
?>
</div>
</div><!-- end showTopBar-indexPhp -->
</nav>
<div class="container siteUrl-title-admin-indexPhp">
<div class="form-inline">
<span><a href="<?php
echo $hesk_settings['site_url'];
?>
" class="smaller"><?php
echo $hesk_settings['site_title'];
?>
</a></span> >
<span><?php
echo $hesklang['admin_login'];
?>
</span>
</div>
</div>
<!--
</td>
</tr>-->
<!-- start in this page end somewhere...
<tr>
<td>-->
<br/>
<br/>
<br/>
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
?>
<div class="container">
<div class="col-sm-5 admin-login-top-latest-kb">
<div class="form-group admin-login">
<br/>
<div class="container form-group">
<form action="index.php" method="post" name="form1">
<div id="ad-log"><b><?php
echo $hesklang['admin_login'];
?>
</a></b></div>
</br>
<div class="form-inline">
<h4><label class="control-label" for="username-admin"><?php
echo $hesklang['username'];
?>
:</label></h4>
<?php
$cls = in_array('user', $_SESSION['a_iserror']) ? ' class="isError" ' : '';
if (defined('HESK_USER')) {
$savedUser = HESK_USER;
} else {
$savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username'));
}
$is_1 = '';
$is_2 = '';
$is_3 = '';
$remember_user = hesk_POST('remember_user');
if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) {
$is_1 = 'checked="checked"';
} elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') {
$is_2 = 'checked="checked"';
} else {
$is_3 = 'checked="checked"';
}
if ($hesk_settings['list_users']) {
echo '<select name="user" ' . $cls . '>';
$res = hesk_dbQuery('SELECT `user` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC');
while ($row = hesk_dbFetchAssoc($res)) {
$sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : '';
echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>';
}
echo '</select>';
} else {
echo '<input class="form-control" id="username-admin" type="text" name="user" size="35" value="' . $savedUser . '" ' . $cls . ' />';
}
?>
</div>
<br/>
<div class="form-inline">
<h4><label class="control-label" for="password-admin"><?php
echo $hesklang['pass'];
?>
:</h4><input class="form-control" id="password-admin" type="password" name="pass" size="35" <?php
if (in_array('pass', $_SESSION['a_iserror'])) {
echo ' class="isError" ';
}
?>
/>
</div>
<?php
if ($hesk_settings['secimg_use'] == 2) {
?>
<br/><br/>
<?php
// SPAM prevention verified for this session
if (isset($_SESSION['img_a_verified'])) {
echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy'];
} elseif ($hesk_settings['recaptcha_use'] == 1) {
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : '<?php
echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white';
?>
',
custom_translations : {
visual_challenge : "<?php
echo hesk_slashJS($hesklang['visual_challenge']);
?>
",
audio_challenge : "<?php
echo hesk_slashJS($hesklang['audio_challenge']);
?>
",
refresh_btn : "<?php
echo hesk_slashJS($hesklang['refresh_btn']);
?>
",
instructions_visual : "<?php
echo hesk_slashJS($hesklang['instructions_visual']);
?>
",
instructions_context : "<?php
echo hesk_slashJS($hesklang['instructions_context']);
?>
",
instructions_audio : "<?php
echo hesk_slashJS($hesklang['instructions_audio']);
?>
",
help_btn : "<?php
echo hesk_slashJS($hesklang['help_btn']);
?>
",
play_again : "<?php
echo hesk_slashJS($hesklang['play_again']);
?>
",
cant_hear_this : "<?php
echo hesk_slashJS($hesklang['cant_hear_this']);
?>
",
incorrect_try_again : "<?php
echo hesk_slashJS($hesklang['incorrect_try_again']);
?>
",
image_alt_text : "<?php
echo hesk_slashJS($hesklang['image_alt_text']);
?>
",
},
};
</script>
<?php
require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php';
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true);
} elseif ($hesk_settings['recaptcha_use'] == 2) {
?>
<div class="g-recaptcha" data-sitekey="<?php
echo $hesk_settings['recaptcha_public_key'];
?>
"></div>
<?php
} else {
$cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : '';
echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />';
}
?>
<br/><br/>
<?php
} else {
?>
<?php
}
// End if $hesk_settings['secimg_use'] == 2
if ($hesk_settings['autologin']) {
?>
<br/>
<div class="radios" style="text-align: -webkit-auto; display: inline-block;">
<div class="">
<span>
<input type="checkbox" name="remember_user" id="optionsRadios1" value="kot" <?php
echo $is_1;
?>
checked="checked" /> <?php
echo $hesklang['remember_user'];
?>
<br />
</span>
</div>
<div class="radio">
<span>
<input type="hidden" name="remember_user" id="optionsRadios2" value="AUTOLOGIN" <?php
echo $is_2;
?>
checked="checked" /><br />
</span>
</div>
</div>
<?php
} else {
?>
<label><input type="checkbox" name="remember_user" value="JUSTUSER" class="form-control"<?php
echo $is_2;
?>
/> <?php
echo $hesklang['remember_user'];
?>
</label>
<?php
}
// End if $hesk_settings['autologin']
?>
<br/><br/>
<button type="submit" class="btn btn-default" id="submit-login"><?php
echo $hesklang['click_login'];
?>
</button>
<input type="hidden" name="a" value="do_login" />
<?php
if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) {
echo '<input type="hidden" name="goto" value="' . $url . '" />';
}
// Do we allow staff password reset?
if ($hesk_settings['reset_pass']) {
echo '<br /> <br /><div id="forgotpassw"><a href="password.php" class="smaller">' . $hesklang['fpass'] . '</a></div>';
}
?>
<br />
</form>
</div>
</div>
<div class="form-inline top-latest-kb-button">
<a href="http://localhost/support/knowledgebase.php#tab_home" target="_blank"><button type="submit" class="btn btn-default" id="top-kb-button" onmouseover="hesk_btn(this,'btn btn-defaultover');" onmouseout="hesk_btn(this,'btn btn-default');">Top Knowledgebase <br/> articles</button></a>
<a href="http://localhost/support/knowledgebase.php#tab_profile" target="_blank"><button type="submit" class="btn btn-default" id="latest-kb-button" onmouseover="hesk_btn(this,'btn btn-defaultover');" onmouseout="hesk_btn(this,'btn btn-default');">Latest Knowledgebase <br/> articles</button></a>
</div>
</div>
<div class="col-sm-7 help-staf"><img src="../img/help.jpg" alt="help" /></div>
</div>
<?php
hesk_cleanSessionVars('a_iserror');
require_once HESK_PATH . 'inc/footer.inc.php';
exit;
}
function hesk_show_kb_article($artid)
{
global $hesk_settings, $hesklang, $article;
// Print header
$hesk_settings['tmp_title'] = $article['subject'];
require_once HESK_PATH . 'inc/header.inc.php';
hesk_kb_header($hesk_settings['kb_link']);
// Update views by 1 - exclude known bots and reloads because of ratings
if (!isset($_GET['rated']) && !hesk_detect_bots()) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `views`=`views`+1 WHERE `id`='" . intval($artid) . "' LIMIT 1");
}
echo '<h1>' . $article['subject'] . '</h1>
<fieldset>
<legend>' . $hesklang['as'] . '</legend>
' . $article['content'];
if (!empty($article['attachments'])) {
echo '<p><b>' . $hesklang['attachments'] . ':</b><br />';
$att = explode(',', substr($article['attachments'], 0, -1));
foreach ($att as $myatt) {
list($att_id, $att_name) = explode('#', $myatt);
echo '<img src="img/clip.png" width="16" height="16" alt="' . $att_name . '" style="align:text-bottom" /> <a href="download_attachment.php?kb_att=' . $att_id . '" rel="nofollow">' . $att_name . '</a><br />';
}
echo '</p>';
}
if ($hesk_settings['kb_rating'] && strpos(hesk_COOKIE('hesk_kb_rate'), 'a' . $artid . '%') === false) {
echo '
<div id="rating" class="rate" align="right"> <br />' . $hesklang['rart'] . '
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['yes']) . '</a> /
<a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['no']) . '</a>
</div>
';
}
echo '</fieldset>';
if ($article['catid'] == 1) {
$link = 'knowledgebase.php';
} else {
$link = 'knowledgebase.php?category=' . $article['catid'];
}
?>
<fieldset>
<legend><?php
echo $hesklang['ad'];
?>
</legend>
<table border="0">
<tr>
<td><?php
echo $hesklang['aid'];
?>
: </td>
<td><?php
echo $article['id'];
?>
</td>
</tr>
<tr>
<td><?php
echo $hesklang['category'];
?>
: </td>
<td><a href="<?php
echo $link;
?>
"><?php
echo $article['cat_name'];
?>
</a></td>
</tr>
<?php
if ($hesk_settings['kb_date']) {
?>
<tr>
<td><?php
echo $hesklang['dta'];
?>
: </td>
<td><?php
echo hesk_date($article['dt']);
?>
</td>
</tr>
<?php
}
if ($hesk_settings['kb_views']) {
?>
<tr>
<td><?php
echo $hesklang['views'];
?>
: </td>
<td><?php
echo isset($_GET['rated']) ? $article['views'] : $article['views'] + 1;
?>
</td>
</tr>
<?php
}
if ($hesk_settings['kb_rating']) {
$alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
echo '
<tr>
<td>' . $hesklang['rating'] . ' (' . $hesklang['votes'] . '):</td>
<td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /> (' . $article['votes'] . ')</td>
</tr>
';
}
?>
</table>
</fieldset>
<?php
if (!isset($_GET['suggest'])) {
?>
<p> <br />« <a href="javascript:history.go(<?php
echo isset($_GET['rated']) ? '-2' : '-1';
?>
)"><?php
echo $hesklang['back'];
?>
</a></p>
<?php
} else {
?>
<p> </p>
<?php
}
}
