} </script> <?php echo "<form action='{$_SERVER['PHP_SELF']}?action=assign'"; echo " method='post' name='supportdetails' onsubmit=\"return validateForm(this)\">"; echo "<input type='hidden' name='type' value=\"{$type}\" />"; echo "<input type='hidden' name='contactid' value=\"{$contactid}\" />"; echo "<input type='hidden' name='productid' value=\"{$productid}\" />"; echo "<input type='hidden' name='maintid' value=\"{$maintid}\" />"; echo "<input type='hidden' name='siteid' value=\"{$siteid}\" />"; if (!empty($updateid)) { echo "<input type='hidden' name='updateid' value='{$updateid}' />"; } echo "<table class='vertical' width='90%'>"; echo "<tr><td>"; $contactemail = contact_email($contactid); echo "<a href=\"mailto:{$contactemail}\">" . icon('contact', 16, '', $contactemail) . "</a>"; echo " <strong>" . contact_realname($contactid) . "</strong> <span style='font-size:80%;'>(<a href='contact_edit.php?action=edit&"; echo "contact={$contactid}'>{$strEdit}</a>)</span>, "; echo contact_site($contactid) . " "; echo "{$strTel}: " . contact_phone($contactid); echo "</td>"; echo "<td>"; echo icon('contract', 16) . " <strong>{$strContract} {$maintid}</strong>: "; echo strip_tags($producttext); echo "</td></tr>"; if (empty($updateid)) { echo "<tr><td><label for='incidenttitle'>{$strIncidentTitle}</label><br />"; echo "<input class='required' maxlength='200' id='incidenttitle' "; echo "name='incidenttitle' size='50' type='text' />"; echo " <span class='required'>{$strRequired}</span></td>\n";
/** * Creates a blank feedback form response * @param $formid int The feedback form to use * @param $incidentid int The incident to generate the form for * @return int The form ID */ function create_incident_feedback($formid, $incidentid) { global $dbFeedbackRespondents; $contactid = incident_contact($incidentid); $email = contact_email($contactid); $sql = "INSERT INTO `{$dbFeedbackRespondents}` (formid, contactid, email, incidentid) VALUES ("; $sql .= "'" . mysql_real_escape_string($formid) . "', "; $sql .= "'" . mysql_real_escape_string($contactid) . "', "; $sql .= "'" . mysql_real_escape_string($email) . "', "; $sql .= "'" . mysql_real_escape_string($incidentid) . "') "; mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Error: " . mysql_error(), E_USER_ERROR); } $blankformid = mysql_insert_id(); return $blankformid; }
// This insert could possibly be merged with another of the 'updates' records, but for now we keep it seperate for clarity $sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) "; $sql .= "VALUES ('{$incidentid}', '0', 'reviewmet', '{$now}', '0', '1', 'hide', 'opened','')"; mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } trigger('TRIGGER_INCIDENT_CREATED', array('incidentid' => $incidentid, 'sendemail' => 1)); if ($CONFIG['auto_assign_incidents']) { $suggest_user = suggest_reassign_userid($incidentid); if ($suggest_user > 0) { reassign_incident($incidentid, $suggest_user); } } $_SESSION['formdata']['portaladdincident'] = NULL; $_SESSION['formerrors']['portaladdincident'] = NULL; html_redirect("index.php", TRUE, $strIncidentAdded); } else { $contact_id = intval($_SESSION['contactid']); $contact_name = contact_realname($_SESSION['contactid']); $contact_email = contact_email($_SESSION['contactid']); create_temp_incoming($update_id, $contact_name, $incidenttitle, $contact_email, $_SESSION['contactid']); $_SESSION['formdata']['portaladdincident'] = NULL; $_SESSION['formerrors']['portaladdincident'] = NULL; html_redirect("index.php", TRUE, $strRequestSent); } exit; } else { html_redirect("{$_SERVER['PHP_SELF']}?contractid={$contractid}", FALSE); } }
/** * @author Tom Gerrard */ function generate_row($update) { global $CONFIG, $sit; if (empty($update['fromaddr']) and !empty($update['from'])) { $update['fromaddr'] = $update['from']; } $update['fromaddr'] = strtolower($update['fromaddr']); if (strlen($update['bodytext']) > 1003) { $updatebodytext = substr($update['bodytext'], 0, 1000) . '…'; } else { $updatebodytext = $update['bodytext']; } $search = array('<b>', '</b>', '<i>', '</i>', '<u>', '</u>', '<', '>'); $replace = ''; $updatebodytext = htmlspecialchars(str_replace($search, $replace, $updatebodytext)); if ($updatebodytext == '') { $updatebodytext = ' '; } $shade = 'shade1'; if ($update['contactid'] != 0) { $shade = 'idle'; } else { if (!empty($update['fromaddr'])) { // Have a look if we've got a user with this email address $sql = "SELECT COUNT(id) FROM `{$GLOBALS['dbUsers']}` WHERE email LIKE '%{$update['fromaddr']}%'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } list($contactmatches) = mysql_fetch_row($result); if ($contactmatches > 0) { $shade = 'notice'; } } } $pluginshade = plugin_do('holdingqueue_rowshade', $update); $shade = $pluginshade ? $pluginshade : $shade; $html_row = "<tr class='{$shade}'>"; $html_row .= "<td style='text-align: center'>"; if ($update['locked'] == $sit[2] or empty($update['locked'])) { $html_row .= "<input type='checkbox' name='selected[]' value='" . $update['updateid'] . "' />"; } $html_row .= "</td>"; $html_row .= "<td align='center' width='20%'>" . date($CONFIG['dateformat_datetime'], $update['timestamp']) . '</td>'; $html_row .= "<td width='20%'>"; if (!empty($update['contactid']) and $update['fromaddr'] == contact_email($update['contactid'])) { $html_row .= gravatar($update['fromaddr'], 16) . ' '; $contact_realname = contact_realname($update['contactid']); $html_row .= "<a href='contact_details.php?id={$update['contactid']}' class='info'>"; $html_row .= "{$contact_realname}<span>" . htmlentities($update['fromaddr'], ENT_QUOTES, $GLOBALS['i18ncharset']) . "</span></a>"; $html_row .= " of " . contact_site($update['contactid']); if ($update['emailfrom'] != $contact_realname) { $html_row .= "<br />\n"; $html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']); } } else { $html_row .= gravatar($update['fromaddr'], 16) . ' '; $html_row .= "<a href=\"mailto:{$update['fromaddr']}\">{$update['fromaddr']}</a><br />\n"; $html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']); } $html_row .= "</td>"; $html_row .= "<td width='20%'><a href=\"javascript:incident_details_window('{$update['tempid']}','incomingview');\" id='update{$update['id']}' class='info'>"; // $html_row.="<td width='20%'><a href=\"javascript:void(0);\" id='update{$update['id']}' class='info' style='cursor:help;'>"; if (empty($update['subject'])) { $update['subject'] = $GLOBALS['strUntitled']; } $html_row .= htmlentities($update['subject'], ENT_QUOTES, $GLOBALS['i18ncharset']); $html_row .= '<span>' . parse_updatebody($updatebodytext) . '</span></a></td>'; $span = sprintf($GLOBALS['strByX'], user_realname($update['reason_user'])) . "<br />"; $span .= sprintf($GLOBALS['strOnxAtY'], ldate($CONFIG['dateformat_date'], mysql2date($update['reason_time'])), ldate($CONFIG['dateformat_time'], mysql2date($update['reason_time']))); $html_row .= "<td align='center' width='20%'><a class='info'>{$update['reason']}<span>{$span}</span></a></td>"; $html_row .= "<td align='center' width='20%'>"; if ($update['locked'] != $sit[2] && $update['locked'] > 0) { $html_row .= sprintf($strLockedByX, user_realname($update['locked'], TRUE)); } else { if ($update['locked'] == $sit[2]) { $html_row .= "<a href='{$_SERVER['PHP_SELF']}?unlock={$update['tempid']}'"; $html_row .= " title='{$strUnlockThisToBeModifiedByOther}'> {$GLOBALS['strUnlock']}</a> | "; } else { $html_row .= "<a href=\"javascript:incident_details_window('{$update['tempid']}'"; $html_row .= ",'incomingview');\" id='update{$update['id']}' class='info'"; $html_row .= " title='View and lock this held e-mail'>{$GLOBALS['strView']}</a> | "; } if ($update['reason_id'] == 2) { $html_row .= "<a href='incident_reopen.php?id={$update['incident_id']}&updateid={$update['updateid']}'>{$GLOBALS['strReopen']}</a> | "; } $html_row .= "<a href='delete_update.php?updateid=" . $update['id'] . "&tempid=" . $update['tempid'] . "&timestamp=" . $update['timestamp'] . "' title='{$strRemoveThisPermanently}' onclick=\"return confirm_action('{$GLOBALS['strAreYouSureDelete']}');\"> {$GLOBALS['strDelete']}</a>"; } $html_row .= "</td></tr>\n"; return $html_row; }