Esempio n. 1
0
function new_sm()
{
    global $hesk_settings, $hesklang, $listBox;
    global $hesk_error_buffer;
    // A security check
    # hesk_token_check('POST');
    $hesk_error_buffer = array();
    $style = intval(hesk_POST('style', 0));
    if ($style > 4 || $style < 0) {
        $style = 0;
    }
    $type = empty($_POST['type']) ? 0 : 1;
    $title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
    $message = hesk_getHTML(hesk_POST('message'));
    // Any errors?
    if (count($hesk_error_buffer)) {
        $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => hesk_input(hesk_POST('message')));
        $tmp = '';
        foreach ($hesk_error_buffer as $error) {
            $tmp .= "<li>{$error}</li>\n";
        }
        $hesk_error_buffer = $tmp;
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'service_messages.php');
    }
    // Just preview the message?
    if (isset($_POST['sm_preview'])) {
        $_SESSION['preview_sm'] = true;
        $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => $message);
        header('Location: service_messages.php');
        exit;
    }
    // Get the latest service message order
    $res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1");
    $row = hesk_dbFetchRow($res);
    $my_order = intval($row[0]) + 10;
    // Insert service message into database
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`) VALUES (\n    '" . intval($_SESSION['id']) . "',\n    '" . hesk_dbEscape($title) . "',\n    '" . hesk_dbEscape($message) . "',\n    '{$style}',\n    '{$type}',\n    '{$my_order}'\n    )");
    $_SESSION['smord'] = hesk_dbInsertID();
    hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS');
}
function new_saved()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check('POST');
    $hesk_error_buffer = '';
    $savename = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['ent_ticket_tpl_title'] . '</li>';
    $msg = hesk_input(hesk_POST('msg')) or $hesk_error_buffer .= '<li>' . $hesklang['ent_ticket_tpl_msg'] . '</li>';
    // Avoid problems with utf-8 newline chars in Javascript code, detect and remove them
    $msg = preg_replace('/\\R/u', "\r\n", $msg);
    $_SESSION['canned']['what'] = 'NEW';
    $_SESSION['canned']['name'] = $savename;
    $_SESSION['canned']['msg'] = $msg;
    /* Any errors? */
    if (strlen($hesk_error_buffer)) {
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'manage_ticket_templates.php');
    }
    /* Get the latest tpl_order */
    $result = hesk_dbQuery('SELECT `tpl_order` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` DESC LIMIT 1');
    $row = hesk_dbFetchRow($result);
    $my_order = $row[0] + 10;
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` (`title`,`message`,`tpl_order`) VALUES ('" . hesk_dbEscape($savename) . "','" . hesk_dbEscape($msg) . "','" . intval($my_order) . "')");
    unset($_SESSION['canned']['what']);
    unset($_SESSION['canned']['name']);
    unset($_SESSION['canned']['msg']);
    hesk_process_messages($hesklang['ticket_tpl_saved'], 'manage_ticket_templates.php', 'SUCCESS');
}
Esempio n. 3
0
function new_cat()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check('POST');
    /* Options */
    $_SESSION['cat_autoassign'] = hesk_POST('autoassign') == 'Y' ? 1 : 0;
    $_SESSION['cat_type'] = hesk_POST('type') == 'Y' ? 1 : 0;
    // Default priority
    $_SESSION['cat_priority'] = intval(hesk_POST('priority', 3));
    if ($_SESSION['cat_priority'] < 0 || $_SESSION['cat_priority'] > 3) {
        $_SESSION['cat_priority'] = 3;
    }
    /* Category name */
    $catname = hesk_input(hesk_POST('name'), $hesklang['enter_cat_name'], 'manage_categories.php');
    /* Do we already have a category with this name? */
    $res = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `name` LIKE '" . hesk_dbEscape(hesk_dbLike($catname)) . "' LIMIT 1");
    if (hesk_dbNumRows($res) != 0) {
        $_SESSION['catname'] = $catname;
        hesk_process_messages($hesklang['cndupl'], 'manage_categories.php');
    }
    /* Get the latest cat_order */
    $res = hesk_dbQuery("SELECT `cat_order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `cat_order` DESC LIMIT 1");
    $row = hesk_dbFetchRow($res);
    $my_order = $row[0] + 10;
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` (`name`,`cat_order`,`autoassign`,`type`, `priority`) VALUES ('" . hesk_dbEscape($catname) . "','" . intval($my_order) . "','" . intval($_SESSION['cat_autoassign']) . "','" . intval($_SESSION['cat_type']) . "','{$_SESSION['cat_priority']}')");
    hesk_cleanSessionVars('catname');
    hesk_cleanSessionVars('cat_autoassign');
    hesk_cleanSessionVars('cat_type');
    hesk_cleanSessionVars('cat_priority');
    $_SESSION['selcat2'] = hesk_dbInsertID();
    hesk_process_messages(sprintf($hesklang['cat_name_added'], '<i>' . stripslashes($catname) . '</i>'), 'manage_categories.php', 'SUCCESS');
}
Esempio n. 4
0
function hesk_isEmailLoop($email, $message_hash)
{
    global $hesk_settings, $hesklang, $hesk_db_link;
    // If $hesk_settings['loop_hits'] is set to 0 this function is disabled
    if (!$hesk_settings['loop_hits']) {
        return false;
    }
    // Escape wildcards in email
    $email_like = hesk_dbEscape(hesk_dbLike($email));
    // Delete expired DB entries
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` WHERE `dt` < (NOW() - INTERVAL " . intval($hesk_settings['loop_time']) . " SECOND) ");
    // Check current entry
    $res = hesk_dbQuery("SELECT `hits`, `message_hash` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` WHERE `email` LIKE '{$email_like}' LIMIT 1");
    // Any active entry*
    if (hesk_dbNumRows($res)) {
        list($num, $md5) = hesk_dbFetchRow($res);
        $num++;
        // Number of emails in a time period reached?
        if ($num >= $hesk_settings['loop_hits']) {
            return true;
        }
        // Message exactly the same as in previous email?
        if ($message_hash == $md5) {
            return true;
        }
        // Update DB entry
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` SET `hits` = `hits` + 1, `message_hash` = '" . hesk_dbEscape($message_hash) . "' WHERE `email` LIKE '{$email_like}' LIMIT 1");
    } else {
        // First instance, insert a new database row
        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` (`email`, `message_hash`) VALUES ('" . hesk_dbEscape($email) . "', '" . hesk_dbEscape($message_hash) . "')");
    }
    // No loop rule trigered
    return false;
}
Esempio n. 5
0
    }
    // Password
    $_SESSION['admin_pass'] = hesk_input(hesk_POST('admin_pass'));
    if (strlen($_SESSION['admin_pass']) == 0) {
        $_SESSION['admin_pass'] = substr(str_shuffle("23456789abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ"), 0, mt_rand(8, 12));
    }
    // Password hash for the database
    $_SESSION['admin_hash'] = hesk_Pass2Hash($_SESSION['admin_pass']);
    $hesk_db_link = hesk_iTestDatabaseConnection();
    // Get table prefix, don't allow any special chars
    $hesk_settings['db_pfix'] = preg_replace('/[^0-9a-zA-Z_]/', '', hesk_POST('pfix', 'hesk_'));
    // Generate HESK table names
    $hesk_tables = array($hesk_settings['db_pfix'] . 'attachments', $hesk_settings['db_pfix'] . 'banned_emails', $hesk_settings['db_pfix'] . 'banned_ips', $hesk_settings['db_pfix'] . 'categories', $hesk_settings['db_pfix'] . 'kb_articles', $hesk_settings['db_pfix'] . 'kb_attachments', $hesk_settings['db_pfix'] . 'kb_categories', $hesk_settings['db_pfix'] . 'logins', $hesk_settings['db_pfix'] . 'mail', $hesk_settings['db_pfix'] . 'notes', $hesk_settings['db_pfix'] . 'online', $hesk_settings['db_pfix'] . 'pipe_loops', $hesk_settings['db_pfix'] . 'replies', $hesk_settings['db_pfix'] . 'reply_drafts', $hesk_settings['db_pfix'] . 'reset_password', $hesk_settings['db_pfix'] . 'service_messages', $hesk_settings['db_pfix'] . 'std_replies', $hesk_settings['db_pfix'] . 'tickets', $hesk_settings['db_pfix'] . 'ticket_templates', $hesk_settings['db_pfix'] . 'users');
    // Check if any of the HESK tables exists
    $res = hesk_dbQuery('SHOW TABLES FROM `' . hesk_dbEscape($hesk_settings['db_name']) . '`');
    while ($row = hesk_dbFetchRow($res)) {
        if (in_array($row[0], $hesk_tables)) {
            hesk_iDatabase(2);
        }
    }
    // All ok, let's save settings
    hesk_iSaveSettings();
    // Now install HESK database tables
    hesk_iTables();
    // And move to the next step
    $_SESSION['step'] = 4;
}
// Which step are we at?
switch ($_SESSION['step']) {
    case 2:
        hesk_iCheckSetup();
Esempio n. 6
0
// Lets handle ticket templates
$can_options = '';
// Get ticket templates from the database
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` ORDER BY `tpl_order` ASC");
// If we have any templates print them out
if (hesk_dbNumRows($res)) {
    ?>
						<script language="javascript" type="text/javascript"><!--
						// -->
						var myMsgTxt = new Array();
						var mySubjectTxt = new Array();
						myMsgTxt[0]='';
						mySubjectTxt[0]='';

						<?php 
    while ($mysaved = hesk_dbFetchRow($res)) {
        $can_options .= '<option value="' . $mysaved[0] . '">' . $mysaved[1] . "</option>\n";
        echo 'myMsgTxt[' . $mysaved[0] . ']=\'' . str_replace("\r\n", "\\r\\n' + \r\n'", addslashes($mysaved[2])) . "';\n";
        echo 'mySubjectTxt[' . $mysaved[0] . ']=\'' . str_replace("\r\n", "\\r\\n' + \r\n'", addslashes($mysaved[1])) . "';\n";
    }
    ?>

						function setMessage(msgid)
						{
							var myMsg=myMsgTxt[msgid];
							var mySubject=mySubjectTxt[msgid];

							if (myMsg == '')
							{
								if (document.form1.mode[1].checked)
								{
function new_article()
{
    global $hesk_settings, $hesklang, $listBox;
    global $hesk_error_buffer;
    /* A security check */
    # hesk_token_check('POST');
    $_SESSION['hide'] = array('treemenu' => 1, 'new_category' => 1);
    $hesk_error_buffer = array();
    $catid = intval(hesk_POST('catid', 1));
    $type = empty($_POST['type']) ? 0 : (hesk_POST('type') == 2 ? 2 : 1);
    $html = $hesk_settings['kb_wysiwyg'] ? 1 : (empty($_POST['html']) ? 0 : 1);
    $now = hesk_date();
    // Prevent submitting duplicate articles by reloading manage_knowledgebase.php page
    if (isset($_SESSION['article_submitted'])) {
        header('Location:manage_knowledgebase.php?a=manage_cat&catid=' . $catid);
        exit;
    }
    $_SESSION['KB_CATEGORY'] = $catid;
    $subject = hesk_input(hesk_POST('subject')) or $hesk_error_buffer[] = $hesklang['kb_e_subj'];
    if ($html) {
        if (empty($_POST['content'])) {
            $hesk_error_buffer[] = $hesklang['kb_e_cont'];
        }
        $content = hesk_getHTML(hesk_POST('content'));
    } else {
        $content = hesk_input(hesk_POST('content')) or $hesk_error_buffer[] = $hesklang['kb_e_cont'];
        $content = nl2br($content);
        $content = hesk_makeURL($content);
    }
    $sticky = isset($_POST['sticky']) ? 1 : 0;
    $keywords = hesk_input(hesk_POST('keywords'));
    /* Article attachments */
    define('KB', 1);
    require_once HESK_PATH . 'inc/posting_functions.inc.php';
    require_once HESK_PATH . 'inc/attachments.inc.php';
    $attachments = array();
    for ($i = 1; $i <= 3; $i++) {
        $att = hesk_uploadFile($i);
        if (!empty($att)) {
            $attachments[$i] = $att;
        }
    }
    $myattachments = '';
    /* Any errors? */
    if (count($hesk_error_buffer)) {
        // Remove any successfully uploaded attachments
        if ($hesk_settings['attachments']['use']) {
            hesk_removeAttachments($attachments);
        }
        $_SESSION['new_article'] = array('type' => $type, 'html' => $html, 'subject' => $subject, 'content' => hesk_input(hesk_POST('content')), 'keywords' => $keywords, 'sticky' => $sticky);
        $tmp = '';
        foreach ($hesk_error_buffer as $error) {
            $tmp .= "<li>{$error}</li>\n";
        }
        $hesk_error_buffer = $tmp;
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'manage_knowledgebase.php');
    }
    $revision = sprintf($hesklang['revision1'], $now, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    /* Add to database */
    if (!empty($attachments)) {
        foreach ($attachments as $myatt) {
            hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_attachments` (`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
            $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . ',';
        }
    }
    /* Get the latest reply_order */
    $res = hesk_dbQuery("SELECT `art_order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($catid) . "' AND `sticky` = '" . intval($sticky) . "' ORDER BY `art_order` DESC LIMIT 1");
    $row = hesk_dbFetchRow($res);
    $my_order = $row[0] + 10;
    /* Insert article into database */
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` (`catid`,`dt`,`author`,`subject`,`content`,`keywords`,`type`,`html`,`sticky`,`art_order`,`history`,`attachments`) VALUES (\n    '" . intval($catid) . "',\n    NOW(),\n    '" . intval($_SESSION['id']) . "',\n    '" . hesk_dbEscape($subject) . "',\n    '" . hesk_dbEscape($content) . "',\n    '" . hesk_dbEscape($keywords) . "',\n    '" . intval($type) . "',\n    '" . intval($html) . "',\n    '" . intval($sticky) . "',\n    '" . intval($my_order) . "',\n    '" . hesk_dbEscape($revision) . "',\n    '" . hesk_dbEscape($myattachments) . "'\n    )");
    $_SESSION['artord'] = hesk_dbInsertID();
    // Update category article count
    if ($type == 0) {
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` SET `articles`=`articles`+1 WHERE `id`='" . intval($catid) . "'");
    } else {
        if ($type == 1) {
            hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` SET `articles_private`=`articles_private`+1 WHERE `id`='" . intval($catid) . "'");
        } else {
            hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` SET `articles_draft`=`articles_draft`+1 WHERE `id`='" . intval($catid) . "'");
        }
    }
    unset($_SESSION['hide']);
    $_SESSION['article_submitted'] = 1;
    hesk_process_messages($hesklang['your_kb_added'], 'NOREDIRECT', 'SUCCESS');
    $_GET['catid'] = $catid;
    manage_category();
}
Esempio n. 8
0
function hesk_iDetectVersion()
{
    global $hesk_settings, $hesklang;
    // Get a list of tables from the database
    $tables = array();
    $res = hesk_dbQuery('SHOW TABLES FROM `' . hesk_dbEscape($hesk_settings['db_name']) . '`');
    while ($row = hesk_dbFetchRow($res)) {
        $tables[] = $row[0];
    }
    // Version 2.4/2.5 tables installed?
    if (in_array($hesk_settings['db_pfix'] . 'pipe_loops', $tables)) {
        // Version 2.4 didn't have articles_private in kb_categories
        $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`=1 LIMIT 1");
        $row = hesk_dbFetchAssoc($res);
        if (isset($row['articles_private'])) {
            // Version 2.5.0 doesn't have file "inc/zip/pclzip.lib.php"
            if (!file_exists(HESK_PATH . 'inc/zip/pclzip.lib.php')) {
                return '2.5';
            } elseif (file_exists(HESK_PATH . 'inc/tiny_mce/3.5.9/tiny_mce.js')) {
                return '2.5.2';
            } else {
                return '2.5.1';
            }
        } else {
            return '2.4';
        }
    } elseif (in_array($hesk_settings['db_pfix'] . 'online', $tables) || in_array($hesk_settings['db_pfix'] . 'logins', $tables)) {
        return '2.3';
    } elseif (in_array($hesk_settings['db_pfix'] . 'mail', $tables)) {
        return '2.2';
    } elseif (in_array($hesk_settings['db_pfix'] . 'kb_attachments', $tables)) {
        return '2.1';
    } elseif (in_array($hesk_settings['db_pfix'] . 'kb_articles', $tables)) {
        return '2.0';
    } elseif (in_array('hesk_attachments', $tables)) {
        return '0.94.1';
    } elseif (in_array('hesk_std_replies', $tables)) {
        return '0.94';
    } else {
        // If we don't have four basic tables this is not a valid HESK install
        if (!in_array('hesk_categories', $tables) || !in_array('hesk_replies', $tables) || !in_array('hesk_tickets', $tables) || !in_array('hesk_users', $tables)) {
            hesk_iDatabase(3);
        }
        // Version 0.90 didn't have the notify column in users table
        $res = hesk_dbQuery("SELECT * FROM `hesk_users` WHERE `id`=1 LIMIT 1");
        $row = hesk_dbFetchAssoc($res);
        if (isset($row['notify'])) {
            return '0.91-0.93.1';
        } else {
            // Wow, we found someone using the very first HESK version :-)
            return '0.90';
        }
    }
}
Esempio n. 9
0
function hesk_printCanned()
{
    global $hesklang, $hesk_settings, $can_reply, $ticket, $admins;
    /* Can user reply to tickets? */
    if (!$can_reply) {
        return '';
    }
    /* Get canned replies from the database */
    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` ORDER BY `reply_order` ASC");
    /* If no canned replies return empty */
    if (!hesk_dbNumRows($res)) {
        return '';
    }
    /* We do have some replies, print the required Javascript and select field options */
    $can_options = '';
    ?>
	<script language="javascript" type="text/javascript"><!--
    // -->
    var myMsgTxt = new Array();
	myMsgTxt[0]='';

	<?php 
    while ($mysaved = hesk_dbFetchRow($res)) {
        $can_options .= '<option value="' . $mysaved[0] . '">' . $mysaved[1] . "</option>\n";
        echo 'myMsgTxt[' . $mysaved[0] . ']=\'' . str_replace("\r\n", "\\r\\n' + \r\n'", addslashes($mysaved[2])) . "';\n";
    }
    ?>

	function setMessage(msgid)
    {
		var myMsg=myMsgTxt[msgid];

        if (myMsg == '')
        {
        	if (document.form1.mode[1].checked)
            {
				document.getElementById('message').value = '';
            }
            return true;
        }

		myMsg = myMsg.replace(/%%HESK_ID%%/g, '<?php 
    echo hesk_jsString($ticket['id']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_TRACKID%%/g, '<?php 
    echo hesk_jsString($ticket['trackid']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_TRACK_ID%%/g, '<?php 
    echo hesk_jsString($ticket['trackid']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_NAME%%/g, '<?php 
    echo hesk_jsString($ticket['name']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_EMAIL%%/g, '<?php 
    echo hesk_jsString($ticket['email']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_OWNER%%/g, '<?php 
    echo hesk_jsString(isset($admins[$ticket['owner']]) ? $admins[$ticket['owner']] : '');
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom1%%/g, '<?php 
    echo hesk_jsString($ticket['custom1']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom2%%/g, '<?php 
    echo hesk_jsString($ticket['custom2']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom3%%/g, '<?php 
    echo hesk_jsString($ticket['custom3']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom4%%/g, '<?php 
    echo hesk_jsString($ticket['custom4']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom5%%/g, '<?php 
    echo hesk_jsString($ticket['custom5']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom6%%/g, '<?php 
    echo hesk_jsString($ticket['custom6']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom7%%/g, '<?php 
    echo hesk_jsString($ticket['custom7']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom8%%/g, '<?php 
    echo hesk_jsString($ticket['custom8']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom9%%/g, '<?php 
    echo hesk_jsString($ticket['custom9']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom10%%/g, '<?php 
    echo hesk_jsString($ticket['custom10']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom11%%/g, '<?php 
    echo hesk_jsString($ticket['custom11']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom12%%/g, '<?php 
    echo hesk_jsString($ticket['custom12']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom13%%/g, '<?php 
    echo hesk_jsString($ticket['custom13']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom14%%/g, '<?php 
    echo hesk_jsString($ticket['custom14']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom15%%/g, '<?php 
    echo hesk_jsString($ticket['custom15']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom16%%/g, '<?php 
    echo hesk_jsString($ticket['custom16']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom17%%/g, '<?php 
    echo hesk_jsString($ticket['custom17']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom18%%/g, '<?php 
    echo hesk_jsString($ticket['custom18']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom19%%/g, '<?php 
    echo hesk_jsString($ticket['custom19']);
    ?>
');
		myMsg = myMsg.replace(/%%HESK_custom20%%/g, '<?php 
    echo hesk_jsString($ticket['custom20']);
    ?>
');

	    if (document.getElementById)
        {
			if (document.getElementById('moderep').checked)
            {
				document.getElementById('HeskMsg').innerHTML='<textarea name="message" id="message" rows="12" cols="72">'+myMsg+'</textarea>';
            }
            else
            {
            	var oldMsg = document.getElementById('message').value;
		        document.getElementById('HeskMsg').innerHTML='<textarea name="message" id="message" rows="12" cols="72">'+oldMsg+myMsg+'</textarea>';
            }
	    }
        else
        {
			if (document.form1.mode[0].checked)
            {
				document.form1.message.value=myMsg;
            }
            else
            {
            	var oldMsg = document.form1.message.value;
		        document.form1.message.value=oldMsg+myMsg;
            }
	    }

	}
	//-->
	</script>
    <?php 
    /* Return options for select box */
    return $can_options;
}
Esempio n. 10
0
function new_saved()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check('POST');
    $hesk_error_buffer = '';
    $savename = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['ent_saved_title'] . '</li>';
    $msg = hesk_input(hesk_POST('msg')) or $hesk_error_buffer .= '<li>' . $hesklang['ent_saved_msg'] . '</li>';
    $_SESSION['canned']['what'] = 'NEW';
    $_SESSION['canned']['name'] = $savename;
    $_SESSION['canned']['msg'] = $msg;
    /* Any errors? */
    if (strlen($hesk_error_buffer)) {
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'manage_canned.php');
    }
    /* Get the latest reply_order */
    $result = hesk_dbQuery('SELECT `reply_order` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'std_replies` ORDER BY `reply_order` DESC LIMIT 1');
    $row = hesk_dbFetchRow($result);
    $my_order = $row[0] + 10;
    hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` (`title`,`message`,`reply_order`) VALUES ('" . hesk_dbEscape($savename) . "','" . hesk_dbEscape($msg) . "','" . intval($my_order) . "')");
    unset($_SESSION['canned']['what']);
    unset($_SESSION['canned']['name']);
    unset($_SESSION['canned']['msg']);
    hesk_process_messages($hesklang['your_saved'], 'manage_canned.php', 'SUCCESS');
}