Esempio n. 1
0
function hesk_show_kb_category($catid, $is_search = 0)
{
    global $hesk_settings, $hesklang;
    $res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1");
    $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
    if ($is_search == 0) {
        /* Print header */
        $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . hesk_htmlspecialchars($thiscat['name']);
        require_once HESK_PATH . 'inc/header.inc.php';
        hesk_kb_header($hesk_settings['kb_link']);
    }
    // If we are in "Knowledgebase only" mode show system messages
    if ($catid == 1 && hesk_check_kb_only(false)) {
        // Service messages
        $res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `type`='0' ORDER BY `order` ASC");
        while ($sm = hesk_dbFetchAssoc($res)) {
            hesk_service_message($sm);
        }
    }
    if ($thiscat['parent']) {
        $link = $thiscat['parent'] == 1 ? 'knowledgebase.php' : 'knowledgebase.php?category=' . $thiscat['parent'];
        echo '<h3 class="text-left"><a href="javascript:history.go(-1)"><i class="fa fa-arrow-circle-left" data-toggle="tooltip" data-placement="top" title="' . $hesklang['back'] . '"></i></a>&nbsp;' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . ' </h3>
        <div class="footerWithBorder blankSpace"></div>
        <div class="blankSpace"></div>
		';
    }
    $result = hesk_dbQuery("SELECT `id`,`name`,`articles` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `cat_order` ASC");
    if (hesk_dbNumRows($result) > 0) {
        ?>

        <div class="panel panel-default">
            <div class="panel-heading">
                <h4 class="text-left"><?php 
        echo $hesklang['kb_cat_sub'];
        ?>
</h4>
            </div>
            <table class="table table-striped">

                <?php 
        $per_col = $hesk_settings['kb_cols'];
        $i = 1;
        while ($cat = hesk_dbFetchAssoc($result)) {
            if ($i == 1) {
                echo '<tr>';
            }
            echo '
                    <td width="50%" valign="top">
                    <table border="0">
                    <tr><td><i class="fa fa-folder"></i>&nbsp;<a href="knowledgebase.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a></td></tr>
                    ';
            /* Print most popular/sticky articles */
            if ($hesk_settings['kb_numshow'] && $cat['articles']) {
                $res = hesk_dbQuery("SELECT `id`,`subject`, `sticky` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$cat['id']}' AND `type`='0' ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
                $num = 1;
                while ($art = hesk_dbFetchAssoc($res)) {
                    $icon = 'glyphicon glyphicon-file';
                    $style = '';
                    if ($art['sticky']) {
                        $icon = 'glyphicon glyphicon-pushpin';
                        $style = 'style="color: #FF0000"';
                    }
                    echo '
                            <tr>
                            <td ' . $style . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="' . $icon . '"></span>
                            <a href="knowledgebase.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a></td>
                            </tr>';
                    if ($num == $hesk_settings['kb_numshow']) {
                        break;
                    } else {
                        $num++;
                    }
                }
                if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
                    echo '<tr><td>&raquo; <a href="knowledgebase.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
                }
            }
            echo '
			</table>
		    </td>
			';
            if ($i == $per_col) {
                echo '</tr>';
                $i = 0;
            }
            $i++;
        }
        /* Finish the table if needed */
        if ($i != 1) {
            for ($j = 1; $j <= $per_col; $j++) {
                echo '<td width="50%">&nbsp;</td>';
                if ($i == $per_col) {
                    echo '</tr>';
                    break;
                }
                $i++;
            }
        }
        ?>
            </table>
        </div>

	<?php 
    }
    // END if NumRows > 0
    ?>

    <div class="panel panel-default">
        <div class="panel-heading">
            <h4 class="text-left"><?php 
    echo $hesklang['ac_no_colon'];
    ?>
</h4>
        </div>
        <table class="table table-striped">
            <tbody>
            <?php 
    $res = hesk_dbQuery("SELECT `id`, `subject`, `sticky`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' AND `type`='0' ORDER BY `sticky` DESC, `art_order` ASC");
    if (hesk_dbNumRows($res) == 0) {
        echo '<tr><td><i>' . $hesklang['noac'] . '</i></td></tr>';
    } else {
        while ($article = hesk_dbFetchAssoc($res)) {
            $icon = 'fa fa-file';
            $color = '';
            $style = '';
            $txt = hesk_kbArticleContentPreview($article['content']);
            if ($article['sticky']) {
                $icon = 'glyphicon glyphicon-pushpin';
                $style = 'style="color: #FF0000"';
            }
            if ($hesk_settings['kb_rating']) {
                $alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
                $rat = '<td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /></td>';
            } else {
                $rat = '';
            }
            echo '
                        <tr>
                            <td>
                                <i class="' . $icon . '" ' . $style . '></i>
                                <a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>
                                <br>
                                <span class="indent-15">' . $txt . '</span>
                            </td>
                            ' . $rat . '
                        </tr>';
        }
    }
    ?>
            </tbody>
        </table>
    </div>

	<?php 
    /* On the main KB page print out top and latest articles if needed */
    if ($catid == 1) {
        /* Get list of top articles */
        hesk_kbTopArticles($hesk_settings['kb_popart'], 0);
        /* Get list of latest articles */
        hesk_kbLatestArticles($hesk_settings['kb_latest'], 0);
    }
    hesk_kbFooter();
}
Esempio n. 2
0
hesk_session_start();
/* Get the tracking ID */
$trackingID = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}");
/* Connect to database */
hesk_dbConnect();
// Perform additional checks for customers
if (empty($_SESSION['id'])) {
    // Are we in maintenance mode?
    hesk_check_maintenance();
    // Verify email address match
    hesk_verifyEmailMatch($trackingID);
}
/* Get ticket info */
$res = hesk_dbQuery("SELECT `t1`.* , `t2`.name AS `repliername`\n\t\t\t\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` AS `t1` LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` AS `t2` ON `t1`.`replierid` = `t2`.`id`\n\t\t\t\t\tWHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
    hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($res);
// Demo mode
if (defined('HESK_DEMO')) {
    $ticket['email'] = '*****@*****.**';
    $ticket['ip'] = '127.0.0.1';
}
/* Get category name and ID */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='{$ticket['category']}' LIMIT 1");
/* If this category has been deleted use the default category with ID 1 */
if (hesk_dbNumRows($res) != 1) {
    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1");
}
$category = hesk_dbFetchAssoc($res);
/* Get replies */
Esempio n. 3
0
function hesk_checkPermission($feature, $showerror = 1)
{
    global $hesklang;
    /* Admins have full access to all features */
    if (isset($_SESSION['isadmin']) && $_SESSION['isadmin']) {
        return true;
    }
    /* Check other staff for permissions */
    if (isset($_SESSION['heskprivileges']) && strpos($_SESSION['heskprivileges'], $feature) === false) {
        if ($showerror) {
            hesk_error($hesklang['no_permission'] . '<p>&nbsp;</p><p align="center"><a href="index.php">' . $hesklang['click_login'] . '</a>');
        } else {
            return false;
        }
    } else {
        return true;
    }
}
Esempio n. 4
0
    // Do we have the export directory?
    if (is_dir($export_dir) || @mkdir($export_dir, 0777) && is_writable($export_dir)) {
        // Cleanup old files
        $files = glob($export_dir . '*', GLOB_NOSORT);
        if (is_array($files) && count($files)) {
            foreach ($files as $file) {
                hesk_unlink($file, 86400);
            }
        }
    } else {
        hesk_error($hesklang['ede']);
    }
    // Make sure the file can be saved and written to
    @file_put_contents($save_to, '');
    if (!file_exists($save_to)) {
        hesk_error($hesklang['eef']);
    }
    // Start generating the report message and generating the export
    $flush_me = '<br /><br />';
    $flush_me .= hesk_date() . " | {$hesklang['inite']} ";
    if ($date_from == $date_to) {
        $flush_me .= "(" . hesk_dateToString($date_from, 0) . ")<br />\n";
    } else {
        $flush_me .= "(" . hesk_dateToString($date_from, 0) . " - " . hesk_dateToString($date_to, 0) . ")<br />\n";
    }
    // Start generating file contents
    $tmp = '<?xml version="1.0" encoding="UTF-8"?>
<?mso-application progid="Excel.Sheet"?>
<Workbook xmlns="urn:schemas-microsoft-com:office:spreadsheet"
 xmlns:o="urn:schemas-microsoft-com:office:office"
 xmlns:x="urn:schemas-microsoft-com:office:excel"
Esempio n. 5
0
function toggle_type()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']);
    $_SESSION['selcat2'] = $catid;
    if (intval(hesk_GET('s'))) {
        $type = 1;
        $tmp = $hesklang['cpriv'];
    } else {
        $type = 0;
        $tmp = $hesklang['cpub'];
    }
    /* Update auto-assign settings */
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1");
    if (hesk_dbAffectedRows() != 1) {
        hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php');
    }
    hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS');
}
function hesk_dbQuery($query)
{
    global $hesk_last_query;
    global $hesk_db_link;
    global $hesklang, $hesk_settings;
    if (!$hesk_db_link && !hesk_dbConnect()) {
        return false;
    }
    $hesk_last_query = $query;
    #echo "<p>EXPLAIN $query</p>\n";
    if ($res = @mysqli_query($hesk_db_link, $query)) {
        return $res;
    } elseif ($hesk_settings['debug_mode']) {
        hesk_error("{$hesklang['cant_sql']}: {$query}</p><p>{$hesklang['mysql_said']}:<br />" . mysqli_error($hesk_db_link) . "</p>");
    } else {
        hesk_error("{$hesklang['cant_sql']}</p><p>{$hesklang['contact_webmsater']} <a href=\"mailto:{$hesk_settings['webmaster_mail']}\">{$hesk_settings['webmaster_mail']}</a></p>");
    }
}
Esempio n. 7
0
        // Get ticket info
        $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
        if (hesk_dbNumRows($result) != 1) {
            hesk_error($hesklang['ticket_not_found']);
        }
        $ticket = hesk_dbFetchAssoc($result);
        $ticket['dt'] = hesk_date($ticket['dt'], true);
        $ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
        $ticket = hesk_ticketToPlain($ticket, 1, 0);
        // Notify customer
        require HESK_PATH . 'inc/email_functions.inc.php';
        hesk_notifyCustomer('ticket_closed');
    }
    // Log who marked the ticket resolved
    $closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval($_SESSION['id']) . ' ';
} elseif ($status == 1 || $status == 2 || $status == 4 || $status == 5) {
    $action = sprintf($hesklang['tsst'], $status_options[$status]);
    $revision = sprintf($hesklang['thist9'], hesk_date(), $status_options[$status], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    // Ticket is not resolved
    $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else {
    $action = $hesklang['ticket_been'] . ' ' . $hesklang['opened'];
    $revision = sprintf($hesklang['thist4'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    // Ticket is not resolved
    $closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' {$closedby_sql} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
    hesk_error("{$hesklang['int_error']}: {$hesklang['trackID_not_found']}.");
}
hesk_process_messages($action, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');
Esempio n. 8
0
function hesk_session_start()
{
    session_name('HESK' . sha1(dirname(__FILE__) . '$r^k*Zkq|w1(G@!-D?3%'));
    session_cache_limiter('nocache');
    if (@session_start()) {
        if (!isset($_SESSION['token'])) {
            $_SESSION['token'] = hesk_token_hash();
        }
        header('P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"');
        return true;
    } else {
        global $hesk_settings, $hesklang;
        hesk_error("{$hesklang['no_session']} {$hesklang['contact_webmaster']} {$hesk_settings['webmaster_mail']}");
    }
}
Esempio n. 9
0
    }
    $file = hesk_dbFetchAssoc($res);
    // Is ticket ID valid for this attachment?
    if ($file['ticket_id'] != $tic_id) {
        hesk_error($hesklang['trackID_not_found']);
    }
    // Verify email address match if needed
    if (empty($_SESSION['id'])) {
        hesk_verifyEmailMatch($tic_id);
    }
}
// Path of the file on the server
$realpath = $hesk_settings['attach_dir'] . '/' . $file['saved_name'];
// Perhaps the file has been deleted?
if (!file_exists($realpath)) {
    hesk_error($hesklang['attdel']);
}
// Send the file as an attachment to prevent malicious code from executing
header("Pragma: ");
# To fix a bug in IE when running https
header("Cache-Control: ");
# To fix a bug in IE when running https
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . $file['size']);
header('Content-Disposition: attachment; filename=' . $file['real_name']);
// For larger files use chunks, smaller ones can be read all at once
$chunksize = 1048576;
// = 1024 * 1024 (1 Mb)
if ($file['size'] > $chunksize) {
    $handle = fopen($realpath, 'rb');
Esempio n. 10
0
    $m = intval(hesk_POST('m'));
    $s = intval(hesk_POST('s'));
    /* Get time worked in proper format */
    $time_worked = hesk_getTime($h . ':' . $m . ':' . $s);
    /* Update database */
    $revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
    /* Show ticket */
    hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete attachment action */
if (isset($_GET['delatt']) && hesk_token_check()) {
    if (!$can_delete || !$can_edit) {
        hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
    }
    $att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']);
    $reply = intval(hesk_GET('reply', 0));
    if ($reply < 1) {
        $reply = 0;
    }
    $note = intval(hesk_GET('note', 0));
    if ($note < 1) {
        $note = 0;
    }
    /* Get attachment info */
    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1");
    if (hesk_dbNumRows($res) != 1) {
        hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
    }
    $att = hesk_dbFetchAssoc($res);
    /* Is ticket ID valid for this attachment? */
Esempio n. 11
0
function hesk_show_kb_category($catid, $is_search = 0)
{
    global $hesk_settings, $hesklang;
    $res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1");
    $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
    if ($is_search == 0) {
        /* Print header */
        $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . hesk_htmlspecialchars($thiscat['name']);
        require_once HESK_PATH . 'inc/header.inc.php';
        hesk_kb_header($hesk_settings['kb_link']);
        // If we are in "Knowledgebase only" mode show system messages
        if ($catid == 1 && hesk_check_kb_only(false)) {
            // Service messages
            $res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `type`='0' ORDER BY `order` ASC");
            while ($sm = hesk_dbFetchAssoc($res)) {
                hesk_service_message($sm);
            }
        }
    }
    if ($thiscat['parent']) {
        $link = $thiscat['parent'] == 1 ? 'knowledgebase.php' : 'knowledgebase.php?category=' . $thiscat['parent'];
        echo '<span class="homepageh3">&raquo; ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</span>
        &nbsp;(<a href="javascript:history.go(-1)">' . $hesklang['back'] . '</a>)
		';
    }
    $result = hesk_dbQuery("SELECT `id`,`name`,`articles` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `cat_order` ASC");
    if (hesk_dbNumRows($result) > 0) {
        ?>

		<p>&raquo; <b><?php 
        echo $hesklang['kb_cat_sub'];
        ?>
:</b></p>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
	<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornerstop"></td>
	<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
	<td class="roundcornersleft">&nbsp;</td>
	<td>

		<table border="0" cellspacing="1" cellpadding="3" width="100%">

		<?php 
        $per_col = $hesk_settings['kb_cols'];
        $i = 1;
        while ($cat = hesk_dbFetchAssoc($result)) {
            if ($i == 1) {
                echo '<tr>';
            }
            echo '
		    <td width="50%" valign="top">
			<table border="0">
			<tr><td><img src="img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a></td></tr>
			';
            /* Print most popular/sticky articles */
            if ($hesk_settings['kb_numshow'] && $cat['articles']) {
                $res = hesk_dbQuery("SELECT `id`,`subject` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$cat['id']}' AND `type`='0' ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
                $num = 1;
                while ($art = hesk_dbFetchAssoc($res)) {
                    echo '
		            <tr>
		            <td><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" />
		            <a href="knowledgebase.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a></td>
		            </tr>';
                    if ($num == $hesk_settings['kb_numshow']) {
                        break;
                    } else {
                        $num++;
                    }
                }
                if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
                    echo '<tr><td>&raquo; <a href="knowledgebase.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
                }
            }
            echo '
			</table>
		    </td>
			';
            if ($i == $per_col) {
                echo '</tr>';
                $i = 0;
            }
            $i++;
        }
        /* Finish the table if needed */
        if ($i != 1) {
            for ($j = 1; $j <= $per_col; $j++) {
                echo '<td width="50%">&nbsp;</td>';
                if ($i == $per_col) {
                    echo '</tr>';
                    break;
                }
                $i++;
            }
        }
        ?>
		</table>

	</td>
	<td class="roundcornersright">&nbsp;</td>
</tr>
<tr>
	<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornersbottom"></td>
	<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>

	<?php 
    }
    // END if NumRows > 0
    ?>

	<p>&raquo; <b><?php 
    echo $hesklang['ac'];
    ?>
</b></p>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
	<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornerstop"></td>
	<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
	<td class="roundcornersleft">&nbsp;</td>
	<td>

	<?php 
    $res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' AND `type`='0' ORDER BY `sticky` DESC, `art_order` ASC");
    if (hesk_dbNumRows($res) == 0) {
        echo '<p><i>' . $hesklang['noac'] . '</i></p>';
    } else {
        echo '<div align="center"><table border="0" cellspacing="1" cellpadding="3" width="100%">';
        while ($article = hesk_dbFetchAssoc($res)) {
            $txt = hesk_kbArticleContentPreview($article['content']);
            if ($hesk_settings['kb_rating']) {
                $alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
                $rat = '<td width="1" valign="top"><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /></td>';
            } else {
                $rat = '';
            }
            echo '
				<tr>
				<td>
	                <table border="0" width="100%" cellspacing="0" cellpadding="1">
	                <tr>
	                <td width="1" valign="top"><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
	                <td valign="top"><a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a></td>
	                ' . $rat . '
                    </tr>
	                </table>
	                <table border="0" width="100%" cellspacing="0" cellpadding="1">
	                <tr>
	                <td width="1" valign="top"><img src="img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td>
	                <td><span class="article_list">' . $txt . '</span></td>
                    </tr>
	                </table>
	            </td>
				</tr>';
        }
        echo '</table></div>';
    }
    ?>

	</td>
	<td class="roundcornersright">&nbsp;</td>
</tr>
<tr>
	<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornersbottom"></td>
	<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>

	<?php 
    /* On the main KB page print out top and latest articles if needed */
    if ($catid == 1) {
        /* Get list of top articles */
        hesk_kbTopArticles($hesk_settings['kb_popart'], 0);
        /* Get list of latest articles */
        hesk_kbLatestArticles($hesk_settings['kb_latest'], 0);
    }
}
Esempio n. 12
0
function remove_contract()
{
    global $hesk_settings, $hesklang;
    hesk_token_check();
    $_SERVER['PHP_SELF'] = 'contracts.php#tab_edit-cont';
    $con = intval(hesk_GET('id'));
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "contracts` WHERE NOT EXISTS\n\t(SELECT NULL FROM`" . hesk_dbEscape($hesk_settings['db_pfix']) . "contractforclient` as `cc` WHERE `cc`.`contract_Id`='" . intval($con) . "') && `id`='" . intval($con) . "' LIMIT 1");
    if (hesk_dbAffectedRows() != 1) {
        hesk_error("{$hesklang['con_req']}.");
    }
    hesk_process_messages($hesklang['con_removed_db'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
Esempio n. 13
0
#############################
#     DO NOT EDIT BELOW     #
#############################
$hesk_settings[\'hesk_version\']=\'' . $set['hesk_version'] . '\';
if ($hesk_settings[\'debug_mode\'])
{
    error_reporting(E_ALL);
}
else
{
    error_reporting(0);
}
if (!defined(\'IN_SCRIPT\')) {die(\'Invalid attempt!\');}';
// Write to the settings file
if (!file_put_contents(HESK_PATH . 'hesk_settings.inc.php', $settings_file_content)) {
    hesk_error($hesklang['err_openset']);
}
// Any settings problems?
$tmp = array();
if (!$smtp_OK) {
    $tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['sme'] . ':</span> ' . $smtp_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'smtplog\')">' . $hesklang['scl'] . '</a><div id="smtplog" style="display:none">&nbsp;<br /><textarea name="log" rows="10" cols="60">' . $smtp_log . '</textarea></div>';
}
if (!$pop3_OK) {
    $tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['pop3e'] . ':</span> ' . $pop3_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'pop3log\')">' . $hesklang['pop3log'] . '</a><div id="pop3log" style="display:none">&nbsp;<br /><textarea name="log" rows="10" cols="60">' . $pop3_log . '</textarea></div>';
}
// Show the settings page and display any notices or success
if (count($tmp)) {
    $errors = implode('<br /><br />', $tmp);
    hesk_process_messages($hesklang['sns'] . '<br /><br />' . $errors, 'admin_settings.php', 'NOTICE');
} else {
    hesk_process_messages($hesklang['set_were_saved'], 'admin_settings.php', 'SUCCESS');
Esempio n. 14
0
function hesk_getEmailMessage($eml_file, $ticket, $is_admin = 0, $is_ticket = 1, $just_message = 0)
{
    global $hesk_settings, $hesklang;
    // Demo mode
    if (defined('HESK_DEMO')) {
        return '';
    }
    /* Get list of valid emails */
    $valid_emails = hesk_validEmails();
    /* Verify this is a valid email include */
    if (!isset($valid_emails[$eml_file])) {
        hesk_error($hesklang['inve']);
    }
    /* Get email template */
    $eml_file = 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/emails/' . $eml_file . '.txt';
    if (file_exists(HESK_PATH . $eml_file)) {
        $msg = file_get_contents(HESK_PATH . $eml_file);
    } else {
        hesk_error($hesklang['emfm'] . ': ' . $eml_file);
    }
    /* Return just the message without any processing? */
    if ($just_message) {
        return $msg;
    }
    // Convert any entities in site title to plain text
    $hesk_settings['site_title'] = hesk_msgToPlain($hesk_settings['site_title'], 1);
    /* If it's not a ticket-related mail (like "a new PM") just process quickly */
    if (!$is_ticket) {
        $trackingURL = $hesk_settings['hesk_url'] . '/' . $hesk_settings['admin_dir'] . '/mail.php?a=read&id=' . intval($ticket['id']);
        $msg = str_replace('%%NAME%%', $ticket['name'], $msg);
        $msg = str_replace('%%SUBJECT%%', $ticket['subject'], $msg);
        $msg = str_replace('%%TRACK_URL%%', $trackingURL, $msg);
        $msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
        $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
        if (isset($ticket['message'])) {
            return str_replace('%%MESSAGE%%', $ticket['message'], $msg);
        } else {
            return $msg;
        }
    }
    // Is email required to view ticket (for customers only)?
    $hesk_settings['e_param'] = $hesk_settings['email_view_ticket'] ? '&e=' . rawurlencode($ticket['email']) : '';
    /* Generate the ticket URLs */
    $trackingURL = $hesk_settings['hesk_url'];
    $trackingURL .= $is_admin ? '/' . $hesk_settings['admin_dir'] . '/admin_ticket.php' : '/ticket.php';
    $trackingURL .= '?track=' . $ticket['trackid'] . ($is_admin ? '' : $hesk_settings['e_param']) . '&Refresh=' . rand(10000, 99999);
    /* Set category title */
    $ticket['category'] = hesk_msgToPlain(hesk_getCategoryName($ticket['category']), 1);
    /* Set priority title */
    switch ($ticket['priority']) {
        case 0:
            $ticket['priority'] = $hesklang['critical'];
            break;
        case 1:
            $ticket['priority'] = $hesklang['high'];
            break;
        case 2:
            $ticket['priority'] = $hesklang['medium'];
            break;
        default:
            $ticket['priority'] = $hesklang['low'];
    }
    /* Get owner name */
    $ticket['owner'] = hesk_msgToPlain(hesk_getOwnerName($ticket['owner']), 1);
    /* Set status */
    switch ($ticket['status']) {
        case 1:
            $ticket['status'] = $hesklang['wait_reply'];
            break;
        case 2:
            $ticket['status'] = $hesklang['replied'];
            break;
        case 3:
            $ticket['status'] = $hesklang['closed'];
            break;
        case 4:
            $ticket['status'] = $hesklang['in_progress'];
            break;
        case 5:
            $ticket['status'] = $hesklang['on_hold'];
            break;
        default:
            $ticket['status'] = $hesklang['open'];
    }
    /* Replace all special tags */
    $msg = str_replace('%%NAME%%', $ticket['name'], $msg);
    $msg = str_replace('%%SUBJECT%%', $ticket['subject'], $msg);
    $msg = str_replace('%%TRACK_ID%%', $ticket['trackid'], $msg);
    $msg = str_replace('%%TRACK_URL%%', $trackingURL, $msg);
    $msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
    $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
    $msg = str_replace('%%CATEGORY%%', $ticket['category'], $msg);
    $msg = str_replace('%%PRIORITY%%', $ticket['priority'], $msg);
    $msg = str_replace('%%OWNER%%', $ticket['owner'], $msg);
    $msg = str_replace('%%STATUS%%', $ticket['status'], $msg);
    $msg = str_replace('%%EMAIL%%', $ticket['email'], $msg);
    $msg = str_replace('%%CREATED%%', $ticket['dt'], $msg);
    $msg = str_replace('%%UPDATED%%', $ticket['lastchange'], $msg);
    $msg = str_replace('%%ID%%', $ticket['id'], $msg);
    /* All custom fields */
    foreach ($hesk_settings['custom_fields'] as $k => $v) {
        if ($v['use']) {
            if ($v['type'] == 'checkbox') {
                $ticket[$k] = str_replace("<br />", "\n", $ticket[$k]);
            }
            $msg = str_replace('%%' . strtoupper($k) . '%%', stripslashes($ticket[$k]), $msg);
        } else {
            $msg = str_replace('%%' . strtoupper($k) . '%%', '', $msg);
        }
    }
    // Is message tag in email template?
    if (strpos($msg, '%%MESSAGE%%') !== false) {
        // Replace message
        $msg = str_replace('%%MESSAGE%%', $ticket['message'], $msg);
        // Add direct links to any attachments at the bottom of the email message
        if ($hesk_settings['attachments']['use'] && isset($ticket['attachments']) && strlen($ticket['attachments'])) {
            $msg .= "\n\n\n" . $hesklang['fatt'];
            $att = explode(',', substr($ticket['attachments'], 0, -1));
            foreach ($att as $myatt) {
                list($att_id, $att_name) = explode('#', $myatt);
                $msg .= "\n\n" . $att_name . "\n" . $hesk_settings['hesk_url'] . '/download_attachment.php?att_id=' . $att_id . '&track=' . $ticket['trackid'] . $hesk_settings['e_param'];
            }
        }
        // For customer notifications: if we allow email piping/pop 3 fetching and
        // stripping quoted replies add an "reply above this line" tag
        if (!$is_admin && ($hesk_settings['email_piping'] || $hesk_settings['pop3']) && $hesk_settings['strip_quoted']) {
            $msg = $hesklang['EMAIL_HR'] . "\n\n" . $msg;
        }
    }
    return $msg;
}
Esempio n. 15
0
            $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
            if (!strlen($tmpvar[$k])) {
                $hesk_error_buffer[$k] = $hesklang['fill_all'] . ': ' . $v['name'];
            }
            $_SESSION["c_{$k}"] = hesk_POST($k);
        } else {
            $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
            $_SESSION["c_{$k}"] = hesk_POST($k);
        }
    } else {
        $tmpvar[$k] = '';
    }
}
// Check bans
if (!isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP($_SERVER['REMOTE_ADDR'])) {
    hesk_error($hesklang['baned_e']);
}
// Check maximum open tickets limit
$below_limit = true;
if ($hesk_settings['max_open'] && !isset($hesk_error_buffer['email'])) {
    $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `status` IN ('0', '1', '2', '4', '5') AND " . hesk_dbFormatEmail($tmpvar['email']));
    $num = hesk_dbResult($res);
    if ($num >= $hesk_settings['max_open']) {
        $hesk_error_buffer = array('max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']));
        $below_limit = false;
    }
}
// If we reached max tickets let's save some resources
if ($below_limit) {
    // Generate tracking ID
    $tmpvar['trackid'] = hesk_createID();
Esempio n. 16
0
$noteID = intval(hesk_REQUEST('note')) or die($hesklang['int_error'] . ': ' . $hesklang['mis_note']);
// Get ticket info
$result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
    hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
// Get note info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
if (hesk_dbNumRows($result) != 1) {
    hesk_error($hesklang['no_note']);
}
$note = hesk_dbFetchAssoc($result);
// Make sure the note matches the ticket and the user has permission to edit it
if ($note['ticket'] != $ticket['id'] || !hesk_checkPermission('can_del_notes', 0) && $note['who'] != $_SESSION['id']) {
    hesk_error($hesklang['perm_deny']);
}
// Save changes?
if (isset($_POST['save'])) {
    // A security check
    hesk_token_check('POST');
    // Get message
    $tmpvar['message'] = nl2br(hesk_makeURL(hesk_input(hesk_POST('message'))));
    // If we have message or attachments do the update
    if (strlen($tmpvar['message']) || strlen($note['attachments'])) {
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` SET `message`='" . hesk_dbEscape($tmpvar['message']) . "' WHERE `id`={$noteID}");
        hesk_process_messages($hesklang['ednote2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
    } else {
        hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
        header('Location: admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
        exit;
Esempio n. 17
0
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `archive`='{$archived}' WHERE `id`='" . intval($this_id) . "' LIMIT 1");
        $i++;
    }
    hesk_process_messages(sprintf($action, $i), $referer, 'SUCCESS');
} else {
    /* Check permissions for this feature */
    hesk_checkPermission('can_view_tickets');
    hesk_checkPermission('can_reply_tickets');
    /* A security check */
    hesk_token_check('POST');
    $revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    foreach ($_POST['id'] as $this_id) {
        if (is_array($this_id)) {
            continue;
        }
        $this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
        $result = hesk_dbQuery("SELECT `category` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='" . intval($this_id) . "' LIMIT 1");
        $ticket = hesk_dbFetchAssoc($result);
        hesk_okCategory($ticket['category']);
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='3', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($this_id) . "' LIMIT 1");
        $i++;
    }
    hesk_process_messages(sprintf($hesklang['num_tickets_closed'], $i), $referer, 'SUCCESS');
}
/*** START FUNCTIONS ***/
function hesk_fullyDeleteTicket()
{
    global $hesk_settings, $hesklang, $ticket;
    /* Delete attachment files */
    $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `ticket_id`='" . hesk_dbEscape($ticket['trackid']) . "'");
    if (hesk_dbNumRows($res)) {
Esempio n. 18
0
function toggle_autoassign()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']);
    $_SESSION['seluser'] = $myuser;
    if (intval(hesk_GET('s'))) {
        $autoassign = 1;
        $tmp = $hesklang['uaaon'];
    } else {
        $autoassign = 0;
        $tmp = $hesklang['uaaoff'];
    }
    /* Update auto-assign settings */
    $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `autoassign`='{$autoassign}' WHERE `id`='" . intval($myuser) . "'");
    if (hesk_dbAffectedRows() != 1) {
        hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php');
    }
    hesk_process_messages($tmp, './manage_users.php', 'SUCCESS');
}
function hesk_iSaveSettingsFile($set)
{
    global $hesk_settings, $hesklang;
    $settings_file_content = '<?php
// Settings file for HESK ' . $set['hesk_version'] . '

// ==> GENERAL

// --> General settings
$hesk_settings[\'site_title\']=\'' . $set['site_title'] . '\';
$hesk_settings[\'site_url\']=\'' . $set['site_url'] . '\';
$hesk_settings[\'webmaster_mail\']=\'' . $set['webmaster_mail'] . '\';
$hesk_settings[\'noreply_mail\']=\'' . $set['noreply_mail'] . '\';
$hesk_settings[\'noreply_name\']=\'' . $set['noreply_name'] . '\';

// --> Language settings
$hesk_settings[\'can_sel_lang\']=' . $set['can_sel_lang'] . ';
$hesk_settings[\'language\']=\'' . $set['language'] . '\';
$hesk_settings[\'languages\']=array(
\'English\' => array(\'folder\'=>\'en\',\'hr\'=>\'------ Reply above this line ------\'),
);

// --> Database settings
$hesk_settings[\'db_host\']=\'' . $set['db_host'] . '\';
$hesk_settings[\'db_name\']=\'' . $set['db_name'] . '\';
$hesk_settings[\'db_user\']=\'' . $set['db_user'] . '\';
$hesk_settings[\'db_pass\']=\'' . $set['db_pass'] . '\';
$hesk_settings[\'db_pfix\']=\'' . $set['db_pfix'] . '\';
$hesk_settings[\'db_vrsn\']=' . $set['db_vrsn'] . ';


// ==> HELP DESK

// --> Help desk settings
$hesk_settings[\'hesk_title\']=\'' . $set['hesk_title'] . '\';
$hesk_settings[\'hesk_url\']=\'' . $set['hesk_url'] . '\';
$hesk_settings[\'admin_dir\']=\'' . $set['admin_dir'] . '\';
$hesk_settings[\'attach_dir\']=\'' . $set['attach_dir'] . '\';
$hesk_settings[\'max_listings\']=' . $set['max_listings'] . ';
$hesk_settings[\'print_font_size\']=' . $set['print_font_size'] . ';
$hesk_settings[\'autoclose\']=' . $set['autoclose'] . ';
$hesk_settings[\'max_open\']=' . $set['max_open'] . ';
$hesk_settings[\'new_top\']=' . $set['new_top'] . ';
$hesk_settings[\'reply_top\']=' . $set['reply_top'] . ';

// --> Features
$hesk_settings[\'autologin\']=' . $set['autologin'] . ';
$hesk_settings[\'autoassign\']=' . $set['autoassign'] . ';
$hesk_settings[\'custclose\']=' . $set['custclose'] . ';
$hesk_settings[\'custopen\']=' . $set['custopen'] . ';
$hesk_settings[\'rating\']=' . $set['rating'] . ';
$hesk_settings[\'cust_urgency\']=' . $set['cust_urgency'] . ';
$hesk_settings[\'sequential\']=' . $set['sequential'] . ';
$hesk_settings[\'time_worked\']=' . $set['time_worked'] . ';
$hesk_settings[\'spam_notice\']=' . $set['spam_notice'] . ';
$hesk_settings[\'list_users\']=' . $set['list_users'] . ';
$hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . ';
$hesk_settings[\'short_link\']=' . $set['short_link'] . ';
$hesk_settings[\'select_cat\']=' . $set['select_cat'] . ';
$hesk_settings[\'select_pri\']=' . $set['select_pri'] . ';

// --> SPAM Prevention
$hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . ';
$hesk_settings[\'secimg_sum\']=\'' . $set['secimg_sum'] . '\';
$hesk_settings[\'recaptcha_use\']=' . $set['recaptcha_use'] . ';
$hesk_settings[\'recaptcha_public_key\']=\'' . $set['recaptcha_public_key'] . '\';
$hesk_settings[\'recaptcha_private_key\']=\'' . $set['recaptcha_private_key'] . '\';
$hesk_settings[\'question_use\']=' . $set['question_use'] . ';
$hesk_settings[\'question_ask\']=\'' . $set['question_ask'] . '\';
$hesk_settings[\'question_ans\']=\'' . $set['question_ans'] . '\';

// --> Security
$hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . ';
$hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . ';
$hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . ';
$hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . ';

// --> Attachments
$hesk_settings[\'attachments\']=array (
\'use\' => ' . $set['attachments']['use'] . ',
\'max_number\' => ' . $set['attachments']['max_number'] . ',
\'max_size\' => ' . $set['attachments']['max_size'] . ',
\'allowed_types\' => array(\'' . implode('\',\'', $set['attachments']['allowed_types']) . '\')
);


// ==> KNOWLEDGEBASE

// --> Knowledgebase settings
$hesk_settings[\'kb_enable\']=' . $set['kb_enable'] . ';
$hesk_settings[\'kb_wysiwyg\']=' . $set['kb_wysiwyg'] . ';
$hesk_settings[\'kb_search\']=' . $set['kb_search'] . ';
$hesk_settings[\'kb_search_limit\']=' . $set['kb_search_limit'] . ';
$hesk_settings[\'kb_views\']=' . $set['kb_views'] . ';
$hesk_settings[\'kb_date\']=' . $set['kb_date'] . ';
$hesk_settings[\'kb_recommendanswers\']=' . $set['kb_recommendanswers'] . ';
$hesk_settings[\'kb_rating\']=' . $set['kb_rating'] . ';
$hesk_settings[\'kb_substrart\']=' . $set['kb_substrart'] . ';
$hesk_settings[\'kb_cols\']=' . $set['kb_cols'] . ';
$hesk_settings[\'kb_numshow\']=' . $set['kb_numshow'] . ';
$hesk_settings[\'kb_popart\']=' . $set['kb_popart'] . ';
$hesk_settings[\'kb_latest\']=' . $set['kb_latest'] . ';
$hesk_settings[\'kb_index_popart\']=' . $set['kb_index_popart'] . ';
$hesk_settings[\'kb_index_latest\']=' . $set['kb_index_latest'] . ';
$hesk_settings[\'kb_related\']=' . $set['kb_related'] . ';


// ==> EMAIL

// --> Email sending
$hesk_settings[\'smtp\']=' . $set['smtp'] . ';
$hesk_settings[\'smtp_host_name\']=\'' . $set['smtp_host_name'] . '\';
$hesk_settings[\'smtp_host_port\']=' . $set['smtp_host_port'] . ';
$hesk_settings[\'smtp_timeout\']=' . $set['smtp_timeout'] . ';
$hesk_settings[\'smtp_ssl\']=' . $set['smtp_ssl'] . ';
$hesk_settings[\'smtp_tls\']=' . $set['smtp_tls'] . ';
$hesk_settings[\'smtp_user\']=\'' . $set['smtp_user'] . '\';
$hesk_settings[\'smtp_password\']=\'' . $set['smtp_password'] . '\';

// --> Email piping
$hesk_settings[\'email_piping\']=' . $set['email_piping'] . ';

// --> POP3 Fetching
$hesk_settings[\'pop3\']=' . $set['pop3'] . ';
$hesk_settings[\'pop3_job_wait\']=' . $set['pop3_job_wait'] . ';
$hesk_settings[\'pop3_host_name\']=\'' . $set['pop3_host_name'] . '\';
$hesk_settings[\'pop3_host_port\']=' . $set['pop3_host_port'] . ';
$hesk_settings[\'pop3_tls\']=' . $set['pop3_tls'] . ';
$hesk_settings[\'pop3_keep\']=' . $set['pop3_keep'] . ';
$hesk_settings[\'pop3_user\']=\'' . $set['pop3_user'] . '\';
$hesk_settings[\'pop3_password\']=\'' . $set['pop3_password'] . '\';

// --> Email loops
$hesk_settings[\'loop_hits\']=' . $set['loop_hits'] . ';
$hesk_settings[\'loop_time\']=' . $set['loop_time'] . ';

// --> Detect email typos
$hesk_settings[\'detect_typos\']=' . $set['detect_typos'] . ';
$hesk_settings[\'email_providers\']=array(' . $set['email_providers'] . ');

// --> Notify customer when
$hesk_settings[\'notify_new\']=' . $set['notify_new'] . ';
$hesk_settings[\'notify_skip_spam\']=' . $set['notify_skip_spam'] . ';
$hesk_settings[\'notify_spam_tags\']=array(' . $set['notify_spam_tags'] . ');
$hesk_settings[\'notify_closed\']=' . $set['notify_closed'] . ';

// --> Other
$hesk_settings[\'strip_quoted\']=' . $set['strip_quoted'] . ';
$hesk_settings[\'eml_req_msg\']=' . $set['eml_req_msg'] . ';
$hesk_settings[\'save_embedded\']=' . $set['save_embedded'] . ';
$hesk_settings[\'multi_eml\']=' . $set['multi_eml'] . ';
$hesk_settings[\'confirm_email\']=' . $set['confirm_email'] . ';
$hesk_settings[\'open_only\']=' . $set['open_only'] . ';


// ==> TICKET LIST

$hesk_settings[\'ticket_list\']=array(\'' . implode('\',\'', $set['ticket_list']) . '\');

// --> Other
$hesk_settings[\'submittedformat\']=\'' . $set['submittedformat'] . '\';
$hesk_settings[\'updatedformat\']=\'' . $set['updatedformat'] . '\';


// ==> MISC

// --> Date & Time
$hesk_settings[\'diff_hours\']=' . $set['diff_hours'] . ';
$hesk_settings[\'diff_minutes\']=' . $set['diff_minutes'] . ';
$hesk_settings[\'daylight\']=' . $set['daylight'] . ';
$hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\';

// --> Other
$hesk_settings[\'ip_whois\']=\'' . $set['ip_whois'] . '\';
$hesk_settings[\'maintenance_mode\']=' . $set['maintenance_mode'] . ';
$hesk_settings[\'alink\']=' . $set['alink'] . ';
$hesk_settings[\'submit_notice\']=' . $set['submit_notice'] . ';
$hesk_settings[\'online\']=' . $set['online'] . ';
$hesk_settings[\'online_min\']=' . $set['online_min'] . ';
$hesk_settings[\'check_updates\']=' . $set['check_updates'] . ';


// ==> CUSTOM FIELDS

$hesk_settings[\'custom_fields\']=array (
';
    for ($i = 1; $i <= 20; $i++) {
        $settings_file_content .= '\'custom' . $i . '\'=>array(\'use\'=>' . $set['custom_fields']['custom' . $i]['use'] . ',\'place\'=>' . $set['custom_fields']['custom' . $i]['place'] . ',\'type\'=>\'' . $set['custom_fields']['custom' . $i]['type'] . '\',\'req\'=>' . $set['custom_fields']['custom' . $i]['req'] . ',\'name\'=>\'' . $set['custom_fields']['custom' . $i]['name'] . '\',\'maxlen\'=>' . $set['custom_fields']['custom' . $i]['maxlen'] . ',\'value\'=>\'' . $set['custom_fields']['custom' . $i]['value'] . '\')';
        if ($i != 20) {
            $settings_file_content .= ',
';
        }
    }
    $settings_file_content .= '
);

#############################
#     DO NOT EDIT BELOW     #
#############################
$hesk_settings[\'hesk_version\']=\'' . $set['hesk_version'] . '\';
if ($hesk_settings[\'debug_mode\'])
{
    error_reporting(E_ALL);
}
else
{
    error_reporting(0);
}
if (!defined(\'IN_SCRIPT\')) {die(\'Invalid attempt!\');}';
    // Write to the settings file
    if (!file_put_contents(HESK_PATH . 'hesk_settings.inc.php', $settings_file_content)) {
        hesk_error($hesklang['err_openset']);
    }
    return true;
}
Esempio n. 20
0
hesk_dbConnect();
// Verify email address match if needed
hesk_verifyEmailMatch($trackingID);
// Lets make status assignment a bit smarter when reopening tickets
if ($oldStatus == 2) {
    // Get number of replies and last replier (customer or staff)
    $ticket = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `staffreplies`, `lastreplier` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"));
    // If ticket has no staff replies set the status to "New"
    if ($ticket['staffreplies'] < 1) {
        $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsNewTicketStatus` = 1');
        $statusRow = hesk_dbFetchAssoc($statusRes);
        $status = $statusRow['ID'];
    } elseif ($ticket['lastreplier'] == 0) {
        $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsCustomerReplyStatus` = 1');
        $statusRow = hesk_dbFetchAssoc($statusRes);
        $status = $statusRow['ID'];
    }
    // If nothing matches: last reply was from staff, keep status "Waiting reply from customer"
}
// Modify values in the database
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' {$closedby_sql} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND `locked` != '1' LIMIT 1");
// Did we modify anything*
if (hesk_dbAffectedRows() != 1) {
    hesk_error($hesklang['elocked']);
}
// Show success message
if ($status != $closedStatus) {
    hesk_process_messages($hesklang['wrepo'], 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999), 'NOTICE');
} else {
    hesk_process_messages($hesklang['your_ticket_been'] . ' ' . $action, 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999), 'SUCCESS');
}
function order_saved()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']);
    $_SESSION['canned']['selcat2'] = $tplid;
    $tpl_move = intval(hesk_GET('move'));
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1");
    if (hesk_dbAffectedRows() != 1) {
        hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}.");
    }
    /* Update all category fields with new order */
    $result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC');
    $i = 10;
    while ($mytpl = hesk_dbFetchAssoc($result)) {
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1");
        $i += 10;
    }
    header('Location: manage_ticket_templates.php');
    exit;
}
Esempio n. 22
0
}
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
    foreach ($attachments as $myatt) {
        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($trackingID) . "','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
        $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . ',';
    }
}
/* Add reply */
$result = hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "',NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "')");
/* Track ticket status changes for history */
$revision = '';
/* Change the status of priority? */
if (!empty($_POST['set_priority'])) {
    $priority = intval(hesk_POST('priority'));
    if ($priority < 0 || $priority > 3) {
        hesk_error($hesklang['select_priority']);
    }
    $options = array(0 => '<font class="critical">' . $hesklang['critical'] . '</font>', 1 => '<font class="important">' . $hesklang['high'] . '</font>', 2 => '<font class="medium">' . $hesklang['medium'] . '</font>', 3 => $hesklang['low']);
    $revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
    $priority_sql = ",`priority`='{$priority}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
} else {
    $priority_sql = "";
}
/* Update the original ticket */
$new_status = empty($_POST['close']) ? 2 : 3;
/* --> If a ticket is locked keep it closed */
if ($ticket['locked']) {
    $new_status = 3;
}
$sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$new_status}', `lastreplier`='1', `replierid`='" . intval($_SESSION['id']) . "' ";
/* Update time_worked or force update lastchange */
Esempio n. 23
0
 } else {
     $tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
     $tmpvar['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer[] = $hesklang['enter_valid_email'];
     $tmpvar['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer[] = $hesklang['enter_ticket_subject'];
     $tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];
     // Demo mode
     if (defined('HESK_DEMO')) {
         $tmpvar['email'] = '*****@*****.**';
     }
     if (count($hesk_error_buffer)) {
         $myerror = '<ul>';
         foreach ($hesk_error_buffer as $error) {
             $myerror .= "<li>{$error}</li>\n";
         }
         $myerror .= '</ul>';
         hesk_error($myerror);
     }
     $tmpvar['message'] = hesk_makeURL($tmpvar['message']);
     $tmpvar['message'] = nl2br($tmpvar['message']);
     foreach ($hesk_settings['custom_fields'] as $k => $v) {
         if ($v['use'] && isset($_POST[$k])) {
             if (is_array($_POST[$k])) {
                 $tmpvar[$k] = '';
                 foreach ($_POST[$k] as $myCB) {
                     $tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '<br />';
                 }
                 $tmpvar[$k] = substr($tmpvar[$k], 0, -6);
             } else {
                 $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k])));
             }
         } else {
Esempio n. 24
0
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
require HESK_PATH . 'inc/email_functions.inc.php';
require HESK_PATH . 'inc/posting_functions.inc.php';
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
// We only allow POST requests from the HESK form to this file
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
    header('Location: admin_main.php');
    exit;
}
// Check for POST requests larger than what the server can handle
if (empty($_POST) && !empty($_SERVER['CONTENT_LENGTH'])) {
    hesk_error($hesklang['maxpost']);
}
$hesk_error_buffer = array();
$tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer['name'] = $hesklang['enter_your_name'];
$tmpvar['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email'] = $hesklang['enter_valid_email'];
$tmpvar['category'] = intval(hesk_POST('category')) or $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
$tmpvar['priority'] = hesk_POST('priority');
$tmpvar['priority'] = strlen($tmpvar['priority']) ? intval($tmpvar['priority']) : -1;
if ($tmpvar['priority'] < 0 || $tmpvar['priority'] > 3) {
    // If we are showing "Click to select" priority needs to be selected
    if ($hesk_settings['select_pri']) {
        $tmpvar['priority'] = -1;
        $hesk_error_buffer['priority'] = $hesklang['select_priority'];
    } else {
        $tmpvar['priority'] = 3;
    }
Esempio n. 25
0
hesk_verifyEmailMatch($trackingID, $my_email, $ticket['email']);
/* Ticket locked? */
if ($ticket['locked']) {
    hesk_process_messages($hesklang['tislock2'], 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999));
    exit;
}
// Prevent flooding ticket replies
$res = hesk_dbQuery("SELECT `staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `replyto`='{$ticket['id']}' AND `dt` > DATE_SUB(NOW(), INTERVAL 10 MINUTE) ORDER BY `id` ASC");
if (hesk_dbNumRows($res) > 0) {
    $sequential_customer_replies = 0;
    while ($tmp = hesk_dbFetchAssoc($res)) {
        $sequential_customer_replies = $tmp['staffid'] ? 0 : $sequential_customer_replies + 1;
    }
    if ($sequential_customer_replies > 10) {
        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` (`ip`, `number`) VALUES ('" . hesk_dbEscape($_SERVER['REMOTE_ADDR']) . "', " . intval($hesk_settings['attempt_limit'] + 1) . ")");
        hesk_error(sprintf($hesklang['yhbr'], $hesk_settings['attempt_banmin']), 0);
    }
}
/* Insert attachments */
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
    foreach ($attachments as $myatt) {
        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('{$trackingID}','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
        $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . ',';
    }
}
// If staff hasn't replied yet, keep ticket status "New", otherwise set it to "Waiting reply from staff"
$ticket['status'] = $ticket['status'] ? 1 : 0;
/* Update ticket as necessary */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `lastchange`=NOW(), `status`='{$ticket['status']}', `replies`=`replies`+1, `lastreplier`='0' WHERE `id`='{$ticket['id']}' LIMIT 1");
if (isset($_SESSION['id']['user'])) {
    $name = $_SESSION['id']['user'];
function toggle_sticky()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check();
    $id = intval(hesk_GET('id')) or hesk_error($hesklang['kb_art_id']);
    $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']);
    $sticky = empty($_GET['s']) ? 0 : 1;
    $_SESSION['artord'] = $id;
    /* Update article "sticky" status */
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "' LIMIT 1");
    /* Update article order */
    update_article_order($catid);
    $tmp = $sticky ? $hesklang['ason'] : $hesklang['asoff'];
    hesk_process_messages($tmp, './manage_knowledgebase.php?a=manage_cat&catid=' . $catid, 'SUCCESS');
}
Esempio n. 27
0
function remove_sm()
{
    global $hesk_settings, $hesklang;
    // A security check
    hesk_token_check();
    // Get ID
    $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
    // Delete the service message
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
    // Were we successful?
    if (hesk_dbAffectedRows() == 1) {
        hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS');
    } else {
        hesk_process_messages($hesklang['sm_not_found'], './service_messages.php');
    }
}
Esempio n. 28
0
function hesk_getEmailMessage($eml_file, $ticket, $is_admin = 0, $is_ticket = 1, $just_message = 0)
{
    global $hesk_settings, $hesklang;
    // Demo mode
    if (defined('HESK_DEMO')) {
        return '';
    }
    /* Get list of valid emails */
    $valid_emails = hesk_validEmails();
    /* Verify this is a valid email include */
    if (!isset($valid_emails[$eml_file])) {
        hesk_error($hesklang['inve']);
    }
    /* Get email template */
    $eml_file = 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/emails/' . $eml_file . '.txt';
    if (file_exists(HESK_PATH . $eml_file)) {
        $msg = file_get_contents(HESK_PATH . $eml_file);
    } else {
        hesk_error($hesklang['emfm'] . ': ' . $eml_file);
    }
    $msg = hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message);
    return $msg;
}
function hesk_show_kb_category($catid, $is_search = 0)
{
    global $hesk_settings, $hesklang;
    if ($is_search == 0) {
        /* Print header */
        require_once HESK_PATH . 'inc/header.inc.php';
        hesk_kb_header($hesk_settings['kb_link'], $catid);
        if ($catid == 1) {
            echo '<br/><div class="container priv-kb-text">' . $hesklang['priv'] . '</div><br/>';
        }
    }
    $res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='" . intval($catid) . "' LIMIT 1");
    $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
    if ($thiscat['parent']) {
        $link = $thiscat['parent'] == 1 ? 'knowledgebase_private.php' : 'knowledgebase_private.php?category=' . $thiscat['parent'];
        echo '<br/><div class="container homepageh3"> ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</div><br/>
        <div class="container"><a href="javascript:history.go(-1)">' . '<button type="submit" class="btn btn-default goback-btn">' . $hesklang['back'] . '</button>' . '</a></div>
		';
    }
    $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='" . intval($catid) . "' ORDER BY `parent` ASC, `cat_order` ASC");
    if (hesk_dbNumRows($result) > 0) {
        ?>

		<div class="container"><b><?php 
        echo $hesklang['kb_cat_sub'];
        ?>
:</b></div><br/>

	<div class="container">
		<?php 
        $per_col = $hesk_settings['kb_cols'];
        $i = 1;
        while ($cat = hesk_dbFetchAssoc($result)) {
            if ($i == 1) {
                echo '<tr>';
            }
            $private = $cat['type'] == 1 ? ' *' : '';
            echo '
		    <td width="50%" valign="top">
			<table border="0">
			<tr><td><img src="../img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase_private.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a>' . $private . '</td></tr>
			';
            /* Print most popular/sticky articles */
            if ($hesk_settings['kb_numshow'] && $cat['articles']) {
                $res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($cat['id']) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
                $num = 1;
                while ($art = hesk_dbFetchAssoc($res)) {
                    $private = $art['type'] == 1 ? ' *' : '';
                    echo '
		            <tr>
		            <td><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" />
		            <a href="knowledgebase_private.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a>' . $private . '</td>
		            </tr>';
                    if ($num == $hesk_settings['kb_numshow']) {
                        break;
                    } else {
                        $num++;
                    }
                }
                if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
                    echo '<tr><td>&raquo; <a href="knowledgebase_private.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
                }
            }
            echo '
			</table>
		    </td>
			';
            if ($i == $per_col) {
                echo '</tr>';
                $i = 0;
            }
            $i++;
        }
        /* Finish the table if needed */
        if ($i != 1) {
            for ($j = 1; $j <= $per_col; $j++) {
                echo '<td width="50%">&nbsp;</td>';
                if ($i == $per_col) {
                    echo '</tr>';
                    break;
                }
                $i++;
            }
        }
        ?>
	</div>
	
	<?php 
    }
    // END if NumRows > 0
    ?>

	<br/>
	<div class="container articles_categ"><b><?php 
    echo $hesklang['ac'];
    ?>
</b></div>


	<div>
	<?php 
    $res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating`, `type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($catid) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `art_order` ASC");
    if (hesk_dbNumRows($res) == 0) {
        echo '<div class="container"><i>' . $hesklang['noac'] . '</i></div>';
    } else {
        echo '<div class="container table-responsive"><table class="table table-bordered" style="background-color: white;">';
        while ($article = hesk_dbFetchAssoc($res)) {
            $private = $article['type'] == 1 ? ' *' : '';
            $txt = hesk_kbArticleContentPreview($article['content']);
            echo '
				<tr>
				<td>
	                <table>
	                <tr>
	                <td width="1" valign="top"><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
	                <td valign="top"><a href="knowledgebase_private.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>' . $private . '</td>
                    </tr>
	                </table>
	                <table border="0" width="100%" cellspacing="0" cellpadding="1">
	                <tr>
	                <td width="1" valign="top"><img src="../img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td>
	                <td><span class="article_list" style="word-break: break-all;">' . $txt . '</span></td>
                    </tr>
	                </table>
	            </td>
				</tr>';
        }
        echo '</table></div>';
    }
    ?>

	</div>

<?php 
}
function hesk_verifyCategory($any_type = 0)
{
    global $hesk_settings, $hesklang, $hesk_db_link, $hesk_error_buffer, $tmpvar;
    // Verify just by public or any category type?
    $type = $any_type ? " 1 " : " `type`='0' ";
    // Does the category exist?
    $res = hesk_dbQuery("SELECT `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . $tmpvar['category'] . "' AND {$type} LIMIT 1");
    if (hesk_dbNumRows($res) == 1) {
        $hesk_settings['category_data'][$tmpvar['category']] = hesk_dbFetchAssoc($res);
        return true;
    }
    // OK, something wrong with the category. Get a list of categories to check few things
    $res = hesk_dbQuery("SELECT `id`, `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE {$type} ORDER BY `id` ASC");
    $num = hesk_dbNumRows($res);
    // If more than 1 choice is available, let the user choose
    if ($num > 1) {
        $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
        return false;
    } elseif ($num == 1) {
        $tmp = hesk_dbFetchAssoc($res);
        $tmpvar['category'] = $tmp['id'];
        $hesk_settings['category_data'][$tmpvar['category']] = $tmp;
        return true;
    } else {
        $res = hesk_dbQuery("SELECT `id`, `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `id` ASC LIMIT 1");
        if (hesk_dbNumRows($res) == 1) {
            $tmp = hesk_dbFetchAssoc($res);
            $tmpvar['category'] = $tmp['id'];
            $hesk_settings['category_data'][$tmpvar['category']] = $tmp;
        } else {
            // What the ...? No categories exist??? You know what, just error out...
            hesk_error($hesklang['int_error'] . ': ' . $hesklang['cat_not_found']);
        }
    }
}