public function delete()
{
if (!empty($_POST['del'])) {
// Nuke departments..
mysql_query("DELETE FROM `" . DB_PREFIX . "departments`\n WHERE `id` IN(" . implode(',', $_POST['del']) . ")\n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = mysql_affected_rows();
// Nuke user department association..
mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n WHERE `deptID` IN(" . implode(',', $_POST['del']) . ")\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mswRowCount('departments') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "departments`");
}
if (mswRowCount('userdepts') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "userdepts`");
}
// Rebuild order sequence..
$seq = 0;
$q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "departments` ORDER BY `orderBy`");
while ($RB = mysql_fetch_object($q)) {
$n = ++$seq;
mysql_query("UPDATE `" . DB_PREFIX . "departments` SET\n\t `orderBy` = '{$n}'\n WHERE `id` = '{$RB->id}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
return $rows;
}
return '0';
}
public function deleteCustomFields()
{
if (!empty($_POST['del'])) {
mysql_query("DELETE FROM `" . DB_PREFIX . "cusfields` \n WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = mysql_affected_rows();
mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields` \n WHERE `fieldID` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mswRowCount('cusfields') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "cusfields`");
}
if (mswRowCount('ticketfields') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`");
}
// Rebuild sequence..
fields::rebuildSequence();
return $rows;
}
return '0';
}
function dbConnectorTest($test = false)
{
$connect = @mysql_connect(DB_HOST, DB_USER, DB_PASS);
if (!$connect) {
if ($test) {
return 'Connection Failed - Check Connection Parameters';
}
mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__);
}
if ($connect && !mysql_select_db(DB_NAME, $connect)) {
if ($test) {
return 'Connection Failed - Check Connection Parameters';
}
mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__);
}
if ($test) {
return 'Connection Successful';
}
}
public function faqAttachment($id, $s, $admin = false)
{
$q = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "faqattach`\n WHERE `id` = '{$id}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$F = mysql_fetch_object($q);
if (isset($F->id)) {
$base = $s->attachpathfaq . '/';
// Remote or not..
if ($F->remote) {
header("Location: " . $F->remote);
exit;
} else {
if (file_exists($base . $F->path)) {
$m = msDownload::mime($base . $F->path, $F->mimeType);
msDownload::dl($base . $F->path, $m, 'no');
} else {
$H = new htmlHeaders();
$H->err404($admin);
}
}
} else {
$H = new htmlHeaders();
$H->err403($admin);
}
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
if (!defined('PARENT')) {
$HEADERS->err403(true);
}
// Permissions..
if (!defined('PASS_RESET')) {
$HEADERS->err403(true, 'This page cannot be accessed.<br>Refer to the <a href="../docs/reset.html" onclick="window.open(this);return false">documentation</a> on how to access the reset page');
}
// Update..
if (isset($_POST['process'])) {
$ret = $MSUSERS->reset();
if (isset($_POST['email']) && !empty($ret)) {
// Load mail params
include REL_PATH . 'control/mail-data.php';
for ($i = 0; $i < count($ret); $i++) {
$q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n WHERE `id` = '{$ret[$i]['id']}'\n\t\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($USERS = mysql_fetch_object($q)) {
$MSMAIL->addTag('{NAME}', $USERS->name);
$MSMAIL->addTag('{EMAIL}', $USERS->email);
$MSMAIL->addTag('{PASS}', $ret[$i]['pass']);
// Send mail..
$MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $USERS->name), $emailSubjects['reset']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-pass-reset.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2));
}
}
}
$OK = true;
}
$title = $msg_adheader36;
$loadJQAlertify = true;
if (file_exists(PATH . 'templates/reset.php')) {
define('RESET_LOADER', 1);
$chop = explode(' ', $_GET['q']);
$words = '';
for ($i = 0; $i < count($chop); $i++) {
$words .= ($i ? 'OR ' : 'WHERE (') . "`" . DB_PREFIX . "portal`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' OR `" . DB_PREFIX . "users`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' ";
}
if ($words) {
$where[] = $words . ')';
}
}
if ($type) {
$where[] = (!empty($where) ? 'AND ' : 'WHERE ') . '`type` = \'' . $type . '\'';
}
if ($from && $to) {
$where[] = (!empty($where) ? 'AND ' : 'WHERE ') . 'DATE(FROM_UNIXTIME(`' . DB_PREFIX . 'log`.`ts`)) BETWEEN \'' . $MSDT->mswDatePickerFormat($from) . '\' AND \'' . $MSDT->mswDatePickerFormat($to) . '\'';
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "log`.`ts` AS `lts`,\n\t\t\t `" . DB_PREFIX . "log`.`id` AS `logID`,\n\t\t\t `" . DB_PREFIX . "log`.`userID` AS `personID`,\n\t\t\t `" . DB_PREFIX . "log`.`ip` AS `entryLogIP`,\n\t\t\t `" . DB_PREFIX . "portal`.`name` AS `portalName`,\n\t\t\t `" . DB_PREFIX . "users`.`name` AS `userName`\n\t\t\t FROM `" . DB_PREFIX . "log`\n LEFT JOIN `" . DB_PREFIX . "users`\n ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "users`.`id` \n\t\t\t LEFT JOIN `" . DB_PREFIX . "portal`\n ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "portal`.`id` \n\t\t\t " . (!empty($where) ? implode(mswDefineNewline(), $where) : '') . "\n ORDER BY `" . DB_PREFIX . "log`.`id` DESC\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
$actualRows = mswRowCount('log');
// Export url..
$url = 'index.php?p=log&export=yes' . mswQueryParams(array('p', 'export'));
?>
<div class="content">
<script type="text/javascript">
//<![CDATA[
<?php
include PATH . 'templates/date-pickers.php';
?>
function searchToggle() {
jQuery('#b1').toggle();
if (jQuery('#b1').css('display')!='none') {
function mswFaqCategories($id, $action = 'show')
{
$cat = array();
$catID = array();
$q = mysql_query("SELECT `" . DB_PREFIX . "categories`.`name`,`" . DB_PREFIX . "categories`.`id` AS `catID` FROM `" . DB_PREFIX . "categories`\n LEFT JOIN `" . DB_PREFIX . "faqassign`\n\t ON `" . DB_PREFIX . "faqassign`.`itemID` = `" . DB_PREFIX . "categories`.`id`\n WHERE `" . DB_PREFIX . "faqassign`.`desc` = 'category'\n\t AND `" . DB_PREFIX . "faqassign`.`question` = '{$id}'\n ORDER BY `" . DB_PREFIX . "categories`.`name`\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($CT = mysql_fetch_object($q)) {
$cat[] = mswCleanData($CT->name);
$catID[] = $CT->catID;
}
// We just want IDs if action is get..
if ($action == 'get') {
return $catID;
}
return !empty($cat) ? implode(', ', $cat) : '';
}
<?php
if (!defined('TICKET_LOADER')) {
exit;
}
$aTickID = (int) $aTickID;
$aTickReply = (int) $aTickReply;
$qA = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "attachments`\n WHERE `ticketID` = '{$aTickID}' AND `replyID` = '{$aTickReply}'\n ORDER BY `fileName`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($qA) > 0) {
?>
<div id="attachments_<?php
echo $aTickID;
?>
_<?php
echo $aTickReply;
?>
" class="block" style="display:none">
<table class="table table-striped table-hover">
<thead>
<tr class="attachmentTRBG">
<?php
if (USER_DEL_PRIV == 'yes') {
?>
<th style="width:5%">
<input onclick="selectAll('attachments_<?php
echo $aTickID;
?>
_<?php
echo $aTickReply;
?>
" maxlength="250" value="<?php
echo isset($EDIT->summary) ? mswSpecialChars($EDIT->summary) : '';
?>
">
<label><?php
echo $msg_kbase38;
?>
</label>
<select name="subcat">
<option value="0"><?php
echo $msg_kbase36;
?>
</option>
<?php
$q_cat = mysql_query("SELECT * FROM `" . DB_PREFIX . "categories` WHERE `subcat` = '0' ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($q_cat) > 0) {
?>
<optgroup label="<?php
echo mswSpecialChars($msg_kbase37);
?>
">
<?php
while ($CAT = mysql_fetch_object($q_cat)) {
?>
<option<?php
echo isset($EDIT->id) ? mswSelectedItem($EDIT->subcat, $CAT->id) : '';
?>
value="<?php
echo $CAT->id;
?>
if (!empty($_POST['users'][$ID])) {
// Ticket information..
$SUPTICK = mswGetTableData('tickets', 'id', $ID);
// Array of ticket subjects assigned to users..
foreach ($_POST['users'][$ID] as $userID) {
$tickets[$userID][] = str_replace(array('{id}', '{subject}'), array(mswTicketNumber($ID), $SUPTICK->subject), $msg_assign7);
$userNotify[] = $userID;
}
// Update ticket..
$MSTICKET->ticketUserAssign($ID, implode(',', $_POST['users'][$ID]), $msg_ticket_history['assign']);
}
}
}
// Email users..
if (!empty($userNotify) && !empty($tickets) && isset($_POST['mail'])) {
$q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n WHERE `id` IN(" . implode(',', $userNotify) . ")\n\t\t\t GROUP BY `id`\n ORDER BY `name`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($USERS = mysql_fetch_object($q)) {
$MSMAIL->addTag('{ASSIGNEE}', $MSTEAM->name);
$MSMAIL->addTag('{NAME}', $USERS->name);
$MSMAIL->addTag('{TICKETS}', trim(implode(mswDefineNewline(), $tickets[$USERS->id])));
// Send mail..
$MSMAIL->sendMSMail(array('from_email' => $MSTEAM->emailFrom ? $MSTEAM->emailFrom : $MSTEAM->email, 'from_name' => $MSTEAM->nameFrom ? $MSTEAM->nameFrom : $MSTEAM->name, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $MSTEAM->name), $emailSubjects['ticket-assign']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-ticket-assign.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2));
}
}
$OK2 = true;
}
$title = $msg_adheader32;
$loadJQAlertify = true;
$loadJQNyroModal = true;
include PATH . 'templates/header.php';
include PATH . 'templates/system/tickets/tickets-assign.php';
public function deleteImapAccounts()
{
if (!empty($_POST['del'])) {
mysql_query("DELETE FROM `" . DB_PREFIX . "imap` \n WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = mysql_affected_rows();
if (mswRowCount('imap') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "imap`");
}
return $rows;
}
return '0';
}
public function updateTicket()
{
$tickID = (int) $_GET['id'];
$deptID = (int) $_POST['dept'];
$rows = 0;
mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `lastrevision` = UNIX_TIMESTAMP(UTC_TIMESTAMP),\n `department` = '{$deptID}',\n `subject` = '" . mswSafeImportString($_POST['subject']) . "',\n `comments` = '" . mswSafeImportString($_POST['comments']) . "',\n `priority` = '" . mswSafeImportString($_POST['priority']) . "'\n WHERE `id` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = $rows + mysql_affected_rows();
// Custom field data..
if (!empty($_POST['customField'])) {
// Check to see if any checkboxes arrays are now blank..
// If there are, create empty array to prevent ommission in loop..
if (!empty($_POST['hiddenBoxes'])) {
foreach ($_POST['hiddenBoxes'] as $hb) {
if (!isset($_POST['customField'][$hb])) {
$_POST['customField'][$hb] = array();
}
}
}
foreach ($_POST['customField'] as $k => $v) {
$data = '';
// If value is array, its checkboxes..
if (is_array($v)) {
if (!empty($v)) {
$data = implode('#####', $v);
}
} else {
$data = $v;
}
$k = (int) $k;
// If data exists, update or add entry..
// If blank or 'nothing-selected', delete if exists..
if ($data != '' && $data != 'nothing-selected') {
if (mswRowCount('ticketfields WHERE `ticketID` = \'' . $tickID . '\' AND `fieldID` = \'' . $k . '\' AND `replyID` = \'0\'') > 0) {
mysql_query("UPDATE `" . DB_PREFIX . "ticketfields` SET\n `fieldData` = '" . mswSafeImportString($data) . "'\n WHERE `ticketID` = '{$tickID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '0'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = $rows + mysql_affected_rows();
} else {
mysql_query("INSERT INTO `" . DB_PREFIX . "ticketfields` (\n `fieldData`,`ticketID`,`fieldID`,`replyID`\n ) VALUES (\n '" . mswSafeImportString($data) . "','{$tickID}','{$k}','0'\n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = $rows + mysql_affected_rows();
}
} else {
mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields`\n WHERE `ticketID` = '{$tickID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '0'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = $rows + mysql_affected_rows();
if (mswRowCount('ticketfields') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`");
}
}
}
}
// If department was changed, update attachments..
if ($deptID != $_POST['odeptid']) {
mysql_query("UPDATE `" . DB_PREFIX . "attachments` SET\n `department` = '{$deptID}'\n WHERE `ticketID` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Check assignment..If department has assign disabled, we need to clear assigned values from ticket..
if (mswRowCount('departments WHERE `id` = \'' . $deptID . '\' AND `manual_assign` = \'no\'') > 0) {
mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `assignedto` = ''\n WHERE `id` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
}
return $rows;
}
<?php
if (!defined('PARENT')) {
exit;
}
// Order and filter by files..
include PATH . 'templates/system/tickets/global/order-by.php';
include PATH . 'templates/system/tickets/global/filter-by.php';
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`\n\t FROM `" . DB_PREFIX . "tickets`\n\t LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n WHERE (`ticketStatus` != 'open' and `ticketStatus` != 'submit_report')\n AND `isDisputed` = 'no'\n AND `assignedto` != 'waiting'\n\t AND `spamFlag` = 'no'\n " . $filterBy . " " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
<script type="text/javascript">
//<![CDATA[
jQuery(document).ready(function() {
jQuery('.nyroModal').nyroModal();
<?php
// Remove notes icon if permission denied..
if ($MSTEAM->notePadEnable == 'no' && $MSTEAM->id != '1') {
?>
jQuery('.tIcons .nyroModal').each(function(){
jQuery(this).remove();
});
<?php
}
?>
});
//]]>
</script>
<div class="header">
<?php
if (!defined('PARENT')) {
exit;
}
// Check product key exists..
if ($SETTINGS->prodKey == '' || strlen($SETTINGS->prodKey) != 60) {
$productKey = mswProdKeyGen();
mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `prodKey` = '{$productKey}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$SETTINGS->prodKey = $productKey;
}
// Update encoder version if not already..
if ($SETTINGS->encoderVersion == 'XX' && function_exists('ioncube_loader_version')) {
mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `encoderVersion` = '" . ioncube_loader_version() . "'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
?>
<div class="content">
<div class="header">
<h1 class="page-title"><?php
echo $msg_adheader9;
?>
</h1>
<span class="clearfix"></span>
</div>
<ul class="breadcrumb">
<li class="active"><?php
if (!defined('TICKET_LOADER')) {
exit;
}
?>
<div id="userAssignArea">
<div class="block">
<p class="block-heading"><?php
echo strtoupper($msg_viewticket92);
?>
</p>
<div class="block-body">
<?php
$boomUsers = explode(',', $SUPTICK->assignedto);
$q_users = mysql_query("SELECT * FROM `" . DB_PREFIX . "users` ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($USERS = mysql_fetch_object($q_users)) {
$checked = '';
$toggleHideShow = "style=''";
$class = '';
if ($MSTEAM->id == $USERS->id) {
$checked = 'checked';
$toggleHideShow = "style='display:none;'";
$class = "class='creater'";
}
?>
<label class="checkbox" <?php
echo $toggleHideShow;
?>
>
<input type="checkbox" name="assigned[]" <?php
?>
"></i></span>
<a href="?p=faq-cat&edit=<?php
echo $CAT->id;
?>
" title="<?php
echo mswSpecialChars($msg_script9);
?>
"><i class="icon-pencil"></i></a>
</td>
</tr>
<?php
//============================
// SUB CATEGORIES
//============================
$q2 = mysql_query("SELECT *, \n\t\t (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t WHERE (`" . DB_PREFIX . "categories`.`id` = `" . DB_PREFIX . "faqassign`.`itemID`)\n\t\t\t\t AND `" . DB_PREFIX . "faqassign`.`desc` = 'category'\n\t\t\t\t) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "categories` \n\t\t WHERE `subcat` = '{$CAT->id}'\n\t\t\t\t" . (defined('DISABLED_CATS') ? 'AND `enCat` = \'no\'' : '') . " \n\t\t\t\t" . $SQL . " " . $orderBy) or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$subCount = mysql_num_rows($q2);
if ($subCount > 0) {
while ($SUB = mysql_fetch_object($q2)) {
?>
<tr class="en_subcat_<?php
echo $SUB->enCat;
?>
">
<?php
if (USER_DEL_PRIV == 'yes') {
?>
<td style="padding-left:15px" class="subcat_<?php
echo $CAT->id;
?>
"><input type="checkbox" onclick="if(!this.checked){ms_uncheck('cat_<?php
// Are we showing attachments only allocated to a question?
if (isset($_GET['question'])) {
$_GET['question'] = (int) $_GET['question'];
$attachIDs = array();
$qA = mysql_query("SELECT `itemID` FROM `" . DB_PREFIX . "faqassign`\n WHERE `question` = '{$_GET['question']}'\n\t\t\t\t\t\tAND `desc` = 'attachment'\n\t\t\t\t\t\tGROUP BY `itemID`\n\t\t\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($AA = mysql_fetch_object($qA)) {
$attachIDs[] = $AA->itemID;
}
if (!empty($attachIDs)) {
$SQL = 'WHERE `id` IN(' . implode(',', $attachIDs) . ')';
} else {
$SQL = 'WHERE `id` IN(0)';
}
}
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t WHERE (`" . DB_PREFIX . "faqassign`.`itemID` = `" . DB_PREFIX . "faqattach`.`id`)\n\t\t\t\t AND `" . DB_PREFIX . "faqassign`.`desc` = 'attachment'\n\t\t\t ) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "faqattach`\n {$SQL}\n {$orderBy} \n\t\t\t\tLIMIT {$limitvalue},{$limit}\n\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
<div class="header">
<?php
// Order By..
if (mswRowCount('faqattach') > 0) {
$links = array(array('link' => '?p=' . $_GET['p'] . '&orderby=name_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments17), array('link' => '?p=' . $_GET['p'] . '&orderby=name_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments18), array('link' => '?p=' . $_GET['p'] . '&orderby=order_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&orderby=order_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&orderby=questions_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase58), array('link' => '?p=' . $_GET['p'] . '&orderby=questions_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase57));
echo $MSBOOTSTRAP->button($msg_script45, $links);
// Filters..
$links = array(array('link' => '?p=' . $_GET['p'] . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments20), array('link' => '?p=' . $_GET['p'] . '&opt=disabled' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_response27), array('link' => '?p=' . $_GET['p'] . '&opt=remote' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments21));
echo $MSBOOTSTRAP->button($msg_search20, $links);
case 'tickets_desc':
$orderBy = 'ORDER BY `tickCount` desc';
break;
// Least tickets..
// Least tickets..
case 'tickets_asc':
$orderBy = 'ORDER BY `tickCount`';
break;
}
}
if (isset($_GET['keys']) && $_GET['keys']) {
$_GET['keys'] = mswSafeImportString(strtolower($_GET['keys']));
$SQL = (mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') ? ' AND ' : 'WHERE ') . ' LOWER(`name`) LIKE \'%' . $_GET['keys'] . '%\'';
}
echo "SELECT SQL_CALC_FOUND_ROWS *, \n (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t ) AS `tickCount`\n\t\t\t FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n {$SQL}\n {$orderBy}\n LIMIT {$limitvalue},{$limit}\n\t\t\t ";
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *, \n (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t ) AS `tickCount`\n\t\t\t FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n {$SQL}\n {$orderBy}\n LIMIT {$limitvalue},{$limit}\n\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
<div class="header">
<?php
// Order By..
if (mswRowCount('departments') > 0) {
$links = array(array('link' => '?p=' . $_GET['p'] . '&orderby=name_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels21), array('link' => '?p=' . $_GET['p'] . '&orderby=name_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels22), array('link' => '?p=' . $_GET['p'] . '&orderby=order_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&orderby=order_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&orderby=man_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept26), array('link' => '?p=' . $_GET['p'] . '&orderby=man_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept27), array('link' => '?p=' . $_GET['p'] . '&orderby=vis_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept28), array('link' => '?p=' . $_GET['p'] . '&orderby=vis_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept29), array('link' => '?p=' . $_GET['p'] . '&orderby=tickets_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts11), array('link' => '?p=' . $_GET['p'] . '&orderby=tickets_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts12));
echo $MSBOOTSTRAP->button($msg_script45, $links);
// Page filter..
include PATH . 'templates/system/bootstrap/page-filter.php';
?>
$SR = mswGetTableData('responses', 'id', (int) $_GET['getResponse']);
$json = array('response' => isset($SR->answer) ? mswCleanData($SR->answer) : ' ');
}
break;
//===========================
// Add ticket custom fields
//===========================
//===========================
// Add ticket custom fields
//===========================
case 'add-cus-field':
$fields = '';
$dept = (int) $_GET['dept'];
$area = !isset($_GET['area']) ? 'ticket' : (in_array($_GET['area'], array('ticket', 'reply', 'admin')) ? $_GET['area'] : 'ticket');
// Custom fields..
$qF = mysql_query("SELECT * FROM `" . DB_PREFIX . "cusfields`\n WHERE FIND_IN_SET('{$area}',`fieldLoc`) > 0\n AND `enField` = 'yes'\n\t\tAND FIND_IN_SET('{$dept}',`departments`) > 0\n ORDER BY `orderBy`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($qF) > 0) {
while ($FIELDS = mysql_fetch_object($qF)) {
switch ($FIELDS->fieldType) {
case 'textarea':
$fields .= $MSFM->buildTextArea(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex);
break;
case 'input':
$fields .= $MSFM->buildInputBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex);
break;
case 'select':
$fields .= $MSFM->buildSelect(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions, ++$tabIndex);
break;
case 'checkbox':
$fields .= $MSFM->buildCheckBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions);
break;
public function levels($level, $arr = false, $keys = false, $filter = false)
{
$level = strtolower($level);
$levels = array();
$q = mysql_query("SELECT * FROM `" . DB_PREFIX . "levels`\n " . ($filter ? 'WHERE `display` = \'yes\'' : '') . "\n ORDER BY `orderBy`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($L = mysql_fetch_object($q)) {
$levels[$L->marker ? $L->marker : $L->id] = mswCleanData($L->name);
}
if ($keys) {
return array_keys($levels);
} else {
if ($arr) {
return $levels;
} else {
return isset($levels[$level]) ? $levels[$level] : $levels['low'];
}
}
}
<?php
} else {
?>
<div class="alert alert-success" id="replyArea">
<p class="nodata"><?php
echo str_replace('{url}', $url, $msg_viewticket45);
?>
</p>
</div>
<?php
}
}
}
// Show ticket history..
if ($SETTINGS->ticketHistory == 'yes' && $MSTEAM->ticketHistory == 'yes') {
$qTH = mysql_query("SELECT * FROM `" . DB_PREFIX . "tickethistory`\n WHERE `ticketID` = '{$_GET['id']}'\n ORDER BY `ts` DESC\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$historyRows = mysql_num_rows($qTH);
?>
<div class="block" style="margin-top:40px">
<p class="block-heading" id="hisblockhead">(<span id="hiscount"><?php
echo @number_format($historyRows);
?>
</span>) <?php
echo strtoupper($msg_viewticket110) . ' (#' . mswTicketNumber($_GET['id']);
?>
)<?php
echo $historyRows > 0 ? (USER_DEL_PRIV == 'yes' ? ' <a class="toggleFields pull-right" href="#" onclick="confirmMessageExecute(\'' . mswSpecialChars($msg_script_action) . '\',\'history\',\'0##' . $_GET['id'] . '\');return false"><i class="icon-remove"></i> ' . $msg_viewticket118 . '</a> ' : '') . '<a class="toggleFields pull-right" href="index.php?p=view-ticket&exportHistory=' . $_GET['id'] . '"><i class="icon-save"></i> ' . $msg_viewticket112 . '</a>' : '';
?>
</p>
<div class="block-body" style="max-height:300px;overflow:auto" id="historyArea">
<?php
// Check if this ticket was originally opened by imap..
// If it was, set the reply-to address as the imap address..
// This is so any replies sent go back to the ticket..
if ($T->source == 'imap') {
$IMD = mswGetTableData('imap', 'im_dept', $T->department);
if (isset($IMD->im_email) && $IMD->im_email) {
$replyToAddr = $IMD->im_email;
}
}
// Get all users in this dispute..
$ticketDisputeUsers = $MSTICKET->disputeUsers($T->id);
// Add original ticket starter to the mix..
array_push($ticketDisputeUsers, $T->visitorID);
// Send, but skip person currently logged in..
if (!empty($ticketDisputeUsers)) {
$qDU = mysql_query("SELECT `name`,`email`,`language` FROM `" . DB_PREFIX . "portal`\n WHERE `id` IN(" . implode(',', $ticketDisputeUsers) . ")\n\t\t\t\t AND `id` != '{$LI_ACC->id}'\n\t\t\t\t GROUP BY `email`\n ORDER BY `name`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($D_USR = mysql_fetch_object($qDU)) {
$pLang = '';
$temp = PATH . 'content/language/' . $SETTINGS->language . '/mail-templates/dispute-reply.txt';
// Get correct language file..
if (isset($D_USR->language) && file_exists(PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt')) {
$pLang = $D_USR->language;
$temp = PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt';
}
$MSMAIL->addTag('{USER}', $LI_ACC->name);
$MSMAIL->addTag('{NAME}', $D_USR->name);
$MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $D_USR->email, 'to_name' => $D_USR->name, 'subject' => str_replace(array('{website}', '{ticket}'), array($SETTINGS->website, mswTicketNumber($T->id)), $emailSubjects['dispute-notify']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $replyToAddr ? $replyToAddr : ($SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email)), 'template' => $temp, 'language' => $pLang ? $pLang : $SETTINGS->language, 'alive' => 'yes'));
}
}
}
// Finish with message..
public function delete($t_class)
{
if (!empty($_POST['del'])) {
$uIDs = implode(',', $_POST['del']);
// Get all tickets related to the users that are going to be deleted..
$tickets = array();
$q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets`\n WHERE `visitorID` IN({$uIDs})\n\t\t ORDER BY `id`\n\t\t ");
while ($T = mysql_fetch_object($q)) {
$tickets[] = $T->id;
}
// If there are tickets, delete all information..
// We can use the delete operation from the ticket class..
if (!empty($tickets)) {
$_POST['ticket'] = $tickets;
$t_class->deleteTickets();
}
// Users info..
mysql_query("DELETE FROM `" . DB_PREFIX . "portal` \n WHERE `id` IN({$uIDs}) \n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Delete disputes..
mysql_query("DELETE FROM `" . DB_PREFIX . "disputes` WHERE `visitorID` IN({$uIDs})") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Log entries..
mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n WHERE `userID` IN({$uIDs})\n\tAND `type` = 'acc'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Truncate tables to start at 1..
foreach (array('tickets', 'attachments', 'replies', 'cusfields', 'ticketfields', 'disputes', 'tickethistory', 'portal') as $tables) {
if (mswRowCount($tables) == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`");
}
}
return count($uIDs);
}
return '0';
}
<?php
// Are additional folders allowed?
if ($MSTEAM->mailFolders > 0) {
?>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#"><i class="icon-folder-open"></i> <?php
echo $msg_mailbox5;
?>
<b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="?p=mailbox&folders=1"><i class="icon-plus"></i> <?php
echo $msg_mailbox6;
?>
</a></li>
<?php
$qF = mysql_query("SELECT `id`,`folder`\n FROM `" . DB_PREFIX . "mailfolders`\n\t\t WHERE `staffID` = '{$MSTEAM->id}'\n ORDER BY `folder`\n\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($qF) > 0) {
$moveToFolders['-'] = '- - - - - - -';
}
while ($FOLDERS = mysql_fetch_object($qF)) {
$moveToFolders[$FOLDERS->id] = mswCleanData($FOLDERS->folder);
?>
<li><a href="?p=mailbox&f=<?php
echo $FOLDERS->id;
?>
"><i class="icon-folder-close-alt"></i> <?php
echo mswCleanData($FOLDERS->folder);
?>
</a></li>
<?php
}
public function updateSettings()
{
$_POST = mswMultiDimensionalArrayMap('mswSafeImportString', $_POST);
// Defaults if not set..
$_POST['attachment'] = isset($_POST['attachment']) ? 'yes' : 'no';
$_POST['rename'] = isset($_POST['rename']) ? 'yes' : 'no';
$_POST['weekStart'] = isset($_POST['weekStart']) && in_array($_POST['weekStart'], array('sun', 'mon')) ? $_POST['weekStart'] : 'sun';
$_POST['enSpamSum'] = isset($_POST['enSpamSum']) && in_array($_POST['enSpamSum'], array('yes', 'no')) ? $_POST['enSpamSum'] : 'yes';
$_POST['enableBBCode'] = isset($_POST['enableBBCode']) ? 'yes' : 'no';
$_POST['disputes'] = isset($_POST['disputes']) ? 'yes' : 'no';
$_POST['multiplevotes'] = isset($_POST['multiplevotes']) ? 'yes' : 'no';
$_POST['enableVotes'] = isset($_POST['enableVotes']) ? 'yes' : 'no';
$_POST['enCapLogin'] = isset($_POST['enCapLogin']) ? 'yes' : 'no';
$_POST['sysstatus'] = isset($_POST['sysstatus']) ? 'yes' : 'no';
$_POST['autoenable'] = $_POST['autoenable'] ? $this->datetime->mswDatePickerFormat($_POST['autoenable']) : '0000-00-00';
$_POST['kbase'] = isset($_POST['kbase']) ? 'yes' : 'no';
$_POST['scriptpath'] = systemSettings::filterInstallationPath($_POST['scriptpath']);
$_POST['attachpath'] = systemSettings::filterInstallationPath($_POST['attachpath']);
$_POST['attachhref'] = systemSettings::filterInstallationPath($_POST['attachhref']);
$_POST['attachpathfaq'] = systemSettings::filterInstallationPath($_POST['attachpathfaq']);
$_POST['attachhreffaq'] = systemSettings::filterInstallationPath($_POST['attachhreffaq']);
$_POST['imap_param'] = $_POST['imap_param'] ? $_POST['imap_param'] : 'pipe';
$_POST['renamefaq'] = isset($_POST['renamefaq']) ? 'yes' : 'no';
$_POST['smtp_debug'] = isset($_POST['smtp_debug']) ? 'yes' : 'no';
$_POST['createPref'] = isset($_POST['createPref']) ? 'yes' : 'no';
$_POST['createAcc'] = isset($_POST['createAcc']) ? 'yes' : 'no';
$_POST['ticketHistory'] = isset($_POST['ticketHistory']) ? 'yes' : 'no';
$_POST['closenotify'] = isset($_POST['closenotify']) ? 'yes' : 'no';
$_POST['accProfNotify'] = isset($_POST['accProfNotify']) ? 'yes' : 'no';
$_POST['newAccNotify'] = isset($_POST['newAccNotify']) ? 'yes' : 'no';
$_POST['enableLog'] = isset($_POST['enableLog']) ? 'yes' : 'no';
$_POST['enableMail'] = isset($_POST['enableMail']) ? 'yes' : 'no';
$_POST['imap_debug'] = isset($_POST['imap_debug']) ? 'yes' : 'no';
$_POST['apiLog'] = isset($_POST['apiLog']) ? 'yes' : 'no';
$_POST['disputeAdminStop'] = isset($_POST['disputeAdminStop']) ? 'yes' : 'no';
// Enforce digits..
$_POST['maxsize'] = (int) $_POST['maxsize'] > 0 ? $_POST['maxsize'] : '0';
$_POST['popquestions'] = (int) $_POST['popquestions'] > 0 ? $_POST['popquestions'] : '10';
$_POST['quePerPage'] = (int) $_POST['quePerPage'] > 0 ? $_POST['quePerPage'] : '10';
$_POST['cookiedays'] = (int) $_POST['cookiedays'] > 0 ? $_POST['cookiedays'] : '60';
$_POST['attachboxes'] = (int) $_POST['attachboxes'] > 0 ? $_POST['attachboxes'] : '1';
$_POST['autoClose'] = (int) $_POST['autoClose'] > 0 ? $_POST['autoClose'] : '0';
$_POST['smtp_port'] = (int) $_POST['smtp_port'] > 0 ? $_POST['smtp_port'] : '25';
$_POST['loginLimit'] = (int) $_POST['loginLimit'] > 0 ? $_POST['loginLimit'] : '0';
$_POST['banTime'] = (int) $_POST['banTime'] > 0 ? $_POST['banTime'] : '25';
$_POST['minPassValue'] = (int) $_POST['minPassValue'] > 0 ? $_POST['minPassValue'] : '8';
$_POST['minTickDigits'] = (int) $_POST['minTickDigits'] > 0 ? $_POST['minTickDigits'] : '5';
$_POST['imap_timeout'] = (int) $_POST['imap_timeout'] > 0 ? $_POST['imap_timeout'] : '0';
$_POST['imap_memory'] = (int) $_POST['imap_memory'] > 0 ? $_POST['imap_memory'] : '0';
// Restrictions..
if (LICENCE_VER == 'locked') {
$_POST['attachboxes'] = RESTR_ATTACH;
$_POST['adminFooter'] = 'To add your own footer code, click "Settings & Tools > Other Options > Edit Footers"';
$_POST['publicFooter'] = 'To add your own footer code, click "Settings & Tools > Other Options > Edit Footers"';
}
// Serialized data..
$langSets = !empty($_POST['templateSet']) ? serialize($_POST['templateSet']) : '';
if ($_POST['defKeepLogs']['user'] == '') {
$_POST['defKeepLogs']['user'] = '******';
}
if ($_POST['defKeepLogs']['acc'] == '') {
$_POST['defKeepLogs']['acc'] = '0';
}
$defLog = !empty($_POST['defKeepLogs']) ? serialize($_POST['defKeepLogs']) : '';
$handlers = !empty($_POST['apiHandlers']) ? implode(',', $_POST['apiHandlers']) : '';
mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `website` = '{$_POST['website']}',\n `email` = '{$_POST['email']}',\n `replyto` = '{$_POST['replyto']}',\n `scriptpath` = '{$_POST['scriptpath']}',\n `attachpath` = '{$_POST['attachpath']}',\n `attachhref` = '{$_POST['attachhref']}',\n `attachpathfaq` = '{$_POST['attachpathfaq']}',\n `attachhreffaq` = '{$_POST['attachhreffaq']}',\n `language` = '{$_POST['language']}',\n `langSets` = '" . mswSafeImportString($langSets) . "',\n `dateformat` = '{$_POST['dateformat']}',\n `timeformat` = '{$_POST['timeformat']}',\n `timezone` = '{$_POST['timezone']}',\n `weekStart` = '{$_POST['weekStart']}',\n `jsDateFormat` = '{$_POST['jsDateFormat']}',\n `kbase` = '{$_POST['kbase']}',\n `enableVotes` = '{$_POST['enableVotes']}',\n `multiplevotes` = '{$_POST['multiplevotes']}',\n `popquestions` = '{$_POST['popquestions']}',\n `quePerPage` = '{$_POST['quePerPage']}',\n `cookiedays` = '{$_POST['cookiedays']}',\n `renamefaq` = '{$_POST['renamefaq']}',\n `attachment` = '{$_POST['attachment']}',\n `rename` = '{$_POST['rename']}',\n `attachboxes` = '{$_POST['attachboxes']}',\n `filetypes` = '{$_POST['filetypes']}',\n `maxsize` = '{$_POST['maxsize']}',\n `enableBBCode` = '{$_POST['enableBBCode']}',\n `afolder` = '{$_POST['afolder']}',\n `autoClose` = '{$_POST['autoClose']}',\n `smtp_host` = '{$_POST['smtp_host']}',\n `smtp_user` = '{$_POST['smtp_user']}',\n `smtp_pass` = '{$_POST['smtp_pass']}',\n `smtp_port` = '{$_POST['smtp_port']}',\n `smtp_security` = '{$_POST['smtp_security']}',\n `smtp_debug` = '{$_POST['smtp_debug']}',\n `adminFooter` = '{$_POST['adminFooter']}',\n `publicFooter` = '{$_POST['publicFooter']}',\n `apiKey` = '{$_POST['apiKey']}',\n `apiLog` = '{$_POST['apiLog']}',\n `apiHandlers` = '{$handlers}',\n `recaptchaPrivateKey` = '{$_POST['recaptchaPrivateKey']}',\n `recaptchaPublicKey` = '{$_POST['recaptchaPublicKey']}',\n `enCapLogin` = '{$_POST['enCapLogin']}',\n `sysstatus` = '{$_POST['sysstatus']}',\n `autoenable` = '{$_POST['autoenable']}',\n `disputes` = '{$_POST['disputes']}',\n `offlineReason` = '{$_POST['offlineReason']}',\n `createPref` = '{$_POST['createPref']}',\n `createAcc` = '{$_POST['createAcc']}',\n `loginLimit` = '{$_POST['loginLimit']}',\n `banTime` = '{$_POST['banTime']}',\n `ticketHistory` = '{$_POST['ticketHistory']}',\n `closenotify` = '{$_POST['closenotify']}',\n `accProfNotify` = '{$_POST['accProfNotify']}',\n `minPassValue` = '{$_POST['minPassValue']}',\n `newAccNotify` = '{$_POST['newAccNotify']}',\n `recaptchaLang` = '{$_POST['recaptchaLang']}',\n `recaptchaTheme` = '{$_POST['recaptchaTheme']}',\n `enableLog` = '{$_POST['enableLog']}',\n `defKeepLogs` = '" . mswSafeImportString($defLog) . "',\n `minTickDigits` = '{$_POST['minTickDigits']}',\n `enableMail` = '{$_POST['enableMail']}',\n `imap_debug` = '{$_POST['imap_debug']}',\n `imap_param` = '{$_POST['imap_param']}',\n `imap_memory` = '{$_POST['imap_memory']}',\n `imap_timeout` = '{$_POST['imap_timeout']}',\n `disputeAdminStop` = '{$_POST['disputeAdminStop']}'\n WHERE `id` = '1'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
<?php
if (!defined('PARENT') || !isset($toLoad)) {
exit;
}
$orderBy = 'ORDER BY `' . DB_PREFIX . 'mailbox`.`ts` DESC';
$keys = isset($_GET['keys']) ? $_GET['keys'] : '';
$searchSQL = '';
// Are we searching?
if ($keys) {
$searchSQL = 'AND (`' . DB_PREFIX . 'mailbox`.`subject` LIKE \'%' . mswSafeImportString($keys) . '%\' OR `' . DB_PREFIX . 'mailbox`.`message` LIKE \'%' . mswSafeImportString($keys) . '%\')';
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "mailbox`.`staffID` AS `starter`,\n\t `" . DB_PREFIX . "mailbox`.`ts` AS `mailStamp`,\n\t `" . DB_PREFIX . "mailassoc`.`mailID` AS `messageID`\n\t FROM `" . DB_PREFIX . "mailassoc`\n\t LEFT JOIN `" . DB_PREFIX . "mailbox`\n\t ON `" . DB_PREFIX . "mailassoc`.`mailID` = `" . DB_PREFIX . "mailbox`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "users`\n\t ON `" . DB_PREFIX . "users`.`id` = `" . DB_PREFIX . "mailbox`.`staffID`\n\t WHERE `folder` = '{$toLoad}' \n AND `" . DB_PREFIX . "mailassoc`.`staffID` = '{$MSTEAM->id}'\n\t " . ($searchSQL ? $searchSQL . mswDefineNewline() . 'GROUP BY `' . DB_PREFIX . 'mailassoc`.`mailID`' : '') . "\n\t " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
<div class="header">
<button class="btn search-bar-button" type="button" onclick="mswToggle('b1','b2','keys','mailbox')"><i class="icon-search" id="search-icon-button"></i></button>
<h1 class="page-title"><?php
echo $msg_adheader61;
?>
(<?php
echo $boxName;
?>
)</h1>
<span class="clearfix"></span>
</div>
</div>
<div class="tab-pane fade" id="two">
<div class="well">
<label class="checkbox">
<input type="checkbox" value="0" onclick="checkBoxes(this.checked,'#cb')"> <?php
echo $msg_response6;
?>
</label>
<div id="cb">
<?php
// If global log in no filter necessary..
$q_dept = mysql_query("SELECT * FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($DEPT = mysql_fetch_object($q_dept)) {
?>
<label class="checkbox">
<input type="checkbox" name="dept[]"<?php
echo isset($deptArr) && in_array($DEPT->id, $deptArr) ? ' checked="checked" ' : ' ';
?>
value="<?php
echo $DEPT->id;
?>
"> <?php
echo mswSpecialChars($DEPT->name);
?>
</label>
<input type="hidden" name="deptall[]" value="<?php
echo $DEPT->id;
}
?>
</div>
</div>
</div>
<div class="row-fluid">
<div class="block" style="padding:0;margin:0;margin-top:10px">
<p class="block-heading uppercase"><i class="icon-chevron-right"></i> <?php
echo $msg_home40;
?>
</p>
<div class="block-body">
<?php
$lp = 0;
$qT4 = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t ) AS `disputeCount`\n\t FROM `" . DB_PREFIX . "tickets` \n LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n WHERE `ticketStatus` = 'open'\n\t AND `replyStatus` IN('visitor') \n AND `isDisputed` = 'yes'\n AND `assignedto` != 'waiting'\n\t AND `spamFlag` = 'no'\n " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n ORDER BY `" . DB_PREFIX . "tickets`.`id` DESC\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$T4Rows = mysql_num_rows($qT4);
if ($T4Rows > 0) {
while ($TICKETS = mysql_fetch_object($qT4)) {
$date = '';
?>
<div class="row-fluid homeTicketWrapper<?php
echo ++$lp == $T4Rows ? ' nobottomborder' : '';
?>
">
<a href="?p=view-dispute&id=<?php
echo $TICKETS->ticketID;
?>
">
<?php
echo $cutOff > 0 && strlen($TICKETS->subject) > $cutOff ? substr(mswSpecialChars($TICKETS->subject), 0, $cutOff - 2) . '..' : mswSpecialChars($TICKETS->subject);
$SQL = 'AND (LOWER(`' . DB_PREFIX . 'tickets`.`subject`) LIKE \'%' . $_GET['keys'] . '%\' OR LOWER(`' . DB_PREFIX . 'tickets`.`comments`) LIKE \'%' . $_GET['keys'] . '%\')';
}
// Disputes..
if ($SETTINGS->disputes == 'yes' && isset($_GET['disputes'])) {
// Disputes in other tickets..
$qD = mysql_query("SELECT `ticketID` FROM `" . DB_PREFIX . "disputes` \n WHERE `visitorID` = '{$ACC->id}'\n\t GROUP BY `ticketID`\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($DP = mysql_fetch_object($qD)) {
$dis[] = $DP->ticketID;
}
// Disputes from started tickets..
$qD2 = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets` \n WHERE `visitorID` = '{$ACC->id}'\n\t\t AND `isDisputed` = 'yes'\n\t\t AND `spamFlag` = 'no'\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($DP2 = mysql_fetch_object($qD2)) {
$dis[] = $DP2->id;
}
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t ) AS `disputeCount`\n\t FROM `" . DB_PREFIX . "tickets` \n LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n " . (empty($dis) ? 'WHERE `' . DB_PREFIX . 'portal`.`email` = \'' . $ACC->email . '\'' : '') . "\n\t " . (!empty($dis) ? 'WHERE `' . DB_PREFIX . 'tickets`.`id` IN(' . implode(',', $dis) . ')' : '') . "\n\t {$SQL}\n\t AND `spamFlag` = 'no'\n " . $filterBy . mswSQLDepartmentFilter($ticketFilterAccess) . "\n " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
$searchBoxUrl = 'acchistory&id=' . $_GET['id'] . (isset($_GET['disputes']) ? '&disputes=yes' : '');
?>
<div class="content">
<script type="text/javascript">
//<![CDATA[
function mswHisToggle() {
if (jQuery('#b2').css('display')=='none') {
jQuery('#topfluid').css('margin-top','0');
jQuery('#b2').show();
jQuery('input[name="keys"]').focus();
jQuery('#search-icon-button').attr('class','icon-remove');
} else {
jQuery('#topfluid').css('margin-top','20px');
public function delete()
{
if (!empty($_POST['del'])) {
$uID = implode(',', $_POST['del']);
// Users info..
mysql_query("DELETE FROM `" . DB_PREFIX . "users` \n WHERE `id` IN({$uID}) \n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = mysql_affected_rows();
// Departments assigned..
mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n WHERE `userID` IN({$uID})\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Access assigned..
mysql_query("DELETE FROM `" . DB_PREFIX . "usersaccess`\n WHERE `userID` IN({$uID})\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Log entries..
mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n WHERE `userID` IN({$uID})\n\tAND `type` = 'user'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
// Truncate tables to start at 1..
foreach (array('users', 'userdepts', 'usersaccess', 'log') as $tables) {
if (mswRowCount($tables) == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`");
}
}
return $rows;
}
}