Esempio n. 1
0
 public function delete()
 {
     if (!empty($_POST['del'])) {
         // Nuke departments..
         mysql_query("DELETE FROM `" . DB_PREFIX . "departments`\n    WHERE `id` IN(" . implode(',', $_POST['del']) . ")\n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         $rows = mysql_affected_rows();
         // Nuke user department association..
         mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n    WHERE `deptID` IN(" . implode(',', $_POST['del']) . ")\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         if (mswRowCount('departments') == 0) {
             @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "departments`");
         }
         if (mswRowCount('userdepts') == 0) {
             @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "userdepts`");
         }
         // Rebuild order sequence..
         $seq = 0;
         $q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "departments` ORDER BY `orderBy`");
         while ($RB = mysql_fetch_object($q)) {
             $n = ++$seq;
             mysql_query("UPDATE `" . DB_PREFIX . "departments` SET\n\t  `orderBy`  = '{$n}'\n    WHERE `id` = '{$RB->id}'\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         }
         return $rows;
     }
     return '0';
 }
Esempio n. 2
0
 public function deleteCustomFields()
 {
     if (!empty($_POST['del'])) {
         mysql_query("DELETE FROM `" . DB_PREFIX . "cusfields` \n    WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         $rows = mysql_affected_rows();
         mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields` \n    WHERE `fieldID` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         if (mswRowCount('cusfields') == 0) {
             @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "cusfields`");
         }
         if (mswRowCount('ticketfields') == 0) {
             @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`");
         }
         // Rebuild sequence..
         fields::rebuildSequence();
         return $rows;
     }
     return '0';
 }
Esempio n. 3
0
function dbConnectorTest($test = false)
{
    $connect = @mysql_connect(DB_HOST, DB_USER, DB_PASS);
    if (!$connect) {
        if ($test) {
            return 'Connection Failed - Check Connection Parameters';
        }
        mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__);
    }
    if ($connect && !mysql_select_db(DB_NAME, $connect)) {
        if ($test) {
            return 'Connection Failed - Check Connection Parameters';
        }
        mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__);
    }
    if ($test) {
        return 'Connection Successful';
    }
}
Esempio n. 4
0
 public function faqAttachment($id, $s, $admin = false)
 {
     $q = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "faqattach`\n       WHERE `id` = '{$id}'\n       ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
     $F = mysql_fetch_object($q);
     if (isset($F->id)) {
         $base = $s->attachpathfaq . '/';
         // Remote or not..
         if ($F->remote) {
             header("Location: " . $F->remote);
             exit;
         } else {
             if (file_exists($base . $F->path)) {
                 $m = msDownload::mime($base . $F->path, $F->mimeType);
                 msDownload::dl($base . $F->path, $m, 'no');
             } else {
                 $H = new htmlHeaders();
                 $H->err404($admin);
             }
         }
     } else {
         $H = new htmlHeaders();
         $H->err403($admin);
     }
 }
Esempio n. 5
0
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
if (!defined('PARENT')) {
    $HEADERS->err403(true);
}
// Permissions..
if (!defined('PASS_RESET')) {
    $HEADERS->err403(true, 'This page cannot be accessed.<br>Refer to the <a href="../docs/reset.html" onclick="window.open(this);return false">documentation</a> on how to access the reset page');
}
// Update..
if (isset($_POST['process'])) {
    $ret = $MSUSERS->reset();
    if (isset($_POST['email']) && !empty($ret)) {
        // Load mail params
        include REL_PATH . 'control/mail-data.php';
        for ($i = 0; $i < count($ret); $i++) {
            $q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n                 WHERE `id` = '{$ret[$i]['id']}'\n\t\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
            while ($USERS = mysql_fetch_object($q)) {
                $MSMAIL->addTag('{NAME}', $USERS->name);
                $MSMAIL->addTag('{EMAIL}', $USERS->email);
                $MSMAIL->addTag('{PASS}', $ret[$i]['pass']);
                // Send mail..
                $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $USERS->name), $emailSubjects['reset']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-pass-reset.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2));
            }
        }
    }
    $OK = true;
}
$title = $msg_adheader36;
$loadJQAlertify = true;
if (file_exists(PATH . 'templates/reset.php')) {
    define('RESET_LOADER', 1);
Esempio n. 6
0
    $chop = explode(' ', $_GET['q']);
    $words = '';
    for ($i = 0; $i < count($chop); $i++) {
        $words .= ($i ? 'OR ' : 'WHERE (') . "`" . DB_PREFIX . "portal`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' OR `" . DB_PREFIX . "users`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' ";
    }
    if ($words) {
        $where[] = $words . ')';
    }
}
if ($type) {
    $where[] = (!empty($where) ? 'AND ' : 'WHERE ') . '`type` = \'' . $type . '\'';
}
if ($from && $to) {
    $where[] = (!empty($where) ? 'AND ' : 'WHERE ') . 'DATE(FROM_UNIXTIME(`' . DB_PREFIX . 'log`.`ts`)) BETWEEN \'' . $MSDT->mswDatePickerFormat($from) . '\' AND \'' . $MSDT->mswDatePickerFormat($to) . '\'';
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n               `" . DB_PREFIX . "log`.`ts` AS `lts`,\n\t\t\t   `" . DB_PREFIX . "log`.`id` AS `logID`,\n\t\t\t   `" . DB_PREFIX . "log`.`userID` AS `personID`,\n\t\t\t   `" . DB_PREFIX . "log`.`ip` AS `entryLogIP`,\n\t\t\t   `" . DB_PREFIX . "portal`.`name` AS `portalName`,\n\t\t\t   `" . DB_PREFIX . "users`.`name` AS `userName`\n\t\t\t   FROM `" . DB_PREFIX . "log`\n               LEFT JOIN `" . DB_PREFIX . "users`\n               ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "users`.`id` \n\t\t\t   LEFT JOIN `" . DB_PREFIX . "portal`\n               ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "portal`.`id` \n\t\t\t   " . (!empty($where) ? implode(mswDefineNewline(), $where) : '') . "\n               ORDER BY `" . DB_PREFIX . "log`.`id` DESC\n               LIMIT {$limitvalue},{$limit}\n               ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
$actualRows = mswRowCount('log');
// Export url..
$url = 'index.php?p=log&amp;export=yes' . mswQueryParams(array('p', 'export'));
?>
<div class="content">
  <script type="text/javascript">
  //<![CDATA[
  <?php 
include PATH . 'templates/date-pickers.php';
?>
  function searchToggle() {
    jQuery('#b1').toggle();
	if (jQuery('#b1').css('display')!='none') {
Esempio n. 7
0
function mswFaqCategories($id, $action = 'show')
{
    $cat = array();
    $catID = array();
    $q = mysql_query("SELECT `" . DB_PREFIX . "categories`.`name`,`" . DB_PREFIX . "categories`.`id` AS `catID` FROM `" . DB_PREFIX . "categories`\n           LEFT JOIN `" . DB_PREFIX . "faqassign`\n\t       ON `" . DB_PREFIX . "faqassign`.`itemID`    = `" . DB_PREFIX . "categories`.`id`\n           WHERE `" . DB_PREFIX . "faqassign`.`desc`   = 'category'\n\t       AND `" . DB_PREFIX . "faqassign`.`question` = '{$id}'\n           ORDER BY `" . DB_PREFIX . "categories`.`name`\n\t       ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    while ($CT = mysql_fetch_object($q)) {
        $cat[] = mswCleanData($CT->name);
        $catID[] = $CT->catID;
    }
    // We just want IDs if action is get..
    if ($action == 'get') {
        return $catID;
    }
    return !empty($cat) ? implode(', ', $cat) : '';
}
Esempio n. 8
0
<?php

if (!defined('TICKET_LOADER')) {
    exit;
}
$aTickID = (int) $aTickID;
$aTickReply = (int) $aTickReply;
$qA = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "attachments`\n      WHERE `ticketID` = '{$aTickID}' AND `replyID` = '{$aTickReply}'\n      ORDER BY `fileName`\n      ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($qA) > 0) {
    ?>
<div id="attachments_<?php 
    echo $aTickID;
    ?>
_<?php 
    echo $aTickReply;
    ?>
" class="block" style="display:none">

<table class="table table-striped table-hover">
<thead>
 <tr class="attachmentTRBG">
  <?php 
    if (USER_DEL_PRIV == 'yes') {
        ?>
  <th style="width:5%">
  <input onclick="selectAll('attachments_<?php 
        echo $aTickID;
        ?>
_<?php 
        echo $aTickReply;
        ?>
Esempio n. 9
0
" maxlength="250" value="<?php 
echo isset($EDIT->summary) ? mswSpecialChars($EDIT->summary) : '';
?>
">
      
		  <label><?php 
echo $msg_kbase38;
?>
</label>
          <select name="subcat">
           <option value="0"><?php 
echo $msg_kbase36;
?>
</option>
           <?php 
$q_cat = mysql_query("SELECT * FROM `" . DB_PREFIX . "categories` WHERE `subcat` = '0' ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mysql_num_rows($q_cat) > 0) {
    ?>
		   <optgroup label="<?php 
    echo mswSpecialChars($msg_kbase37);
    ?>
">
           <?php 
    while ($CAT = mysql_fetch_object($q_cat)) {
        ?>
           <option<?php 
        echo isset($EDIT->id) ? mswSelectedItem($EDIT->subcat, $CAT->id) : '';
        ?>
 value="<?php 
        echo $CAT->id;
        ?>
Esempio n. 10
0
            if (!empty($_POST['users'][$ID])) {
                // Ticket information..
                $SUPTICK = mswGetTableData('tickets', 'id', $ID);
                // Array of ticket subjects assigned to users..
                foreach ($_POST['users'][$ID] as $userID) {
                    $tickets[$userID][] = str_replace(array('{id}', '{subject}'), array(mswTicketNumber($ID), $SUPTICK->subject), $msg_assign7);
                    $userNotify[] = $userID;
                }
                // Update ticket..
                $MSTICKET->ticketUserAssign($ID, implode(',', $_POST['users'][$ID]), $msg_ticket_history['assign']);
            }
        }
    }
    // Email users..
    if (!empty($userNotify) && !empty($tickets) && isset($_POST['mail'])) {
        $q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n               WHERE `id` IN(" . implode(',', $userNotify) . ")\n\t\t\t   GROUP BY `id`\n               ORDER BY `name`\n               ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
        while ($USERS = mysql_fetch_object($q)) {
            $MSMAIL->addTag('{ASSIGNEE}', $MSTEAM->name);
            $MSMAIL->addTag('{NAME}', $USERS->name);
            $MSMAIL->addTag('{TICKETS}', trim(implode(mswDefineNewline(), $tickets[$USERS->id])));
            // Send mail..
            $MSMAIL->sendMSMail(array('from_email' => $MSTEAM->emailFrom ? $MSTEAM->emailFrom : $MSTEAM->email, 'from_name' => $MSTEAM->nameFrom ? $MSTEAM->nameFrom : $MSTEAM->name, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $MSTEAM->name), $emailSubjects['ticket-assign']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-ticket-assign.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2));
        }
    }
    $OK2 = true;
}
$title = $msg_adheader32;
$loadJQAlertify = true;
$loadJQNyroModal = true;
include PATH . 'templates/header.php';
include PATH . 'templates/system/tickets/tickets-assign.php';
Esempio n. 11
0
 public function deleteImapAccounts()
 {
     if (!empty($_POST['del'])) {
         mysql_query("DELETE FROM `" . DB_PREFIX . "imap` \n    WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         $rows = mysql_affected_rows();
         if (mswRowCount('imap') == 0) {
             @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "imap`");
         }
         return $rows;
     }
     return '0';
 }
Esempio n. 12
0
 public function updateTicket()
 {
     $tickID = (int) $_GET['id'];
     $deptID = (int) $_POST['dept'];
     $rows = 0;
     mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n  `lastrevision` = UNIX_TIMESTAMP(UTC_TIMESTAMP),\n  `department`   = '{$deptID}',\n  `subject`      = '" . mswSafeImportString($_POST['subject']) . "',\n  `comments`     = '" . mswSafeImportString($_POST['comments']) . "',\n  `priority`     = '" . mswSafeImportString($_POST['priority']) . "'\n  WHERE `id`     = '{$tickID}'\n  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
     $rows = $rows + mysql_affected_rows();
     // Custom field data..
     if (!empty($_POST['customField'])) {
         // Check to see if any checkboxes arrays are now blank..
         // If there are, create empty array to prevent ommission in loop..
         if (!empty($_POST['hiddenBoxes'])) {
             foreach ($_POST['hiddenBoxes'] as $hb) {
                 if (!isset($_POST['customField'][$hb])) {
                     $_POST['customField'][$hb] = array();
                 }
             }
         }
         foreach ($_POST['customField'] as $k => $v) {
             $data = '';
             // If value is array, its checkboxes..
             if (is_array($v)) {
                 if (!empty($v)) {
                     $data = implode('#####', $v);
                 }
             } else {
                 $data = $v;
             }
             $k = (int) $k;
             // If data exists, update or add entry..
             // If blank or 'nothing-selected', delete if exists..
             if ($data != '' && $data != 'nothing-selected') {
                 if (mswRowCount('ticketfields WHERE `ticketID`  = \'' . $tickID . '\' AND `fieldID` = \'' . $k . '\' AND `replyID` = \'0\'') > 0) {
                     mysql_query("UPDATE `" . DB_PREFIX . "ticketfields` SET\n          `fieldData`       = '" . mswSafeImportString($data) . "'\n          WHERE `ticketID`  = '{$tickID}'\n          AND `fieldID`     = '{$k}'\n          AND `replyID`     = '0'\n          ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
                     $rows = $rows + mysql_affected_rows();
                 } else {
                     mysql_query("INSERT INTO `" . DB_PREFIX . "ticketfields` (\n          `fieldData`,`ticketID`,`fieldID`,`replyID`\n          ) VALUES (\n          '" . mswSafeImportString($data) . "','{$tickID}','{$k}','0'\n          )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
                     $rows = $rows + mysql_affected_rows();
                 }
             } else {
                 mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields`\n        WHERE `ticketID`  = '{$tickID}'\n        AND `fieldID`     = '{$k}'\n        AND `replyID`     = '0'\n        ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
                 $rows = $rows + mysql_affected_rows();
                 if (mswRowCount('ticketfields') == 0) {
                     @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`");
                 }
             }
         }
     }
     // If department was changed, update attachments..
     if ($deptID != $_POST['odeptid']) {
         mysql_query("UPDATE `" . DB_PREFIX . "attachments` SET\n    `department`      = '{$deptID}'\n    WHERE `ticketID`  = '{$tickID}'\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Check assignment..If department has assign disabled, we need to clear assigned values from ticket..
         if (mswRowCount('departments WHERE `id` = \'' . $deptID . '\' AND `manual_assign` = \'no\'') > 0) {
             mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n      `assignedto` = ''\n      WHERE `id`   = '{$tickID}'\n      ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         }
     }
     return $rows;
 }
Esempio n. 13
0
<?php

if (!defined('PARENT')) {
    exit;
}
// Order and filter by files..
include PATH . 'templates/system/tickets/global/order-by.php';
include PATH . 'templates/system/tickets/global/filter-by.php';
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n     `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`\n\t FROM `" . DB_PREFIX . "tickets`\n\t LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority`   = `" . DB_PREFIX . "levels`.`id`\n\t  OR `" . DB_PREFIX . "tickets`.`priority`  = `" . DB_PREFIX . "levels`.`marker`\n     WHERE (`ticketStatus` != 'open' and `ticketStatus` != 'submit_report')\n     AND `isDisputed`      = 'no'\n     AND `assignedto`     != 'waiting'\n\t AND `spamFlag`        = 'no'\n     " . $filterBy . " " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n     " . $orderBy . "\n     LIMIT {$limitvalue},{$limit}\n     ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
  <script type="text/javascript">
  //<![CDATA[
  jQuery(document).ready(function() {
   jQuery('.nyroModal').nyroModal();
   <?php 
// Remove notes icon if permission denied..
if ($MSTEAM->notePadEnable == 'no' && $MSTEAM->id != '1') {
    ?>
   jQuery('.tIcons .nyroModal').each(function(){
     jQuery(this).remove();
   });
   <?php 
}
?>
  });
  //]]>
  </script>
  <div class="header">
Esempio n. 14
0
<?php

if (!defined('PARENT')) {
    exit;
}
// Check product key exists..
if ($SETTINGS->prodKey == '' || strlen($SETTINGS->prodKey) != 60) {
    $productKey = mswProdKeyGen();
    mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n  `prodKey` = '{$productKey}'\n  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    $SETTINGS->prodKey = $productKey;
}
// Update encoder version if not already..
if ($SETTINGS->encoderVersion == 'XX' && function_exists('ioncube_loader_version')) {
    mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n  `encoderVersion` = '" . ioncube_loader_version() . "'\n  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
?>
<div class="content">
        
  <div class="header">
    
	<h1 class="page-title"><?php 
echo $msg_adheader9;
?>
</h1>
	
	<span class="clearfix"></span>
	
  </div>
        
  <ul class="breadcrumb">
    <li class="active"><?php 
Esempio n. 15
0
if (!defined('TICKET_LOADER')) {
    exit;
}
?>
 
      <div id="userAssignArea">
	   <div class="block">
	    <p class="block-heading"><?php 
echo strtoupper($msg_viewticket92);
?>
</p>
	    <div class="block-body">
	    <?php 
$boomUsers = explode(',', $SUPTICK->assignedto);
$q_users = mysql_query("SELECT * FROM `" . DB_PREFIX . "users` ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($USERS = mysql_fetch_object($q_users)) {
    $checked = '';
    $toggleHideShow = "style=''";
    $class = '';
    if ($MSTEAM->id == $USERS->id) {
        $checked = 'checked';
        $toggleHideShow = "style='display:none;'";
        $class = "class='creater'";
    }
    ?>
	      <label class="checkbox" <?php 
    echo $toggleHideShow;
    ?>
 >
         <input type="checkbox" name="assigned[]" <?php 
Esempio n. 16
0
        ?>
"></i></span>
		    <a href="?p=faq-cat&amp;edit=<?php 
        echo $CAT->id;
        ?>
" title="<?php 
        echo mswSpecialChars($msg_script9);
        ?>
"><i class="icon-pencil"></i></a>
		  </td>
         </tr>
		 <?php 
        //============================
        // SUB CATEGORIES
        //============================
        $q2 = mysql_query("SELECT *, \n\t\t        (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t     WHERE (`" . DB_PREFIX . "categories`.`id` = `" . DB_PREFIX . "faqassign`.`itemID`)\n\t\t\t\t  AND `" . DB_PREFIX . "faqassign`.`desc` = 'category'\n\t\t\t\t) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "categories` \n\t\t        WHERE `subcat` = '{$CAT->id}'\n\t\t\t\t" . (defined('DISABLED_CATS') ? 'AND `enCat` = \'no\'' : '') . " \n\t\t\t\t" . $SQL . " " . $orderBy) or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
        $subCount = mysql_num_rows($q2);
        if ($subCount > 0) {
            while ($SUB = mysql_fetch_object($q2)) {
                ?>
         <tr class="en_subcat_<?php 
                echo $SUB->enCat;
                ?>
">
          <?php 
                if (USER_DEL_PRIV == 'yes') {
                    ?>
          <td style="padding-left:15px" class="subcat_<?php 
                    echo $CAT->id;
                    ?>
"><input type="checkbox" onclick="if(!this.checked){ms_uncheck('cat_<?php 
Esempio n. 17
0
    // Are we showing attachments only allocated to a question?
    if (isset($_GET['question'])) {
        $_GET['question'] = (int) $_GET['question'];
        $attachIDs = array();
        $qA = mysql_query("SELECT `itemID` FROM `" . DB_PREFIX . "faqassign`\n                        WHERE `question` = '{$_GET['question']}'\n\t\t\t\t\t\tAND `desc`       = 'attachment'\n\t\t\t\t\t\tGROUP BY `itemID`\n\t\t\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
        while ($AA = mysql_fetch_object($qA)) {
            $attachIDs[] = $AA->itemID;
        }
        if (!empty($attachIDs)) {
            $SQL = 'WHERE `id` IN(' . implode(',', $attachIDs) . ')';
        } else {
            $SQL = 'WHERE `id` IN(0)';
        }
    }
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n                (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t     WHERE (`" . DB_PREFIX . "faqassign`.`itemID` = `" . DB_PREFIX . "faqattach`.`id`)\n\t\t\t\t  AND `" . DB_PREFIX . "faqassign`.`desc`     = 'attachment'\n\t\t\t    ) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "faqattach`\n                {$SQL}\n                {$orderBy} \n\t\t\t\tLIMIT {$limitvalue},{$limit}\n\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
        
  <div class="header">
    
	<?php 
// Order By..
if (mswRowCount('faqattach') > 0) {
    $links = array(array('link' => '?p=' . $_GET['p'] . '&amp;orderby=name_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments17), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=name_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments18), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=order_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=order_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=questions_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase58), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=questions_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase57));
    echo $MSBOOTSTRAP->button($msg_script45, $links);
    // Filters..
    $links = array(array('link' => '?p=' . $_GET['p'] . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments20), array('link' => '?p=' . $_GET['p'] . '&amp;opt=disabled' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_response27), array('link' => '?p=' . $_GET['p'] . '&amp;opt=remote' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments21));
    echo $MSBOOTSTRAP->button($msg_search20, $links);
Esempio n. 18
0
        case 'tickets_desc':
            $orderBy = 'ORDER BY `tickCount` desc';
            break;
            // Least tickets..
        // Least tickets..
        case 'tickets_asc':
            $orderBy = 'ORDER BY `tickCount`';
            break;
    }
}
if (isset($_GET['keys']) && $_GET['keys']) {
    $_GET['keys'] = mswSafeImportString(strtolower($_GET['keys']));
    $SQL = (mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') ? ' AND ' : 'WHERE ') . ' LOWER(`name`) LIKE \'%' . $_GET['keys'] . '%\'';
}
echo "SELECT SQL_CALC_FOUND_ROWS *, \n               (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t    WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t   ) AS `tickCount`\n\t\t\t   FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n               {$SQL}\n               {$orderBy}\n               LIMIT {$limitvalue},{$limit}\n\t\t\t   ";
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *, \n               (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t    WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t   ) AS `tickCount`\n\t\t\t   FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n               {$SQL}\n               {$orderBy}\n               LIMIT {$limitvalue},{$limit}\n\t\t\t   ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
        
  <div class="header">
    
	<?php 
// Order By..
if (mswRowCount('departments') > 0) {
    $links = array(array('link' => '?p=' . $_GET['p'] . '&amp;orderby=name_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels21), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=name_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels22), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=order_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=order_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=man_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept26), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=man_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept27), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=vis_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept28), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=vis_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept29), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=tickets_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts11), array('link' => '?p=' . $_GET['p'] . '&amp;orderby=tickets_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts12));
    echo $MSBOOTSTRAP->button($msg_script45, $links);
    // Page filter..
    include PATH . 'templates/system/bootstrap/page-filter.php';
    ?>
Esempio n. 19
0
         $SR = mswGetTableData('responses', 'id', (int) $_GET['getResponse']);
         $json = array('response' => isset($SR->answer) ? mswCleanData($SR->answer) : '&nbsp;');
     }
     break;
     //===========================
     // Add ticket custom fields
     //===========================
 //===========================
 // Add ticket custom fields
 //===========================
 case 'add-cus-field':
     $fields = '';
     $dept = (int) $_GET['dept'];
     $area = !isset($_GET['area']) ? 'ticket' : (in_array($_GET['area'], array('ticket', 'reply', 'admin')) ? $_GET['area'] : 'ticket');
     // Custom fields..
     $qF = mysql_query("SELECT * FROM `" . DB_PREFIX . "cusfields`\n        WHERE FIND_IN_SET('{$area}',`fieldLoc`)  > 0\n        AND `enField`                            = 'yes'\n\t\tAND FIND_IN_SET('{$dept}',`departments`) > 0\n        ORDER BY `orderBy`\n        ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
     if (mysql_num_rows($qF) > 0) {
         while ($FIELDS = mysql_fetch_object($qF)) {
             switch ($FIELDS->fieldType) {
                 case 'textarea':
                     $fields .= $MSFM->buildTextArea(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex);
                     break;
                 case 'input':
                     $fields .= $MSFM->buildInputBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex);
                     break;
                 case 'select':
                     $fields .= $MSFM->buildSelect(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions, ++$tabIndex);
                     break;
                 case 'checkbox':
                     $fields .= $MSFM->buildCheckBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions);
                     break;
Esempio n. 20
0
 public function levels($level, $arr = false, $keys = false, $filter = false)
 {
     $level = strtolower($level);
     $levels = array();
     $q = mysql_query("SELECT * FROM `" . DB_PREFIX . "levels`\n            " . ($filter ? 'WHERE `display` = \'yes\'' : '') . "\n            ORDER BY `orderBy`\n            ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
     while ($L = mysql_fetch_object($q)) {
         $levels[$L->marker ? $L->marker : $L->id] = mswCleanData($L->name);
     }
     if ($keys) {
         return array_keys($levels);
     } else {
         if ($arr) {
             return $levels;
         } else {
             return isset($levels[$level]) ? $levels[$level] : $levels['low'];
         }
     }
 }
Esempio n. 21
0
      <?php 
        } else {
            ?>
      <div class="alert alert-success" id="replyArea">
	   <p class="nodata"><?php 
            echo str_replace('{url}', $url, $msg_viewticket45);
            ?>
</p>
      </div>
      <?php 
        }
    }
}
// Show ticket history..
if ($SETTINGS->ticketHistory == 'yes' && $MSTEAM->ticketHistory == 'yes') {
    $qTH = mysql_query("SELECT * FROM `" . DB_PREFIX . "tickethistory`\n             WHERE `ticketID` = '{$_GET['id']}'\n             ORDER BY `ts` DESC\n             ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    $historyRows = mysql_num_rows($qTH);
    ?>
	  <div class="block" style="margin-top:40px">
	   <p class="block-heading" id="hisblockhead">(<span id="hiscount"><?php 
    echo @number_format($historyRows);
    ?>
</span>) <?php 
    echo strtoupper($msg_viewticket110) . ' (#' . mswTicketNumber($_GET['id']);
    ?>
)<?php 
    echo $historyRows > 0 ? (USER_DEL_PRIV == 'yes' ? ' <a class="toggleFields pull-right" href="#" onclick="confirmMessageExecute(\'' . mswSpecialChars($msg_script_action) . '\',\'history\',\'0##' . $_GET['id'] . '\');return false"><i class="icon-remove"></i> ' . $msg_viewticket118 . '</a> ' : '') . '<a class="toggleFields pull-right" href="index.php?p=view-ticket&amp;exportHistory=' . $_GET['id'] . '"><i class="icon-save"></i> ' . $msg_viewticket112 . '</a>' : '';
    ?>
</p>
	   <div class="block-body" style="max-height:300px;overflow:auto" id="historyArea">
	     <?php 
     // Check if this ticket was originally opened by imap..
     // If it was, set the reply-to address as the imap address..
     // This is so any replies sent go back to the ticket..
     if ($T->source == 'imap') {
         $IMD = mswGetTableData('imap', 'im_dept', $T->department);
         if (isset($IMD->im_email) && $IMD->im_email) {
             $replyToAddr = $IMD->im_email;
         }
     }
     // Get all users in this dispute..
     $ticketDisputeUsers = $MSTICKET->disputeUsers($T->id);
     // Add original ticket starter to the mix..
     array_push($ticketDisputeUsers, $T->visitorID);
     // Send, but skip person currently logged in..
     if (!empty($ticketDisputeUsers)) {
         $qDU = mysql_query("SELECT `name`,`email`,`language` FROM `" . DB_PREFIX . "portal`\n                  WHERE `id` IN(" . implode(',', $ticketDisputeUsers) . ")\n\t\t\t\t  AND `id`   != '{$LI_ACC->id}'\n\t\t\t\t  GROUP BY `email`\n                  ORDER BY `name`\n                  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         while ($D_USR = mysql_fetch_object($qDU)) {
             $pLang = '';
             $temp = PATH . 'content/language/' . $SETTINGS->language . '/mail-templates/dispute-reply.txt';
             // Get correct language file..
             if (isset($D_USR->language) && file_exists(PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt')) {
                 $pLang = $D_USR->language;
                 $temp = PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt';
             }
             $MSMAIL->addTag('{USER}', $LI_ACC->name);
             $MSMAIL->addTag('{NAME}', $D_USR->name);
             $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $D_USR->email, 'to_name' => $D_USR->name, 'subject' => str_replace(array('{website}', '{ticket}'), array($SETTINGS->website, mswTicketNumber($T->id)), $emailSubjects['dispute-notify']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $replyToAddr ? $replyToAddr : ($SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email)), 'template' => $temp, 'language' => $pLang ? $pLang : $SETTINGS->language, 'alive' => 'yes'));
         }
     }
 }
 // Finish with message..
Esempio n. 23
0
 public function delete($t_class)
 {
     if (!empty($_POST['del'])) {
         $uIDs = implode(',', $_POST['del']);
         // Get all tickets related to the users that are going to be deleted..
         $tickets = array();
         $q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets`\n               WHERE `visitorID` IN({$uIDs})\n\t\t       ORDER BY `id`\n\t\t       ");
         while ($T = mysql_fetch_object($q)) {
             $tickets[] = $T->id;
         }
         // If there are tickets, delete all information..
         // We can use the delete operation from the ticket class..
         if (!empty($tickets)) {
             $_POST['ticket'] = $tickets;
             $t_class->deleteTickets();
         }
         // Users info..
         mysql_query("DELETE FROM `" . DB_PREFIX . "portal` \n    WHERE `id` IN({$uIDs}) \n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Delete disputes..
         mysql_query("DELETE FROM `" . DB_PREFIX . "disputes` WHERE `visitorID` IN({$uIDs})") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Log entries..
         mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n    WHERE `userID` IN({$uIDs})\n\tAND `type`      = 'acc'\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Truncate tables to start at 1..
         foreach (array('tickets', 'attachments', 'replies', 'cusfields', 'ticketfields', 'disputes', 'tickethistory', 'portal') as $tables) {
             if (mswRowCount($tables) == 0) {
                 @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`");
             }
         }
         return count($uIDs);
     }
     return '0';
 }
Esempio n. 24
0
  <?php 
// Are additional folders allowed?
if ($MSTEAM->mailFolders > 0) {
    ?>
  <li class="dropdown">
   <a class="dropdown-toggle" data-toggle="dropdown" href="#"><i class="icon-folder-open"></i> <?php 
    echo $msg_mailbox5;
    ?>
<b class="caret"></b></a>
   <ul class="dropdown-menu">
    <li><a href="?p=mailbox&amp;folders=1"><i class="icon-plus"></i> <?php 
    echo $msg_mailbox6;
    ?>
</a></li>
	<?php 
    $qF = mysql_query("SELECT `id`,`folder`\n          FROM `" . DB_PREFIX . "mailfolders`\n\t\t  WHERE `staffID` = '{$MSTEAM->id}'\n          ORDER BY `folder`\n\t\t  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    if (mysql_num_rows($qF) > 0) {
        $moveToFolders['-'] = '- - - - - - -';
    }
    while ($FOLDERS = mysql_fetch_object($qF)) {
        $moveToFolders[$FOLDERS->id] = mswCleanData($FOLDERS->folder);
        ?>
	<li><a href="?p=mailbox&amp;f=<?php 
        echo $FOLDERS->id;
        ?>
"><i class="icon-folder-close-alt"></i> <?php 
        echo mswCleanData($FOLDERS->folder);
        ?>
</a></li>
	<?php 
    }
Esempio n. 25
0
 public function updateSettings()
 {
     $_POST = mswMultiDimensionalArrayMap('mswSafeImportString', $_POST);
     // Defaults if not set..
     $_POST['attachment'] = isset($_POST['attachment']) ? 'yes' : 'no';
     $_POST['rename'] = isset($_POST['rename']) ? 'yes' : 'no';
     $_POST['weekStart'] = isset($_POST['weekStart']) && in_array($_POST['weekStart'], array('sun', 'mon')) ? $_POST['weekStart'] : 'sun';
     $_POST['enSpamSum'] = isset($_POST['enSpamSum']) && in_array($_POST['enSpamSum'], array('yes', 'no')) ? $_POST['enSpamSum'] : 'yes';
     $_POST['enableBBCode'] = isset($_POST['enableBBCode']) ? 'yes' : 'no';
     $_POST['disputes'] = isset($_POST['disputes']) ? 'yes' : 'no';
     $_POST['multiplevotes'] = isset($_POST['multiplevotes']) ? 'yes' : 'no';
     $_POST['enableVotes'] = isset($_POST['enableVotes']) ? 'yes' : 'no';
     $_POST['enCapLogin'] = isset($_POST['enCapLogin']) ? 'yes' : 'no';
     $_POST['sysstatus'] = isset($_POST['sysstatus']) ? 'yes' : 'no';
     $_POST['autoenable'] = $_POST['autoenable'] ? $this->datetime->mswDatePickerFormat($_POST['autoenable']) : '0000-00-00';
     $_POST['kbase'] = isset($_POST['kbase']) ? 'yes' : 'no';
     $_POST['scriptpath'] = systemSettings::filterInstallationPath($_POST['scriptpath']);
     $_POST['attachpath'] = systemSettings::filterInstallationPath($_POST['attachpath']);
     $_POST['attachhref'] = systemSettings::filterInstallationPath($_POST['attachhref']);
     $_POST['attachpathfaq'] = systemSettings::filterInstallationPath($_POST['attachpathfaq']);
     $_POST['attachhreffaq'] = systemSettings::filterInstallationPath($_POST['attachhreffaq']);
     $_POST['imap_param'] = $_POST['imap_param'] ? $_POST['imap_param'] : 'pipe';
     $_POST['renamefaq'] = isset($_POST['renamefaq']) ? 'yes' : 'no';
     $_POST['smtp_debug'] = isset($_POST['smtp_debug']) ? 'yes' : 'no';
     $_POST['createPref'] = isset($_POST['createPref']) ? 'yes' : 'no';
     $_POST['createAcc'] = isset($_POST['createAcc']) ? 'yes' : 'no';
     $_POST['ticketHistory'] = isset($_POST['ticketHistory']) ? 'yes' : 'no';
     $_POST['closenotify'] = isset($_POST['closenotify']) ? 'yes' : 'no';
     $_POST['accProfNotify'] = isset($_POST['accProfNotify']) ? 'yes' : 'no';
     $_POST['newAccNotify'] = isset($_POST['newAccNotify']) ? 'yes' : 'no';
     $_POST['enableLog'] = isset($_POST['enableLog']) ? 'yes' : 'no';
     $_POST['enableMail'] = isset($_POST['enableMail']) ? 'yes' : 'no';
     $_POST['imap_debug'] = isset($_POST['imap_debug']) ? 'yes' : 'no';
     $_POST['apiLog'] = isset($_POST['apiLog']) ? 'yes' : 'no';
     $_POST['disputeAdminStop'] = isset($_POST['disputeAdminStop']) ? 'yes' : 'no';
     // Enforce digits..
     $_POST['maxsize'] = (int) $_POST['maxsize'] > 0 ? $_POST['maxsize'] : '0';
     $_POST['popquestions'] = (int) $_POST['popquestions'] > 0 ? $_POST['popquestions'] : '10';
     $_POST['quePerPage'] = (int) $_POST['quePerPage'] > 0 ? $_POST['quePerPage'] : '10';
     $_POST['cookiedays'] = (int) $_POST['cookiedays'] > 0 ? $_POST['cookiedays'] : '60';
     $_POST['attachboxes'] = (int) $_POST['attachboxes'] > 0 ? $_POST['attachboxes'] : '1';
     $_POST['autoClose'] = (int) $_POST['autoClose'] > 0 ? $_POST['autoClose'] : '0';
     $_POST['smtp_port'] = (int) $_POST['smtp_port'] > 0 ? $_POST['smtp_port'] : '25';
     $_POST['loginLimit'] = (int) $_POST['loginLimit'] > 0 ? $_POST['loginLimit'] : '0';
     $_POST['banTime'] = (int) $_POST['banTime'] > 0 ? $_POST['banTime'] : '25';
     $_POST['minPassValue'] = (int) $_POST['minPassValue'] > 0 ? $_POST['minPassValue'] : '8';
     $_POST['minTickDigits'] = (int) $_POST['minTickDigits'] > 0 ? $_POST['minTickDigits'] : '5';
     $_POST['imap_timeout'] = (int) $_POST['imap_timeout'] > 0 ? $_POST['imap_timeout'] : '0';
     $_POST['imap_memory'] = (int) $_POST['imap_memory'] > 0 ? $_POST['imap_memory'] : '0';
     // Restrictions..
     if (LICENCE_VER == 'locked') {
         $_POST['attachboxes'] = RESTR_ATTACH;
         $_POST['adminFooter'] = 'To add your own footer code, click &quot;Settings &amp; Tools > Other Options > Edit Footers&quot;';
         $_POST['publicFooter'] = 'To add your own footer code, click &quot;Settings &amp; Tools > Other Options > Edit Footers&quot;';
     }
     // Serialized data..
     $langSets = !empty($_POST['templateSet']) ? serialize($_POST['templateSet']) : '';
     if ($_POST['defKeepLogs']['user'] == '') {
         $_POST['defKeepLogs']['user'] = '******';
     }
     if ($_POST['defKeepLogs']['acc'] == '') {
         $_POST['defKeepLogs']['acc'] = '0';
     }
     $defLog = !empty($_POST['defKeepLogs']) ? serialize($_POST['defKeepLogs']) : '';
     $handlers = !empty($_POST['apiHandlers']) ? implode(',', $_POST['apiHandlers']) : '';
     mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n  `website`              = '{$_POST['website']}',\n  `email`                = '{$_POST['email']}',\n  `replyto`              = '{$_POST['replyto']}',\n  `scriptpath`           = '{$_POST['scriptpath']}',\n  `attachpath`           = '{$_POST['attachpath']}',\n  `attachhref`           = '{$_POST['attachhref']}',\n  `attachpathfaq`        = '{$_POST['attachpathfaq']}',\n  `attachhreffaq`        = '{$_POST['attachhreffaq']}',\n  `language`             = '{$_POST['language']}',\n  `langSets`             = '" . mswSafeImportString($langSets) . "',\n  `dateformat`           = '{$_POST['dateformat']}',\n  `timeformat`           = '{$_POST['timeformat']}',\n  `timezone`             = '{$_POST['timezone']}',\n  `weekStart`            = '{$_POST['weekStart']}',\n  `jsDateFormat`         = '{$_POST['jsDateFormat']}',\n  `kbase`                = '{$_POST['kbase']}',\n  `enableVotes`          = '{$_POST['enableVotes']}',\n  `multiplevotes`        = '{$_POST['multiplevotes']}',\n  `popquestions`         = '{$_POST['popquestions']}',\n  `quePerPage`           = '{$_POST['quePerPage']}',\n  `cookiedays`           = '{$_POST['cookiedays']}',\n  `renamefaq`            = '{$_POST['renamefaq']}',\n  `attachment`           = '{$_POST['attachment']}',\n  `rename`               = '{$_POST['rename']}',\n  `attachboxes`          = '{$_POST['attachboxes']}',\n  `filetypes`            = '{$_POST['filetypes']}',\n  `maxsize`              = '{$_POST['maxsize']}',\n  `enableBBCode`         = '{$_POST['enableBBCode']}',\n  `afolder`              = '{$_POST['afolder']}',\n  `autoClose`            = '{$_POST['autoClose']}',\n  `smtp_host`            = '{$_POST['smtp_host']}',\n  `smtp_user`            = '{$_POST['smtp_user']}',\n  `smtp_pass`            = '{$_POST['smtp_pass']}',\n  `smtp_port`            = '{$_POST['smtp_port']}',\n  `smtp_security`        = '{$_POST['smtp_security']}',\n  `smtp_debug`           = '{$_POST['smtp_debug']}',\n  `adminFooter`          = '{$_POST['adminFooter']}',\n  `publicFooter`         = '{$_POST['publicFooter']}',\n  `apiKey`               = '{$_POST['apiKey']}',\n  `apiLog`               = '{$_POST['apiLog']}',\n  `apiHandlers`          = '{$handlers}',\n  `recaptchaPrivateKey`  = '{$_POST['recaptchaPrivateKey']}',\n  `recaptchaPublicKey`   = '{$_POST['recaptchaPublicKey']}',\n  `enCapLogin`           = '{$_POST['enCapLogin']}',\n  `sysstatus`            = '{$_POST['sysstatus']}',\n  `autoenable`           = '{$_POST['autoenable']}',\n  `disputes`             = '{$_POST['disputes']}',\n  `offlineReason`        = '{$_POST['offlineReason']}',\n  `createPref`           = '{$_POST['createPref']}',\n  `createAcc`            = '{$_POST['createAcc']}',\n  `loginLimit`           = '{$_POST['loginLimit']}',\n  `banTime`              = '{$_POST['banTime']}',\n  `ticketHistory`        = '{$_POST['ticketHistory']}',\n  `closenotify`          = '{$_POST['closenotify']}',\n  `accProfNotify`        = '{$_POST['accProfNotify']}',\n  `minPassValue`         = '{$_POST['minPassValue']}',\n  `newAccNotify`         = '{$_POST['newAccNotify']}',\n  `recaptchaLang`        = '{$_POST['recaptchaLang']}',\n  `recaptchaTheme`       = '{$_POST['recaptchaTheme']}',\n  `enableLog`            = '{$_POST['enableLog']}',\n  `defKeepLogs`          = '" . mswSafeImportString($defLog) . "',\n  `minTickDigits`        = '{$_POST['minTickDigits']}',\n  `enableMail`           = '{$_POST['enableMail']}',\n  `imap_debug`           = '{$_POST['imap_debug']}',\n  `imap_param`           = '{$_POST['imap_param']}',\n  `imap_memory`          = '{$_POST['imap_memory']}',\n  `imap_timeout`         = '{$_POST['imap_timeout']}',\n  `disputeAdminStop`     = '{$_POST['disputeAdminStop']}'\n  WHERE `id`             = '1'\n  ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
 }
Esempio n. 26
0
<?php

if (!defined('PARENT') || !isset($toLoad)) {
    exit;
}
$orderBy = 'ORDER BY `' . DB_PREFIX . 'mailbox`.`ts` DESC';
$keys = isset($_GET['keys']) ? $_GET['keys'] : '';
$searchSQL = '';
// Are we searching?
if ($keys) {
    $searchSQL = 'AND (`' . DB_PREFIX . 'mailbox`.`subject` LIKE \'%' . mswSafeImportString($keys) . '%\' OR `' . DB_PREFIX . 'mailbox`.`message` LIKE \'%' . mswSafeImportString($keys) . '%\')';
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n     `" . DB_PREFIX . "mailbox`.`staffID` AS `starter`,\n\t `" . DB_PREFIX . "mailbox`.`ts` AS `mailStamp`,\n\t `" . DB_PREFIX . "mailassoc`.`mailID` AS `messageID`\n\t FROM `" . DB_PREFIX . "mailassoc`\n\t LEFT JOIN `" . DB_PREFIX . "mailbox`\n\t ON `" . DB_PREFIX . "mailassoc`.`mailID`   = `" . DB_PREFIX . "mailbox`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "users`\n\t ON `" . DB_PREFIX . "users`.`id`           = `" . DB_PREFIX . "mailbox`.`staffID`\n\t WHERE `folder`                         = '{$toLoad}' \n     AND `" . DB_PREFIX . "mailassoc`.`staffID` = '{$MSTEAM->id}'\n\t " . ($searchSQL ? $searchSQL . mswDefineNewline() . 'GROUP BY `' . DB_PREFIX . 'mailassoc`.`mailID`' : '') . "\n\t " . $orderBy . "\n     LIMIT {$limitvalue},{$limit}\n     ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
?>
<div class="content">
        
  <div class="header">
    
	<button class="btn search-bar-button" type="button" onclick="mswToggle('b1','b2','keys','mailbox')"><i class="icon-search" id="search-icon-button"></i></button>
	<h1 class="page-title"><?php 
echo $msg_adheader61;
?>
 (<?php 
echo $boxName;
?>
)</h1>
	
	<span class="clearfix"></span>
	
Esempio n. 27
0
		
		</div>
	   </div>
	   <div class="tab-pane fade" id="two">
	    <div class="well">
		 
		 <label class="checkbox">
		  <input type="checkbox" value="0" onclick="checkBoxes(this.checked,'#cb')"> <?php 
echo $msg_response6;
?>
         </label>
		 
		 <div id="cb">
		 <?php 
// If global log in no filter necessary..
$q_dept = mysql_query("SELECT * FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
while ($DEPT = mysql_fetch_object($q_dept)) {
    ?>
         <label class="checkbox">
		  <input type="checkbox" name="dept[]"<?php 
    echo isset($deptArr) && in_array($DEPT->id, $deptArr) ? ' checked="checked" ' : ' ';
    ?>
value="<?php 
    echo $DEPT->id;
    ?>
"> <?php 
    echo mswSpecialChars($DEPT->name);
    ?>
         </label>
		 <input type="hidden" name="deptall[]" value="<?php 
    echo $DEPT->id;
Esempio n. 28
0
    }
    ?>
        </div>
       </div>
	  </div>
	  
	  <div class="row-fluid">
       <div class="block" style="padding:0;margin:0;margin-top:10px">
	    <p class="block-heading uppercase"><i class="icon-chevron-right"></i> <?php 
    echo $msg_home40;
    ?>
</p>
        <div class="block-body">
		 <?php 
    $lp = 0;
    $qT4 = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n                `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t            `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t            `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t            `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t            `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t            (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t             WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t            ) AS `disputeCount`\n\t            FROM `" . DB_PREFIX . "tickets` \n                LEFT JOIN `" . DB_PREFIX . "departments`\n\t            ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t            LEFT JOIN `" . DB_PREFIX . "portal`\n\t            ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t            LEFT JOIN `" . DB_PREFIX . "levels`\n\t            ON `" . DB_PREFIX . "tickets`.`priority`   = `" . DB_PREFIX . "levels`.`id`\n\t             OR `" . DB_PREFIX . "tickets`.`priority`  = `" . DB_PREFIX . "levels`.`marker`\n                WHERE `ticketStatus` = 'open'\n\t            AND `replyStatus`   IN('visitor') \n                AND `isDisputed`     = 'yes'\n                AND `assignedto`    != 'waiting'\n\t            AND `spamFlag`       = 'no'\n                " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n                ORDER BY `" . DB_PREFIX . "tickets`.`id` DESC\n                ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    $T4Rows = mysql_num_rows($qT4);
    if ($T4Rows > 0) {
        while ($TICKETS = mysql_fetch_object($qT4)) {
            $date = '';
            ?>
          <div class="row-fluid homeTicketWrapper<?php 
            echo ++$lp == $T4Rows ? ' nobottomborder' : '';
            ?>
">
           <a href="?p=view-dispute&amp;id=<?php 
            echo $TICKETS->ticketID;
            ?>
">
		   <?php 
            echo $cutOff > 0 && strlen($TICKETS->subject) > $cutOff ? substr(mswSpecialChars($TICKETS->subject), 0, $cutOff - 2) . '..' : mswSpecialChars($TICKETS->subject);
Esempio n. 29
0
    $SQL = 'AND (LOWER(`' . DB_PREFIX . 'tickets`.`subject`) LIKE \'%' . $_GET['keys'] . '%\' OR LOWER(`' . DB_PREFIX . 'tickets`.`comments`) LIKE \'%' . $_GET['keys'] . '%\')';
}
// Disputes..
if ($SETTINGS->disputes == 'yes' && isset($_GET['disputes'])) {
    // Disputes in other tickets..
    $qD = mysql_query("SELECT `ticketID` FROM `" . DB_PREFIX . "disputes` \n        WHERE `visitorID` = '{$ACC->id}'\n\t    GROUP BY `ticketID`\n\t    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    while ($DP = mysql_fetch_object($qD)) {
        $dis[] = $DP->ticketID;
    }
    // Disputes from started tickets..
    $qD2 = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets` \n         WHERE `visitorID` = '{$ACC->id}'\n\t\t AND `isDisputed`  = 'yes'\n\t\t AND `spamFlag`    = 'no'\n\t     ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
    while ($DP2 = mysql_fetch_object($qD2)) {
        $dis[] = $DP2->id;
    }
}
$q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n     `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t  WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t ) AS `disputeCount`\n\t FROM `" . DB_PREFIX . "tickets` \n     LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID`  = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority`   = `" . DB_PREFIX . "levels`.`id`\n\t  OR `" . DB_PREFIX . "tickets`.`priority`  = `" . DB_PREFIX . "levels`.`marker`\n     " . (empty($dis) ? 'WHERE `' . DB_PREFIX . 'portal`.`email` = \'' . $ACC->email . '\'' : '') . "\n\t " . (!empty($dis) ? 'WHERE `' . DB_PREFIX . 'tickets`.`id` IN(' . implode(',', $dis) . ')' : '') . "\n\t {$SQL}\n\t AND `spamFlag` = 'no'\n     " . $filterBy . mswSQLDepartmentFilter($ticketFilterAccess) . "\n     " . $orderBy . "\n     LIMIT {$limitvalue},{$limit}\n     ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`"));
$countedRows = isset($c->rows) ? $c->rows : '0';
$searchBoxUrl = 'acchistory&id=' . $_GET['id'] . (isset($_GET['disputes']) ? '&disputes=yes' : '');
?>
<div class="content">
  <script type="text/javascript">
  //<![CDATA[
  function mswHisToggle() {
    if (jQuery('#b2').css('display')=='none') {
	  jQuery('#topfluid').css('margin-top','0');
	  jQuery('#b2').show();
	  jQuery('input[name="keys"]').focus();
	  jQuery('#search-icon-button').attr('class','icon-remove');
	} else {
	  jQuery('#topfluid').css('margin-top','20px');
Esempio n. 30
0
 public function delete()
 {
     if (!empty($_POST['del'])) {
         $uID = implode(',', $_POST['del']);
         // Users info..
         mysql_query("DELETE FROM `" . DB_PREFIX . "users` \n    WHERE `id` IN({$uID}) \n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         $rows = mysql_affected_rows();
         // Departments assigned..
         mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n    WHERE `userID` IN({$uID})\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Access assigned..
         mysql_query("DELETE FROM `" . DB_PREFIX . "usersaccess`\n    WHERE `userID` IN({$uID})\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Log entries..
         mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n    WHERE `userID` IN({$uID})\n\tAND `type`      = 'user'\n    ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
         // Truncate tables to start at 1..
         foreach (array('users', 'userdepts', 'usersaccess', 'log') as $tables) {
             if (mswRowCount($tables) == 0) {
                 @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`");
             }
         }
         return $rows;
     }
 }