public function delete() { if (!empty($_POST['del'])) { // Nuke departments.. mysql_query("DELETE FROM `" . DB_PREFIX . "departments`\n WHERE `id` IN(" . implode(',', $_POST['del']) . ")\n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = mysql_affected_rows(); // Nuke user department association.. mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n WHERE `deptID` IN(" . implode(',', $_POST['del']) . ")\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mswRowCount('departments') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "departments`"); } if (mswRowCount('userdepts') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "userdepts`"); } // Rebuild order sequence.. $seq = 0; $q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "departments` ORDER BY `orderBy`"); while ($RB = mysql_fetch_object($q)) { $n = ++$seq; mysql_query("UPDATE `" . DB_PREFIX . "departments` SET\n\t `orderBy` = '{$n}'\n WHERE `id` = '{$RB->id}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } return $rows; } return '0'; }
public function deleteCustomFields() { if (!empty($_POST['del'])) { mysql_query("DELETE FROM `" . DB_PREFIX . "cusfields` \n WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = mysql_affected_rows(); mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields` \n WHERE `fieldID` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mswRowCount('cusfields') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "cusfields`"); } if (mswRowCount('ticketfields') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`"); } // Rebuild sequence.. fields::rebuildSequence(); return $rows; } return '0'; }
function dbConnectorTest($test = false) { $connect = @mysql_connect(DB_HOST, DB_USER, DB_PASS); if (!$connect) { if ($test) { return 'Connection Failed - Check Connection Parameters'; } mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__); } if ($connect && !mysql_select_db(DB_NAME, $connect)) { if ($test) { return 'Connection Failed - Check Connection Parameters'; } mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__); } if ($test) { return 'Connection Successful'; } }
public function faqAttachment($id, $s, $admin = false) { $q = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "faqattach`\n WHERE `id` = '{$id}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $F = mysql_fetch_object($q); if (isset($F->id)) { $base = $s->attachpathfaq . '/'; // Remote or not.. if ($F->remote) { header("Location: " . $F->remote); exit; } else { if (file_exists($base . $F->path)) { $m = msDownload::mime($base . $F->path, $F->mimeType); msDownload::dl($base . $F->path, $m, 'no'); } else { $H = new htmlHeaders(); $H->err404($admin); } } } else { $H = new htmlHeaders(); $H->err403($admin); } }
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/ if (!defined('PARENT')) { $HEADERS->err403(true); } // Permissions.. if (!defined('PASS_RESET')) { $HEADERS->err403(true, 'This page cannot be accessed.<br>Refer to the <a href="../docs/reset.html" onclick="window.open(this);return false">documentation</a> on how to access the reset page'); } // Update.. if (isset($_POST['process'])) { $ret = $MSUSERS->reset(); if (isset($_POST['email']) && !empty($ret)) { // Load mail params include REL_PATH . 'control/mail-data.php'; for ($i = 0; $i < count($ret); $i++) { $q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n WHERE `id` = '{$ret[$i]['id']}'\n\t\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($USERS = mysql_fetch_object($q)) { $MSMAIL->addTag('{NAME}', $USERS->name); $MSMAIL->addTag('{EMAIL}', $USERS->email); $MSMAIL->addTag('{PASS}', $ret[$i]['pass']); // Send mail.. $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $USERS->name), $emailSubjects['reset']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-pass-reset.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2)); } } } $OK = true; } $title = $msg_adheader36; $loadJQAlertify = true; if (file_exists(PATH . 'templates/reset.php')) { define('RESET_LOADER', 1);
$chop = explode(' ', $_GET['q']); $words = ''; for ($i = 0; $i < count($chop); $i++) { $words .= ($i ? 'OR ' : 'WHERE (') . "`" . DB_PREFIX . "portal`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' OR `" . DB_PREFIX . "users`.`name` LIKE '%" . mswSafeImportString($chop[$i]) . "%' "; } if ($words) { $where[] = $words . ')'; } } if ($type) { $where[] = (!empty($where) ? 'AND ' : 'WHERE ') . '`type` = \'' . $type . '\''; } if ($from && $to) { $where[] = (!empty($where) ? 'AND ' : 'WHERE ') . 'DATE(FROM_UNIXTIME(`' . DB_PREFIX . 'log`.`ts`)) BETWEEN \'' . $MSDT->mswDatePickerFormat($from) . '\' AND \'' . $MSDT->mswDatePickerFormat($to) . '\''; } $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "log`.`ts` AS `lts`,\n\t\t\t `" . DB_PREFIX . "log`.`id` AS `logID`,\n\t\t\t `" . DB_PREFIX . "log`.`userID` AS `personID`,\n\t\t\t `" . DB_PREFIX . "log`.`ip` AS `entryLogIP`,\n\t\t\t `" . DB_PREFIX . "portal`.`name` AS `portalName`,\n\t\t\t `" . DB_PREFIX . "users`.`name` AS `userName`\n\t\t\t FROM `" . DB_PREFIX . "log`\n LEFT JOIN `" . DB_PREFIX . "users`\n ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "users`.`id` \n\t\t\t LEFT JOIN `" . DB_PREFIX . "portal`\n ON `" . DB_PREFIX . "log`.`userID` = `" . DB_PREFIX . "portal`.`id` \n\t\t\t " . (!empty($where) ? implode(mswDefineNewline(), $where) : '') . "\n ORDER BY `" . DB_PREFIX . "log`.`id` DESC\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; $actualRows = mswRowCount('log'); // Export url.. $url = 'index.php?p=log&export=yes' . mswQueryParams(array('p', 'export')); ?> <div class="content"> <script type="text/javascript"> //<![CDATA[ <?php include PATH . 'templates/date-pickers.php'; ?> function searchToggle() { jQuery('#b1').toggle(); if (jQuery('#b1').css('display')!='none') {
function mswFaqCategories($id, $action = 'show') { $cat = array(); $catID = array(); $q = mysql_query("SELECT `" . DB_PREFIX . "categories`.`name`,`" . DB_PREFIX . "categories`.`id` AS `catID` FROM `" . DB_PREFIX . "categories`\n LEFT JOIN `" . DB_PREFIX . "faqassign`\n\t ON `" . DB_PREFIX . "faqassign`.`itemID` = `" . DB_PREFIX . "categories`.`id`\n WHERE `" . DB_PREFIX . "faqassign`.`desc` = 'category'\n\t AND `" . DB_PREFIX . "faqassign`.`question` = '{$id}'\n ORDER BY `" . DB_PREFIX . "categories`.`name`\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($CT = mysql_fetch_object($q)) { $cat[] = mswCleanData($CT->name); $catID[] = $CT->catID; } // We just want IDs if action is get.. if ($action == 'get') { return $catID; } return !empty($cat) ? implode(', ', $cat) : ''; }
<?php if (!defined('TICKET_LOADER')) { exit; } $aTickID = (int) $aTickID; $aTickReply = (int) $aTickReply; $qA = mysql_query("SELECT *,DATE(FROM_UNIXTIME(`ts`)) AS `addDate` FROM `" . DB_PREFIX . "attachments`\n WHERE `ticketID` = '{$aTickID}' AND `replyID` = '{$aTickReply}'\n ORDER BY `fileName`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mysql_num_rows($qA) > 0) { ?> <div id="attachments_<?php echo $aTickID; ?> _<?php echo $aTickReply; ?> " class="block" style="display:none"> <table class="table table-striped table-hover"> <thead> <tr class="attachmentTRBG"> <?php if (USER_DEL_PRIV == 'yes') { ?> <th style="width:5%"> <input onclick="selectAll('attachments_<?php echo $aTickID; ?> _<?php echo $aTickReply; ?>
" maxlength="250" value="<?php echo isset($EDIT->summary) ? mswSpecialChars($EDIT->summary) : ''; ?> "> <label><?php echo $msg_kbase38; ?> </label> <select name="subcat"> <option value="0"><?php echo $msg_kbase36; ?> </option> <?php $q_cat = mysql_query("SELECT * FROM `" . DB_PREFIX . "categories` WHERE `subcat` = '0' ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mysql_num_rows($q_cat) > 0) { ?> <optgroup label="<?php echo mswSpecialChars($msg_kbase37); ?> "> <?php while ($CAT = mysql_fetch_object($q_cat)) { ?> <option<?php echo isset($EDIT->id) ? mswSelectedItem($EDIT->subcat, $CAT->id) : ''; ?> value="<?php echo $CAT->id; ?>
if (!empty($_POST['users'][$ID])) { // Ticket information.. $SUPTICK = mswGetTableData('tickets', 'id', $ID); // Array of ticket subjects assigned to users.. foreach ($_POST['users'][$ID] as $userID) { $tickets[$userID][] = str_replace(array('{id}', '{subject}'), array(mswTicketNumber($ID), $SUPTICK->subject), $msg_assign7); $userNotify[] = $userID; } // Update ticket.. $MSTICKET->ticketUserAssign($ID, implode(',', $_POST['users'][$ID]), $msg_ticket_history['assign']); } } } // Email users.. if (!empty($userNotify) && !empty($tickets) && isset($_POST['mail'])) { $q = mysql_query("SELECT `id`,`name`,`email`,`email2` FROM `" . DB_PREFIX . "users`\n WHERE `id` IN(" . implode(',', $userNotify) . ")\n\t\t\t GROUP BY `id`\n ORDER BY `name`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($USERS = mysql_fetch_object($q)) { $MSMAIL->addTag('{ASSIGNEE}', $MSTEAM->name); $MSMAIL->addTag('{NAME}', $USERS->name); $MSMAIL->addTag('{TICKETS}', trim(implode(mswDefineNewline(), $tickets[$USERS->id]))); // Send mail.. $MSMAIL->sendMSMail(array('from_email' => $MSTEAM->emailFrom ? $MSTEAM->emailFrom : $MSTEAM->email, 'from_name' => $MSTEAM->nameFrom ? $MSTEAM->nameFrom : $MSTEAM->name, 'to_email' => $USERS->email, 'to_name' => $USERS->name, 'subject' => str_replace(array('{website}', '{user}'), array($SETTINGS->website, $MSTEAM->name), $emailSubjects['ticket-assign']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => LANG_PATH . 'admin-ticket-assign.txt', 'language' => $SETTINGS->language, 'alive' => 'yes', 'add-emails' => $USERS->email2)); } } $OK2 = true; } $title = $msg_adheader32; $loadJQAlertify = true; $loadJQNyroModal = true; include PATH . 'templates/header.php'; include PATH . 'templates/system/tickets/tickets-assign.php';
public function deleteImapAccounts() { if (!empty($_POST['del'])) { mysql_query("DELETE FROM `" . DB_PREFIX . "imap` \n WHERE `id` IN(" . implode(',', $_POST['del']) . ") \n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = mysql_affected_rows(); if (mswRowCount('imap') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "imap`"); } return $rows; } return '0'; }
public function updateTicket() { $tickID = (int) $_GET['id']; $deptID = (int) $_POST['dept']; $rows = 0; mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `lastrevision` = UNIX_TIMESTAMP(UTC_TIMESTAMP),\n `department` = '{$deptID}',\n `subject` = '" . mswSafeImportString($_POST['subject']) . "',\n `comments` = '" . mswSafeImportString($_POST['comments']) . "',\n `priority` = '" . mswSafeImportString($_POST['priority']) . "'\n WHERE `id` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = $rows + mysql_affected_rows(); // Custom field data.. if (!empty($_POST['customField'])) { // Check to see if any checkboxes arrays are now blank.. // If there are, create empty array to prevent ommission in loop.. if (!empty($_POST['hiddenBoxes'])) { foreach ($_POST['hiddenBoxes'] as $hb) { if (!isset($_POST['customField'][$hb])) { $_POST['customField'][$hb] = array(); } } } foreach ($_POST['customField'] as $k => $v) { $data = ''; // If value is array, its checkboxes.. if (is_array($v)) { if (!empty($v)) { $data = implode('#####', $v); } } else { $data = $v; } $k = (int) $k; // If data exists, update or add entry.. // If blank or 'nothing-selected', delete if exists.. if ($data != '' && $data != 'nothing-selected') { if (mswRowCount('ticketfields WHERE `ticketID` = \'' . $tickID . '\' AND `fieldID` = \'' . $k . '\' AND `replyID` = \'0\'') > 0) { mysql_query("UPDATE `" . DB_PREFIX . "ticketfields` SET\n `fieldData` = '" . mswSafeImportString($data) . "'\n WHERE `ticketID` = '{$tickID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '0'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = $rows + mysql_affected_rows(); } else { mysql_query("INSERT INTO `" . DB_PREFIX . "ticketfields` (\n `fieldData`,`ticketID`,`fieldID`,`replyID`\n ) VALUES (\n '" . mswSafeImportString($data) . "','{$tickID}','{$k}','0'\n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = $rows + mysql_affected_rows(); } } else { mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields`\n WHERE `ticketID` = '{$tickID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '0'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = $rows + mysql_affected_rows(); if (mswRowCount('ticketfields') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`"); } } } } // If department was changed, update attachments.. if ($deptID != $_POST['odeptid']) { mysql_query("UPDATE `" . DB_PREFIX . "attachments` SET\n `department` = '{$deptID}'\n WHERE `ticketID` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Check assignment..If department has assign disabled, we need to clear assigned values from ticket.. if (mswRowCount('departments WHERE `id` = \'' . $deptID . '\' AND `manual_assign` = \'no\'') > 0) { mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `assignedto` = ''\n WHERE `id` = '{$tickID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } } return $rows; }
<?php if (!defined('PARENT')) { exit; } // Order and filter by files.. include PATH . 'templates/system/tickets/global/order-by.php'; include PATH . 'templates/system/tickets/global/filter-by.php'; $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`\n\t FROM `" . DB_PREFIX . "tickets`\n\t LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n WHERE (`ticketStatus` != 'open' and `ticketStatus` != 'submit_report')\n AND `isDisputed` = 'no'\n AND `assignedto` != 'waiting'\n\t AND `spamFlag` = 'no'\n " . $filterBy . " " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; ?> <div class="content"> <script type="text/javascript"> //<![CDATA[ jQuery(document).ready(function() { jQuery('.nyroModal').nyroModal(); <?php // Remove notes icon if permission denied.. if ($MSTEAM->notePadEnable == 'no' && $MSTEAM->id != '1') { ?> jQuery('.tIcons .nyroModal').each(function(){ jQuery(this).remove(); }); <?php } ?> }); //]]> </script> <div class="header">
<?php if (!defined('PARENT')) { exit; } // Check product key exists.. if ($SETTINGS->prodKey == '' || strlen($SETTINGS->prodKey) != 60) { $productKey = mswProdKeyGen(); mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `prodKey` = '{$productKey}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $SETTINGS->prodKey = $productKey; } // Update encoder version if not already.. if ($SETTINGS->encoderVersion == 'XX' && function_exists('ioncube_loader_version')) { mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `encoderVersion` = '" . ioncube_loader_version() . "'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } ?> <div class="content"> <div class="header"> <h1 class="page-title"><?php echo $msg_adheader9; ?> </h1> <span class="clearfix"></span> </div> <ul class="breadcrumb"> <li class="active"><?php
if (!defined('TICKET_LOADER')) { exit; } ?> <div id="userAssignArea"> <div class="block"> <p class="block-heading"><?php echo strtoupper($msg_viewticket92); ?> </p> <div class="block-body"> <?php $boomUsers = explode(',', $SUPTICK->assignedto); $q_users = mysql_query("SELECT * FROM `" . DB_PREFIX . "users` ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($USERS = mysql_fetch_object($q_users)) { $checked = ''; $toggleHideShow = "style=''"; $class = ''; if ($MSTEAM->id == $USERS->id) { $checked = 'checked'; $toggleHideShow = "style='display:none;'"; $class = "class='creater'"; } ?> <label class="checkbox" <?php echo $toggleHideShow; ?> > <input type="checkbox" name="assigned[]" <?php
?> "></i></span> <a href="?p=faq-cat&edit=<?php echo $CAT->id; ?> " title="<?php echo mswSpecialChars($msg_script9); ?> "><i class="icon-pencil"></i></a> </td> </tr> <?php //============================ // SUB CATEGORIES //============================ $q2 = mysql_query("SELECT *, \n\t\t (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t WHERE (`" . DB_PREFIX . "categories`.`id` = `" . DB_PREFIX . "faqassign`.`itemID`)\n\t\t\t\t AND `" . DB_PREFIX . "faqassign`.`desc` = 'category'\n\t\t\t\t) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "categories` \n\t\t WHERE `subcat` = '{$CAT->id}'\n\t\t\t\t" . (defined('DISABLED_CATS') ? 'AND `enCat` = \'no\'' : '') . " \n\t\t\t\t" . $SQL . " " . $orderBy) or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $subCount = mysql_num_rows($q2); if ($subCount > 0) { while ($SUB = mysql_fetch_object($q2)) { ?> <tr class="en_subcat_<?php echo $SUB->enCat; ?> "> <?php if (USER_DEL_PRIV == 'yes') { ?> <td style="padding-left:15px" class="subcat_<?php echo $CAT->id; ?> "><input type="checkbox" onclick="if(!this.checked){ms_uncheck('cat_<?php
// Are we showing attachments only allocated to a question? if (isset($_GET['question'])) { $_GET['question'] = (int) $_GET['question']; $attachIDs = array(); $qA = mysql_query("SELECT `itemID` FROM `" . DB_PREFIX . "faqassign`\n WHERE `question` = '{$_GET['question']}'\n\t\t\t\t\t\tAND `desc` = 'attachment'\n\t\t\t\t\t\tGROUP BY `itemID`\n\t\t\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($AA = mysql_fetch_object($qA)) { $attachIDs[] = $AA->itemID; } if (!empty($attachIDs)) { $SQL = 'WHERE `id` IN(' . implode(',', $attachIDs) . ')'; } else { $SQL = 'WHERE `id` IN(0)'; } } } $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n (SELECT count(*) FROM `" . DB_PREFIX . "faqassign` \n\t\t\t WHERE (`" . DB_PREFIX . "faqassign`.`itemID` = `" . DB_PREFIX . "faqattach`.`id`)\n\t\t\t\t AND `" . DB_PREFIX . "faqassign`.`desc` = 'attachment'\n\t\t\t ) AS `queCount`\n\t\t\t\tFROM `" . DB_PREFIX . "faqattach`\n {$SQL}\n {$orderBy} \n\t\t\t\tLIMIT {$limitvalue},{$limit}\n\t\t\t\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; ?> <div class="content"> <div class="header"> <?php // Order By.. if (mswRowCount('faqattach') > 0) { $links = array(array('link' => '?p=' . $_GET['p'] . '&orderby=name_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments17), array('link' => '?p=' . $_GET['p'] . '&orderby=name_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_attachments18), array('link' => '?p=' . $_GET['p'] . '&orderby=order_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&orderby=order_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&orderby=questions_desc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase58), array('link' => '?p=' . $_GET['p'] . '&orderby=questions_asc' . mswQueryParams(array('p', 'orderby', 'next')), 'name' => $msg_kbase57)); echo $MSBOOTSTRAP->button($msg_script45, $links); // Filters.. $links = array(array('link' => '?p=' . $_GET['p'] . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments20), array('link' => '?p=' . $_GET['p'] . '&opt=disabled' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_response27), array('link' => '?p=' . $_GET['p'] . '&opt=remote' . mswQueryParams(array('p', 'opt', 'next')), 'name' => $msg_attachments21)); echo $MSBOOTSTRAP->button($msg_search20, $links);
case 'tickets_desc': $orderBy = 'ORDER BY `tickCount` desc'; break; // Least tickets.. // Least tickets.. case 'tickets_asc': $orderBy = 'ORDER BY `tickCount`'; break; } } if (isset($_GET['keys']) && $_GET['keys']) { $_GET['keys'] = mswSafeImportString(strtolower($_GET['keys'])); $SQL = (mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') ? ' AND ' : 'WHERE ') . ' LOWER(`name`) LIKE \'%' . $_GET['keys'] . '%\''; } echo "SELECT SQL_CALC_FOUND_ROWS *, \n (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t ) AS `tickCount`\n\t\t\t FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n {$SQL}\n {$orderBy}\n LIMIT {$limitvalue},{$limit}\n\t\t\t "; $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *, \n (SELECT count(*) FROM `" . DB_PREFIX . "tickets` \n\t\t\t WHERE `" . DB_PREFIX . "departments`.`id` = `" . DB_PREFIX . "tickets`.`department`\n\t\t\t\tAND `spamFlag` = 'no'\n\t\t\t ) AS `tickCount`\n\t\t\t FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " \n {$SQL}\n {$orderBy}\n LIMIT {$limitvalue},{$limit}\n\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; ?> <div class="content"> <div class="header"> <?php // Order By.. if (mswRowCount('departments') > 0) { $links = array(array('link' => '?p=' . $_GET['p'] . '&orderby=name_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels21), array('link' => '?p=' . $_GET['p'] . '&orderby=name_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels22), array('link' => '?p=' . $_GET['p'] . '&orderby=order_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels23), array('link' => '?p=' . $_GET['p'] . '&orderby=order_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_levels24), array('link' => '?p=' . $_GET['p'] . '&orderby=man_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept26), array('link' => '?p=' . $_GET['p'] . '&orderby=man_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept27), array('link' => '?p=' . $_GET['p'] . '&orderby=vis_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept28), array('link' => '?p=' . $_GET['p'] . '&orderby=vis_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_dept29), array('link' => '?p=' . $_GET['p'] . '&orderby=tickets_desc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts11), array('link' => '?p=' . $_GET['p'] . '&orderby=tickets_asc' . mswQueryParams(array('p', 'orderby')), 'name' => $msg_accounts12)); echo $MSBOOTSTRAP->button($msg_script45, $links); // Page filter.. include PATH . 'templates/system/bootstrap/page-filter.php'; ?>
$SR = mswGetTableData('responses', 'id', (int) $_GET['getResponse']); $json = array('response' => isset($SR->answer) ? mswCleanData($SR->answer) : ' '); } break; //=========================== // Add ticket custom fields //=========================== //=========================== // Add ticket custom fields //=========================== case 'add-cus-field': $fields = ''; $dept = (int) $_GET['dept']; $area = !isset($_GET['area']) ? 'ticket' : (in_array($_GET['area'], array('ticket', 'reply', 'admin')) ? $_GET['area'] : 'ticket'); // Custom fields.. $qF = mysql_query("SELECT * FROM `" . DB_PREFIX . "cusfields`\n WHERE FIND_IN_SET('{$area}',`fieldLoc`) > 0\n AND `enField` = 'yes'\n\t\tAND FIND_IN_SET('{$dept}',`departments`) > 0\n ORDER BY `orderBy`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mysql_num_rows($qF) > 0) { while ($FIELDS = mysql_fetch_object($qF)) { switch ($FIELDS->fieldType) { case 'textarea': $fields .= $MSFM->buildTextArea(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex); break; case 'input': $fields .= $MSFM->buildInputBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, ++$tabIndex); break; case 'select': $fields .= $MSFM->buildSelect(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions, ++$tabIndex); break; case 'checkbox': $fields .= $MSFM->buildCheckBox(mswCleanData($FIELDS->fieldInstructions), $FIELDS->id, $FIELDS->fieldOptions); break;
public function levels($level, $arr = false, $keys = false, $filter = false) { $level = strtolower($level); $levels = array(); $q = mysql_query("SELECT * FROM `" . DB_PREFIX . "levels`\n " . ($filter ? 'WHERE `display` = \'yes\'' : '') . "\n ORDER BY `orderBy`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($L = mysql_fetch_object($q)) { $levels[$L->marker ? $L->marker : $L->id] = mswCleanData($L->name); } if ($keys) { return array_keys($levels); } else { if ($arr) { return $levels; } else { return isset($levels[$level]) ? $levels[$level] : $levels['low']; } } }
<?php } else { ?> <div class="alert alert-success" id="replyArea"> <p class="nodata"><?php echo str_replace('{url}', $url, $msg_viewticket45); ?> </p> </div> <?php } } } // Show ticket history.. if ($SETTINGS->ticketHistory == 'yes' && $MSTEAM->ticketHistory == 'yes') { $qTH = mysql_query("SELECT * FROM `" . DB_PREFIX . "tickethistory`\n WHERE `ticketID` = '{$_GET['id']}'\n ORDER BY `ts` DESC\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $historyRows = mysql_num_rows($qTH); ?> <div class="block" style="margin-top:40px"> <p class="block-heading" id="hisblockhead">(<span id="hiscount"><?php echo @number_format($historyRows); ?> </span>) <?php echo strtoupper($msg_viewticket110) . ' (#' . mswTicketNumber($_GET['id']); ?> )<?php echo $historyRows > 0 ? (USER_DEL_PRIV == 'yes' ? ' <a class="toggleFields pull-right" href="#" onclick="confirmMessageExecute(\'' . mswSpecialChars($msg_script_action) . '\',\'history\',\'0##' . $_GET['id'] . '\');return false"><i class="icon-remove"></i> ' . $msg_viewticket118 . '</a> ' : '') . '<a class="toggleFields pull-right" href="index.php?p=view-ticket&exportHistory=' . $_GET['id'] . '"><i class="icon-save"></i> ' . $msg_viewticket112 . '</a>' : ''; ?> </p> <div class="block-body" style="max-height:300px;overflow:auto" id="historyArea"> <?php
// Check if this ticket was originally opened by imap.. // If it was, set the reply-to address as the imap address.. // This is so any replies sent go back to the ticket.. if ($T->source == 'imap') { $IMD = mswGetTableData('imap', 'im_dept', $T->department); if (isset($IMD->im_email) && $IMD->im_email) { $replyToAddr = $IMD->im_email; } } // Get all users in this dispute.. $ticketDisputeUsers = $MSTICKET->disputeUsers($T->id); // Add original ticket starter to the mix.. array_push($ticketDisputeUsers, $T->visitorID); // Send, but skip person currently logged in.. if (!empty($ticketDisputeUsers)) { $qDU = mysql_query("SELECT `name`,`email`,`language` FROM `" . DB_PREFIX . "portal`\n WHERE `id` IN(" . implode(',', $ticketDisputeUsers) . ")\n\t\t\t\t AND `id` != '{$LI_ACC->id}'\n\t\t\t\t GROUP BY `email`\n ORDER BY `name`\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($D_USR = mysql_fetch_object($qDU)) { $pLang = ''; $temp = PATH . 'content/language/' . $SETTINGS->language . '/mail-templates/dispute-reply.txt'; // Get correct language file.. if (isset($D_USR->language) && file_exists(PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt')) { $pLang = $D_USR->language; $temp = PATH . 'content/language/' . $D_USR->language . '/mail-templates/dispute-reply.txt'; } $MSMAIL->addTag('{USER}', $LI_ACC->name); $MSMAIL->addTag('{NAME}', $D_USR->name); $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $D_USR->email, 'to_name' => $D_USR->name, 'subject' => str_replace(array('{website}', '{ticket}'), array($SETTINGS->website, mswTicketNumber($T->id)), $emailSubjects['dispute-notify']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $replyToAddr ? $replyToAddr : ($SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email)), 'template' => $temp, 'language' => $pLang ? $pLang : $SETTINGS->language, 'alive' => 'yes')); } } } // Finish with message..
public function delete($t_class) { if (!empty($_POST['del'])) { $uIDs = implode(',', $_POST['del']); // Get all tickets related to the users that are going to be deleted.. $tickets = array(); $q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets`\n WHERE `visitorID` IN({$uIDs})\n\t\t ORDER BY `id`\n\t\t "); while ($T = mysql_fetch_object($q)) { $tickets[] = $T->id; } // If there are tickets, delete all information.. // We can use the delete operation from the ticket class.. if (!empty($tickets)) { $_POST['ticket'] = $tickets; $t_class->deleteTickets(); } // Users info.. mysql_query("DELETE FROM `" . DB_PREFIX . "portal` \n WHERE `id` IN({$uIDs}) \n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Delete disputes.. mysql_query("DELETE FROM `" . DB_PREFIX . "disputes` WHERE `visitorID` IN({$uIDs})") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Log entries.. mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n WHERE `userID` IN({$uIDs})\n\tAND `type` = 'acc'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Truncate tables to start at 1.. foreach (array('tickets', 'attachments', 'replies', 'cusfields', 'ticketfields', 'disputes', 'tickethistory', 'portal') as $tables) { if (mswRowCount($tables) == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`"); } } return count($uIDs); } return '0'; }
<?php // Are additional folders allowed? if ($MSTEAM->mailFolders > 0) { ?> <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown" href="#"><i class="icon-folder-open"></i> <?php echo $msg_mailbox5; ?> <b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="?p=mailbox&folders=1"><i class="icon-plus"></i> <?php echo $msg_mailbox6; ?> </a></li> <?php $qF = mysql_query("SELECT `id`,`folder`\n FROM `" . DB_PREFIX . "mailfolders`\n\t\t WHERE `staffID` = '{$MSTEAM->id}'\n ORDER BY `folder`\n\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mysql_num_rows($qF) > 0) { $moveToFolders['-'] = '- - - - - - -'; } while ($FOLDERS = mysql_fetch_object($qF)) { $moveToFolders[$FOLDERS->id] = mswCleanData($FOLDERS->folder); ?> <li><a href="?p=mailbox&f=<?php echo $FOLDERS->id; ?> "><i class="icon-folder-close-alt"></i> <?php echo mswCleanData($FOLDERS->folder); ?> </a></li> <?php }
public function updateSettings() { $_POST = mswMultiDimensionalArrayMap('mswSafeImportString', $_POST); // Defaults if not set.. $_POST['attachment'] = isset($_POST['attachment']) ? 'yes' : 'no'; $_POST['rename'] = isset($_POST['rename']) ? 'yes' : 'no'; $_POST['weekStart'] = isset($_POST['weekStart']) && in_array($_POST['weekStart'], array('sun', 'mon')) ? $_POST['weekStart'] : 'sun'; $_POST['enSpamSum'] = isset($_POST['enSpamSum']) && in_array($_POST['enSpamSum'], array('yes', 'no')) ? $_POST['enSpamSum'] : 'yes'; $_POST['enableBBCode'] = isset($_POST['enableBBCode']) ? 'yes' : 'no'; $_POST['disputes'] = isset($_POST['disputes']) ? 'yes' : 'no'; $_POST['multiplevotes'] = isset($_POST['multiplevotes']) ? 'yes' : 'no'; $_POST['enableVotes'] = isset($_POST['enableVotes']) ? 'yes' : 'no'; $_POST['enCapLogin'] = isset($_POST['enCapLogin']) ? 'yes' : 'no'; $_POST['sysstatus'] = isset($_POST['sysstatus']) ? 'yes' : 'no'; $_POST['autoenable'] = $_POST['autoenable'] ? $this->datetime->mswDatePickerFormat($_POST['autoenable']) : '0000-00-00'; $_POST['kbase'] = isset($_POST['kbase']) ? 'yes' : 'no'; $_POST['scriptpath'] = systemSettings::filterInstallationPath($_POST['scriptpath']); $_POST['attachpath'] = systemSettings::filterInstallationPath($_POST['attachpath']); $_POST['attachhref'] = systemSettings::filterInstallationPath($_POST['attachhref']); $_POST['attachpathfaq'] = systemSettings::filterInstallationPath($_POST['attachpathfaq']); $_POST['attachhreffaq'] = systemSettings::filterInstallationPath($_POST['attachhreffaq']); $_POST['imap_param'] = $_POST['imap_param'] ? $_POST['imap_param'] : 'pipe'; $_POST['renamefaq'] = isset($_POST['renamefaq']) ? 'yes' : 'no'; $_POST['smtp_debug'] = isset($_POST['smtp_debug']) ? 'yes' : 'no'; $_POST['createPref'] = isset($_POST['createPref']) ? 'yes' : 'no'; $_POST['createAcc'] = isset($_POST['createAcc']) ? 'yes' : 'no'; $_POST['ticketHistory'] = isset($_POST['ticketHistory']) ? 'yes' : 'no'; $_POST['closenotify'] = isset($_POST['closenotify']) ? 'yes' : 'no'; $_POST['accProfNotify'] = isset($_POST['accProfNotify']) ? 'yes' : 'no'; $_POST['newAccNotify'] = isset($_POST['newAccNotify']) ? 'yes' : 'no'; $_POST['enableLog'] = isset($_POST['enableLog']) ? 'yes' : 'no'; $_POST['enableMail'] = isset($_POST['enableMail']) ? 'yes' : 'no'; $_POST['imap_debug'] = isset($_POST['imap_debug']) ? 'yes' : 'no'; $_POST['apiLog'] = isset($_POST['apiLog']) ? 'yes' : 'no'; $_POST['disputeAdminStop'] = isset($_POST['disputeAdminStop']) ? 'yes' : 'no'; // Enforce digits.. $_POST['maxsize'] = (int) $_POST['maxsize'] > 0 ? $_POST['maxsize'] : '0'; $_POST['popquestions'] = (int) $_POST['popquestions'] > 0 ? $_POST['popquestions'] : '10'; $_POST['quePerPage'] = (int) $_POST['quePerPage'] > 0 ? $_POST['quePerPage'] : '10'; $_POST['cookiedays'] = (int) $_POST['cookiedays'] > 0 ? $_POST['cookiedays'] : '60'; $_POST['attachboxes'] = (int) $_POST['attachboxes'] > 0 ? $_POST['attachboxes'] : '1'; $_POST['autoClose'] = (int) $_POST['autoClose'] > 0 ? $_POST['autoClose'] : '0'; $_POST['smtp_port'] = (int) $_POST['smtp_port'] > 0 ? $_POST['smtp_port'] : '25'; $_POST['loginLimit'] = (int) $_POST['loginLimit'] > 0 ? $_POST['loginLimit'] : '0'; $_POST['banTime'] = (int) $_POST['banTime'] > 0 ? $_POST['banTime'] : '25'; $_POST['minPassValue'] = (int) $_POST['minPassValue'] > 0 ? $_POST['minPassValue'] : '8'; $_POST['minTickDigits'] = (int) $_POST['minTickDigits'] > 0 ? $_POST['minTickDigits'] : '5'; $_POST['imap_timeout'] = (int) $_POST['imap_timeout'] > 0 ? $_POST['imap_timeout'] : '0'; $_POST['imap_memory'] = (int) $_POST['imap_memory'] > 0 ? $_POST['imap_memory'] : '0'; // Restrictions.. if (LICENCE_VER == 'locked') { $_POST['attachboxes'] = RESTR_ATTACH; $_POST['adminFooter'] = 'To add your own footer code, click "Settings & Tools > Other Options > Edit Footers"'; $_POST['publicFooter'] = 'To add your own footer code, click "Settings & Tools > Other Options > Edit Footers"'; } // Serialized data.. $langSets = !empty($_POST['templateSet']) ? serialize($_POST['templateSet']) : ''; if ($_POST['defKeepLogs']['user'] == '') { $_POST['defKeepLogs']['user'] = '******'; } if ($_POST['defKeepLogs']['acc'] == '') { $_POST['defKeepLogs']['acc'] = '0'; } $defLog = !empty($_POST['defKeepLogs']) ? serialize($_POST['defKeepLogs']) : ''; $handlers = !empty($_POST['apiHandlers']) ? implode(',', $_POST['apiHandlers']) : ''; mysql_query("UPDATE `" . DB_PREFIX . "settings` SET\n `website` = '{$_POST['website']}',\n `email` = '{$_POST['email']}',\n `replyto` = '{$_POST['replyto']}',\n `scriptpath` = '{$_POST['scriptpath']}',\n `attachpath` = '{$_POST['attachpath']}',\n `attachhref` = '{$_POST['attachhref']}',\n `attachpathfaq` = '{$_POST['attachpathfaq']}',\n `attachhreffaq` = '{$_POST['attachhreffaq']}',\n `language` = '{$_POST['language']}',\n `langSets` = '" . mswSafeImportString($langSets) . "',\n `dateformat` = '{$_POST['dateformat']}',\n `timeformat` = '{$_POST['timeformat']}',\n `timezone` = '{$_POST['timezone']}',\n `weekStart` = '{$_POST['weekStart']}',\n `jsDateFormat` = '{$_POST['jsDateFormat']}',\n `kbase` = '{$_POST['kbase']}',\n `enableVotes` = '{$_POST['enableVotes']}',\n `multiplevotes` = '{$_POST['multiplevotes']}',\n `popquestions` = '{$_POST['popquestions']}',\n `quePerPage` = '{$_POST['quePerPage']}',\n `cookiedays` = '{$_POST['cookiedays']}',\n `renamefaq` = '{$_POST['renamefaq']}',\n `attachment` = '{$_POST['attachment']}',\n `rename` = '{$_POST['rename']}',\n `attachboxes` = '{$_POST['attachboxes']}',\n `filetypes` = '{$_POST['filetypes']}',\n `maxsize` = '{$_POST['maxsize']}',\n `enableBBCode` = '{$_POST['enableBBCode']}',\n `afolder` = '{$_POST['afolder']}',\n `autoClose` = '{$_POST['autoClose']}',\n `smtp_host` = '{$_POST['smtp_host']}',\n `smtp_user` = '{$_POST['smtp_user']}',\n `smtp_pass` = '{$_POST['smtp_pass']}',\n `smtp_port` = '{$_POST['smtp_port']}',\n `smtp_security` = '{$_POST['smtp_security']}',\n `smtp_debug` = '{$_POST['smtp_debug']}',\n `adminFooter` = '{$_POST['adminFooter']}',\n `publicFooter` = '{$_POST['publicFooter']}',\n `apiKey` = '{$_POST['apiKey']}',\n `apiLog` = '{$_POST['apiLog']}',\n `apiHandlers` = '{$handlers}',\n `recaptchaPrivateKey` = '{$_POST['recaptchaPrivateKey']}',\n `recaptchaPublicKey` = '{$_POST['recaptchaPublicKey']}',\n `enCapLogin` = '{$_POST['enCapLogin']}',\n `sysstatus` = '{$_POST['sysstatus']}',\n `autoenable` = '{$_POST['autoenable']}',\n `disputes` = '{$_POST['disputes']}',\n `offlineReason` = '{$_POST['offlineReason']}',\n `createPref` = '{$_POST['createPref']}',\n `createAcc` = '{$_POST['createAcc']}',\n `loginLimit` = '{$_POST['loginLimit']}',\n `banTime` = '{$_POST['banTime']}',\n `ticketHistory` = '{$_POST['ticketHistory']}',\n `closenotify` = '{$_POST['closenotify']}',\n `accProfNotify` = '{$_POST['accProfNotify']}',\n `minPassValue` = '{$_POST['minPassValue']}',\n `newAccNotify` = '{$_POST['newAccNotify']}',\n `recaptchaLang` = '{$_POST['recaptchaLang']}',\n `recaptchaTheme` = '{$_POST['recaptchaTheme']}',\n `enableLog` = '{$_POST['enableLog']}',\n `defKeepLogs` = '" . mswSafeImportString($defLog) . "',\n `minTickDigits` = '{$_POST['minTickDigits']}',\n `enableMail` = '{$_POST['enableMail']}',\n `imap_debug` = '{$_POST['imap_debug']}',\n `imap_param` = '{$_POST['imap_param']}',\n `imap_memory` = '{$_POST['imap_memory']}',\n `imap_timeout` = '{$_POST['imap_timeout']}',\n `disputeAdminStop` = '{$_POST['disputeAdminStop']}'\n WHERE `id` = '1'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); }
<?php if (!defined('PARENT') || !isset($toLoad)) { exit; } $orderBy = 'ORDER BY `' . DB_PREFIX . 'mailbox`.`ts` DESC'; $keys = isset($_GET['keys']) ? $_GET['keys'] : ''; $searchSQL = ''; // Are we searching? if ($keys) { $searchSQL = 'AND (`' . DB_PREFIX . 'mailbox`.`subject` LIKE \'%' . mswSafeImportString($keys) . '%\' OR `' . DB_PREFIX . 'mailbox`.`message` LIKE \'%' . mswSafeImportString($keys) . '%\')'; } $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "mailbox`.`staffID` AS `starter`,\n\t `" . DB_PREFIX . "mailbox`.`ts` AS `mailStamp`,\n\t `" . DB_PREFIX . "mailassoc`.`mailID` AS `messageID`\n\t FROM `" . DB_PREFIX . "mailassoc`\n\t LEFT JOIN `" . DB_PREFIX . "mailbox`\n\t ON `" . DB_PREFIX . "mailassoc`.`mailID` = `" . DB_PREFIX . "mailbox`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "users`\n\t ON `" . DB_PREFIX . "users`.`id` = `" . DB_PREFIX . "mailbox`.`staffID`\n\t WHERE `folder` = '{$toLoad}' \n AND `" . DB_PREFIX . "mailassoc`.`staffID` = '{$MSTEAM->id}'\n\t " . ($searchSQL ? $searchSQL . mswDefineNewline() . 'GROUP BY `' . DB_PREFIX . 'mailassoc`.`mailID`' : '') . "\n\t " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; ?> <div class="content"> <div class="header"> <button class="btn search-bar-button" type="button" onclick="mswToggle('b1','b2','keys','mailbox')"><i class="icon-search" id="search-icon-button"></i></button> <h1 class="page-title"><?php echo $msg_adheader61; ?> (<?php echo $boxName; ?> )</h1> <span class="clearfix"></span>
</div> </div> <div class="tab-pane fade" id="two"> <div class="well"> <label class="checkbox"> <input type="checkbox" value="0" onclick="checkBoxes(this.checked,'#cb')"> <?php echo $msg_response6; ?> </label> <div id="cb"> <?php // If global log in no filter necessary.. $q_dept = mysql_query("SELECT * FROM `" . DB_PREFIX . "departments` " . mswSQLDepartmentFilter($mswDeptFilterAccess, 'WHERE') . " ORDER BY `name`") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($DEPT = mysql_fetch_object($q_dept)) { ?> <label class="checkbox"> <input type="checkbox" name="dept[]"<?php echo isset($deptArr) && in_array($DEPT->id, $deptArr) ? ' checked="checked" ' : ' '; ?> value="<?php echo $DEPT->id; ?> "> <?php echo mswSpecialChars($DEPT->name); ?> </label> <input type="hidden" name="deptall[]" value="<?php echo $DEPT->id;
} ?> </div> </div> </div> <div class="row-fluid"> <div class="block" style="padding:0;margin:0;margin-top:10px"> <p class="block-heading uppercase"><i class="icon-chevron-right"></i> <?php echo $msg_home40; ?> </p> <div class="block-body"> <?php $lp = 0; $qT4 = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t ) AS `disputeCount`\n\t FROM `" . DB_PREFIX . "tickets` \n LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n WHERE `ticketStatus` = 'open'\n\t AND `replyStatus` IN('visitor') \n AND `isDisputed` = 'yes'\n AND `assignedto` != 'waiting'\n\t AND `spamFlag` = 'no'\n " . mswSQLDepartmentFilter($ticketFilterAccess) . "\n ORDER BY `" . DB_PREFIX . "tickets`.`id` DESC\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $T4Rows = mysql_num_rows($qT4); if ($T4Rows > 0) { while ($TICKETS = mysql_fetch_object($qT4)) { $date = ''; ?> <div class="row-fluid homeTicketWrapper<?php echo ++$lp == $T4Rows ? ' nobottomborder' : ''; ?> "> <a href="?p=view-dispute&id=<?php echo $TICKETS->ticketID; ?> "> <?php echo $cutOff > 0 && strlen($TICKETS->subject) > $cutOff ? substr(mswSpecialChars($TICKETS->subject), 0, $cutOff - 2) . '..' : mswSpecialChars($TICKETS->subject);
$SQL = 'AND (LOWER(`' . DB_PREFIX . 'tickets`.`subject`) LIKE \'%' . $_GET['keys'] . '%\' OR LOWER(`' . DB_PREFIX . 'tickets`.`comments`) LIKE \'%' . $_GET['keys'] . '%\')'; } // Disputes.. if ($SETTINGS->disputes == 'yes' && isset($_GET['disputes'])) { // Disputes in other tickets.. $qD = mysql_query("SELECT `ticketID` FROM `" . DB_PREFIX . "disputes` \n WHERE `visitorID` = '{$ACC->id}'\n\t GROUP BY `ticketID`\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($DP = mysql_fetch_object($qD)) { $dis[] = $DP->ticketID; } // Disputes from started tickets.. $qD2 = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "tickets` \n WHERE `visitorID` = '{$ACC->id}'\n\t\t AND `isDisputed` = 'yes'\n\t\t AND `spamFlag` = 'no'\n\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($DP2 = mysql_fetch_object($qD2)) { $dis[] = $DP2->id; } } $q = mysql_query("SELECT SQL_CALC_FOUND_ROWS *,\n `" . DB_PREFIX . "tickets`.`id` AS `ticketID`,\n\t `" . DB_PREFIX . "portal`.`name` AS `ticketName`,\n\t `" . DB_PREFIX . "tickets`.`ts` AS `ticketStamp`,\n\t `" . DB_PREFIX . "departments`.`name` AS `deptName`,\n\t `" . DB_PREFIX . "levels`.`name` AS `levelName`,\n\t (SELECT count(*) FROM `" . DB_PREFIX . "disputes` \n\t WHERE `" . DB_PREFIX . "disputes`.`ticketID` = `" . DB_PREFIX . "tickets`.`id`\n\t ) AS `disputeCount`\n\t FROM `" . DB_PREFIX . "tickets` \n LEFT JOIN `" . DB_PREFIX . "departments`\n\t ON `" . DB_PREFIX . "tickets`.`department` = `" . DB_PREFIX . "departments`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "portal`\n\t ON `" . DB_PREFIX . "tickets`.`visitorID` = `" . DB_PREFIX . "portal`.`id`\n\t LEFT JOIN `" . DB_PREFIX . "levels`\n\t ON `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`id`\n\t OR `" . DB_PREFIX . "tickets`.`priority` = `" . DB_PREFIX . "levels`.`marker`\n " . (empty($dis) ? 'WHERE `' . DB_PREFIX . 'portal`.`email` = \'' . $ACC->email . '\'' : '') . "\n\t " . (!empty($dis) ? 'WHERE `' . DB_PREFIX . 'tickets`.`id` IN(' . implode(',', $dis) . ')' : '') . "\n\t {$SQL}\n\t AND `spamFlag` = 'no'\n " . $filterBy . mswSQLDepartmentFilter($ticketFilterAccess) . "\n " . $orderBy . "\n LIMIT {$limitvalue},{$limit}\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $c = mysql_fetch_object(mysql_query("SELECT FOUND_ROWS() AS `rows`")); $countedRows = isset($c->rows) ? $c->rows : '0'; $searchBoxUrl = 'acchistory&id=' . $_GET['id'] . (isset($_GET['disputes']) ? '&disputes=yes' : ''); ?> <div class="content"> <script type="text/javascript"> //<![CDATA[ function mswHisToggle() { if (jQuery('#b2').css('display')=='none') { jQuery('#topfluid').css('margin-top','0'); jQuery('#b2').show(); jQuery('input[name="keys"]').focus(); jQuery('#search-icon-button').attr('class','icon-remove'); } else { jQuery('#topfluid').css('margin-top','20px');
public function delete() { if (!empty($_POST['del'])) { $uID = implode(',', $_POST['del']); // Users info.. mysql_query("DELETE FROM `" . DB_PREFIX . "users` \n WHERE `id` IN({$uID}) \n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $rows = mysql_affected_rows(); // Departments assigned.. mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n WHERE `userID` IN({$uID})\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Access assigned.. mysql_query("DELETE FROM `" . DB_PREFIX . "usersaccess`\n WHERE `userID` IN({$uID})\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Log entries.. mysql_query("DELETE FROM `" . DB_PREFIX . "log`\n WHERE `userID` IN({$uID})\n\tAND `type` = 'user'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Truncate tables to start at 1.. foreach (array('users', 'userdepts', 'usersaccess', 'log') as $tables) { if (mswRowCount($tables) == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . $tables . "`"); } } return $rows; } }