function display($value)
{
$config = $this->getConfiguration();
if ($config['html']) {
return Format::safe_html($value);
} else {
return Format::htmlchars($value);
}
}
function faq($id, $format = 'html')
{
//XXX: user ajax->getThisStaff() (nolint)
global $thisstaff;
include_once INCLUDE_DIR . 'class.faq.php';
if (!($faq = FAQ::lookup($id))) {
return null;
}
//TODO: $f*g->getJSON() for json format. (nolint)
$resp = sprintf('<div style="width:650px;">
<strong>%s</strong><p>%s</p>
<div class="faded">Last updated %s</div>
<hr>
<a href="faq.php?id=%d">View</a> | <a href="faq.php?id=%d">Attachments (%s)</a>', $faq->getQuestion(), Format::safe_html($faq->getAnswer()), Format::db_daydatetime($faq->getUpdateDate()), $faq->getId(), $faq->getId(), $faq->getNumAttachments());
if ($thisstaff && $thisstaff->canManageFAQ()) {
$resp .= sprintf(' | <a href="faq.php?id=%d&a=edit">Edit</a>', $faq->getId());
}
$resp .= '</div>';
return $resp;
}
<?php
if (!defined('OSTCLIENTINC') || !$category || !$category->isPublic()) {
die('Access Denied');
}
?>
<div class="container topheader">
<div class="row">
<div class="span8">
<h2><strong><?php
echo $category->getLocalName();
?>
</strong></h2>
<p>
<?php
echo Format::safe_html($category->getLocalDescriptionWithImages());
?>
</p>
<hr>
<div class="panel panel-default faqlist">
<?php
$faqs = FAQ::objects()->filter(array('category' => $category))->exclude(array('ispublished' => FAQ::VISIBILITY_PRIVATE))->annotate(array('has_attachments' => SqlAggregate::COUNT(SqlCase::N()->when(array('attachments__inline' => 0), 1)->otherwise(null))))->order_by('-ispublished', 'question');
if ($faqs->exists(true)) {
echo '
<div class="panel-heading">
<h2 class="panel-title">' . __('Frequently Asked Questions') . '</h2>
</div>
<div class="panel-body">
<div id="faq">
<ol>';
foreach ($faqs as $F) {
</div>';
} else {
echo '<strong class="faded">'.__('The search did not match any FAQs.').'</strong>';
}
} else { //Category Listing.
$sql='SELECT cat.category_id, cat.name, cat.description, cat.ispublic, count(faq.faq_id) as faqs '
.' FROM '.FAQ_CATEGORY_TABLE.' cat '
.' LEFT JOIN '.FAQ_TABLE.' faq ON(faq.category_id=cat.category_id) '
.' GROUP BY cat.category_id '
.' ORDER BY cat.name';
if(($res=db_query($sql)) && db_num_rows($res)) {
echo '<div>'.__('Click on the category to browse FAQs or manage its existing FAQs.').'</div>
<ul id="kb">';
while($row=db_fetch_array($res)) {
echo sprintf('
<li>
<h4><a href="kb.php?cid=%d">%s (%d)</a> - <span>%s</span></h4>
%s
</li>',$row['category_id'],$row['name'],$row['faqs'],
($row['ispublic']?__('Public'):__('Internal')),
Format::safe_html($row['description']));
}
echo '</ul>';
} else {
echo __('NO FAQs found');
}
}
?>
</div>
function save($id, $vars, &$errors, $validation = false)
{
//Cleanup.
$vars['name'] = Format::striptags(trim($vars['name']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal error. Try again';
}
if (!$vars['name']) {
$errors['name'] = 'Category name is required';
} elseif (strlen($vars['name']) < 3) {
$errors['name'] = 'Name is too short. 3 chars minimum';
} elseif (($cid = self::findIdByName($vars['name'])) && $cid != $id) {
$errors['name'] = 'Category already exists';
}
if (!$vars['description']) {
$errors['description'] = 'Category description is required';
}
if ($errors) {
return false;
}
/* validation only */
if ($validation) {
return true;
}
//save
$sql = ' updated=NOW() ' . ',ispublic=' . db_input(isset($vars['ispublic']) ? $vars['ispublic'] : 0) . ',name=' . db_input($vars['name']) . ',description=' . db_input(Format::safe_html($vars['description'])) . ',notes=' . db_input($vars['notes']);
if ($id) {
$sql = 'UPDATE ' . FAQ_CATEGORY_TABLE . ' SET ' . $sql . ' WHERE category_id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = 'Unable to update FAQ category.';
} else {
$sql = 'INSERT INTO ' . FAQ_CATEGORY_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = 'Unable to create FAQ category. Internal error';
}
return false;
}
function save($id, $vars, &$errors, $validation = false)
{
//Cleanup.
$vars['question'] = Format::striptags(trim($vars['question']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal error. Try again';
}
if (!$vars['question']) {
$errors['question'] = 'Question required';
} elseif (($qid = self::findIdByQuestion($vars['question'])) && $qid != $id) {
$errors['question'] = 'Question already exists';
}
if (!$vars['category_id'] || !($category = Category::lookup($vars['category_id']))) {
$errors['category_id'] = 'Category is required';
}
if (!$vars['answer']) {
$errors['answer'] = 'FAQ answer is required';
}
if ($errors || $validation) {
return !$errors;
}
//save
$sql = ' updated=NOW() ' . ', question=' . db_input($vars['question']) . ', answer=' . db_input(Format::safe_html($vars['answer'])) . ', category_id=' . db_input($vars['category_id']) . ', ispublished=' . db_input(isset($vars['ispublished']) ? $vars['ispublished'] : 0) . ', notes=' . db_input($vars['notes']);
if ($id) {
$sql = 'UPDATE ' . FAQ_TABLE . ' SET ' . $sql . ' WHERE faq_id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = 'Unable to update FAQ.';
} else {
$sql = 'INSERT INTO ' . FAQ_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = 'Unable to create FAQ. Internal error';
}
return false;
}
"><?php
echo $category->getName();
?>
</a>
</div>
<div style="width:700px;padding-top:2px;" class="pull-left">
<strong style="font-size:16px;"><?php
echo $faq->getQuestion();
?>
</strong>
</div>
<div class="pull-right flush-right" style="padding-top:5px;padding-right:5px;"></div>
<div class="clear"></div>
<p>
<?php
echo Format::safe_html($faq->getAnswerWithImages());
?>
</p>
<p>
<?php
if ($faq->getNumAttachments()) {
?>
<div><span class="faded"><b><?php
echo __('Attachments');
?>
:</b></span> <?php
echo $faq->getAttachmentsLinks();
?>
</div>
<?php
}
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
if (!defined('OSTCLIENTINC') || !$status) {
die('Access Denied');
}
?>
<h1><strong><?php
echo $status->getName();
?>
</strong></h1>
<p>
<?php
echo \Format::safe_html($status->getDescription());
?>
</p>
<hr>
<?php
$sql = 'SELECT equipment.equipment_id as equipment_id, equipment.asset_id as Equipment,
status.name as Status, status.color as color' . ' FROM ' . EQUIPMENT_TABLE . ' equipment ' . ' LEFT JOIN ' . EQUIPMENT_STATUS_TABLE . ' status ON(status.status_id=equipment.status_id) ' . ' WHERE equipment.ispublished=1 AND equipment.status_id=' . db_input($status->getId()) . ' GROUP BY equipment.equipment_id';
if (($res = db_query($sql)) && db_num_rows($res)) {
echo '
<h2>Equpment</h2>
<div id="equipment">
<ol>';
while ($row = db_fetch_array($res)) {
echo sprintf('
<li> <a href="equipment.php?id=%d" %s>%s %s</a></li>', $row['equipment_id'], 'style="color:' . $row['color'] . '"', \Format::htmlchars($row['Equipment']), $row['Status']);
}
die('Access Denied');
}
?>
<div style="width:700;padding-top:10px; float:left;">
<h2>Frequently Asked Questions</h2>
</div>
<div style="float:right;text-align:right;padding-top:5px;padding-right:5px;"> </div>
<div class="clear"></div>
<br>
<div><strong><?php
echo $category->getName();
?>
</strong></div>
<p>
<?php
echo Format::safe_html($category->getDescription());
?>
</p>
<hr>
<?php
$sql = 'SELECT faq.faq_id, question ' . ' FROM ' . FAQ_TABLE . ' faq ' . ' LEFT JOIN ' . FAQ_ATTACHMENT_TABLE . ' attach ON(attach.faq_id=faq.faq_id) ' . ' WHERE faq.ispublished=1 AND faq.category_id=' . db_input($category->getId()) . ' GROUP BY faq.faq_id';
if (($res = db_query($sql)) && db_num_rows($res)) {
echo '<div id="faq">
<ol>';
while ($row = db_fetch_array($res)) {
echo sprintf('
<li><a href="faq.php?id=%d" >%s</a></li>', $row['faq_id'], Format::htmlchars($row['question']));
}
echo ' </ol>
</div>';
} else {
echo $category->getId(); ?> "><?php echo $category->getName(); ?> </a> </div> <div style="width:700;padding-top:2px; float:left;"> <strong style="font-size:16px;"><?php echo $equipment->getAsset_id(); ?> </strong> </div> <div style="float:right;text-align:right;padding-top:5px;padding-right:5px;"></div> <div class="clear"></div> <p> <img src="<?php echo "images/" . $equipment->getStatus()->getImage(); ?> " width="20" height="20"/> <?php echo Format::safe_html($equipment->getStatus()); ?> </p> <hr> <div class="faded"> Last updated <?php echo Format::db_daydatetime($category->getUpdated()); ?> </div>
function save($id, $vars, &$errors)
{
//Cleanup.
$vars['name'] = Format::striptags(trim($vars['name']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal error. Try again';
}
if (!$vars['type']) {
$errors['type'] = 'Type required';
} elseif (!in_array($vars['type'], array('landing', 'offline', 'thank-you', 'other'))) {
$errors['type'] = 'Invalid selection';
}
if (!$vars['name']) {
$errors['name'] = 'Name required';
} elseif (($pid = self::getIdByName($vars['name'])) && $pid != $id) {
$errors['name'] = 'Name already exists';
}
if (!$vars['body']) {
$errors['body'] = 'Page body is required';
}
if ($errors) {
return false;
}
//save
$sql = ' updated=NOW() ' . ', `type`=' . db_input($vars['type']) . ', name=' . db_input($vars['name']) . ', body=' . db_input(Format::safe_html($vars['body'])) . ', isactive=' . db_input($vars['isactive'] ? 1 : 0) . ', notes=' . db_input($vars['notes']);
if ($id) {
$sql = 'UPDATE ' . PAGE_TABLE . ' SET ' . $sql . ' WHERE id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = 'Unable to update page.';
} else {
$sql = 'INSERT INTO ' . PAGE_TABLE . ' SET ' . $sql . ', created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = 'Unable to create page. Internal error';
}
return false;
}
if (!$errors && $cfg->allowOnlineAttachments() && $_FILES['attachments']) {
$vars['files'] = AttachmentFile::format($_FILES['attachments'], true);
}
//Ticket::create...checks for errors..
if ($ticket = Ticket::create($vars, $errors, SOURCE)) {
$msg = 'Support ticket request created';
//Logged in...simply view the newly created ticket.
if ($thisclient && $thisclient->isValid()) {
if (!$cfg->showRelatedTickets()) {
$_SESSION['_client']['key'] = $ticket->getExtId();
}
//Resetting login Key to the current ticket!
session_write_close();
session_regenerate_id();
@header('Location: tickets.php?id=' . $ticket->getExtId());
}
} else {
$errors['err'] = $errors['err'] ? $errors['err'] : 'Unable to create a ticket. Please correct errors below and try again!';
}
}
//page
$nav->setActiveNav('new');
require CLIENTINC_DIR . 'header.inc.php';
if ($ticket && (($topic = $ticket->getTopic()) && ($page = $topic->getPage()) || ($page = $cfg->getThankYouPage()))) {
//Thank the user and promise speedy resolution!
//Hide ticket number - it should only be delivered via email for security reasons.
echo Format::safe_html($ticket->replaceVars(str_replace(array('%{ticket.number}', '%{ticket.extId}', '%{ticket}'), array_fill(0, 3, 'XXXXXX'), $page->getBody())));
} else {
require CLIENTINC_DIR . 'open.inc.php';
}
require CLIENTINC_DIR . 'footer.inc.php';
function getBody($mid)
{
$body = '';
if ($body = $this->getPart($mid, 'TEXT/PLAIN', $this->charset)) {
// The Content-Type was text/plain, so escape anything that
// looks like HTML
$body = Format::htmlchars($body);
} elseif ($body = $this->getPart($mid, 'TEXT/HTML', $this->charset)) {
//Convert tags of interest before we striptags
$body = str_replace("</DIV><DIV>", "\n", $body);
$body = str_replace(array("<br>", "<br />", "<BR>", "<BR />"), "\n", $body);
$body = Format::safe_html($body);
//Balance html tags & neutralize unsafe tags.
}
return $body;
}
function getBody($mid)
{
global $cfg;
if ($cfg->isHtmlThreadEnabled()) {
if ($html = $this->getPart($mid, 'text/html', $this->charset)) {
$body = new HtmlThreadBody($html);
} elseif ($text = $this->getPart($mid, 'text/plain', $this->charset)) {
$body = new TextThreadBody($text);
}
} elseif ($text = $this->getPart($mid, 'text/plain', $this->charset)) {
$body = new TextThreadBody($text);
} elseif ($html = $this->getPart($mid, 'text/html', $this->charset)) {
$body = new TextThreadBody(Format::html2text(Format::safe_html($html), 100, false));
}
if (!isset($body)) {
$body = new TextThreadBody('');
}
if ($cfg->stripQuotedReply()) {
$body->stripQuotedReply($cfg->getReplySeparator());
}
return $body;
}
<ol>';
while ($row = db_fetch_array($res)) {
echo sprintf('
<li><a href="faq.php?id=%d" class="previewfaq">%s</a> - <span>%s</span></li>', $row['faq_id'], $row['question'], $row['ispublished'] ? 'Published' : 'Internal');
}
echo ' </ol>
</div>';
} else {
echo '<strong class="faded">The search did not match any FAQs.</strong>';
}
} else {
//Category Listing.
$sql = 'SELECT cat.category_id, cat.name, cat.description, cat.ispublic, count(faq.faq_id) as faqs ' . ' FROM ' . FAQ_CATEGORY_TABLE . ' cat ' . ' LEFT JOIN ' . FAQ_TABLE . ' faq ON(faq.category_id=cat.category_id) ' . ' GROUP BY cat.category_id ' . ' ORDER BY cat.name';
if (($res = db_query($sql)) && db_num_rows($res)) {
echo '<div>Click on the category to browse FAQs.</div>
<ul id="kb">';
while ($row = db_fetch_array($res)) {
echo sprintf('
<li>
<h4><a href="kb.php?cid=%d">%s (%d)</a> - <span>%s</span></h4>
%s
</li>', $row['category_id'], $row['name'], $row['faqs'], $row['ispublic'] ? 'Public' : 'Internal', Format::safe_html($row['description']));
}
echo '</ul>';
} else {
echo 'NO FAQs found';
}
}
?>
</div>
while ($row = db_fetch_array($res)) {
echo sprintf('
<li><a href="faq.php?id=%d" class="previewfaq">%s</a></li>', $row['faq_id'], $row['question'], $row['ispublished'] ? 'Published' : 'Internal');
}
echo ' </ol>
</div>';
} else {
echo '<strong class="faded">The search did not match any FAQs.</strong>';
}
} else {
//Category Listing.
$sql = 'SELECT cat.category_id, cat.name, cat.description, cat.ispublic, count(faq.faq_id) as faqs ' . ' FROM ' . FAQ_CATEGORY_TABLE . ' cat ' . ' LEFT JOIN ' . FAQ_TABLE . ' faq ON(faq.category_id=cat.category_id AND faq.ispublished=1) ' . ' WHERE cat.ispublic=1 ' . ' GROUP BY cat.category_id ' . ' HAVING faqs>0 ' . ' ORDER BY cat.name';
if (($res = db_query($sql)) && db_num_rows($res)) {
echo '<div>Click on the category to browse FAQs.</div>
<ul id="kb">';
while ($row = db_fetch_array($res)) {
echo sprintf('
<li>
<i></i>
<h4><a href="faq.php?cid=%d">%s (%d)</a></h4>
%s
</li>', $row['category_id'], Format::htmlchars($row['name']), $row['faqs'], Format::safe_html($row['description']));
}
echo '</ul>';
} else {
echo 'NO FAQs found';
}
}
?>
</div>
function sanitize($text, $striptags = false)
{
//balance and neutralize unsafe tags.
$text = Format::safe_html($text);
$text = self::localizeInlineImages($text);
//If requested - strip tags with decoding disabled.
return $striptags ? Format::striptags($text, false) : $text;
}
if(!defined('OSTCLIENTINC') || !$faq || !$faq->isPublished()) die('Access Denied');
$category=$faq->getCategory();
?>
<h1>Frequently Asked Questions</h1>
<div id="breadcrumbs">
<a href="index.php">All Categories</a>
» <a href="faq.php?cid=<? echo $category->getId(); ?>"><? echo $category->getName(); ?></a>
</div>
<div style="width:700;padding-top:2px; float:left;">
<strong style="font-size:16px;"><?php echo $faq->getQuestion() ?></strong>
</div>
<div style="float:right;text-align:right;padding-top:5px;padding-right:5px;"></div>
<div class="clear"></div>
<p>
<?php echo Format::safe_html($faq->getAnswer()); ?>
</p>
<p>
<?php
if($faq->getNumAttachments()) { ?>
<div><span class="faded"><b>Attachments:</b></span> <?php echo $faq->getAttachmentsLinks(); ?></div>
<?
}?>
<div><span class="faded"><b>Help Topics:</b></span>
<?php echo ($topics=$faq->getHelpTopics())?implode(', ',$topics):' '; ?>
</div>
</p>
<hr>
<div class="faded"> Last updated <?php echo Format::db_daydatetime($category->getUpdateDate()); ?></div>
function getBody()
{
$body = '';
if ($body = $this->getPart($this->struct, 'text/plain')) {
$body = Format::htmlchars($body);
} elseif ($body = $this->getPart($this->struct, 'text/html')) {
//Cleanup the html.
$body = str_replace("</DIV><DIV>", "\n", $body);
$body = str_replace(array("<br>", "<br />", "<BR>", "<BR />"), "\n", $body);
$body = Format::safe_html($body);
//Balance html tags & neutralize unsafe tags.
}
return $body;
}
