function hesk_initOnline($user_id)
{
global $hesk_settings, $hesklang;
/* Set user to online */
hesk_setOnline($user_id);
/* Can this user view online staff? */
if (hesk_checkPermission('can_view_online', 0)) {
$hesk_settings['users_online'] = hesk_listOnline();
define('SHOW_ONLINE', 1);
}
return true;
}
}
?>
<li role="presentation" class="active">
<a href="#"><?php
echo $hesklang['email_templates'];
?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="popover" title="<?php
echo $hesklang['email_templates'];
?>
" data-content="<?php
echo $hesklang['email_templates_intro'];
?>
"></i></a>
</li>
<?php
if (hesk_checkPermission('can_man_ticket_statuses', 0)) {
echo '
<li role="presentation">
<a title="' . $hesklang['statuses'] . '" href="manage_statuses.php">' . $hesklang['statuses'] . '</a>
</li>
';
}
?>
</ul>
<div class="tab-content summaryList tabPadding">
<?php
if ($showEditPanel) {
?>
<div class="row">
<div class="col-md-12">
<div class="panel panel-default">
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions */
$can_view_tickets = hesk_checkPermission('can_view_tickets', 0);
$can_reply_tickets = hesk_checkPermission('can_reply_tickets', 0);
$can_view_unassigned = hesk_checkPermission('can_view_unassigned', 0);
/* Update profile? */
if (!empty($_POST['action'])) {
// Demo mode
if (defined('HESK_DEMO')) {
hesk_process_messages($hesklang['sdemo'], 'profile.php', 'NOTICE');
}
// Update profile
update_profile();
} else {
$res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1");
$tmp = hesk_dbFetchAssoc($res);
foreach ($tmp as $k => $v) {
if ($k == 'pass') {
if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') {
define('WARN_PASSWORD', true);
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
hesk_checkPermission('can_edit_tickets');
/* A security check */
hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
/* New archived status */
if (empty($_GET['locked'])) {
$status = 0;
$tmp = $hesklang['tunlock'];
$revision = sprintf($hesklang['thist6'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
} else {
$status = 1;
$tmp = $hesklang['tlock'];
$revision = sprintf($hesklang['thist5'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
}
/* Update database */
function output_user_dropdown($catId, $selectId, $userArray)
{
global $hesklang;
if (!hesk_checkPermission('can_set_manager', 0)) {
foreach ($userArray as $user) {
if ($user['id'] == $selectId) {
return '<p>' . $user['name'] . '</p>';
}
}
return '<p>' . $hesklang['no_manager'] . '</p>';
} else {
$dropdownMarkup = '<select class="form-control input-sm" name="managerid">
<option value="0">' . $hesklang['no_manager'] . '</option>';
foreach ($userArray as $user) {
$select = $selectId == $user['id'] ? 'selected' : '';
$dropdownMarkup .= '<option value="' . $user['id'] . '" ' . $select . '>' . $user['name'] . '</option>';
}
$dropdownMarkup .= '</select>';
return '<form role="form" id="manager_form_' . $catId . '" action="manage_categories.php" method="post" class="form-inline" onchange="document.getElementById(\'manager_form_' . $catId . '\').submit();">
<input type="hidden" name="a" value="manager">
<input type="hidden" name="catid" value="' . $catId . '">
' . $dropdownMarkup . '
</form>';
}
}
if (isset($flush_me)) {
if ($tickets_exported > 0) {
hesk_show_success($flush_me);
} else {
hesk_show_notice($hesklang['n2ex']);
}
}
?>
<!-- TABS -->
<div id="tab1" class="tabberlive" style="margin-top:0px">
<ul class="tabbernav">
<?php
// Show a link to reports.php if user has permission to do so
if (hesk_checkPermission('can_run_reports', 0)) {
echo '<li class=""><a title="' . $hesklang['reports_tab'] . '" href="reports.php">' . $hesklang['reports_tab'] . ' [+]</a></li>';
}
?>
<li class="tabberactive"><a title="<?php
echo $hesklang['export'];
?>
" href="javascript:void(null);" onclick="javascript:alert('<?php
echo $hesklang['export_intro'];
?>
')"><?php
echo $hesklang['export'];
?>
[?]</a></li>
</ul>
/* Print main manage users page */
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
?>
</td>
</tr>
<tr>
<td>
<!-- TABS -->
<div id="tab1" class="tabberlive" style="margin-top:0px">
<ul class="tabbernav">
<?php
// Show a link to manage_ticket_templates.php if user has permission to do so
if (hesk_checkPermission('can_man_canned', 0)) {
echo '<li class=""><a title="' . $hesklang['manage_saved'] . '" href="manage_canned.php">' . $hesklang['manage_saved'] . '</a></li>';
}
?>
<li class="tabberactive"><a title="<?php
echo $hesklang['ticket_tpl'];
?>
" href="javascript:void(null);" onclick="javascript:alert('<?php
echo hesk_makeJsString($hesklang['ticket_tpl_intro']);
?>
')"><?php
echo $hesklang['ticket_tpl'];
?>
[?]</a></li>
</ul>
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
define('CALENDAR', 1);
$_SESSION['hide']['ticket_list'] = true;
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
$_SERVER['PHP_SELF'] = './admin_main.php';
/* Print header */
require_once HESK_PATH . 'inc/header.inc.php';
/* Print admin navigation */
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
?>
</td>
</tr>
<tr>
<td>
<div class="container tickets-found"><?php
echo $hesklang['tickets_found'];
?>
/* A list of all categories */
$hesk_settings['categories'] = array();
$res = hesk_dbQuery('SELECT `id`,`name` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` ORDER BY `cat_order` ASC');
while ($row = hesk_dbFetchAssoc($res)) {
if (hesk_okCategory($row['id'], 0)) {
$hesk_settings['categories'][$row['id']] = $row['name'];
}
}
/* Non-admin users may not create users with more permissions than they have */
if (!$_SESSION['isadmin']) {
/* Can't create admin users */
$_POST['isadmin'] = 0;
/* Can only add features he/she has access to */
$hesk_settings['features'] = array_intersect(explode(',', $_SESSION['heskprivileges']), $hesk_settings['features']);
/* Can user modify auto-assign setting? */
if ($hesk_settings['autoassign'] && (!hesk_checkPermission('can_assign_self', 0) || !hesk_checkPermission('can_assign_others', 0))) {
$hesk_settings['autoassign'] = 0;
}
}
/* Use any set values, default otherwise */
foreach ($default_userdata as $k => $v) {
if (!isset($_SESSION['userdata'][$k])) {
$_SESSION['userdata'][$k] = $v;
}
}
$_SESSION['userdata'] = hesk_stripArray($_SESSION['userdata']);
/* What should we do? */
if ($action = hesk_REQUEST('a')) {
if ($action == 'reset_form') {
$_SESSION['edit_userdata'] = TRUE;
header('Location: ./manage_users.php');
// Note ID
$noteID = intval(hesk_REQUEST('note')) or die($hesklang['int_error'] . ': ' . $hesklang['mis_note']);
// Get ticket info
$result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
// Get note info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['no_note']);
}
$note = hesk_dbFetchAssoc($result);
// Make sure the note matches the ticket and the user has permission to edit it
if ($note['ticket'] != $ticket['id'] || !hesk_checkPermission('can_del_notes', 0) && $note['who'] != $_SESSION['id']) {
hesk_error($hesklang['perm_deny']);
}
// Save changes?
if (isset($_POST['save'])) {
// A security check
hesk_token_check('POST');
// Get message
$tmpvar['message'] = nl2br(hesk_makeURL(hesk_input(hesk_POST('message'))));
// If we have message or attachments do the update
if (strlen($tmpvar['message']) || strlen($note['attachments'])) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` SET `message`='" . hesk_dbEscape($tmpvar['message']) . "' WHERE `id`={$noteID}");
hesk_process_messages($hesklang['ednote2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
} else {
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
header('Location: admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
// Is this person allowed access to this attachment?
$res = hesk_dbQuery("SELECT `t1`.`type` as `cat_type`, `t2`.`type` as `art_type`\r\n\t\t\t\t\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t2`\r\n JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t1`\r\n ON `t2`.`catid` = `t1`.`id`\r\n WHERE (`t2`.`attachments` LIKE '{$att_id}#%' OR `t2`.`attachments` LIKE '%,{$att_id}#%' )\r\n LIMIT 1");
// If no attachment found, throw an error
if (hesk_dbNumRows($res) != 1) {
hesk_error($hesklang['id_not_valid'] . ' (no_art)');
}
$row = hesk_dbFetchAssoc($res);
// Private or draft article or category?
if ($row['cat_type'] || $row['art_type']) {
if (empty($_SESSION['id'])) {
// This is a staff-only attachment
hesk_error($hesklang['attpri']);
} elseif ($row['art_type'] == 2) {
// Need permission to manage KB to access draft attachments
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_checkPermission('can_man_kb');
}
}
} else {
// Attachmend ID and ticket tracking ID
$att_id = intval(hesk_GET('att_id', 0)) or die($hesklang['id_not_valid']);
$tic_id = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}");
// Connect to database
hesk_dbConnect();
// Get attachment info
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='{$att_id}' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_error($hesklang['id_not_valid'] . ' (att_id)');
}
$file = hesk_dbFetchAssoc($res);
// Is ticket ID valid for this attachment?
function hesk_getAdminButtons($reply = 0, $white = 1)
{
global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete;
$options = '';
/* Style and mousover/mousout */
$tmp = $white ? 'White' : 'Blue';
$style = 'class="option' . $tmp . 'OFF" onmouseover="this.className=\'option' . $tmp . 'ON\'" onmouseout="this.className=\'option' . $tmp . 'OFF\'"';
/* Lock ticket button */
if ($can_edit) {
if ($ticket['locked']) {
$des = $hesklang['tul'] . ' - ' . $hesklang['isloc'];
$options .= '<a href="lock.php?track=' . $trackingID . '&locked=0&Refresh=' . mt_rand(10000, 99999) . '&token=' . hesk_token_echo(0) . '"><img src="../img/unlock.png" width="16" height="16" alt="' . $des . '" title="' . $des . '" ' . $style . ' /></a> ';
} else {
$des = $hesklang['tlo'] . ' - ' . $hesklang['isloc'];
$options .= '<a href="lock.php?track=' . $trackingID . '&locked=1&Refresh=' . mt_rand(10000, 99999) . '&token=' . hesk_token_echo(0) . '"><img src="../img/lock.png" width="16" height="16" alt="' . $des . '" title="' . $des . '" ' . $style . ' /></a> ';
}
}
/* Tag ticket button */
if ($can_archive) {
if ($ticket['archive']) {
$options .= '<a href="archive.php?track=' . $trackingID . '&archived=0&Refresh=' . mt_rand(10000, 99999) . '&token=' . hesk_token_echo(0) . '"><img src="../img/tag.png" width="16" height="16" alt="' . $hesklang['remove_archive'] . '" title="' . $hesklang['remove_archive'] . '" ' . $style . ' /></a> ';
} else {
$options .= '<a href="archive.php?track=' . $trackingID . '&archived=1&Refresh=' . mt_rand(10000, 99999) . '&token=' . hesk_token_echo(0) . '"><img src="../img/tag_off.png" width="16" height="16" alt="' . $hesklang['add_archive'] . '" title="' . $hesklang['add_archive'] . '" ' . $style . ' /></a> ';
}
}
/* Import to knowledgebase button */
if ($hesk_settings['kb_enable'] && hesk_checkPermission('can_man_kb', 0)) {
$options .= '<a href="manage_knowledgebase.php?a=import_article&track=' . $trackingID . '"><img src="../img/import_kb.png" width="16" height="16" alt="' . $hesklang['import_kb'] . '" title="' . $hesklang['import_kb'] . '" ' . $style . ' /></a> ';
}
/* Print ticket button */
$options .= '<a href="../print.php?track=' . $trackingID . '"><img src="../img/print.png" width="16" height="16" alt="' . $hesklang['printer_friendly'] . '" title="' . $hesklang['printer_friendly'] . '" ' . $style . ' /></a> ';
/* Edit post */
if ($can_edit) {
$tmp = $reply ? '&reply=' . $reply['id'] : '';
$options .= '<a href="edit_post.php?track=' . $trackingID . $tmp . '"><img src="../img/edit.png" width="16" height="16" alt="' . $hesklang['edtt'] . '" title="' . $hesklang['edtt'] . '" ' . $style . ' /></a> ';
}
/* Delete ticket */
if ($can_delete) {
if ($reply) {
$url = 'admin_ticket.php';
$tmp = 'delete_post=' . $reply['id'];
$img = 'delete.png';
$txt = $hesklang['delt'];
} else {
$url = 'delete_tickets.php';
$tmp = 'delete_ticket=1';
$img = 'delete_ticket.png';
$txt = $hesklang['dele'];
}
$options .= '<a href="' . $url . '?track=' . $trackingID . '&' . $tmp . '&Refresh=' . mt_rand(10000, 99999) . '&token=' . hesk_token_echo(0) . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($txt) . '?\');"><img src="../img/' . $img . '" width="16" height="16" alt="' . $txt . '" title="' . $txt . '" ' . $style . ' /></a> ';
}
/* Return generated HTML */
return $options;
}
* a license for this script. For more information on how to obtain
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_man_ticket_tpl');
// Define required constants
define('LOAD_TABS', 1);
/* What should we do? */
if ($action = hesk_REQUEST('a')) {
if (defined('HESK_DEMO')) {
hesk_process_messages($hesklang['ddemo'], 'manage_ticket_templates.php', 'NOTICE');
} elseif ($action == 'new') {
new_saved();
} elseif ($action == 'edit') {
edit_saved();
} elseif ($action == 'remove') {
remove();
} elseif ($action == 'order') {
order_saved();
}
echo $hesklang['banemail'];
?>
" href="#b-email" onclick="javascript:alert('<?php
echo hesk_makeJsString($hesklang['banemail_intro']);
?>
')"><?php
echo $hesklang['banemail'];
?>
[?]</a></li>
<?php
// Show a link to banned_ips.php if user has permission to do so
if (hesk_checkPermission('can_ban_ips', 0)) {
echo '<li id="banned-ips"><a title="' . $hesklang['banip'] . '" href="banned_ips.php">' . $hesklang['banip'] . '</a></li> ';
}
// Show a link to status_message.php if user has permission to do so
if (hesk_checkPermission('can_service_msg', 0)) {
echo '<li id="service-msg-tools"><a title="' . $hesklang['sm_title'] . '" href="service_messages.php">' . $hesklang['sm_title'] . '</a></li> ';
}
?>
</ul>
<script language="javascript" type="text/javascript"><!--
function confirm_delete()
{
if (confirm('<?php
echo hesk_makeJsString($hesklang['delban_confirm']);
?>
')) {return true;}
else {return false;}
}
//-->
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_add_archive');
/* A security check */
hesk_token_check();
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
/* New archived status */
if (empty($_GET['archived'])) {
$status = 0;
$tmp = $hesklang['removedfromarchive'];
} else {
$status = 1;
$tmp = $hesklang['added2archive'];
}
/* Update database */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `archive`='{$status}' WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
/* Back to ticket page and show a success message */
/* Print header */
require_once HESK_PATH . 'inc/header.inc.php';
/* Print admin navigation */
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
?>
<div class="container filter-ticket-title"><?php
echo $hesklang['filter_ticket'];
?>
</div>
<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
/* Print tickets? */
if (hesk_checkPermission('can_view_tickets', 0)) {
$sql = hesk_dbQuery("SELECT id FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`");
$sql_description = hesk_dbQuery("SELECT subject, id FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets`");
$sql_category = hesk_dbQuery("SELECT name, id FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories`");
$sql_client = hesk_dbQuery("SELECT user, id FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "clients`");
?>
<div class="container filter-ticket-admin" id="filter-ticket-admin"> <!-- Krijojme nje div per filtrat -->
<form method="post" autocomplete = "off" action="">
<datalist id="ticket_id_list">
<?php
while ($tmp = hesk_dbFetchAssoc($sql)) {
echo '<option value=' . $tmp["id"] . '>';
}
?>
</datalist>
* a license for this script. For more information on how to obtain
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_man_cat');
// Possible priorities
$priorities = array(3 => array('value' => 3, 'text' => $hesklang['low'], 'formatted' => $hesklang['low']), 2 => array('value' => 2, 'text' => $hesklang['medium'], 'formatted' => '<font class="medium">' . $hesklang['medium'] . '</font>'), 1 => array('value' => 1, 'text' => $hesklang['high'], 'formatted' => '<font class="important">' . $hesklang['high'] . '</font>'), 0 => array('value' => 0, 'text' => $hesklang['critical'], 'formatted' => '<font class="critical">' . $hesklang['critical'] . '</font>'));
/* What should we do? */
if ($action = hesk_REQUEST('a')) {
if ($action == 'linkcode') {
generate_link_code();
} elseif (defined('HESK_DEMO')) {
hesk_process_messages($hesklang['ddemo'], 'manage_categories.php', 'NOTICE');
} elseif ($action == 'new') {
new_cat();
} elseif ($action == 'rename') {
rename_cat();
} elseif ($action == 'remove') {
remove();
} elseif ($action == 'order') {
// -> Setup SQL based on selected ticket assignments
/* Make sure at least one is chosen */
if (!$s_my[$fid] && !$s_ot[$fid] && !$s_un[$fid]) {
$s_my[$fid] = 1;
$s_ot[$fid] = 1;
$s_un[$fid] = 1;
if (!defined('MAIN_PAGE')) {
hesk_show_notice($hesklang['e_nose']);
}
}
/* If the user doesn't have permission to view assigned to others block those */
if (!hesk_checkPermission('can_view_ass_others', 0)) {
$s_ot[$fid] = 0;
}
/* If the user doesn't have permission to view unassigned tickets block those */
if (!hesk_checkPermission('can_view_unassigned', 0)) {
$s_un[$fid] = 0;
}
/* Process assignments */
if (!$s_my[$fid] || !$s_ot[$fid] || !$s_un[$fid]) {
if ($s_my[$fid] && $s_ot[$fid]) {
// All but unassigned
$sql .= " AND `owner` > 0 ";
} elseif ($s_my[$fid] && $s_un[$fid]) {
// My tickets + unassigned
$sql .= " AND `owner` IN ('0', '" . intval($_SESSION['id']) . "') ";
} elseif ($s_ot[$fid] && $s_un[$fid]) {
// Assigned to others + unassigned
$sql .= " AND `owner` != '" . intval($_SESSION['id']) . "' ";
} elseif ($s_my[$fid]) {
// Assigned to me only
$priority_sql = "";
}
/* Update the original ticket */
$new_status = empty($_POST['close']) ? 2 : 3;
/* --> If a ticket is locked keep it closed */
if ($ticket['locked']) {
$new_status = 3;
}
$sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$new_status}', `lastreplier`='1', `replierid`='" . intval($_SESSION['id']) . "' ";
/* Update time_worked or force update lastchange */
if ($time_worked == '00:00:00') {
$sql .= ", `lastchange` = NOW() ";
} else {
$sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
}
if (!empty($_POST['assign_self']) && hesk_checkPermission('can_assign_self', 0)) {
$revision = sprintf($hesklang['thist2'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
}
$sql .= " {$priority_sql} ";
if ($new_status == 3) {
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
if ($hesk_settings['custopen'] != 1) {
$sql .= " , `locked`='1' ";
}
}
$sql .= " WHERE `id`='{$replyto}' LIMIT 1";
hesk_dbQuery($sql);
unset($sql);
/* Update number of replies in the users table */
<option value="untag"><?php
echo $hesklang['remove_archive_quick'];
?>
</option>
<?php
}
if (!defined('HESK_DEMO')) {
if (hesk_checkPermission('can_merge_tickets', 0)) {
?>
<option value="merge"><?php
echo $hesklang['mer_selected'];
?>
</option>
<?php
}
if (hesk_checkPermission('can_del_tickets', 0)) {
?>
<option value="delete"><?php
echo $hesklang['del_selected'];
?>
</option>
<?php
}
}
// End demo
?>
</select>
<input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
" />
<td> </td>
';
}
}
if (hesk_checkPermission('can_run_reports', 0)) {
echo '
<td><a href="reports.php"><img src="../img/ico_reports.gif" width="26" height="26" border="0" alt="' . $hesklang['reports'] . '" title="' . $hesklang['reports'] . '" /><br />' . $hesklang['reports'] . '</a><br /><img src="../img/blank.gif" width="50" height="1" alt="" /></td>
<td> </td>
';
} elseif (hesk_checkPermission('can_export', 0)) {
echo '
<td><a href="export.php"><img src="../img/ico_reports.gif" width="26" height="26" border="0" alt="' . $hesklang['reports'] . '" title="' . $hesklang['reports'] . '" /><br />' . $hesklang['reports'] . '</a><br /><img src="../img/blank.gif" width="50" height="1" alt="" /></td>
<td> </td>
';
}
if (hesk_checkPermission('can_man_settings', 0)) {
echo '
<td><a href="admin_settings.php"><img src="../img/ico_settings.gif" width="26" height="26" border="0" alt="' . $hesklang['settings'] . '" title="' . $hesklang['settings'] . '" /><br />' . $hesklang['settings'] . '</a><br /><img src="../img/blank.gif" width="50" height="1" alt="" /></td>
<td> </td>
';
}
?>
<td><a href="profile.php"><img src="../img/ico_profile.gif" width="26" height="26" border="0" alt="<?php
echo $hesklang['menu_profile'];
?>
" title="<?php
echo $hesklang['menu_profile'];
?>
" /><br /><?php
echo $hesklang['menu_profile'];
$res = hesk_dbQuery("SELECT `name`,`isadmin`,`categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id`='{$tmpvar['owner']}' LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
$row = hesk_dbFetchAssoc($res);
if (!$row['isadmin']) {
$row['categories'] = explode(',', $row['categories']);
if (!in_array($tmpvar['category'], $row['categories'])) {
$_SESSION['isnotice'][] = 'category';
$hesk_error_buffer['owner'] = $hesklang['onasc'];
}
}
} else {
$_SESSION['isnotice'][] = 'category';
$hesk_error_buffer['owner'] = $hesklang['onasc'];
}
}
} elseif (hesk_checkPermission('can_assign_self', 0) && hesk_okCategory($tmpvar['category'], 0) && !empty($_POST['assing_to_self'])) {
$tmpvar['owner'] = intval($_SESSION['id']);
}
// Notify customer of the ticket?
$notify = !empty($_POST['notify']) ? 1 : 0;
// Show ticket after submission?
$show = !empty($_POST['show']) ? 1 : 0;
// Attachments
if ($hesk_settings['attachments']['use']) {
require_once HESK_PATH . 'inc/attachments.inc.php';
$attachments = array();
$trackingID = $tmpvar['trackid'];
for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
$att = hesk_uploadFile($i);
if ($att !== false && !empty($att)) {
$attachments[$i] = $att;
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
/* A security check */
hesk_token_check('POST');
/* Ticket ID */
$trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']);
$priority = intval(hesk_POST('priority'));
if ($priority < 0 || $priority > 3) {
hesk_process_messages($hesklang['inpr'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'NOTICE');
}
$options = array(0 => '<font class="critical">' . $hesklang['critical'] . '</font>', 1 => '<font class="important">' . $hesklang['high'] . '</font>', 2 => '<font class="medium">' . $hesklang['medium'] . '</font>', 3 => $hesklang['low']);
$revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['inpr'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'NOTICE');
}
hesk_process_messages(sprintf($hesklang['chpri2'], $options[$priority]), 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
function import_article()
{
global $hesk_settings, $hesklang, $listBox;
$_SESSION['hide'] = array('treemenu' => 1, 'new_category' => 1);
$_SESSION['KB_CATEGORY'] = 1;
// Get ticket ID
$trackingID = hesk_cleanID();
if (empty($trackingID)) {
return false;
}
// Get ticket info
$res = hesk_dbQuery("SELECT `id`,`category`,`subject`,`message`,`owner` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
return false;
}
$ticket = hesk_dbFetchAssoc($res);
// Permission to view this ticket?
if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) {
return false;
}
if (!$ticket['owner'] && !hesk_checkPermission('can_view_unassigned', 0)) {
return false;
}
// Is this user allowed to view tickets inside this category?
if (!hesk_okCategory($ticket['category'], 0)) {
return false;
}
// Set article contents
if ($hesk_settings['kb_wysiwyg']) {
// With WYSIWYG editor
$_SESSION['new_article'] = array('html' => 1, 'subject' => $ticket['subject'], 'content' => hesk_htmlspecialchars($ticket['message']));
} else {
// Without WYSIWYG editor *
$_SESSION['new_article'] = array('html' => 0, 'subject' => $ticket['subject'], 'content' => hesk_msgToPlain($ticket['message']));
}
// Get messages from replies to the ticket
$res = hesk_dbQuery("SELECT `message` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `replyto`='" . intval($ticket['id']) . "' ORDER BY `id` ASC");
while ($reply = hesk_dbFetchAssoc($res)) {
if ($hesk_settings['kb_wysiwyg']) {
$_SESSION['new_article']['content'] .= "<br /><br />" . hesk_htmlspecialchars($reply['message']);
} else {
$_SESSION['new_article']['content'] .= "\n\n" . hesk_msgToPlain($reply['message']);
}
}
hesk_process_messages($hesklang['import'], 'NOREDIRECT', 'NOTICE');
}
if (is_dir(HESK_PATH . 'install')) {
die('Please delete the <b>install</b> folder from your server for security reasons then refresh this page!');
}
// Get all the required files and functions
require HESK_PATH . 'hesk_settings.inc.php';
// Save the default language for the settings page before choosing user's preferred one
$hesk_settings['language_default'] = $hesk_settings['language'];
require HESK_PATH . 'inc/common.inc.php';
$hesk_settings['language'] = $hesk_settings['language_default'];
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
// Check permissions for this feature
hesk_checkPermission('can_man_settings');
// Test languages function
if (isset($_GET['test_languages'])) {
hesk_testLanguage(0);
}
$help_folder = '../language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/help_files/';
$enable_save_settings = 0;
$enable_use_attachments = 0;
$server_time = date('H:i', strtotime(hesk_date()));
// Print header
require_once HESK_PATH . 'inc/header.inc.php';
// Print main manage users page
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
// Demo mode? Hide values of sensitive settings
if (defined('HESK_DEMO')) {
$hesk_settings['db_host'] = $hesklang['hdemo'];
if ($hesk_settings['autoassign']) {
echo '<option value="-2"> > ' . $hesklang['aass'] . ' < </option>';
}
$owner = isset($_SESSION['as_owner']) ? intval($_SESSION['as_owner']) : 0;
foreach ($admins as $k => $v) {
if ($k == $owner) {
echo '<option value="' . $k . '" selected="selected">' . $v . '</option>';
} else {
echo '<option value="' . $k . '">' . $v . '</option>';
}
}
?>
</select></label>
</div>
<?php
} elseif (hesk_checkPermission('can_assign_self', 0)) {
$checked = !isset($_SESSION['as_owner']) || !empty($_SESSION['as_owner']) ? 'checked="checked"' : '';
?>
<div class="form-inline">
<span><b><?php
echo $hesklang['owner'];
?>
:</b></span>
<label><input class="contact-newTicket" type="checkbox" name="assing_to_self" value="1" <?php
echo $checked;
?>
/> <?php
echo $hesklang['asss2'];
?>
</label>
</div>
</td>
</tr>
<tr>
<td>
<!-- TABS -->
<div id="tab1" class="tabberlive" style="margin-top:0px">
<ul class="tabbernav">
<?php
// Show a link to banned_emails.php if user has permission to do so
if (hesk_checkPermission('can_ban_emails', 0)) {
echo '<li class=""><a title="' . $hesklang['banemail'] . '" href="banned_emails.php">' . $hesklang['banemail'] . '</a></li> ';
}
if (hesk_checkPermission('can_ban_ips', 0)) {
echo '<li class=""><a title="' . $hesklang['banip'] . '" href="banned_ips.php">' . $hesklang['banip'] . '</a></li> ';
}
?>
<li class="tabberactive"><a title="<?php
echo $hesklang['sm_title'];
?>
" href="javascript:void(null);" onclick="javascript:alert('<?php
echo hesk_makeJsString($hesklang['sm_intro']);
?>
')"><?php
echo $hesklang['sm_title'];
?>
[?]</a></li>
</ul>
function hesk_ticketsByUser()
{
global $hesk_settings, $hesklang, $date_from, $date_to;
// Some variables we will need
$tickets = array();
$totals = array('asstickets' => 0, 'resolved' => 0, 'tickets' => 0, 'replies' => 0, 'worked' => 0);
// Get list of users
$admins = array();
// I. ADMINISTRATORS can view all users
if ($_SESSION['isadmin'] || hesk_checkPermission('can_run_reports_full', 0)) {
// -> get list of users
$res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `name` ASC");
// -> populate $admins and $tickets arrays
while ($row = hesk_dbFetchAssoc($res)) {
$admins[$row['id']] = $row['name'];
$tickets[$row['id']] = array('asstickets' => 0, 'resolved' => 0, 'tickets' => 0, 'replies' => 0, 'worked' => '');
}
// -> get list of tickets
$res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt`" . ($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '') . " FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins)) . "') AND {$hesk_settings['dt_sql']} GROUP BY `owner`");
// -> update ticket list values
while ($row = hesk_dbFetchAssoc($res)) {
if (!$hesk_settings['time_worked']) {
$row['seconds_worked'] = 0;
}
$tickets[$row['owner']]['asstickets'] += $row['cnt'];
$totals['asstickets'] += $row['cnt'];
$tickets[$row['owner']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0;
$totals['worked'] += $row['seconds_worked'];
}
// -> get list of resolved tickets
$res = hesk_dbQuery("SELECT `owner`, COUNT(*) AS `cnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `owner` IN ('" . implode("','", array_keys($admins)) . "') AND `status`='3' AND {$hesk_settings['dt_sql']} GROUP BY `owner`");
// -> update resolved ticket list values
while ($row = hesk_dbFetchAssoc($res)) {
$tickets[$row['owner']]['resolved'] += $row['cnt'];
$totals['resolved'] += $row['cnt'];
}
// -> get number of replies
$res = hesk_dbQuery("SELECT `staffid`, COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `staffid` IN ('" . implode("','", array_keys($admins)) . "') AND {$hesk_settings['dt_sql']} GROUP BY `staffid`");
// -> update number of replies values
while ($row = hesk_dbFetchAssoc($res)) {
$tickets[$row['staffid']]['tickets'] += $row['tcnt'];
$tickets[$row['staffid']]['replies'] += $row['cnt'];
$totals['tickets'] += $row['tcnt'];
$totals['replies'] += $row['cnt'];
}
} else {
$admins[$_SESSION['id']] = $_SESSION['name'];
// -> get list of tickets
$res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`" . ($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '') . " FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND {$hesk_settings['dt_sql']}");
$row = hesk_dbFetchAssoc($res);
// -> update ticket values
$tickets[$_SESSION['id']]['asstickets'] = $row['cnt'];
$totals['asstickets'] = $row['cnt'];
$tickets[$_SESSION['id']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0;
$totals['worked'] += $row['seconds_worked'];
// -> get list of resolved tickets
$res = hesk_dbQuery("SELECT COUNT(*) AS `cnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `owner` = '" . intval($_SESSION['id']) . "' AND `status`='3' AND {$hesk_settings['dt_sql']}");
$row = hesk_dbFetchAssoc($res);
// -> update resolved ticket values
$tickets[$_SESSION['id']]['resolved'] = $row['cnt'];
$totals['resolved'] = $row['cnt'];
// -> get number of replies
$res = hesk_dbQuery("SELECT COUNT(*) AS `cnt`, COUNT(DISTINCT `replyto`) AS `tcnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `staffid` = '" . intval($_SESSION['id']) . "' AND {$hesk_settings['dt_sql']}");
$row = hesk_dbFetchAssoc($res);
$tickets[$_SESSION['id']]['tickets'] = $row['tcnt'];
$tickets[$_SESSION['id']]['replies'] = $row['cnt'];
$totals['tickets'] = $row['tcnt'];
$totals['replies'] = $row['cnt'];
}
// Convert total seconds worked to HH:MM:SS
$totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0;
?>
<table width="100%" cellpadding="5" style="text-align:justify;border-collapse:collapse;padding:10px;">
<tr style="border-bottom:1px solid #000000;">
<td><?php
echo $hesklang['user'];
?>
</td>
<td><?php
echo $hesklang['ticass'];
?>
</td>
<td><?php
echo $hesklang['topen'];
?>
</td>
<td><?php
echo $hesklang['closed'];
?>
</td>
<td><?php
echo $hesklang['ticall'];
?>
</td>
<td><?php
echo $hesklang['replies'];
?>
</td>
<?php
if ($hesk_settings['time_worked']) {
echo '<td>' . $hesklang['ts'] . '</td>';
}
?>
</tr>
<?php
$num_tickets = count($tickets);
if ($num_tickets > 10) {
?>
<tr style="border-bottom:1px solid #000000;">
<td><b><?php
echo $hesklang['totals'];
?>
</b></td>
<td><b><?php
echo $totals['asstickets'];
?>
</b></td>
<td><b><?php
echo $totals['asstickets'] - $totals['resolved'];
?>
</b></td>
<td><b><?php
echo $totals['resolved'];
?>
</b></td>
<td><b><?php
echo $totals['tickets'];
?>
</b></td>
<td><b><?php
echo $totals['replies'];
?>
</b></td>
<?php
if ($hesk_settings['time_worked']) {
echo '<td><b>' . $totals['worked'] . '</b></td>';
}
?>
</tr>
<?php
}
$cls = '';
foreach ($tickets as $k => $d) {
$cls = $cls ? '' : 'style="background:#EEEEE8;"';
?>
<tr <?php
echo $cls;
?>
>
<td><?php
echo $admins[$k];
?>
</td>
<td><?php
echo $d['asstickets'];
?>
</td>
<td><?php
echo $d['asstickets'] - $d['resolved'];
?>
</td>
<td><?php
echo $d['resolved'];
?>
</td>
<td><?php
echo $d['tickets'];
?>
</td>
<td><?php
echo $d['replies'];
?>
</td>
<?php
if ($hesk_settings['time_worked']) {
echo '<td>' . $d['worked'] . '</td>';
}
?>
</tr>
<?php
}
?>
<tr style="border-top:1px solid #000000;">
<td><b><?php
echo $hesklang['totals'];
?>
</b></td>
<td><b><?php
echo $totals['asstickets'];
?>
</b></td>
<td><b><?php
echo $totals['asstickets'] - $totals['resolved'];
?>
</b></td>
<td><b><?php
echo $totals['resolved'];
?>
</b></td>
<td><b><?php
echo $totals['tickets'];
?>
</b></td>
<td><b><?php
echo $totals['replies'];
?>
</b></td>
<?php
if ($hesk_settings['time_worked']) {
echo '<td><b>' . $totals['worked'] . '</b></td>';
}
?>
</tr>
</table>
<p> </p>
<?php
}
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
require_once HESK_PATH . 'inc/knowledgebase_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Is Knowledgebase enabled? */
if (!$hesk_settings['kb_enable']) {
hesk_error($hesklang['kbdis']);
}
/* Can this user manage Knowledgebase or just view it? */
$can_man_kb = hesk_checkPermission('can_man_kb', 0);
/* Any category ID set? */
$catid = intval(hesk_GET('category', 1));
$artid = intval(hesk_GET('article', 0));
if (isset($_GET['search'])) {
$query = hesk_input(hesk_GET('search'));
} else {
$query = 0;
}
$hesk_settings['kb_link'] = $artid || $catid != 1 || $query ? '<a href="knowledgebase_private.php" class="smaller">' . $hesklang['gopr'] . '</a>' : ($can_man_kb ? $hesklang['gopr'] : '');
if ($hesk_settings['kb_search'] && $query) {
hesk_kb_search($query);
} elseif ($artid) {
// Show drafts only to staff who can manage knowledgebase
if ($can_man_kb) {
$result = hesk_dbQuery("SELECT t1.*, t2.`name` AS `cat_name`\n\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\n\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\n\t\tWHERE `t1`.`id` = '{$artid}'\n\t\t");
}
/* Verify the new owner and permissions */
$res = hesk_dbQuery("SELECT `id`,`user`,`name`,`email`,`isadmin`,`categories`,`notify_assigned` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id`='{$owner}' LIMIT 1");
$row = hesk_dbFetchAssoc($res);
/* Has new owner access to the category? */
if (!$row['isadmin']) {
$row['categories'] = explode(',', $row['categories']);
if (!in_array($ticket['category'], $row['categories'])) {
hesk_error($hesklang['unoa']);
}
}
/* Assigning to self? */
if ($can_assign_others || $owner == $_SESSION['id'] && $can_assign_self) {
$revision = sprintf($hesklang['thist2'], hesk_date(), $row['name'] . ' (' . $row['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`={$owner} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if ($owner != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0)) {
$_SERVER['PHP_SELF'] = 'admin_main.php';
}
} else {
hesk_error($hesklang['no_permission']);
}
$ticket['owner'] = $owner;
/* --> Prepare message */
// 1. Generate the array with ticket info that can be used in emails
$info = array('email' => $ticket['email'], 'category' => $ticket['category'], 'priority' => $ticket['priority'], 'owner' => $ticket['owner'], 'trackid' => $ticket['trackid'], 'status' => $ticket['status'], 'name' => $ticket['name'], 'lastreplier' => $ticket['lastreplier'], 'subject' => $ticket['subject'], 'message' => $ticket['message'], 'attachments' => $ticket['attachments'], 'dt' => hesk_date($ticket['dt'], true), 'lastchange' => hesk_date($ticket['lastchange'], true), 'id' => $ticket['id']);
// 2. Add custom fields to the array
foreach ($hesk_settings['custom_fields'] as $k => $v) {
$info[$k] = $v['use'] ? $ticket[$k] : '';
}
// 3. Make sure all values are properly formatted for email
$ticket = hesk_ticketToPlain($info, 1, 0);
