function hesk_show_kb_category($catid, $is_search = 0)
{
global $hesk_settings, $hesklang;
$res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1");
$thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
if ($is_search == 0) {
/* Print header */
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . hesk_htmlspecialchars($thiscat['name']);
require_once HESK_PATH . 'inc/header.inc.php';
hesk_kb_header($hesk_settings['kb_link']);
}
// If we are in "Knowledgebase only" mode show system messages
if ($catid == 1 && hesk_check_kb_only(false)) {
// Service messages
$res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `type`='0' ORDER BY `order` ASC");
while ($sm = hesk_dbFetchAssoc($res)) {
hesk_service_message($sm);
}
}
if ($thiscat['parent']) {
$link = $thiscat['parent'] == 1 ? 'knowledgebase.php' : 'knowledgebase.php?category=' . $thiscat['parent'];
echo '<h3 class="text-left"><a href="javascript:history.go(-1)"><i class="fa fa-arrow-circle-left" data-toggle="tooltip" data-placement="top" title="' . $hesklang['back'] . '"></i></a> ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . ' </h3>
<div class="footerWithBorder blankSpace"></div>
<div class="blankSpace"></div>
';
}
$result = hesk_dbQuery("SELECT `id`,`name`,`articles` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `cat_order` ASC");
if (hesk_dbNumRows($result) > 0) {
?>
<div class="panel panel-default">
<div class="panel-heading">
<h4 class="text-left"><?php
echo $hesklang['kb_cat_sub'];
?>
</h4>
</div>
<table class="table table-striped">
<?php
$per_col = $hesk_settings['kb_cols'];
$i = 1;
while ($cat = hesk_dbFetchAssoc($result)) {
if ($i == 1) {
echo '<tr>';
}
echo '
<td width="50%" valign="top">
<table border="0">
<tr><td><i class="fa fa-folder"></i> <a href="knowledgebase.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a></td></tr>
';
/* Print most popular/sticky articles */
if ($hesk_settings['kb_numshow'] && $cat['articles']) {
$res = hesk_dbQuery("SELECT `id`,`subject`, `sticky` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$cat['id']}' AND `type`='0' ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
$num = 1;
while ($art = hesk_dbFetchAssoc($res)) {
$icon = 'glyphicon glyphicon-file';
$style = '';
if ($art['sticky']) {
$icon = 'glyphicon glyphicon-pushpin';
$style = 'style="color: #FF0000"';
}
echo '
<tr>
<td ' . $style . '> <span class="' . $icon . '"></span>
<a href="knowledgebase.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a></td>
</tr>';
if ($num == $hesk_settings['kb_numshow']) {
break;
} else {
$num++;
}
}
if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
echo '<tr><td>» <a href="knowledgebase.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
}
}
echo '
</table>
</td>
';
if ($i == $per_col) {
echo '</tr>';
$i = 0;
}
$i++;
}
/* Finish the table if needed */
if ($i != 1) {
for ($j = 1; $j <= $per_col; $j++) {
echo '<td width="50%"> </td>';
if ($i == $per_col) {
echo '</tr>';
break;
}
$i++;
}
}
?>
</table>
</div>
<?php
}
// END if NumRows > 0
?>
<div class="panel panel-default">
<div class="panel-heading">
<h4 class="text-left"><?php
echo $hesklang['ac_no_colon'];
?>
</h4>
</div>
<table class="table table-striped">
<tbody>
<?php
$res = hesk_dbQuery("SELECT `id`, `subject`, `sticky`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' AND `type`='0' ORDER BY `sticky` DESC, `art_order` ASC");
if (hesk_dbNumRows($res) == 0) {
echo '<tr><td><i>' . $hesklang['noac'] . '</i></td></tr>';
} else {
while ($article = hesk_dbFetchAssoc($res)) {
$icon = 'fa fa-file';
$color = '';
$style = '';
$txt = hesk_kbArticleContentPreview($article['content']);
if ($article['sticky']) {
$icon = 'glyphicon glyphicon-pushpin';
$style = 'style="color: #FF0000"';
}
if ($hesk_settings['kb_rating']) {
$alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
$rat = '<td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /></td>';
} else {
$rat = '';
}
echo '
<tr>
<td>
<i class="' . $icon . '" ' . $style . '></i>
<a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>
<br>
<span class="indent-15">' . $txt . '</span>
</td>
' . $rat . '
</tr>';
}
}
?>
</tbody>
</table>
</div>
<?php
/* On the main KB page print out top and latest articles if needed */
if ($catid == 1) {
/* Get list of top articles */
hesk_kbTopArticles($hesk_settings['kb_popart'], 0);
/* Get list of latest articles */
hesk_kbLatestArticles($hesk_settings['kb_latest'], 0);
}
hesk_kbFooter();
}
hesk_session_start();
/* Get the tracking ID */
$trackingID = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}");
/* Connect to database */
hesk_dbConnect();
// Perform additional checks for customers
if (empty($_SESSION['id'])) {
// Are we in maintenance mode?
hesk_check_maintenance();
// Verify email address match
hesk_verifyEmailMatch($trackingID);
}
/* Get ticket info */
$res = hesk_dbQuery("SELECT `t1`.* , `t2`.name AS `repliername`\n\t\t\t\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` AS `t1` LEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` AS `t2` ON `t1`.`replierid` = `t2`.`id`\n\t\t\t\t\tWHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($res);
// Demo mode
if (defined('HESK_DEMO')) {
$ticket['email'] = '*****@*****.**';
$ticket['ip'] = '127.0.0.1';
}
/* Get category name and ID */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='{$ticket['category']}' LIMIT 1");
/* If this category has been deleted use the default category with ID 1 */
if (hesk_dbNumRows($res) != 1) {
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1");
}
$category = hesk_dbFetchAssoc($res);
/* Get replies */
function hesk_checkPermission($feature, $showerror = 1)
{
global $hesklang;
/* Admins have full access to all features */
if (isset($_SESSION['isadmin']) && $_SESSION['isadmin']) {
return true;
}
/* Check other staff for permissions */
if (isset($_SESSION['heskprivileges']) && strpos($_SESSION['heskprivileges'], $feature) === false) {
if ($showerror) {
hesk_error($hesklang['no_permission'] . '<p> </p><p align="center"><a href="index.php">' . $hesklang['click_login'] . '</a>');
} else {
return false;
}
} else {
return true;
}
}
// Do we have the export directory?
if (is_dir($export_dir) || @mkdir($export_dir, 0777) && is_writable($export_dir)) {
// Cleanup old files
$files = glob($export_dir . '*', GLOB_NOSORT);
if (is_array($files) && count($files)) {
foreach ($files as $file) {
hesk_unlink($file, 86400);
}
}
} else {
hesk_error($hesklang['ede']);
}
// Make sure the file can be saved and written to
@file_put_contents($save_to, '');
if (!file_exists($save_to)) {
hesk_error($hesklang['eef']);
}
// Start generating the report message and generating the export
$flush_me = '<br /><br />';
$flush_me .= hesk_date() . " | {$hesklang['inite']} ";
if ($date_from == $date_to) {
$flush_me .= "(" . hesk_dateToString($date_from, 0) . ")<br />\n";
} else {
$flush_me .= "(" . hesk_dateToString($date_from, 0) . " - " . hesk_dateToString($date_to, 0) . ")<br />\n";
}
// Start generating file contents
$tmp = '<?xml version="1.0" encoding="UTF-8"?>
<?mso-application progid="Excel.Sheet"?>
<Workbook xmlns="urn:schemas-microsoft-com:office:spreadsheet"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:x="urn:schemas-microsoft-com:office:excel"
function toggle_type()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']);
$_SESSION['selcat2'] = $catid;
if (intval(hesk_GET('s'))) {
$type = 1;
$tmp = $hesklang['cpriv'];
} else {
$type = 0;
$tmp = $hesklang['cpub'];
}
/* Update auto-assign settings */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php');
}
hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS');
}
function hesk_dbQuery($query)
{
global $hesk_last_query;
global $hesk_db_link;
global $hesklang, $hesk_settings;
if (!$hesk_db_link && !hesk_dbConnect()) {
return false;
}
$hesk_last_query = $query;
#echo "<p>EXPLAIN $query</p>\n";
if ($res = @mysqli_query($hesk_db_link, $query)) {
return $res;
} elseif ($hesk_settings['debug_mode']) {
hesk_error("{$hesklang['cant_sql']}: {$query}</p><p>{$hesklang['mysql_said']}:<br />" . mysqli_error($hesk_db_link) . "</p>");
} else {
hesk_error("{$hesklang['cant_sql']}</p><p>{$hesklang['contact_webmsater']} <a href=\"mailto:{$hesk_settings['webmaster_mail']}\">{$hesk_settings['webmaster_mail']}</a></p>");
}
}
// Get ticket info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
$ticket['dt'] = hesk_date($ticket['dt'], true);
$ticket['lastchange'] = hesk_date($ticket['lastchange'], true);
$ticket = hesk_ticketToPlain($ticket, 1, 0);
// Notify customer
require HESK_PATH . 'inc/email_functions.inc.php';
hesk_notifyCustomer('ticket_closed');
}
// Log who marked the ticket resolved
$closedby_sql = ' , `closedat`=NOW(), `closedby`=' . intval($_SESSION['id']) . ' ';
} elseif ($status == 1 || $status == 2 || $status == 4 || $status == 5) {
$action = sprintf($hesklang['tsst'], $status_options[$status]);
$revision = sprintf($hesklang['thist9'], hesk_date(), $status_options[$status], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
} else {
$action = $hesklang['ticket_been'] . ' ' . $hesklang['opened'];
$revision = sprintf($hesklang['thist4'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
// Ticket is not resolved
$closedby_sql = ' , `closedat`=NULL, `closedby`=NULL ';
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' {$closedby_sql} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_error("{$hesklang['int_error']}: {$hesklang['trackID_not_found']}.");
}
hesk_process_messages($action, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');
function hesk_session_start()
{
session_name('HESK' . sha1(dirname(__FILE__) . '$r^k*Zkq|w1(G@!-D?3%'));
session_cache_limiter('nocache');
if (@session_start()) {
if (!isset($_SESSION['token'])) {
$_SESSION['token'] = hesk_token_hash();
}
header('P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"');
return true;
} else {
global $hesk_settings, $hesklang;
hesk_error("{$hesklang['no_session']} {$hesklang['contact_webmaster']} {$hesk_settings['webmaster_mail']}");
}
}
}
$file = hesk_dbFetchAssoc($res);
// Is ticket ID valid for this attachment?
if ($file['ticket_id'] != $tic_id) {
hesk_error($hesklang['trackID_not_found']);
}
// Verify email address match if needed
if (empty($_SESSION['id'])) {
hesk_verifyEmailMatch($tic_id);
}
}
// Path of the file on the server
$realpath = $hesk_settings['attach_dir'] . '/' . $file['saved_name'];
// Perhaps the file has been deleted?
if (!file_exists($realpath)) {
hesk_error($hesklang['attdel']);
}
// Send the file as an attachment to prevent malicious code from executing
header("Pragma: ");
# To fix a bug in IE when running https
header("Cache-Control: ");
# To fix a bug in IE when running https
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . $file['size']);
header('Content-Disposition: attachment; filename=' . $file['real_name']);
// For larger files use chunks, smaller ones can be read all at once
$chunksize = 1048576;
// = 1024 * 1024 (1 Mb)
if ($file['size'] > $chunksize) {
$handle = fopen($realpath, 'rb');
$m = intval(hesk_POST('m'));
$s = intval(hesk_POST('s'));
/* Get time worked in proper format */
$time_worked = hesk_getTime($h . ':' . $m . ':' . $s);
/* Update database */
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
/* Show ticket */
hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete attachment action */
if (isset($_GET['delatt']) && hesk_token_check()) {
if (!$can_delete || !$can_edit) {
hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']);
$reply = intval(hesk_GET('reply', 0));
if ($reply < 1) {
$reply = 0;
}
$note = intval(hesk_GET('note', 0));
if ($note < 1) {
$note = 0;
}
/* Get attachment info */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att = hesk_dbFetchAssoc($res);
/* Is ticket ID valid for this attachment? */
function hesk_show_kb_category($catid, $is_search = 0)
{
global $hesk_settings, $hesklang;
$res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='{$catid}' AND `type`='0' LIMIT 1");
$thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
if ($is_search == 0) {
/* Print header */
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . hesk_htmlspecialchars($thiscat['name']);
require_once HESK_PATH . 'inc/header.inc.php';
hesk_kb_header($hesk_settings['kb_link']);
// If we are in "Knowledgebase only" mode show system messages
if ($catid == 1 && hesk_check_kb_only(false)) {
// Service messages
$res = hesk_dbQuery('SELECT `title`, `message`, `style` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `type`='0' ORDER BY `order` ASC");
while ($sm = hesk_dbFetchAssoc($res)) {
hesk_service_message($sm);
}
}
}
if ($thiscat['parent']) {
$link = $thiscat['parent'] == 1 ? 'knowledgebase.php' : 'knowledgebase.php?category=' . $thiscat['parent'];
echo '<span class="homepageh3">» ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</span>
(<a href="javascript:history.go(-1)">' . $hesklang['back'] . '</a>)
';
}
$result = hesk_dbQuery("SELECT `id`,`name`,`articles` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='{$catid}' AND `type`='0' ORDER BY `cat_order` ASC");
if (hesk_dbNumRows($result) > 0) {
?>
<p>» <b><?php
echo $hesklang['kb_cat_sub'];
?>
:</b></p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornerstop"></td>
<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
<td class="roundcornersleft"> </td>
<td>
<table border="0" cellspacing="1" cellpadding="3" width="100%">
<?php
$per_col = $hesk_settings['kb_cols'];
$i = 1;
while ($cat = hesk_dbFetchAssoc($result)) {
if ($i == 1) {
echo '<tr>';
}
echo '
<td width="50%" valign="top">
<table border="0">
<tr><td><img src="img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a></td></tr>
';
/* Print most popular/sticky articles */
if ($hesk_settings['kb_numshow'] && $cat['articles']) {
$res = hesk_dbQuery("SELECT `id`,`subject` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$cat['id']}' AND `type`='0' ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
$num = 1;
while ($art = hesk_dbFetchAssoc($res)) {
echo '
<tr>
<td><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" />
<a href="knowledgebase.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a></td>
</tr>';
if ($num == $hesk_settings['kb_numshow']) {
break;
} else {
$num++;
}
}
if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
echo '<tr><td>» <a href="knowledgebase.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
}
}
echo '
</table>
</td>
';
if ($i == $per_col) {
echo '</tr>';
$i = 0;
}
$i++;
}
/* Finish the table if needed */
if ($i != 1) {
for ($j = 1; $j <= $per_col; $j++) {
echo '<td width="50%"> </td>';
if ($i == $per_col) {
echo '</tr>';
break;
}
$i++;
}
}
?>
</table>
</td>
<td class="roundcornersright"> </td>
</tr>
<tr>
<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornersbottom"></td>
<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>
<?php
}
// END if NumRows > 0
?>
<p>» <b><?php
echo $hesklang['ac'];
?>
</b></p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornerstop"></td>
<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
<td class="roundcornersleft"> </td>
<td>
<?php
$res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' AND `type`='0' ORDER BY `sticky` DESC, `art_order` ASC");
if (hesk_dbNumRows($res) == 0) {
echo '<p><i>' . $hesklang['noac'] . '</i></p>';
} else {
echo '<div align="center"><table border="0" cellspacing="1" cellpadding="3" width="100%">';
while ($article = hesk_dbFetchAssoc($res)) {
$txt = hesk_kbArticleContentPreview($article['content']);
if ($hesk_settings['kb_rating']) {
$alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
$rat = '<td width="1" valign="top"><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /></td>';
} else {
$rat = '';
}
echo '
<tr>
<td>
<table border="0" width="100%" cellspacing="0" cellpadding="1">
<tr>
<td width="1" valign="top"><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
<td valign="top"><a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a></td>
' . $rat . '
</tr>
</table>
<table border="0" width="100%" cellspacing="0" cellpadding="1">
<tr>
<td width="1" valign="top"><img src="img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td>
<td><span class="article_list">' . $txt . '</span></td>
</tr>
</table>
</td>
</tr>';
}
echo '</table></div>';
}
?>
</td>
<td class="roundcornersright"> </td>
</tr>
<tr>
<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornersbottom"></td>
<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>
<?php
/* On the main KB page print out top and latest articles if needed */
if ($catid == 1) {
/* Get list of top articles */
hesk_kbTopArticles($hesk_settings['kb_popart'], 0);
/* Get list of latest articles */
hesk_kbLatestArticles($hesk_settings['kb_latest'], 0);
}
}
function remove_contract()
{
global $hesk_settings, $hesklang;
hesk_token_check();
$_SERVER['PHP_SELF'] = 'contracts.php#tab_edit-cont';
$con = intval(hesk_GET('id'));
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "contracts` WHERE NOT EXISTS\n\t(SELECT NULL FROM`" . hesk_dbEscape($hesk_settings['db_pfix']) . "contractforclient` as `cc` WHERE `cc`.`contract_Id`='" . intval($con) . "') && `id`='" . intval($con) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_error("{$hesklang['con_req']}.");
}
hesk_process_messages($hesklang['con_removed_db'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
#############################
# DO NOT EDIT BELOW #
#############################
$hesk_settings[\'hesk_version\']=\'' . $set['hesk_version'] . '\';
if ($hesk_settings[\'debug_mode\'])
{
error_reporting(E_ALL);
}
else
{
error_reporting(0);
}
if (!defined(\'IN_SCRIPT\')) {die(\'Invalid attempt!\');}';
// Write to the settings file
if (!file_put_contents(HESK_PATH . 'hesk_settings.inc.php', $settings_file_content)) {
hesk_error($hesklang['err_openset']);
}
// Any settings problems?
$tmp = array();
if (!$smtp_OK) {
$tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['sme'] . ':</span> ' . $smtp_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'smtplog\')">' . $hesklang['scl'] . '</a><div id="smtplog" style="display:none"> <br /><textarea name="log" rows="10" cols="60">' . $smtp_log . '</textarea></div>';
}
if (!$pop3_OK) {
$tmp[] = '<span style="color:red; font-weight:bold">' . $hesklang['pop3e'] . ':</span> ' . $pop3_error . '<br /><br /><a href="Javascript:void(0)" onclick="Javascript:hesk_toggleLayerDisplay(\'pop3log\')">' . $hesklang['pop3log'] . '</a><div id="pop3log" style="display:none"> <br /><textarea name="log" rows="10" cols="60">' . $pop3_log . '</textarea></div>';
}
// Show the settings page and display any notices or success
if (count($tmp)) {
$errors = implode('<br /><br />', $tmp);
hesk_process_messages($hesklang['sns'] . '<br /><br />' . $errors, 'admin_settings.php', 'NOTICE');
} else {
hesk_process_messages($hesklang['set_were_saved'], 'admin_settings.php', 'SUCCESS');
function hesk_getEmailMessage($eml_file, $ticket, $is_admin = 0, $is_ticket = 1, $just_message = 0)
{
global $hesk_settings, $hesklang;
// Demo mode
if (defined('HESK_DEMO')) {
return '';
}
/* Get list of valid emails */
$valid_emails = hesk_validEmails();
/* Verify this is a valid email include */
if (!isset($valid_emails[$eml_file])) {
hesk_error($hesklang['inve']);
}
/* Get email template */
$eml_file = 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/emails/' . $eml_file . '.txt';
if (file_exists(HESK_PATH . $eml_file)) {
$msg = file_get_contents(HESK_PATH . $eml_file);
} else {
hesk_error($hesklang['emfm'] . ': ' . $eml_file);
}
/* Return just the message without any processing? */
if ($just_message) {
return $msg;
}
// Convert any entities in site title to plain text
$hesk_settings['site_title'] = hesk_msgToPlain($hesk_settings['site_title'], 1);
/* If it's not a ticket-related mail (like "a new PM") just process quickly */
if (!$is_ticket) {
$trackingURL = $hesk_settings['hesk_url'] . '/' . $hesk_settings['admin_dir'] . '/mail.php?a=read&id=' . intval($ticket['id']);
$msg = str_replace('%%NAME%%', $ticket['name'], $msg);
$msg = str_replace('%%SUBJECT%%', $ticket['subject'], $msg);
$msg = str_replace('%%TRACK_URL%%', $trackingURL, $msg);
$msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
$msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
if (isset($ticket['message'])) {
return str_replace('%%MESSAGE%%', $ticket['message'], $msg);
} else {
return $msg;
}
}
// Is email required to view ticket (for customers only)?
$hesk_settings['e_param'] = $hesk_settings['email_view_ticket'] ? '&e=' . rawurlencode($ticket['email']) : '';
/* Generate the ticket URLs */
$trackingURL = $hesk_settings['hesk_url'];
$trackingURL .= $is_admin ? '/' . $hesk_settings['admin_dir'] . '/admin_ticket.php' : '/ticket.php';
$trackingURL .= '?track=' . $ticket['trackid'] . ($is_admin ? '' : $hesk_settings['e_param']) . '&Refresh=' . rand(10000, 99999);
/* Set category title */
$ticket['category'] = hesk_msgToPlain(hesk_getCategoryName($ticket['category']), 1);
/* Set priority title */
switch ($ticket['priority']) {
case 0:
$ticket['priority'] = $hesklang['critical'];
break;
case 1:
$ticket['priority'] = $hesklang['high'];
break;
case 2:
$ticket['priority'] = $hesklang['medium'];
break;
default:
$ticket['priority'] = $hesklang['low'];
}
/* Get owner name */
$ticket['owner'] = hesk_msgToPlain(hesk_getOwnerName($ticket['owner']), 1);
/* Set status */
switch ($ticket['status']) {
case 1:
$ticket['status'] = $hesklang['wait_reply'];
break;
case 2:
$ticket['status'] = $hesklang['replied'];
break;
case 3:
$ticket['status'] = $hesklang['closed'];
break;
case 4:
$ticket['status'] = $hesklang['in_progress'];
break;
case 5:
$ticket['status'] = $hesklang['on_hold'];
break;
default:
$ticket['status'] = $hesklang['open'];
}
/* Replace all special tags */
$msg = str_replace('%%NAME%%', $ticket['name'], $msg);
$msg = str_replace('%%SUBJECT%%', $ticket['subject'], $msg);
$msg = str_replace('%%TRACK_ID%%', $ticket['trackid'], $msg);
$msg = str_replace('%%TRACK_URL%%', $trackingURL, $msg);
$msg = str_replace('%%SITE_TITLE%%', $hesk_settings['site_title'], $msg);
$msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg);
$msg = str_replace('%%CATEGORY%%', $ticket['category'], $msg);
$msg = str_replace('%%PRIORITY%%', $ticket['priority'], $msg);
$msg = str_replace('%%OWNER%%', $ticket['owner'], $msg);
$msg = str_replace('%%STATUS%%', $ticket['status'], $msg);
$msg = str_replace('%%EMAIL%%', $ticket['email'], $msg);
$msg = str_replace('%%CREATED%%', $ticket['dt'], $msg);
$msg = str_replace('%%UPDATED%%', $ticket['lastchange'], $msg);
$msg = str_replace('%%ID%%', $ticket['id'], $msg);
/* All custom fields */
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use']) {
if ($v['type'] == 'checkbox') {
$ticket[$k] = str_replace("<br />", "\n", $ticket[$k]);
}
$msg = str_replace('%%' . strtoupper($k) . '%%', stripslashes($ticket[$k]), $msg);
} else {
$msg = str_replace('%%' . strtoupper($k) . '%%', '', $msg);
}
}
// Is message tag in email template?
if (strpos($msg, '%%MESSAGE%%') !== false) {
// Replace message
$msg = str_replace('%%MESSAGE%%', $ticket['message'], $msg);
// Add direct links to any attachments at the bottom of the email message
if ($hesk_settings['attachments']['use'] && isset($ticket['attachments']) && strlen($ticket['attachments'])) {
$msg .= "\n\n\n" . $hesklang['fatt'];
$att = explode(',', substr($ticket['attachments'], 0, -1));
foreach ($att as $myatt) {
list($att_id, $att_name) = explode('#', $myatt);
$msg .= "\n\n" . $att_name . "\n" . $hesk_settings['hesk_url'] . '/download_attachment.php?att_id=' . $att_id . '&track=' . $ticket['trackid'] . $hesk_settings['e_param'];
}
}
// For customer notifications: if we allow email piping/pop 3 fetching and
// stripping quoted replies add an "reply above this line" tag
if (!$is_admin && ($hesk_settings['email_piping'] || $hesk_settings['pop3']) && $hesk_settings['strip_quoted']) {
$msg = $hesklang['EMAIL_HR'] . "\n\n" . $msg;
}
}
return $msg;
}
$tmpvar[$k] = hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
if (!strlen($tmpvar[$k])) {
$hesk_error_buffer[$k] = $hesklang['fill_all'] . ': ' . $v['name'];
}
$_SESSION["c_{$k}"] = hesk_POST($k);
} else {
$tmpvar[$k] = hesk_makeURL(nl2br(hesk_input(hesk_POST($k))));
$_SESSION["c_{$k}"] = hesk_POST($k);
}
} else {
$tmpvar[$k] = '';
}
}
// Check bans
if (!isset($hesk_error_buffer['email']) && hesk_isBannedEmail($tmpvar['email']) || hesk_isBannedIP($_SERVER['REMOTE_ADDR'])) {
hesk_error($hesklang['baned_e']);
}
// Check maximum open tickets limit
$below_limit = true;
if ($hesk_settings['max_open'] && !isset($hesk_error_buffer['email'])) {
$res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `status` IN ('0', '1', '2', '4', '5') AND " . hesk_dbFormatEmail($tmpvar['email']));
$num = hesk_dbResult($res);
if ($num >= $hesk_settings['max_open']) {
$hesk_error_buffer = array('max_open' => sprintf($hesklang['maxopen'], $num, $hesk_settings['max_open']));
$below_limit = false;
}
}
// If we reached max tickets let's save some resources
if ($below_limit) {
// Generate tracking ID
$tmpvar['trackid'] = hesk_createID();
$noteID = intval(hesk_REQUEST('note')) or die($hesklang['int_error'] . ': ' . $hesklang['mis_note']);
// Get ticket info
$result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['ticket_not_found']);
}
$ticket = hesk_dbFetchAssoc($result);
// Get note info
$result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
if (hesk_dbNumRows($result) != 1) {
hesk_error($hesklang['no_note']);
}
$note = hesk_dbFetchAssoc($result);
// Make sure the note matches the ticket and the user has permission to edit it
if ($note['ticket'] != $ticket['id'] || !hesk_checkPermission('can_del_notes', 0) && $note['who'] != $_SESSION['id']) {
hesk_error($hesklang['perm_deny']);
}
// Save changes?
if (isset($_POST['save'])) {
// A security check
hesk_token_check('POST');
// Get message
$tmpvar['message'] = nl2br(hesk_makeURL(hesk_input(hesk_POST('message'))));
// If we have message or attachments do the update
if (strlen($tmpvar['message']) || strlen($note['attachments'])) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` SET `message`='" . hesk_dbEscape($tmpvar['message']) . "' WHERE `id`={$noteID}");
hesk_process_messages($hesklang['ednote2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
} else {
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` WHERE `id`={$noteID}");
header('Location: admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
exit;
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `archive`='{$archived}' WHERE `id`='" . intval($this_id) . "' LIMIT 1");
$i++;
}
hesk_process_messages(sprintf($action, $i), $referer, 'SUCCESS');
} else {
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
/* A security check */
hesk_token_check('POST');
$revision = sprintf($hesklang['thist3'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
foreach ($_POST['id'] as $this_id) {
if (is_array($this_id)) {
continue;
}
$this_id = intval($this_id) or hesk_error($hesklang['id_not_valid']);
$result = hesk_dbQuery("SELECT `category` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='" . intval($this_id) . "' LIMIT 1");
$ticket = hesk_dbFetchAssoc($result);
hesk_okCategory($ticket['category']);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='3', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `id`='" . intval($this_id) . "' LIMIT 1");
$i++;
}
hesk_process_messages(sprintf($hesklang['num_tickets_closed'], $i), $referer, 'SUCCESS');
}
/*** START FUNCTIONS ***/
function hesk_fullyDeleteTicket()
{
global $hesk_settings, $hesklang, $ticket;
/* Delete attachment files */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `ticket_id`='" . hesk_dbEscape($ticket['trackid']) . "'");
if (hesk_dbNumRows($res)) {
function toggle_autoassign()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']);
$_SESSION['seluser'] = $myuser;
if (intval(hesk_GET('s'))) {
$autoassign = 1;
$tmp = $hesklang['uaaon'];
} else {
$autoassign = 0;
$tmp = $hesklang['uaaoff'];
}
/* Update auto-assign settings */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `autoassign`='{$autoassign}' WHERE `id`='" . intval($myuser) . "'");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php');
}
hesk_process_messages($tmp, './manage_users.php', 'SUCCESS');
}
function hesk_iSaveSettingsFile($set)
{
global $hesk_settings, $hesklang;
$settings_file_content = '<?php
// Settings file for HESK ' . $set['hesk_version'] . '
// ==> GENERAL
// --> General settings
$hesk_settings[\'site_title\']=\'' . $set['site_title'] . '\';
$hesk_settings[\'site_url\']=\'' . $set['site_url'] . '\';
$hesk_settings[\'webmaster_mail\']=\'' . $set['webmaster_mail'] . '\';
$hesk_settings[\'noreply_mail\']=\'' . $set['noreply_mail'] . '\';
$hesk_settings[\'noreply_name\']=\'' . $set['noreply_name'] . '\';
// --> Language settings
$hesk_settings[\'can_sel_lang\']=' . $set['can_sel_lang'] . ';
$hesk_settings[\'language\']=\'' . $set['language'] . '\';
$hesk_settings[\'languages\']=array(
\'English\' => array(\'folder\'=>\'en\',\'hr\'=>\'------ Reply above this line ------\'),
);
// --> Database settings
$hesk_settings[\'db_host\']=\'' . $set['db_host'] . '\';
$hesk_settings[\'db_name\']=\'' . $set['db_name'] . '\';
$hesk_settings[\'db_user\']=\'' . $set['db_user'] . '\';
$hesk_settings[\'db_pass\']=\'' . $set['db_pass'] . '\';
$hesk_settings[\'db_pfix\']=\'' . $set['db_pfix'] . '\';
$hesk_settings[\'db_vrsn\']=' . $set['db_vrsn'] . ';
// ==> HELP DESK
// --> Help desk settings
$hesk_settings[\'hesk_title\']=\'' . $set['hesk_title'] . '\';
$hesk_settings[\'hesk_url\']=\'' . $set['hesk_url'] . '\';
$hesk_settings[\'admin_dir\']=\'' . $set['admin_dir'] . '\';
$hesk_settings[\'attach_dir\']=\'' . $set['attach_dir'] . '\';
$hesk_settings[\'max_listings\']=' . $set['max_listings'] . ';
$hesk_settings[\'print_font_size\']=' . $set['print_font_size'] . ';
$hesk_settings[\'autoclose\']=' . $set['autoclose'] . ';
$hesk_settings[\'max_open\']=' . $set['max_open'] . ';
$hesk_settings[\'new_top\']=' . $set['new_top'] . ';
$hesk_settings[\'reply_top\']=' . $set['reply_top'] . ';
// --> Features
$hesk_settings[\'autologin\']=' . $set['autologin'] . ';
$hesk_settings[\'autoassign\']=' . $set['autoassign'] . ';
$hesk_settings[\'custclose\']=' . $set['custclose'] . ';
$hesk_settings[\'custopen\']=' . $set['custopen'] . ';
$hesk_settings[\'rating\']=' . $set['rating'] . ';
$hesk_settings[\'cust_urgency\']=' . $set['cust_urgency'] . ';
$hesk_settings[\'sequential\']=' . $set['sequential'] . ';
$hesk_settings[\'time_worked\']=' . $set['time_worked'] . ';
$hesk_settings[\'spam_notice\']=' . $set['spam_notice'] . ';
$hesk_settings[\'list_users\']=' . $set['list_users'] . ';
$hesk_settings[\'debug_mode\']=' . $set['debug_mode'] . ';
$hesk_settings[\'short_link\']=' . $set['short_link'] . ';
$hesk_settings[\'select_cat\']=' . $set['select_cat'] . ';
$hesk_settings[\'select_pri\']=' . $set['select_pri'] . ';
// --> SPAM Prevention
$hesk_settings[\'secimg_use\']=' . $set['secimg_use'] . ';
$hesk_settings[\'secimg_sum\']=\'' . $set['secimg_sum'] . '\';
$hesk_settings[\'recaptcha_use\']=' . $set['recaptcha_use'] . ';
$hesk_settings[\'recaptcha_public_key\']=\'' . $set['recaptcha_public_key'] . '\';
$hesk_settings[\'recaptcha_private_key\']=\'' . $set['recaptcha_private_key'] . '\';
$hesk_settings[\'question_use\']=' . $set['question_use'] . ';
$hesk_settings[\'question_ask\']=\'' . $set['question_ask'] . '\';
$hesk_settings[\'question_ans\']=\'' . $set['question_ans'] . '\';
// --> Security
$hesk_settings[\'attempt_limit\']=' . $set['attempt_limit'] . ';
$hesk_settings[\'attempt_banmin\']=' . $set['attempt_banmin'] . ';
$hesk_settings[\'reset_pass\']=' . $set['reset_pass'] . ';
$hesk_settings[\'email_view_ticket\']=' . $set['email_view_ticket'] . ';
// --> Attachments
$hesk_settings[\'attachments\']=array (
\'use\' => ' . $set['attachments']['use'] . ',
\'max_number\' => ' . $set['attachments']['max_number'] . ',
\'max_size\' => ' . $set['attachments']['max_size'] . ',
\'allowed_types\' => array(\'' . implode('\',\'', $set['attachments']['allowed_types']) . '\')
);
// ==> KNOWLEDGEBASE
// --> Knowledgebase settings
$hesk_settings[\'kb_enable\']=' . $set['kb_enable'] . ';
$hesk_settings[\'kb_wysiwyg\']=' . $set['kb_wysiwyg'] . ';
$hesk_settings[\'kb_search\']=' . $set['kb_search'] . ';
$hesk_settings[\'kb_search_limit\']=' . $set['kb_search_limit'] . ';
$hesk_settings[\'kb_views\']=' . $set['kb_views'] . ';
$hesk_settings[\'kb_date\']=' . $set['kb_date'] . ';
$hesk_settings[\'kb_recommendanswers\']=' . $set['kb_recommendanswers'] . ';
$hesk_settings[\'kb_rating\']=' . $set['kb_rating'] . ';
$hesk_settings[\'kb_substrart\']=' . $set['kb_substrart'] . ';
$hesk_settings[\'kb_cols\']=' . $set['kb_cols'] . ';
$hesk_settings[\'kb_numshow\']=' . $set['kb_numshow'] . ';
$hesk_settings[\'kb_popart\']=' . $set['kb_popart'] . ';
$hesk_settings[\'kb_latest\']=' . $set['kb_latest'] . ';
$hesk_settings[\'kb_index_popart\']=' . $set['kb_index_popart'] . ';
$hesk_settings[\'kb_index_latest\']=' . $set['kb_index_latest'] . ';
$hesk_settings[\'kb_related\']=' . $set['kb_related'] . ';
// ==> EMAIL
// --> Email sending
$hesk_settings[\'smtp\']=' . $set['smtp'] . ';
$hesk_settings[\'smtp_host_name\']=\'' . $set['smtp_host_name'] . '\';
$hesk_settings[\'smtp_host_port\']=' . $set['smtp_host_port'] . ';
$hesk_settings[\'smtp_timeout\']=' . $set['smtp_timeout'] . ';
$hesk_settings[\'smtp_ssl\']=' . $set['smtp_ssl'] . ';
$hesk_settings[\'smtp_tls\']=' . $set['smtp_tls'] . ';
$hesk_settings[\'smtp_user\']=\'' . $set['smtp_user'] . '\';
$hesk_settings[\'smtp_password\']=\'' . $set['smtp_password'] . '\';
// --> Email piping
$hesk_settings[\'email_piping\']=' . $set['email_piping'] . ';
// --> POP3 Fetching
$hesk_settings[\'pop3\']=' . $set['pop3'] . ';
$hesk_settings[\'pop3_job_wait\']=' . $set['pop3_job_wait'] . ';
$hesk_settings[\'pop3_host_name\']=\'' . $set['pop3_host_name'] . '\';
$hesk_settings[\'pop3_host_port\']=' . $set['pop3_host_port'] . ';
$hesk_settings[\'pop3_tls\']=' . $set['pop3_tls'] . ';
$hesk_settings[\'pop3_keep\']=' . $set['pop3_keep'] . ';
$hesk_settings[\'pop3_user\']=\'' . $set['pop3_user'] . '\';
$hesk_settings[\'pop3_password\']=\'' . $set['pop3_password'] . '\';
// --> Email loops
$hesk_settings[\'loop_hits\']=' . $set['loop_hits'] . ';
$hesk_settings[\'loop_time\']=' . $set['loop_time'] . ';
// --> Detect email typos
$hesk_settings[\'detect_typos\']=' . $set['detect_typos'] . ';
$hesk_settings[\'email_providers\']=array(' . $set['email_providers'] . ');
// --> Notify customer when
$hesk_settings[\'notify_new\']=' . $set['notify_new'] . ';
$hesk_settings[\'notify_skip_spam\']=' . $set['notify_skip_spam'] . ';
$hesk_settings[\'notify_spam_tags\']=array(' . $set['notify_spam_tags'] . ');
$hesk_settings[\'notify_closed\']=' . $set['notify_closed'] . ';
// --> Other
$hesk_settings[\'strip_quoted\']=' . $set['strip_quoted'] . ';
$hesk_settings[\'eml_req_msg\']=' . $set['eml_req_msg'] . ';
$hesk_settings[\'save_embedded\']=' . $set['save_embedded'] . ';
$hesk_settings[\'multi_eml\']=' . $set['multi_eml'] . ';
$hesk_settings[\'confirm_email\']=' . $set['confirm_email'] . ';
$hesk_settings[\'open_only\']=' . $set['open_only'] . ';
// ==> TICKET LIST
$hesk_settings[\'ticket_list\']=array(\'' . implode('\',\'', $set['ticket_list']) . '\');
// --> Other
$hesk_settings[\'submittedformat\']=\'' . $set['submittedformat'] . '\';
$hesk_settings[\'updatedformat\']=\'' . $set['updatedformat'] . '\';
// ==> MISC
// --> Date & Time
$hesk_settings[\'diff_hours\']=' . $set['diff_hours'] . ';
$hesk_settings[\'diff_minutes\']=' . $set['diff_minutes'] . ';
$hesk_settings[\'daylight\']=' . $set['daylight'] . ';
$hesk_settings[\'timeformat\']=\'' . $set['timeformat'] . '\';
// --> Other
$hesk_settings[\'ip_whois\']=\'' . $set['ip_whois'] . '\';
$hesk_settings[\'maintenance_mode\']=' . $set['maintenance_mode'] . ';
$hesk_settings[\'alink\']=' . $set['alink'] . ';
$hesk_settings[\'submit_notice\']=' . $set['submit_notice'] . ';
$hesk_settings[\'online\']=' . $set['online'] . ';
$hesk_settings[\'online_min\']=' . $set['online_min'] . ';
$hesk_settings[\'check_updates\']=' . $set['check_updates'] . ';
// ==> CUSTOM FIELDS
$hesk_settings[\'custom_fields\']=array (
';
for ($i = 1; $i <= 20; $i++) {
$settings_file_content .= '\'custom' . $i . '\'=>array(\'use\'=>' . $set['custom_fields']['custom' . $i]['use'] . ',\'place\'=>' . $set['custom_fields']['custom' . $i]['place'] . ',\'type\'=>\'' . $set['custom_fields']['custom' . $i]['type'] . '\',\'req\'=>' . $set['custom_fields']['custom' . $i]['req'] . ',\'name\'=>\'' . $set['custom_fields']['custom' . $i]['name'] . '\',\'maxlen\'=>' . $set['custom_fields']['custom' . $i]['maxlen'] . ',\'value\'=>\'' . $set['custom_fields']['custom' . $i]['value'] . '\')';
if ($i != 20) {
$settings_file_content .= ',
';
}
}
$settings_file_content .= '
);
#############################
# DO NOT EDIT BELOW #
#############################
$hesk_settings[\'hesk_version\']=\'' . $set['hesk_version'] . '\';
if ($hesk_settings[\'debug_mode\'])
{
error_reporting(E_ALL);
}
else
{
error_reporting(0);
}
if (!defined(\'IN_SCRIPT\')) {die(\'Invalid attempt!\');}';
// Write to the settings file
if (!file_put_contents(HESK_PATH . 'hesk_settings.inc.php', $settings_file_content)) {
hesk_error($hesklang['err_openset']);
}
return true;
}
hesk_dbConnect();
// Verify email address match if needed
hesk_verifyEmailMatch($trackingID);
// Lets make status assignment a bit smarter when reopening tickets
if ($oldStatus == 2) {
// Get number of replies and last replier (customer or staff)
$ticket = hesk_dbFetchAssoc(hesk_dbQuery("SELECT `staffreplies`, `lastreplier` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"));
// If ticket has no staff replies set the status to "New"
if ($ticket['staffreplies'] < 1) {
$statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsNewTicketStatus` = 1');
$statusRow = hesk_dbFetchAssoc($statusRes);
$status = $statusRow['ID'];
} elseif ($ticket['lastreplier'] == 0) {
$statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsCustomerReplyStatus` = 1');
$statusRow = hesk_dbFetchAssoc($statusRes);
$status = $statusRow['ID'];
}
// If nothing matches: last reply was from staff, keep status "Waiting reply from customer"
}
// Modify values in the database
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$status}', `locked`='{$locked}' {$closedby_sql} , `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND `locked` != '1' LIMIT 1");
// Did we modify anything*
if (hesk_dbAffectedRows() != 1) {
hesk_error($hesklang['elocked']);
}
// Show success message
if ($status != $closedStatus) {
hesk_process_messages($hesklang['wrepo'], 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999), 'NOTICE');
} else {
hesk_process_messages($hesklang['your_ticket_been'] . ' ' . $action, 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999), 'SUCCESS');
}
function order_saved()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']);
$_SESSION['canned']['selcat2'] = $tplid;
$tpl_move = intval(hesk_GET('move'));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}.");
}
/* Update all category fields with new order */
$result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC');
$i = 10;
while ($mytpl = hesk_dbFetchAssoc($result)) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1");
$i += 10;
}
header('Location: manage_ticket_templates.php');
exit;
}
}
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
foreach ($attachments as $myatt) {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('" . hesk_dbEscape($trackingID) . "','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . ',';
}
}
/* Add reply */
$result = hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (`replyto`,`name`,`message`,`dt`,`attachments`,`staffid`) VALUES ('" . intval($replyto) . "','" . hesk_dbEscape(addslashes($_SESSION['name'])) . "','" . hesk_dbEscape($message) . "',NOW(),'" . hesk_dbEscape($myattachments) . "','" . intval($_SESSION['id']) . "')");
/* Track ticket status changes for history */
$revision = '';
/* Change the status of priority? */
if (!empty($_POST['set_priority'])) {
$priority = intval(hesk_POST('priority'));
if ($priority < 0 || $priority > 3) {
hesk_error($hesklang['select_priority']);
}
$options = array(0 => '<font class="critical">' . $hesklang['critical'] . '</font>', 1 => '<font class="important">' . $hesklang['high'] . '</font>', 2 => '<font class="medium">' . $hesklang['medium'] . '</font>', 3 => $hesklang['low']);
$revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$priority_sql = ",`priority`='{$priority}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
} else {
$priority_sql = "";
}
/* Update the original ticket */
$new_status = empty($_POST['close']) ? 2 : 3;
/* --> If a ticket is locked keep it closed */
if ($ticket['locked']) {
$new_status = 3;
}
$sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='{$new_status}', `lastreplier`='1', `replierid`='" . intval($_SESSION['id']) . "' ";
/* Update time_worked or force update lastchange */
} else {
$tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer[] = $hesklang['enter_your_name'];
$tmpvar['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer[] = $hesklang['enter_valid_email'];
$tmpvar['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer[] = $hesklang['enter_ticket_subject'];
$tmpvar['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer[] = $hesklang['enter_message'];
// Demo mode
if (defined('HESK_DEMO')) {
$tmpvar['email'] = '*****@*****.**';
}
if (count($hesk_error_buffer)) {
$myerror = '<ul>';
foreach ($hesk_error_buffer as $error) {
$myerror .= "<li>{$error}</li>\n";
}
$myerror .= '</ul>';
hesk_error($myerror);
}
$tmpvar['message'] = hesk_makeURL($tmpvar['message']);
$tmpvar['message'] = nl2br($tmpvar['message']);
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use'] && isset($_POST[$k])) {
if (is_array($_POST[$k])) {
$tmpvar[$k] = '';
foreach ($_POST[$k] as $myCB) {
$tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '<br />';
}
$tmpvar[$k] = substr($tmpvar[$k], 0, -6);
} else {
$tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k])));
}
} else {
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_load_database_functions();
require HESK_PATH . 'inc/email_functions.inc.php';
require HESK_PATH . 'inc/posting_functions.inc.php';
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
// We only allow POST requests from the HESK form to this file
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
header('Location: admin_main.php');
exit;
}
// Check for POST requests larger than what the server can handle
if (empty($_POST) && !empty($_SERVER['CONTENT_LENGTH'])) {
hesk_error($hesklang['maxpost']);
}
$hesk_error_buffer = array();
$tmpvar['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer['name'] = $hesklang['enter_your_name'];
$tmpvar['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer['email'] = $hesklang['enter_valid_email'];
$tmpvar['category'] = intval(hesk_POST('category')) or $hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
$tmpvar['priority'] = hesk_POST('priority');
$tmpvar['priority'] = strlen($tmpvar['priority']) ? intval($tmpvar['priority']) : -1;
if ($tmpvar['priority'] < 0 || $tmpvar['priority'] > 3) {
// If we are showing "Click to select" priority needs to be selected
if ($hesk_settings['select_pri']) {
$tmpvar['priority'] = -1;
$hesk_error_buffer['priority'] = $hesklang['select_priority'];
} else {
$tmpvar['priority'] = 3;
}
hesk_verifyEmailMatch($trackingID, $my_email, $ticket['email']);
/* Ticket locked? */
if ($ticket['locked']) {
hesk_process_messages($hesklang['tislock2'], 'ticket.php?track=' . $trackingID . $hesk_settings['e_param'] . '&Refresh=' . rand(10000, 99999));
exit;
}
// Prevent flooding ticket replies
$res = hesk_dbQuery("SELECT `staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `replyto`='{$ticket['id']}' AND `dt` > DATE_SUB(NOW(), INTERVAL 10 MINUTE) ORDER BY `id` ASC");
if (hesk_dbNumRows($res) > 0) {
$sequential_customer_replies = 0;
while ($tmp = hesk_dbFetchAssoc($res)) {
$sequential_customer_replies = $tmp['staffid'] ? 0 : $sequential_customer_replies + 1;
}
if ($sequential_customer_replies > 10) {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` (`ip`, `number`) VALUES ('" . hesk_dbEscape($_SERVER['REMOTE_ADDR']) . "', " . intval($hesk_settings['attempt_limit'] + 1) . ")");
hesk_error(sprintf($hesklang['yhbr'], $hesk_settings['attempt_banmin']), 0);
}
}
/* Insert attachments */
if ($hesk_settings['attachments']['use'] && !empty($attachments)) {
foreach ($attachments as $myatt) {
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (`ticket_id`,`saved_name`,`real_name`,`size`) VALUES ('{$trackingID}','" . hesk_dbEscape($myatt['saved_name']) . "','" . hesk_dbEscape($myatt['real_name']) . "','" . intval($myatt['size']) . "')");
$myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] . ',';
}
}
// If staff hasn't replied yet, keep ticket status "New", otherwise set it to "Waiting reply from staff"
$ticket['status'] = $ticket['status'] ? 1 : 0;
/* Update ticket as necessary */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `lastchange`=NOW(), `status`='{$ticket['status']}', `replies`=`replies`+1, `lastreplier`='0' WHERE `id`='{$ticket['id']}' LIMIT 1");
if (isset($_SESSION['id']['user'])) {
$name = $_SESSION['id']['user'];
function toggle_sticky()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$id = intval(hesk_GET('id')) or hesk_error($hesklang['kb_art_id']);
$catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']);
$sticky = empty($_GET['s']) ? 0 : 1;
$_SESSION['artord'] = $id;
/* Update article "sticky" status */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "' LIMIT 1");
/* Update article order */
update_article_order($catid);
$tmp = $sticky ? $hesklang['ason'] : $hesklang['asoff'];
hesk_process_messages($tmp, './manage_knowledgebase.php?a=manage_cat&catid=' . $catid, 'SUCCESS');
}
function remove_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
// Delete the service message
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
// Were we successful?
if (hesk_dbAffectedRows() == 1) {
hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS');
} else {
hesk_process_messages($hesklang['sm_not_found'], './service_messages.php');
}
}
function hesk_getEmailMessage($eml_file, $ticket, $is_admin = 0, $is_ticket = 1, $just_message = 0)
{
global $hesk_settings, $hesklang;
// Demo mode
if (defined('HESK_DEMO')) {
return '';
}
/* Get list of valid emails */
$valid_emails = hesk_validEmails();
/* Verify this is a valid email include */
if (!isset($valid_emails[$eml_file])) {
hesk_error($hesklang['inve']);
}
/* Get email template */
$eml_file = 'language/' . $hesk_settings['languages'][$hesk_settings['language']]['folder'] . '/emails/' . $eml_file . '.txt';
if (file_exists(HESK_PATH . $eml_file)) {
$msg = file_get_contents(HESK_PATH . $eml_file);
} else {
hesk_error($hesklang['emfm'] . ': ' . $eml_file);
}
$msg = hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message);
return $msg;
}
function hesk_show_kb_category($catid, $is_search = 0)
{
global $hesk_settings, $hesklang;
if ($is_search == 0) {
/* Print header */
require_once HESK_PATH . 'inc/header.inc.php';
hesk_kb_header($hesk_settings['kb_link'], $catid);
if ($catid == 1) {
echo '<br/><div class="container priv-kb-text">' . $hesklang['priv'] . '</div><br/>';
}
}
$res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='" . intval($catid) . "' LIMIT 1");
$thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']);
if ($thiscat['parent']) {
$link = $thiscat['parent'] == 1 ? 'knowledgebase_private.php' : 'knowledgebase_private.php?category=' . $thiscat['parent'];
echo '<br/><div class="container homepageh3"> ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</div><br/>
<div class="container"><a href="javascript:history.go(-1)">' . '<button type="submit" class="btn btn-default goback-btn">' . $hesklang['back'] . '</button>' . '</a></div>
';
}
$result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='" . intval($catid) . "' ORDER BY `parent` ASC, `cat_order` ASC");
if (hesk_dbNumRows($result) > 0) {
?>
<div class="container"><b><?php
echo $hesklang['kb_cat_sub'];
?>
:</b></div><br/>
<div class="container">
<?php
$per_col = $hesk_settings['kb_cols'];
$i = 1;
while ($cat = hesk_dbFetchAssoc($result)) {
if ($i == 1) {
echo '<tr>';
}
$private = $cat['type'] == 1 ? ' *' : '';
echo '
<td width="50%" valign="top">
<table border="0">
<tr><td><img src="../img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase_private.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a>' . $private . '</td></tr>
';
/* Print most popular/sticky articles */
if ($hesk_settings['kb_numshow'] && $cat['articles']) {
$res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($cat['id']) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1));
$num = 1;
while ($art = hesk_dbFetchAssoc($res)) {
$private = $art['type'] == 1 ? ' *' : '';
echo '
<tr>
<td><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" />
<a href="knowledgebase_private.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a>' . $private . '</td>
</tr>';
if ($num == $hesk_settings['kb_numshow']) {
break;
} else {
$num++;
}
}
if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) {
echo '<tr><td>» <a href="knowledgebase_private.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>';
}
}
echo '
</table>
</td>
';
if ($i == $per_col) {
echo '</tr>';
$i = 0;
}
$i++;
}
/* Finish the table if needed */
if ($i != 1) {
for ($j = 1; $j <= $per_col; $j++) {
echo '<td width="50%"> </td>';
if ($i == $per_col) {
echo '</tr>';
break;
}
$i++;
}
}
?>
</div>
<?php
}
// END if NumRows > 0
?>
<br/>
<div class="container articles_categ"><b><?php
echo $hesklang['ac'];
?>
</b></div>
<div>
<?php
$res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating`, `type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($catid) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `art_order` ASC");
if (hesk_dbNumRows($res) == 0) {
echo '<div class="container"><i>' . $hesklang['noac'] . '</i></div>';
} else {
echo '<div class="container table-responsive"><table class="table table-bordered" style="background-color: white;">';
while ($article = hesk_dbFetchAssoc($res)) {
$private = $article['type'] == 1 ? ' *' : '';
$txt = hesk_kbArticleContentPreview($article['content']);
echo '
<tr>
<td>
<table>
<tr>
<td width="1" valign="top"><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td>
<td valign="top"><a href="knowledgebase_private.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>' . $private . '</td>
</tr>
</table>
<table border="0" width="100%" cellspacing="0" cellpadding="1">
<tr>
<td width="1" valign="top"><img src="../img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td>
<td><span class="article_list" style="word-break: break-all;">' . $txt . '</span></td>
</tr>
</table>
</td>
</tr>';
}
echo '</table></div>';
}
?>
</div>
<?php
}
function hesk_verifyCategory($any_type = 0)
{
global $hesk_settings, $hesklang, $hesk_db_link, $hesk_error_buffer, $tmpvar;
// Verify just by public or any category type?
$type = $any_type ? " 1 " : " `type`='0' ";
// Does the category exist?
$res = hesk_dbQuery("SELECT `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . $tmpvar['category'] . "' AND {$type} LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
$hesk_settings['category_data'][$tmpvar['category']] = hesk_dbFetchAssoc($res);
return true;
}
// OK, something wrong with the category. Get a list of categories to check few things
$res = hesk_dbQuery("SELECT `id`, `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE {$type} ORDER BY `id` ASC");
$num = hesk_dbNumRows($res);
// If more than 1 choice is available, let the user choose
if ($num > 1) {
$hesk_error_buffer['category'] = $hesklang['sel_app_cat'];
return false;
} elseif ($num == 1) {
$tmp = hesk_dbFetchAssoc($res);
$tmpvar['category'] = $tmp['id'];
$hesk_settings['category_data'][$tmpvar['category']] = $tmp;
return true;
} else {
$res = hesk_dbQuery("SELECT `id`, `name`, `autoassign` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `id` ASC LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
$tmp = hesk_dbFetchAssoc($res);
$tmpvar['category'] = $tmp['id'];
$hesk_settings['category_data'][$tmpvar['category']] = $tmp;
} else {
// What the ...? No categories exist??? You know what, just error out...
hesk_error($hesklang['int_error'] . ': ' . $hesklang['cat_not_found']);
}
}
}
