function do_upload($tid)
{
global $nick;
if ($_FILES['attachment-file']['size'] < 1) {
return "File size is too small!";
}
$file_name = $_FILES['attachment-file']['name'];
$file_ext = strtolower(substr($file_name, -4));
if ($file_ext != ".jpg" && $file_ext != ".png" && $file_ext != ".pdf" && $file_ext != ".log" && $file_ext != ".txt") {
return "You can only upload jpg/png/pdf/log/txt files!";
}
$file_type = $_FILES['attachment-file']['type'];
$file_size = $_FILES['attachment-file']['size'];
$file_desc = "Attachment by " . $nick;
if (!is_numeric($file_size)) {
safe_die("Error! Invalid number in file size!");
}
$query = squery("INSERT INTO karnaf_files(tid,file_name,file_type,file_desc,file_size,lastupd_time) VALUES(%d,'%s','%s','%s',%d,%d)", $tid, $file_name, $file_type, $file_desc, $file_size, time());
if (!$query) {
return "SQL Error! Query failed on do_upload() function: " . mysql_error();
}
$id = sql_insert_id();
$fn = KARNAF_UPLOAD_PATH . "/" . $tid;
if (!file_exists($fn)) {
if (!mkdir($fn)) {
return "Can't create attachment directory!";
}
}
$fn .= "/" . $id . $file_ext;
if (!copy($_FILES['attachment-file']['tmp_name'], $fn)) {
return "Couldn't create attachment file!";
}
return "";
}
?>
"></td>
</tr>
<tr>
<td>Body:</td>
<td><textarea rows="8" cols="78" name="body" id="body"><?php
echo $r_body;
?>
</textarea></td>
</tr>
<tr>
<td>Group:</td>
<td>
<select name="group">
<?php
$query = squery("SELECT id,name FROM groups WHERE iskarnaf=1 ORDER BY name");
while ($result = sql_fetch_array($query)) {
?>
<option value="<?php
echo $result['id'];
?>
"<?php
if ($result['name'] == $r_group) {
echo " SELECTED";
}
?>
><?php
echo $result['name'];
?>
</option>
<?php
if ($result['status'] != "0") {
$autostatus = "The ticket isn't closed.";
} else {
$autostatus = "The ticket has been re-opened.";
$email_update_str = "The ticket has been re-opened.";
squery("INSERT INTO karnaf_actions(tid,action,a_by_u,a_by_g,a_time,a_type,is_private) VALUES(%d,'The ticket has been re-opened.','%s','%s',%d,1,%d)", $id, $nick, $group, time() + 1, $is_private);
squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d", time(), $id);
}
}
$autoload = 4;
}
/* Send SMS */
if (isset($_POST['sms_account'])) {
if (send_sms($_POST['sms_account'], $_POST['sms_to'], $_POST['sms_body'])) {
squery("INSERT INTO karnaf_actions(tid,action,a_by_u,a_by_g,a_time,a_type,is_private) VALUES(%d,'%s','%s','%s',%d,1,%d)", $id, "Sent SMS to " . $_POST['sms_to'], $nick, $group, time(), $is_private);
squery("UPDATE karnaf_tickets SET lastupd_time=%d WHERE id=%d", time(), $id);
$autostatus = "The SMS has been sent.";
if ($is_private != 1) {
$email_update_str = "Sent SMS to " . $_POST['sms_to'];
}
} else {
$autostatus = "Error! Could not send SMS!";
}
$autoload = 9;
}
if (isset($email_update_str) && !empty($email_update_str)) {
if ((!isset($is_private) || $is_private != "1") && (!isset($_POST['no_userupd']) || $_POST['no_userupd'] != "on")) {
if ($result['memo_upd'] == "1") {
send_memo($result['unick'], "Your ticket #" . $result['id'] . " has been updated. For more information visit: " . KARNAF_URL . "/view.php?id=" . $result['id'] . "&code=" . $result['randcode']);
}
if ($result['email_upd'] == "1") {
<td>Ticket Subject</td>
<td>
<span id="Ticket_Subject">
<select name="cat3" id="cat3" disabled>
<option value="0">--Select--</option>
</select>
</span>
</td>
</tr>
<tr>
<td>Priority:</td>
<td>
<select name="upriority">
<?php
$upriority = 0;
$query = squery("SELECT priority_id,priority_name FROM karnaf_priorities ORDER BY priority_id");
while ($result = sql_fetch_array($query)) {
?>
<option value="<?php
echo $result['priority_id'];
?>
"<?php
if ($result['priority_id'] == $upriority) {
echo " SELECTED";
}
?>
><?php
echo $result['priority_name'];
?>
</option>
<?php
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require "../ktools.php";
$cat3_id = $_GET['id'];
$extra = "";
$query = squery("SELECT id,name,extra FROM karnaf_cat3 WHERE id=%d", $cat3_id);
if ($result = sql_fetch_array($query)) {
$extra = $result['extra'];
}
sql_free_result($query);
if (!empty($extra)) {
?>
<table width="100%" border="1">
<tr class="Karnaf_Head2"><td colspan="2">Extra Information</td></tr>
<?php
$i = 0;
foreach (split(',', $extra) as $row) {
$i++;
?>
<tr>
<td><?php
echo $row;
?>
:</td>
<td><input name="ext<?php
echo $i;
?>
</table>
</td></tr>
<tr class="Karnaf_Head2">
<td colspan="2" align="center">Add new action</td>
</tr>
<tr>
<td colspan="2">
<textarea rows="8" style="width:99%" name="action_text" id="action_text"></textarea><br>
<?php
if (IsGroupMember("dalnet-aob") || IsKarnafAdminSession()) {
?>
Action on behalf of:
<select name="onbehalf_g">
<option value="">---</option>
<?php
$query2 = squery("SELECT id,name,gdesc FROM groups ORDER BY name");
while ($result2 = sql_fetch_array($query2)) {
if (!IsGroupMember($result2['name']) || $result2['name'] != KARNAF_ADMINS_GROUP && $result2['name'] != "dalnet-aob" && $result2['name'] != "dalnet-sra" && $result2['name'] != $result['rep_g']) {
continue;
}
?>
<option value="<?php
echo $result2['name'];
?>
"><?php
echo $result2['name'];
?>
</option>
<?php
}
sql_free_result($query2);
Add_ItemRed("Check User", "check_user.php");
if (IsKarnafAdminSession()) {
Add_Itemx("Edit types", "mng_cat.php?table=cat1");
Add_Itemx("Edit catagories", "mng_cat.php?table=cat2");
Add_Itemx("Edit subjects", "mng_cat.php?table=cat3");
Add_Itemx("Edit templates", "mng_templates.php");
Add_Itemx("View Logs", "mng_viewlogs.php");
Add_Itemx("Edit SQL", "mng_editsql.php");
Add_Itemx("Stats", "stats.php");
Add_Item("Logout", "logout.php");
}
?>
<tr><td>
<br>
<u>Tickets:</u>
<br>
<?php
$tickets = 0;
$query = squery("SELECT count(*) FROM karnaf_tickets");
if ($result = sql_fetch_array($query)) {
$tickets = $result[0];
}
sql_free_result($query);
echo $tickets;
?>
</td></tr>
</table>
</body>
</html>
<?php
require_once "karnaf_footer.php";
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require "../ktools.php";
check_auth();
$query = squery("SELECT g.name,t.body FROM (karnaf_templates AS t LEFT JOIN groups AS g ON g.id=t.group_id) WHERE t.id=%d", $_GET['id']);
while ($result = sql_fetch_array($query)) {
if (!IsGroupMember($result['name']) && !IsKarnafAdminSession()) {
continue;
}
echo $result['body'];
}
sql_free_result($query);
require_once "karnaf_footer.php";
<tr>
<td>Action:</td>
<td>
<input name="action" type="text">
<input name="action_check" type="radio" value="=" checked>Exact
<input name="action_check" type="radio" value="like">SQL Wild (% is a wildchar)
<input name="action_check" type="radio" value="has">Contains
</td>
</tr>
<tr>
<td>Log type:</td>
<td>
<select name="logtype">
<option value="">---</option>
<?php
$query = squery("SELECT logtype FROM ws_logs WHERE logtype NOT LIKE '%s' GROUP BY logtype ORDER BY logtype", "%.php?id=%");
while ($result = sql_fetch_array($query)) {
?>
<option value="<?php
echo $result['logtype'];
?>
"><?php
echo $result['logtype'];
?>
</option>
<?php
}
sql_free_result($query);
?>
</select>
</td>
/* Search tickets that are waiting for user reply for more than a week... */
$query = squery("SELECT id,rep_g,unick,uemail FROM karnaf_tickets WHERE status=2 AND lastupd_time<%d", time()-604800);
while($result = sql_fetch_array($query)) {
$sender = $result['unick'];
if($sender == "Guest" && !empty($result['uemail'])) $sender = $result['uemail'];
echo "Ticket #".$result['id']." from ".$sender." is being automatically closed. ".KARNAF_URL."/view.php?id=".$result['id']."\n";
squery("INSERT INTO karnaf_actions(tid,is_private,a_type,action,a_time,a_by_u,a_by_g) VALUES(%d,0,1,'%s',%d,'%s','%s')",
$result['id'], "Ticket has been automatically closed due to being waiting for user reply for a week.", time(), "System", $result['rep_g']);
squery("UPDATE karnaf_tickets SET close_time=%d,status=0 WHERE id=%d", time(), $result['id']);
}
sql_free_result($query);
/* Search for tickets that are *open* and waiting for an oper-reply for more than a week... */
$query = squery("SELECT id,rep_g,unick,uemail FROM karnaf_tickets WHERE status=1 AND (lastupd_time<%d OR (open_time<%d AND lastupd_time is NULL AND rep_g='')) AND priority>=0 AND priority<20",
time()-604800, time()-604800);
while($result = sql_fetch_array($query)) {
$sender = $result['unick'];
if($sender == "Guest" && !empty($result['uemail'])) $sender = $result['uemail'];
echo "-".$result['rep_g']."- Ticket #".$result['id']." from ".$sender." is now getting higher priority. ".KARNAF_URL."/edit.php?id=".$result['id']."\n";
squery("INSERT INTO karnaf_actions(tid,is_private,a_type,action,a_time,a_by_u,a_by_g) VALUES(%d,0,1,'%s',%d,'%s','%s')",
$result['id'], "System priority increased to High", time(), "System", $result['rep_g']);
squery("UPDATE karnaf_tickets SET priority=20 WHERE id=%d", $result['id']);
#squery("INSERT INTO karnaf_memo_queue(tonick,memo) VALUES('%s','*Warning* Priority for ticket #%s has been increased to High. For more information visit: XXX/edit.php?id=%s')", $sender);
#squery("INSERT INTO karnaf_actions(tid,is_private,a_type,action,a_time,a_by_u,a_by_g) VALUES(%d,0,1,'%s',%d,'%s','%s')", $result['id'],
# "Team leader was notified by MemoServ", time()+1, "System", $result['rep_g']);
}
sql_free_result($query);
require_once("../contentpage_ftr.php");
?>
?>
</td>
<td>E-Mail</td>
<td>Assigned to</td>
</tr>
<?php
$cnt = 0;
$unick = $result['unick'];
$uemail = $result['uemail'];
if ($unick == "Guest") {
$unick .= RandomNumber(5);
}
if (empty($uemail)) {
$uemail = "Guest" . RandomNumber(5) . "@" . MY_DOMAIN;
}
$query2 = squery("SELECT id,status,unick,uemail,rep_g FROM karnaf_tickets WHERE id!=%d AND status!=0 AND (unick='%s' OR uemail='%s')", $id, $unick, $uemail);
while ($result2 = sql_fetch_array($query2)) {
$cnt++;
?>
<tr>
<td><a href="edit.php?id=<?php
echo $result2['id'];
?>
"><?php
echo $result2['id'];
?>
</a></td>
<td><?php
echo $result2['unick'];
?>
</td>
if (isset($_GET['code']) && !empty($_GET['code'])) {
$randcode = $_GET['code'];
} else {
$randcode = 0;
}
$query = squery("SELECT unick,randcode,open_time FROM karnaf_tickets WHERE id=%d", $id);
if ($result = sql_fetch_array($query)) {
if (!IsKarnafOperSession() && $randcode != $result['randcode'] && ($nick != $result['unick'] || $nick == "Guest" || $a_regtime > (int) $result['open_time'])) {
AccessDenied("You must provide the ticket verification code to view this page.");
}
if (isset($_GET['download'])) {
$download = $_GET['download'];
} else {
$download = 0;
}
$query2 = squery("SELECT file_name,file_type,file_size FROM karnaf_files WHERE id=%d AND tid=%d", $download, $id);
if (!$query2) {
safe_die("Error: can't find file!");
}
$result2 = sql_fetch_array($query2);
if (!$result2) {
safe_die("Error: can't find file!");
}
if ((int) $result2['file_size'] != 0) {
header("Content-length: " . $result2['file_size']);
}
header("Content-type: " . $result2['file_type']);
$file_ext = strtolower(substr($result2['file_name'], -4));
if ($file_ext != ".jpg" && $file_ext != ".png") {
header("Content-Disposition: attachment; filename=" . $result2['file_name']);
}
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
/* This is a script to send all the emails on the queue */
$override_magicquotes = 1;
require "../ktools.php";
function karnaf_email($mail_to, $mail_subject, $mail_body)
{
/* Was only used for debugging:
$mail_to = "*****@*****.**";
*/
mail($mail_to, $mail_subject, $mail_body, "From: " . MY_EMAIL . "\r\n" . "Reply-To: " . MY_EMAIL);
}
$query = squery("SELECT id,mail_to,mail_from,mail_subject,mail_body FROM mail_queue ORDER BY id");
while ($result = sql_fetch_array($query)) {
echo "Sending #" . $result['id'] . " to " . $result['mail_to'] . "...\n";
karnaf_email($result['mail_to'], $result['mail_subject'], $result['mail_body']);
squery("DELETE FROM mail_queue WHERE id=%d", $result['id']);
}
sql_free_result($query);
echo "Done.\n";
require_once "../contentpage_ftr.php";
$query2 = squery(0, $row[2]);
while ($result2 = sql_fetch_array($query2)) {
$selects[$row[0]][] = array($result2[0], $result2[1]);
}
sql_free_result($query2);
}
$row = $row[0];
}
echo "<th>{$row}</th>";
}
?>
</tr>
<?php
$curcol = "col2";
$cnt = 0;
$query = squery(0, "SELECT " . $sql_id . "," . merge_array($sql_rows) . " FROM {$sql_table} ORDER BY " . $sql_id);
if ($query) {
while ($result = sql_fetch_array($query)) {
$cnt++;
if ($curcol == "col1") {
$curcol = "col2";
} else {
$curcol = "col1";
}
?>
<tr>
<?php
foreach ($sql_rows as $row) {
if (is_array($row)) {
if ($row[1] == "password") {
$text = "*";
return showtime($unixTimestamp);
}
if (isset($_GET['tid']) && is_numeric($_GET['tid'])) {
$tid = $_GET['tid'];
} else {
$tid = "";
}
if (isset($_GET['uuser'])) {
$uuser = $_GET['uuser'];
}
if (isset($_POST['uuser'])) {
$uuser = $_POST['uuser'];
}
if (isset($uuser)) {
add_log("karnaf_check_user", $uuser);
$query = squery("SELECT type,host,user,pass,ou,filter FROM karnaf_ldap_accounts WHERE active=1");
while ($result = sql_fetch_array($query)) {
$type = (int) $result['type'];
if ($type == 0) {
$ldapserver = "ldap://" . $result['host'];
} else {
if ($type == 1) {
$ldapserver = "ldaps://" . $result['host'];
} else {
continue;
}
}
$ldap = ldap_connect($ldapserver);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if ($bind = @ldap_bind($ldap, $result['user'], $result['pass'])) {
if (!$cnt) {
echo "<tr><td colspan=\"10\" align=\"center\">*** None ***</td></tr>";
}
?>
</table>
<br>
<center>
<input type="button" value="Flag selected tickets as spam" onClick="javascript:flagspam_onclick()">
<input type="button" value="Re-assign selected tickets to:" onClick="javascript:reassign_onclick()">
<select name="reassign_oper">
<option value=""><?php
echo $nick;
?>
</option>
<?php
$query2 = squery("SELECT DISTINCT(rep_u) FROM karnaf_tickets WHERE status!=0 AND rep_u!='' and rep_u!='%s' ORDER BY rep_u", $nick);
while ($result2 = sql_fetch_array($query2)) {
?>
<option value="<?php
echo $result2['rep_u'];
?>
"><?php
echo $result2['rep_u'];
?>
</option>
<?php
}
sql_free_result($query2);
?>
</select>
</center>
<tr>
<td>Extra Rows:</td>
<td><input name="extra" type="text"></td>
</tr>
<?php
}
if ($table != "cat1") {
?>
<tr>
<td>Allowed Group:</td>
<td>
<select name="allowed_group">
<option value="">---</option>
<?php
$default_priority = 0;
$query = squery("SELECT name FROM groups ORDER BY name");
while ($result = sql_fetch_array($query)) {
?>
<option value="<?php
echo $result['name'];
?>
"><?php
echo $result['name'];
?>
</option>
<?php
}
sql_free_result($query);
?>
</select>
</td>
<td><input name="reply_cc" type="text" size="50" value="<?=htmlspecialchars2($result['cc'])?>"></td>
</tr>
<tr>
<td colspan="2">
<textarea rows="8" style="width:100%" name="reply_text" id="reply_text"></textarea><br>
<input type="checkbox" name="is_private" id="is_private" <? if($result['private_actions']) echo " CHECKED"; ?>> Team reply (hide the oper's nick).
<br>
<input type="checkbox" name="is_waiting" id="is_waiting" CHECKED> Hold the ticket until the user reply.
<br>
<input type="checkbox" name="auto_assign" id="auto_assign" <? if(empty($result['rep_u'])) echo " CHECKED"; ?>> Automatically assign the ticket to me if it's not assigned to anyone.
<br>
Template:
<select name="template" onChange="javascript:load_template(this.value);">
<option value="0">---</option>
<?
$query2 = squery("SELECT id,subject FROM karnaf_templates WHERE group_id=(SELECT id FROM groups WHERE name='%s')", $result['rep_g']);
while($result2 = sql_fetch_array($query2)) {
?>
<option value="<?=$result2['id']?>"><?=$result2['subject']?></option>
<?
}
sql_free_result($query2);
?>
</select>
</td>
</tr>
</table>
<br>
<center>
<? if($result['status']==0) { ?>
<input type=button name="close_button" id="close_button" value="Reopen Ticket" onClick="javascript:submit3_onclick()">
</tr>
<tr>
<td>Assigned to user:</td>
<td>
<!script src="/teamsearch.js"></script>
<input name="oper" size="30" !onkeyup="showResult(this.value)" !onfocus="showResult(this.value)" type="text" autocomplete="off">
<div id="livesearch"></div>
</td>
</tr>
<tr>
<td>Assigned to group:</td>
<td>
<select name="rep_g">
<option value="">---</option>
<?php
$query2 = squery("SELECT id,name,gdesc FROM groups WHERE iskarnaf=1 ORDER BY name");
while ($result2 = sql_fetch_array($query2)) {
?>
<option value="<?php
echo $result2['name'];
?>
"><?php
echo $result2['gdesc'];
?>
</option>
<?php
}
sql_free_result($query2);
?>
</select>
</td>
</th>
<th>Replies to unique tickets</th>
<th>Total Replies</th>
</tr>
<?php
$query = squery("SELECT u.user FROM group_members AS gm INNER JOIN users AS u ON u.id=gm.user_id WHERE gm.group_id=(SELECT id FROM groups WHERE name='%s')", $team);
while ($result = sql_fetch_array($query)) {
echo "<tr>\n";
echo "<td>" . $result['user'] . "</td>\n";
$query2 = squery("SELECT COUNT(DISTINCT(r.tid)) FROM (karnaf_replies AS r INNER JOIN karnaf_tickets AS t ON t.id=r.tid) WHERE r.r_time>%d AND r.r_by='%s' AND t.rep_g='%s'", $starttime, $result['user'], $team);
if ($result2 = sql_fetch_array($query2)) {
$ureplies += (int) $result2[0];
echo "<td align=\"center\">" . $result2[0] . "</td>\n";
}
sql_free_result($query2);
$query2 = squery("SELECT COUNT(r.tid) FROM (karnaf_replies AS r INNER JOIN karnaf_tickets AS t ON t.id=r.tid) WHERE r.r_time>%d AND r.r_by='%s' AND t.rep_g='%s'", $starttime, $result['user'], $team);
if ($result2 = sql_fetch_array($query2)) {
$replies += (int) $result2[0];
echo "<td align=\"center\">" . $result2[0] . "</td>\n";
}
sql_free_result($query2);
echo "</tr>\n";
}
sql_free_result($query);
?>
<tr>
<td><b>Total</b></td>
<td align="center"><b><?php
echo $ureplies;
?>
</b></td>
if ($file_ext == ".gif") {
$file_type = "image/gif";
} else {
$file_type = "application/octet-stream";
}
}
}
$file_desc = "Imported from SysAid";
$file_size = 0;
squery("INSERT INTO karnaf_files(tid,file_name,file_type,file_desc,file_size,lastupd_time) VALUES(%d,'%s','%s','%s',%d,%d)", $tid, $file_name, $file_type, $file_desc, $file_size, $result2['file_date']);
$id = sql_insert_id();
$fn = KARNAF_UPLOAD_PATH . "/" . $tid;
if (!file_exists($fn)) {
if (!mkdir($fn)) {
return "Can't create attachment directory!";
}
}
$fn .= "/" . $id . $file_ext;
if ($file = fopen($fn, "wb")) {
fwrite($file, $result2['file_content']);
fclose($file);
}
/* Let's check the file's size and update the entry... */
squery("UPDATE karnaf_files SET file_size=%d WHERE id=%d", filesize($fn), $id);
}
sql_free_result($query2);
}
}
sql_free_result($query);
echo "Done.\n";
require_once "../contentpage_ftr.php";
show_title("Karnaf - Stats");
make_menus("Karnaf (HelpDesk)");
# 1 week:
#$starttime = time() - 604800;
# 30 days:
$starttime = time() - 86400 * 30;
echo "<font size=\"+1\">Tickets that were opened or closed since " . showdate($starttime) . ":</font><br><br>\n";
echo "<u>Teams:</u><br>\n";
$query = squery("SELECT t.id,t.rep_g,count(t.rep_g) AS c FROM karnaf_tickets AS t WHERE t.status!=5 AND (t.open_time>=%d OR t.close_time>=%d) GROUP BY rep_g ORDER BY id", $starttime, $starttime);
while ($result = sql_fetch_array($query)) {
echo $result['rep_g'] . ": " . $result['c'] . "<br>\n";
}
sql_free_result($query);
echo "<br>\n";
echo "<u>Opers:</u><br>\n";
$query = squery("SELECT t.id,t.rep_u,count(t.rep_u) AS c FROM karnaf_tickets AS t WHERE t.status!=5 AND (t.open_time>=%d OR t.close_time>=%d) GROUP BY rep_u ORDER BY c DESC", $starttime, $starttime);
while ($result = sql_fetch_array($query)) {
if (empty($result['rep_u'])) {
$result['rep_u'] = "None";
}
echo $result['rep_u'] . ": " . $result['c'] . "<br>\n";
}
sql_free_result($query);
echo "<br>\n";
echo "<u>Categories:</u><br>\n";
$query = squery("SELECT t.id,c3.name AS cat3,c2.name AS cat2,c1.name AS cat1,count(t.cat3_id) AS c FROM (karnaf_tickets AS t LEFT JOIN karnaf_cat3 AS c3 ON c3.id=t.cat3_id\nLEFT JOIN karnaf_cat2 AS c2 ON c2.id=c3.parent LEFT JOIN karnaf_cat1 AS c1 ON c1.id=c2.parent) WHERE t.open_time>=%d OR t.close_time>=%d GROUP BY\nc1.priority,c1.name,c2.priority,c2.name,c3.priority,c3.name", $starttime, $starttime);
while ($result = sql_fetch_array($query)) {
echo $result['cat1'] . " - " . $result['cat2'] . " - " . $result['cat3'] . ": " . $result['c'] . "<br>\n";
}
sql_free_result($query);
require_once "karnaf_footer.php";
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require "../ktools.php";
check_auth();
?>
<select name="cat3" id="cat3" onChange="javascript:loadext(this.value);">
<option value="0">--Select--</option>
<?php
$cat2_id = $_GET['id'];
$query = squery("SELECT id,name,allowed_group FROM karnaf_cat3 WHERE parent=%d ORDER BY priority,name", $cat2_id);
while ($result = sql_fetch_array($query)) {
if (!empty($result['allowed_group']) && !IsGroupMember($result['allowed_group'])) {
continue;
}
?>
<option value="<?php
echo $result['id'];
?>
"><?php
echo $result['name'];
?>
</option>
<?php
}
sql_free_result($query);
?>
</select>
function send_sms($sms_account, $sms_to, $sms_body)
{
$res = 0;
$sms_to = trim($sms_to);
$sms_body = trim($sms_body);
if (empty($sms_to)) {
return 0;
}
if (empty($sms_body)) {
return 0;
}
$query = squery("SELECT type,account_id,account_token,from_number FROM karnaf_sms_accounts WHERE id=%d AND active=1", $sms_account);
if ($result = sql_fetch_array($query)) {
if ((int) $result['type'] != 0) {
safe_die("Unknown SMS account type!");
}
$post_data = array("To" => $sms_to, "From" => $result['from_number'], "Body" => $sms_body);
$post_string = http_build_query($post_data);
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
curl_setopt($ch, CURLOPT_USERPWD, $result['account_id'] . ":" . $result['account_token']);
curl_setopt($ch, CURLOPT_URL, "https://api.twilio.com/2010-04-01/Accounts/" . $result['account_id'] . "/Messages.json");
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
if (isset($result)) {
$result_json = json_decode($result, true);
if ($result_json['status'] == "queued") {
$res = 1;
}
} else {
if (curl_errno($ch)) {
$res = 0;
}
}
curl_close($ch);
}
sql_free_result($query);
return $res;
}
?>
</select>
</td>
</tr>
<tr>
<td colspan="2" align="center">--- OR ---</td>
</tr>
<tr>
<td>Re-assign to user:</td>
<td>
<select name="assign_user">
<option value="">---</option>
<?
$query2 = squery("SELECT id,name,gdesc FROM groups WHERE iskarnaf=1 AND name='%s'", $result['rep_g']);
if($result2 = sql_fetch_array($query2)) {
$query3 = squery("SELECT u.user FROM (group_members AS gm INNER JOIN users AS u ON gm.user_id=u.id) WHERE gm.group_id=%d ORDER BY u.user", $result2['id']);
while($result3 = sql_fetch_array($query3)) {
if($result3['user'] == $result['rep_u']) $selected = 1;
?>
<option value="<?=$result3['user']?>"<? if($result3['user'] == $result['rep_u']) echo " SELECTED"; ?>><?=$result2['gdesc']?>\<?=$result3['user']?></option>
<?
}
sql_free_result($query3);
}
sql_free_result($query2);
?>
</select>
</td>
</tr>
</table>
<br>
} else {
if ($file_ext == ".png") {
$file_type = "image/png";
} else {
if ($file_ext == ".gif") {
$file_type = "image/gif";
} else {
$file_type = "application/octet-stream";
}
}
}
if ($file_ext != ".jpg" && $file_ext != ".png" && $file_ext != ".pdf" && $file_ext != ".log" && $file_ext != ".txt" && $file_ext != ".xls" && $file_ext != ".xlsx") {
continue;
}
/* Skip invalid file extensions */
squery("INSERT INTO karnaf_files(tid,file_name,file_type,file_desc,file_size,lastupd_time) VALUES(%d,'%s','%s','%s',%d,%d)", $tid, $file_name, $file_type, $file_desc, $file_size, time());
$id = sql_insert_id();
$fn = KARNAF_UPLOAD_PATH . "/" . $tid;
if (!file_exists($fn)) {
if (!mkdir($fn)) {
continue;
}
/* Error: can't make directory! */
}
$fn .= "/" . $id . $file_ext;
if ($file = fopen($fn, "wb")) {
fwrite($file, $attachment['data']);
fclose($file);
}
}
}
continue;
}
/* Only update existing groups... */
if (!isset($cached_groupmembers[$group]) || !in_array(strtolower($found_user), $cached_groupmembers[$group])) {
/* User is not on the cached group, add it to Karnaf... */
squery("INSERT INTO group_members(group_id,user_id,added_by,added_time) VALUES((SELECT id FROM groups WHERE name='%s'),(SELECT id FROM users WHERE user='******'),'System',%d)", $group, $found_user, time());
}
}
foreach ($cached_groups as $group) {
if (isset($cached_groupmembers[$group]) && in_array($found_user, $cached_groupmembers[$group]) && !in_array($group, $found_groups)) {
/* User found on cached group but not on LDAP group, user was probably deleted so delete it from Karnaf */
squery("DELETE FROM group_members WHERE group_id=(SELECT id FROM groups WHERE name='%s') AND user_id=(SELECT id FROM users WHERE user='******')", $group, $found_user);
}
}
}
}
}
ldap_unbind($ldap);
}
sql_free_result($query);
/* Search for deleted users... */
foreach ($cached_users as $u) {
if (!in_array($u, $updated_users)) {
echo "Found deleted user: "******"... ";
squery("DELETE FROM group_members WHERE user_id=(SELECT id FROM users WHERE user='******')", $u);
squery("DELETE FROM users WHERE user='******'", $u);
echo "Deleted.\n";
}
}
unlink("/tmp/karnaf-fetch-users.lock");
require_once "../contentpage_ftr.php";
array_unshift($argv, $qstr);
$query = squery_args($argv);
while ($result = sql_fetch_array($query)) {
if (!IsGroupMember($result['rep_g']) && !IsKarnafAdminSession()) {
continue;
}
/* Skip tickets for other teams */
$cnt++;
$query2 = squery("SELECT count(*) AS count FROM karnaf_actions WHERE tid=%d", $result['id']);
if ($result2 = sql_fetch_array($query2)) {
$action_cnt = (int) $result2['count'];
} else {
$action_cnt = 0;
}
sql_free_result($query2);
$query2 = squery("SELECT count(*) AS count FROM karnaf_replies WHERE tid=%d", $result['id']);
if ($result2 = sql_fetch_array($query2)) {
$reply_cnt = (int) $result2['count'];
} else {
$reply_cnt = 0;
}
sql_free_result($query2);
$status_style = "Karnaf_P_Normal";
// Lightgreen
$priority = (int) $result['priority'];
if ($priority < 0) {
$status_style = "Karnaf_P_Low";
}
// LightBlue
if ($priority > 19) {
$status_style = "Karnaf_P_High";
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
/* This is a script to delete the Karnaf database */
require "../ktools.php";
squery("DELETE FROM karnaf_tickets");
squery("DELETE FROM karnaf_replies");
squery("DELETE FROM karnaf_actions");
squery("DELETE FROM karnaf_files");
squery("ALTER TABLE karnaf_tickets AUTO_INCREMENT = 0");
squery("ALTER TABLE karnaf_replies AUTO_INCREMENT = 0");
squery("ALTER TABLE karnaf_actions AUTO_INCREMENT = 0");
squery("ALTER TABLE karnaf_files AUTO_INCREMENT = 0");
echo "Done.";
require_once "../contentpage_ftr.php";
if ($result = sql_fetch_array($query)) {
?>
<form name="form1" id="form1" method="post">
<input type="hidden" name="save" id="save" value="0">
<input type="hidden" name="close" id="close" value="0">
<input type="hidden" name="reopen" id="reopen" value="0">
<table width="100%">
<tr class="Karnaf_Head2">
<td colspan="2" align="center">Send SMS</td>
</tr>
<tr>
<td>SMS Account:</td>
<td>
<select name="sms_account" id="sms_account">
<?php
$query2 = squery("SELECT id,from_number FROM karnaf_sms_accounts WHERE active=1");
while ($result2 = sql_fetch_array($query2)) {
?>
<option value="<?php
echo $result2['id'];
?>
"><?php
echo $result2['from_number'];
?>
</option>
<?php
}
sql_free_result($query2);
?>
</select>
</td>
