function archiveTicket($id)
{
$ticket = new Ticket($id);
$tid = $ticket->getExtId();
// Delete orphan tickets.
$owner = $ticket->getOwner();
if (!$owner) {
$ticket->delete();
return;
}
$o_name = $owner->getName();
$threads = $ticket->getThreadEntries(array('M', 'R', 'N'));
$out = ["id" => $tid, "department" => $ticket->getDeptName(), "subject" => $ticket->getSubject(), "opened" => $ticket->getOpenDate(), "closed" => $ticket->getCloseDate(), "owner" => (isset($o_name->name) ? $o_name->name : '') . " <" . $owner->getEmail() . ">", "thread" => []];
$date = date("Y-m-d", strtotime($out["opened"]));
$path = TICKET_PATH . "/" . $date . "/";
if (!@file_exists($path)) {
@mkdir($path);
}
// Individual messages.
foreach ($threads as $th) {
$out["thread"][] = ["id" => $th["id"], "staff_id" => $th["staff_id"], "thread_type" => $th["thread_type"], "poster" => $th["poster"], "title" => $th["title"], "body" => $th["body"], "created" => $th["created"], "updated" => $th["updated"], "attachments" => intval($th["attachments"])];
// Process attachments.
if ($th["attachments"] != 0) {
$entry = $ticket->getThreadEntry($th['id']);
$attachments = $entry->getAttachments();
foreach ($attachments as $a) {
$file = Attachment::lookup($a["attach_id"])->getFile();
$ext = $ext = strtolower(substr(strrchr($file->getName(), '.'), 1));
$fname = $tid . "_" . $th["id"] . "." . $ext;
@file_put_contents(ATTACHMENT_PATH . "/" . $fname, $file->getData());
}
}
}
// write the ticket to disk
file_put_contents($path . $tid, json_encode($out, JSON_PRETTY_PRINT));
// delete the ticket from the db
$ticket->delete();
}
/*********************************************************************
attachment.php
Handles attachment downloads & access validation.
Peter Rotich <*****@*****.**>
Copyright (c) 2006-2013 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
require('staff.inc.php');
require_once(INCLUDE_DIR.'class.attachment.php');
//Basic checks
if(!$thisstaff || !$_GET['id'] || !$_GET['h']
|| !($attachment=Attachment::lookup($_GET['id']))
|| !($file=$attachment->getFile()))
Http::response(404, __('Unknown or invalid file'));
//Validate session access hash - we want to make sure the link is FRESH! and the user has access to the parent ticket!!
$vhash=md5($attachment->getFileId().session_id().strtolower($file->getKey()));
if(strcasecmp(trim($_GET['h']),$vhash) || !($ticket=$attachment->getTicket()) || !$ticket->checkStaffAccess($thisstaff)) die(__('Access Denied'));
//Download the file..
$file->download();
?>
<?php
/*********************************************************************
attachment.php
Handles attachment downloads & access validation.
Peter Rotich <*****@*****.**>
Copyright (c) 2006-2012 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
require 'staff.inc.php';
require_once INCLUDE_DIR . 'class.attachment.php';
//Basic checks
if (!$thisstaff || !$_GET['id'] || !$_GET['h'] || !($attachment = Attachment::lookup($_GET['id'])) || !($file = $attachment->getFile())) {
die('Unknown attachment!');
}
//Validate session access hash - we want to make sure the link is FRESH! and the user has access to the parent ticket!!
$vhash = md5($attachment->getFileId() . session_id() . $file->getHash());
if (strcasecmp(trim($_GET['h']), $vhash) || !($ticket = $attachment->getTicket()) || !$ticket->checkStaffAccess($thisstaff)) {
die('Access Denied');
}
//Download the file..
$file->download();
