}
break;
case 'create':
if ($id = Canned::create($_POST, $errors)) {
$msg = 'Canned response added successfully';
$_REQUEST['a'] = null;
//Upload attachments
if ($_FILES['attachments'] && ($c = Canned::lookup($id)) && ($files = AttachmentFile::format($_FILES['attachments']))) {
$c->attachments->upload($files);
}
// Attach inline attachments from the editor
if (isset($_POST['draft_id']) && ($draft = Draft::lookup($_POST['draft_id']))) {
$c->attachments->upload($draft->getAttachmentIds($_POST['response']), true);
}
// Delete this user's drafts for new canned-responses
Draft::deleteForNamespace('canned', $thisstaff->getId());
} elseif (!$errors['err']) {
$errors['err'] = 'Unable to add canned response. Correct error(s) below and try again.';
}
break;
case 'mass_process':
if (!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) {
$errors['err'] = 'You must select at least one canned response';
} else {
$count = count($_POST['ids']);
switch (strtolower($_POST['a'])) {
case 'enable':
$sql = 'UPDATE ' . CANNED_TABLE . ' SET isenabled=1 ' . ' WHERE canned_id IN (' . implode(',', db_input($_POST['ids'])) . ')';
if (db_query($sql) && ($num = db_affected_rows())) {
if ($num == $count) {
$msg = 'Selected canned responses enabled';
if (!$_POST['email_id'] || !($email = Email::lookup($_POST['email_id']))) {
$errors['email_id'] = __('Select from email address');
}
if (!$_POST['email'] || !Validator::is_email($_POST['email'])) {
$errors['email'] = __('To email address required');
}
if (!$_POST['subj']) {
$errors['subj'] = __('Subject required');
}
if (!$_POST['message']) {
$errors['message'] = __('Message required');
}
if (!$errors && $email) {
if ($email->send($_POST['email'], $_POST['subj'], Format::sanitize($_POST['message']), null, array('reply-tag' => false))) {
$msg = Format::htmlchars(sprintf(__('Test email sent successfully to <%s>'), $_POST['email']));
Draft::deleteForNamespace('email.diag');
} else {
$errors['err'] = __('Error sending email - try again.');
}
} elseif ($errors['err']) {
$errors['err'] = __('Error sending email - try again.');
}
}
$info = Format::htmlchars($errors && $_POST ? $_POST : $info);
$nav->setTabActive('emails');
$ost->addExtraHeader('<meta name="tip-namespace" content="emails.diagnostic" />', "\$('#content').data('tipNamespace', '" . $tip_namespace . "');");
require STAFFINC_DIR . 'header.inc.php';
?>
<form action="emailtest.php" method="post" id="save">
<?php
csrf_token();
} elseif($cfg->isCaptchaEnabled()) {
if(!$_POST['captcha'])
$errors['captcha']=__('Enter text shown on the image');
elseif(strcmp($_SESSION['captcha'], md5(strtoupper($_POST['captcha']))))
$errors['captcha']=__('Invalid - try again!');
}
$tform = TicketForm::objects()->one()->getForm($vars);
$messageField = $tform->getField('message');
$attachments = $messageField->getWidget()->getAttachments();
if (!$errors && $messageField->isAttachmentsEnabled())
$vars['cannedattachments'] = $attachments->getClean();
// Drop the draft.. If there are validation errors, the content
// submitted will be displayed back to the user
Draft::deleteForNamespace('ticket.client.'.substr(session_id(), -12));
//Ticket::create...checks for errors..
if(($ticket=Ticket::create($vars, $errors, SOURCE))){
$msg=__('Support ticket request created');
// Drop session-backed form data
unset($_SESSION[':form-data']);
//Logged in...simply view the newly created ticket.
if($thisclient && $thisclient->isValid()) {
session_write_close();
session_regenerate_id();
@header('Location: tickets.php?id='.$ticket->getId());
}
}else{
$errors['err']=$errors['err']?$errors['err']:__('Unable to create a ticket. Please correct errors below and try again!');
}
}
switch ($_POST['a']) {
case 'open':
$ticket = null;
if (!$thisstaff || !$thisstaff->canCreateTickets()) {
$errors['err'] = sprintf('%s %s', sprintf(__('You do not have permission %s.'), __('to create tickets')), __('Contact admin for such access'));
} else {
$vars = $_POST;
$vars['uid'] = $user ? $user->getId() : 0;
$vars['cannedattachments'] = $response_form->getField('attachments')->getClean();
if ($ticket = Ticket::open($vars, $errors)) {
$msg = __('Ticket created successfully');
$_REQUEST['a'] = null;
if (!$ticket->checkStaffAccess($thisstaff) || $ticket->isClosed()) {
$ticket = null;
}
Draft::deleteForNamespace('ticket.staff%', $thisstaff->getId());
// Drop files from the response attachments widget
$response_form->setSource(array());
$response_form->getField('attachments')->reset();
unset($_SESSION[':form-data']);
} elseif (!$errors['err']) {
$errors['err'] = __('Unable to create the ticket. Correct the error(s) and try again');
}
}
break;
}
}
if (!$errors) {
$thisstaff->resetStats();
}
//We'll need to reflect any changes just made!
if(!$errors) {
//Everything checked out...do the magic.
$vars = array(
'userId' => $thisclient->getId(),
'poster' => (string) $thisclient->getName(),
'message' => $_POST['message']);
$vars['cannedattachments'] = $attachments->getClean();
if (isset($_POST['draft_id']))
$vars['draft_id'] = $_POST['draft_id'];
if(($msgid=$ticket->postMessage($vars, 'Web'))) {
$msg=__('Message Posted Successfully');
// Cleanup drafts for the ticket. If not closed, only clean
// for this staff. Else clean all drafts for the ticket.
Draft::deleteForNamespace('ticket.client.' . $ticket->getId());
// Drop attachments
$attachments->reset();
$tform->setSource(array());
} else {
$errors['err']=__('Unable to post the message. Try again');
}
} elseif(!$errors['err']) {
$errors['err']=__('Error(s) occurred. Please try again');
}
break;
default:
$errors['err']=__('Unknown action');
}
$ticket->reload();
function deleteDrafts()
{
Draft::deleteForNamespace('ticket.%.' . $this->getId());
}
Draft::deleteForNamespace('faq', $thisstaff->getId());
} elseif (!$errors['err']) {
$errors['err'] = 'Unable to add FAQ. Try again!';
}
break;
case 'update':
case 'edit':
if (!$faq) {
$errors['err'] = 'Invalid or unknown FAQ';
} elseif ($faq->update($_POST, $errors)) {
$msg = 'FAQ updated successfully';
$_REQUEST['a'] = null;
//Go back to view
$faq->reload();
// Delete pending draft updates for this faq (for ALL users)
Draft::deleteForNamespace('faq.' . $faq->getId());
} elseif (!$errors['err']) {
$errors['err'] = 'Unable to update FAQ. Try again!';
}
break;
case 'manage-faq':
if (!$faq) {
$errors['err'] = 'Unknown or invalid FAQ';
} else {
switch (strtolower($_POST['a'])) {
case 'edit':
$_GET['a'] = 'edit';
break;
case 'publish':
if ($faq->publish()) {
$msg = 'FAQ published successfully';
} elseif ($template->update($_POST, $errors)) {
$msg = sprintf(__('Successfully updated %s'), __('this message template'));
// Drop drafts for this template for ALL users
Draft::deleteForNamespace('tpl.' . $template->getCodeName() . '.' . $template->getTplId());
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Error updating %s. Try again!'), __('this template'));
}
break;
case 'implement':
if (!$template) {
$errors['err'] = sprintf(__('%s: Unknown or invalid'), __('template set'));
} elseif ($new = EmailTemplate::add($_POST, $errors)) {
$template = $new;
$msg = sprintf(__('Successfully updated %s'), __('this message template'));
// Drop drafts for this user for this template
Draft::deleteForNamespace('tpl.' . $new->getCodeName() . $new->getTplId(), $thisstaff->getId());
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Error updating %s. Try again!'), __('this message template'));
}
break;
case 'update':
if (!$template) {
$errors['err'] = sprintf(__('%s: Unknown or invalid'), __('template set'));
} elseif ($template->update($_POST, $errors)) {
$msg = sprintf(__('Successfully updated %s'), mb_convert_case(__('this message template'), MB_CASE_TITLE));
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Error updating %s. Try again!'), __('this message template'));
}
break;
case 'add':
if ($new = EmailTemplateGroup::add($_POST, $errors)) {
Draft::deleteForNamespace('page');
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Unable to add %s. Correct error(s) below and try again.'), __('this site page'));
}
break;
case 'update':
if (!$page) {
$errors['err'] = sprintf(__('%s: Invalid or unknown'), __('site page'));
} elseif ($page->update($_POST, $errors)) {
$msg = sprintf(__('Successfully updated %s'), __('this site page'));
$_REQUEST['a'] = null;
//Go back to view
// Attach inline attachments from the editor
$page->attachments->deleteInlines();
$page->attachments->upload(Draft::getAttachmentIds($_POST['body']), true);
Draft::deleteForNamespace('page.' . $page->getId());
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Unable to update %s. Correct error(s) below and try again.'), __('this site page'));
}
break;
case 'mass_process':
if (!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) {
$errors['err'] = sprintf(__('You must select at least %s.'), __('one site page'));
} elseif (array_intersect($_POST['ids'], $cfg->getDefaultPages()) && strcasecmp($_POST['a'], 'enable')) {
$errors['err'] = sprintf(__('One or more of the %s is in-use and CANNOT be disabled/deleted.'), _N('selected site page', 'selected site pages', 2));
} else {
$count = count($_POST['ids']);
switch (strtolower($_POST['a'])) {
case 'enable':
$sql = 'UPDATE ' . PAGE_TABLE . ' SET isactive=1 ' . ' WHERE id IN (' . implode(',', db_input($_POST['ids'])) . ')';
if (db_query($sql) && ($num = db_affected_rows())) {
