function __construct() { parent::__construct(); $mainframe =& JFactory::getApplication(); $option = 'com_rsticketspro'; $user = JFactory::getUser(); if ($user->get('guest')) { $link = JRequest::getURI(); $link = base64_encode($link); $user_option = RSTicketsProHelper::isJ16() ? 'com_users' : 'com_user'; $mainframe->redirect(RSTicketsProHelper::route('index.php?option=' . $user_option . '&view=login&return=' . $link, false)); } if (!RSTicketsProHelper::isStaff()) { JError::raiseWarning(500, JText::_('RST_STAFF_CANNOT_VIEW_USERS')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $this->_permissions = RSTicketsProHelper::getCurrentPermissions(); if (!$this->_permissions->add_ticket_customers && !$this->_permissions->add_ticket_staff) { JError::raiseWarning(500, JText::_('RST_STAFF_CANNOT_VIEW_USERS')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $this->_db = JFactory::getDBO(); // Get pagination request variables $limit = JRequest::getVar('limit', $mainframe->getCfg('list_limit'), '', 'int'); $limitstart = JRequest::getVar('limitstart', 0, '', 'int'); // In case limit has been changed, adjust it $limitstart = $limit != 0 ? floor($limitstart / $limit) * $limit : 0; $this->setState($option . '.users.limit', $limit); $this->setState($option . '.users.limitstart', $limitstart); $this->_query = $this->_buildQuery(); }
function display($tpl = null) { $mainframe =& JFactory::getApplication(); if (!$mainframe->isAdmin()) { $params = $mainframe->getParams('com_rsticketspro'); $this->assignRef('params', $params); } $data = $this->get('data'); $this->assignRef('data', $data); $this->assignRef('custom_fields', $this->get('customfields')); $user = JFactory::getUser(); $this->assign('is_logged', !$user->get('guest')); $this->assign('is_staff', RSTicketsProHelper::isStaff()); $this->assign('permissions', RSTicketsProHelper::getCurrentPermissions()); $this->assignRef('user', $user); $this->assign('use_editor', RSTicketsProHelper::getConfig('allow_rich_editor')); $this->assignRef('editor', JFactory::getEditor()); $show_please_select = true; $lists['priorities'] = JHTML::_('select.genericlist', RSTicketsProHelper::getPriorities($show_please_select), 'priority_id', '', 'value', 'text', @$data['priority_id'], 'submit_priority'); $lists['departments'] = JHTML::_('select.genericlist', RSTicketsProHelper::getDepartments($show_please_select), 'department_id', 'onchange="rst_show_custom_fields(this.value); rst_show_priority(this.value); rst_show_upload(this.value); rst_show_subject(this.value);"', 'value', 'text', @$data['department_id']); $lists['subject'] = JHTML::_('select.genericlist', RSTicketsProHelper::getSubjects(@$data['department_id'], $show_please_select), 'subject', '', 'value', 'text', @$data['subject'], 'submit_subject'); $this->assignRef('lists', $lists); $this->assignRef('departments', $this->get('departments')); $this->assign('can_upload', $this->get('canupload')); $this->assign('use_captcha', $this->get('usecaptcha')); $this->assign('use_builtin', $this->get('usebuiltin')); $this->assign('use_recaptcha', $this->get('userecaptcha')); if ($this->get('userecaptcha') && $mainframe->isSite()) { $this->assign('show_recaptcha', JReCAPTCHA::getHTML($this->get('recaptchaerror'))); } $this->assign('show_footer', RSTicketsProHelper::getConfig('rsticketspro_link')); $this->assign('footer', RSTicketsProHelper::getFooter()); $this->assign('use_predefined_subjects', RSTicketsProHelper::getConfig('allow_predefined_subjects')); if ($mainframe->isAdmin()) { $this->assign('checked_create_new_user', JRequest::getVar('submit_type', 1) == 1); $this->assign('checked_existing_user', JRequest::getVar('submit_type', 1) == 2); } if (RSTicketsProHelper::isJ16() && $mainframe->isSite()) { // Description if ($params->get('menu-meta_description')) { $this->document->setDescription($params->get('menu-meta_description')); } // Keywords if ($params->get('menu-meta_keywords')) { $this->document->setMetadata('keywords', $params->get('menu-meta_keywords')); } // Robots if ($params->get('robots')) { $this->document->setMetadata('robots', $params->get('robots')); } } parent::display(); }
function display($tpl = null) { $mainframe =& JFactory::getApplication(); if ($mainframe->isSite()) { $params = $mainframe->getParams('com_rsticketspro'); $this->assignRef('params', $params); } $departments = RSTicketsProHelper::getDepartments(); $lists['departments'] = JHTML::_('select.genericlist', $departments, 'department_id[]', 'size="5" multiple="multiple"', 'value', 'text', $departments); $lists['statuses'] = JHTML::_('select.genericlist', RSTicketsProHelper::getStatuses(), 'status_id[]', 'size="5" multiple="multiple"', 'value', 'text', RSTicketsProHelper::getStatuses()); $lists['priorities'] = JHTML::_('select.genericlist', RSTicketsProHelper::getPriorities(), 'priority_id[]', 'size="5" multiple="multiple"', 'value', 'text', RSTicketsProHelper::getPriorities()); $ordering = array(); $ordering[] = JHTML::_('select.option', 'date', JText::_('Default')); $ordering[] = JHTML::_('select.option', 'last_reply', JText::_('RST_TICKET_LAST_REPLY')); $ordering[] = JHTML::_('select.option', 'subject', JText::_('RST_TICKET_SUBJECT')); $ordering[] = JHTML::_('select.option', 'status', JText::_('RST_TICKET_STATUS')); $ordering[] = JHTML::_('select.option', 'priority', JText::_('RST_TICKET_PRIORITY')); $ordering[] = JHTML::_('select.option', 'replies', JText::_('RST_TICKET_REPLIES')); $lists['ordering'] = JHTML::_('select.genericlist', $ordering, 'filter_order', '', 'value', 'text'); $ordering_dir = array(); $ordering_dir[] = JHTML::_('select.option', 'DESC', JText::_('DESC')); $ordering_dir[] = JHTML::_('select.option', 'ASC', JText::_('ASC')); $lists['ordering_dir'] = JHTML::_('select.genericlist', $ordering_dir, 'filter_order_Dir', '', 'value', 'text'); $this->assign('is_staff', RSTicketsProHelper::isStaff()); $this->assign('permissions', RSTicketsProHelper::getCurrentPermissions()); $this->assign('is_advanced', JRequest::getVar('advanced', false)); $this->assignRef('lists', $lists); $this->assign('itemid', $this->get('itemid')); $this->assign('show_footer', RSTicketsProHelper::getConfig('rsticketspro_link')); $this->assign('footer', RSTicketsProHelper::getFooter()); if (RSTicketsProHelper::isJ16() && $mainframe->isSite()) { // Description if ($params->get('menu-meta_description')) { $this->document->setDescription($params->get('menu-meta_description')); } // Keywords if ($params->get('menu-meta_keywords')) { $this->document->setMetadata('keywords', $params->get('menu-meta_keywords')); } // Robots if ($params->get('robots')) { $this->document->setMetadata('robots', $params->get('robots')); } } parent::display(); }
function __construct() { parent::__construct(); $mainframe =& JFactory::getApplication(); $user = JFactory::getUser(); if ($user->get('guest')) { $link = JRequest::getURI(); $link = base64_encode($link); $user_option = RSTicketsProHelper::isJ16() ? 'com_users' : 'com_user'; $mainframe->redirect(RSTicketsProHelper::route('index.php?option=' . $user_option . '&view=login&return=' . $link, false)); } $this->is_staff = RSTicketsProHelper::isStaff(); if (!$this->is_staff) { JError::raiseWarning(500, JText::_('RST_CANNOT_UPDATE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $permissions = RSTicketsProHelper::getCurrentPermissions(); $message = $this->getRow(); // can update his own replies if (!$permissions->update_ticket_replies && $message->user_id == $user->get('id')) { JError::raiseWarning(500, JText::_('RST_CANNOT_UPDATE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } // can update customer replies $is_customer = !RSTicketsProHelper::isStaff($message->user_id); if (!$permissions->update_ticket_replies_customers && $is_customer) { JError::raiseWarning(500, JText::_('RST_CANNOT_UPDATE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } // can update staff replies $is_other_staff = !$is_customer && $message->user_id != $user->get('id'); if (!$permissions->update_ticket_replies_staff && $is_other_staff) { JError::raiseWarning(500, JText::_('RST_CANNOT_UPDATE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $this->_db = JFactory::getDBO(); $document =& JFactory::getDocument(); $document->addStyleSheet(JURI::root(true) . '/templates/system/css/system.css'); $document->addStyleSheet(JURI::root(true) . '/templates/system/css/general.css'); }
function _getPermissions() { $this->_permissions = RSTicketsProHelper::getCurrentPermissions(); }
function _buildQuery() { $mainframe =& JFactory::getApplication(); $option = 'com_rsticketspro'; $this->_db->setQuery("SELECT VERSION()"); $mysql_version = $this->_db->loadResult(); $what = RSTicketsProHelper::getConfig('show_user_info'); $cusername = $what == 'username' ? 'c.username AS customer' : 'c.username'; $cname = $what == 'name' ? 'c.name AS customer' : 'c.name'; $cemail = $what == 'email' ? 'c.email AS customer' : 'c.email'; $susername = $what == 'username' ? 's.username AS staff' : 's.username'; $sname = $what == 'name' ? 's.name AS staff' : 's.name'; $semail = $what == 'email' ? 's.email AS staff' : 's.email'; $query = "SELECT t.*, {$cusername}, {$cname}, {$cemail}, {$susername}, {$sname}, {$semail}, st.name AS status, pr.name AS priority FROM #__rsticketspro_tickets t LEFT JOIN #__users c ON (t.customer_id = c.id) LEFT JOIN #__users s ON (t.staff_id = s.id) LEFT JOIN #__rsticketspro_statuses st ON (st.id = t.status_id) LEFT JOIN #__rsticketspro_priorities pr ON (pr.id = t.priority_id) WHERE 1"; $user = JFactory::getUser(); // staff member ? $this->is_staff = RSTicketsProHelper::isStaff(); if ($this->is_staff) { $departments = RSTicketsProHelper::getCurrentDepartments(); // do we have a filter set ? $show_filter = $this->params->get('show_filter'); if ($show_filter) { switch ($show_filter) { case 'show_assigned': $query .= " AND staff_id = '" . (int) $user->get('id') . "'"; break; case 'show_submitted': $query .= " AND customer_id = '" . (int) $user->get('id') . "'"; break; case 'show_both': $query .= " AND (staff_id = '" . (int) $user->get('id') . "' OR customer_id = '" . (int) $user->get('id') . "')"; break; case 'show_unassigned': $query .= " AND staff_id = 0"; break; } } // detect current permissions $this->_permissions = RSTicketsProHelper::getCurrentPermissions(); // can see unassigned tickets ? if (!$this->_permissions->see_unassigned_tickets) { $query .= " AND staff_id > 0"; } // can see other (assigned) tickets ? if (!$this->_permissions->see_other_tickets) { $query .= " AND staff_id IN (0," . (int) $user->get('id') . ")"; } $flagged = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.flagged', 'flagged', 0, 'int'); if ($flagged) { $query .= " AND flagged='1'"; } } else { $query .= " AND customer_id = '" . (int) $user->get('id') . "'"; } $priority_id = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.priority_id', 'priority_id', array(0), 'array'); JArrayHelper::toInteger($priority_id, array(0)); if ($this->params->get('default_priority') && $priority_id[0] == 0) { $default_priority = $this->params->get('default_priority'); if (is_array($default_priority)) { $default_priority = implode(',', $default_priority); } $query .= " AND priority_id IN (" . $default_priority . ")"; } $status_id = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.status_id', 'status_id', array(0), 'array'); JArrayHelper::toInteger($status_id, array(0)); if ($this->params->get('default_status') && $status_id[0] == 0) { $default_status = $this->params->get('default_status'); if (is_array($default_status)) { $default_status = implode(',', $default_status); } $query .= " AND status_id IN (" . $default_status . ")"; } // are we searching ? //$task = $mainframe->getUserStateFromRequest($option.'.ticketsfilter.rsticketspro_search', 'task', '', 'int'); $task = JRequest::getCmd('task'); if ($task == 'search') { $session = JFactory::getSession(); $session->set($option . '.ticketsfilter.rsticketspro_search', 1); } $filter_word = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.filter_word', 'filter_word', ''); if ($filter_word) { $this->setState($option . '.ticketsfilter.filter_word', $filter_word); $filter_word = str_replace('%', '\\%', $filter_word); $filter_word = str_replace(' ', '%', $filter_word); $filter_word = $this->_db->getEscaped($filter_word); if (version_compare($mysql_version, '4.1', '<')) { $this->_db->setQuery("SELECT ticket_id FROM #__rsticketspro_ticket_messages WHERE message LIKE '%" . $filter_word . "%'"); $ticket_ids = $this->_db->loadResultArray(); if (empty($ticket_ids)) { $ticket_ids = array(0); } $query .= " AND (code LIKE '%" . $filter_word . "%' OR subject LIKE '%" . $filter_word . "%' OR t.id IN (" . implode(',', $ticket_ids) . "))"; } else { $query .= " AND (code LIKE '%" . $filter_word . "%' OR subject LIKE '%" . $filter_word . "%' OR t.id IN (SELECT ticket_id FROM #__rsticketspro_ticket_messages WHERE message LIKE '%" . $filter_word . "%'))"; } } $customer = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.customer', 'customer', '', 'string'); if ($customer && is_string($customer)) { $this->setState($option . '.ticketsfilter.customer', $customer); $customer = str_replace('%', '\\%', $customer); $customer = str_replace(' ', '%', $customer); $customer = $this->_db->getEscaped($customer); $query .= " AND (c.username LIKE '%" . $customer . "%' OR c.name LIKE '%" . $customer . "%' OR c.email LIKE '%" . $customer . "%')"; } $staff = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.staff', 'staff', ''); if (($staff || $staff === '0') && !is_object($staff) && !is_array($staff)) { $this->setState($option . '.ticketsfilter.staff', $staff); $staff = str_replace('%', '\\%', $staff); $staff = str_replace(' ', '%', $staff); $staff = $this->_db->getEscaped($staff); if ($staff === '0') { $query .= " AND staff_id = 0"; } else { $query .= " AND (s.username LIKE '%" . $staff . "%' OR s.name LIKE '%" . $staff . "%' OR s.email LIKE '%" . $staff . "%')"; } } $department_id = $mainframe->getUserStateFromRequest($option . '.ticketsfilter.department_id', 'department_id', array(0), 'array'); JArrayHelper::toInteger($department_id, array(0)); if (@$department_id[0] != 0) { $query .= " AND department_id IN (" . implode(',', $department_id) . ")"; } if ($this->is_staff && !empty($departments)) { if ($show_filter != 'show_assigned' && $show_filter != 'show_unassigned') { $query .= " AND (department_id IN (" . implode(',', $departments) . ") OR customer_id='" . $user->get('id') . "')"; } else { $query .= " AND department_id IN (" . implode(',', $departments) . ")"; } } $this->setState($option . '.ticketsfilter.department_id', $department_id); if ($priority_id) { if ($priority_id[0] != 0) { $query .= " AND priority_id IN (" . implode(',', $priority_id) . ")"; } $this->setState($option . '.ticketsfilter.priority_id', $priority_id); } if ($status_id) { if ($status_id[0] != 0) { $query .= " AND status_id IN (" . implode(',', $status_id) . ")"; } $this->setState($option . '.ticketsfilter.status_id', $status_id); } // end search check $sortColumn = $this->_db->getEscaped($this->getSortColumn()); $sortOrder = $this->_db->getEscaped($this->getSortOrder()); $query .= " ORDER BY " . $sortColumn . " " . $sortOrder; return $query; }
function _processData() { // don't process anything if the form hasn't been submitted if (empty($this->_data['task']) || $this->_data['task'] != 'submit') { return; } $mainframe =& JFactory::getApplication(); // get the customer (ticket submitter) information $user = JFactory::getUser(); if ($mainframe->isSite() && $user->get('guest') || $mainframe->isAdmin() && $this->_data['submit_type'] == 1) { jimport('joomla.mail.helper'); if (empty($this->_data['email']) || !JMailHelper::isEmailAddress($this->_data['email'])) { JError::raiseNotice(500, JText::_('RST_TICKET_EMAIL_ERROR')); return; } $this->_db->setQuery("SELECT id FROM #__users WHERE email LIKE '" . $this->_db->getEscaped($this->_data['email']) . "'"); $user_id = $this->_db->loadResult(); if ($user_id && RSTicketsProHelper::isStaff($user_id)) { JError::raiseNotice(500, JText::sprintf('RST_TICKET_EMAIL_STAFF_ERROR', $this->_data['email'])); return; } $this->_data['customer_id'] = 0; if (empty($this->_data['name'])) { JError::raiseNotice(500, JText::_('RST_TICKET_NAME_ERROR')); return; } } else { $this->_data['email'] = $user->get('email'); $this->_data['name'] = $user->get('name'); $this->_data['customer_id'] = $user->get('id'); if (RSTicketsProHelper::isStaff()) { $permissions = RSTicketsProHelper::getCurrentPermissions(); if (!$permissions->add_ticket && !$permissions->add_ticket_customers && !$permissions->add_ticket_staff) { JError::raiseWarning(500, JText::_('RST_STAFF_CANNOT_SUBMIT_TICKET')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } elseif ($permissions->add_ticket_customers || $permissions->add_ticket_staff) { $this->_data['email'] = ''; $this->_data['name'] = ''; $this->_data['customer_id'] = 0; $customer_id = JRequest::getInt('customer_id', 0, 'post'); if ($mainframe->isSite() && !$customer_id || $mainframe->isAdmin() && $this->_data['submit_type'] == 2 && !$customer_id) { JError::raiseNotice(500, JText::_('RST_TICKET_CUSTOMER_ERROR')); return; } $customer = JFactory::getUser($customer_id); $this->_data['email'] = $customer->get('email'); $this->_data['name'] = $customer->get('name'); $this->_data['customer_id'] = $customer->get('id'); } } } // must select a department if (empty($this->_data['department_id'])) { JError::raiseNotice(500, JText::_('RST_TICKET_DEPARTMENT_ERROR')); return; } // get all custom fields $custom_fields = $this->_getList("SELECT * FROM #__rsticketspro_custom_fields WHERE department_id='" . (int) $this->_data['department_id'] . "' AND published=1 ORDER BY ordering"); // get the submitted custom fields $sent_custom_fields = JRequest::getVar('rst_custom_fields', array(), 'post'); $sent_custom_fields = @$sent_custom_fields['department_' . $this->_data['department_id']]; // add the custom fields to an array so that we can send them as a parameter later on $correct_custom_fields = array(); foreach ($custom_fields as $field) { if ($field->type == 'freetext') { continue; } if ($field->required) { $validation_message = JText::_($field->validation); if (empty($validation_message)) { $validation_message = JText::sprintf('RST_VALIDATION_DEFAULT_ERROR', JText::_($field->label)); } if (empty($sent_custom_fields[$field->name])) { JError::raiseNotice(500, $validation_message); return false; } elseif (is_array($sent_custom_fields[$field->name]) && empty($sent_custom_fields[$field->name][0])) { JError::raiseNotice(500, $validation_message); return false; } } if (!empty($sent_custom_fields[$field->name])) { $correct_custom_fields[$field->id] = $sent_custom_fields[$field->name]; } } // must write a subject if (empty($this->_data['subject'])) { JError::raiseNotice(500, JText::_('RST_TICKET_SUBJECT_ERROR')); return; } // must write a message if (empty($this->_data['message'])) { JError::raiseNotice(500, JText::_('RST_TICKET_MESSAGE_ERROR')); return; } // must select a priority if (empty($this->_data['priority_id'])) { JError::raiseNotice(500, JText::_('RST_TICKET_PRIORITY_ERROR')); return; } if ($mainframe->isSite()) { $captcha_enabled = RSTicketsProHelper::getConfig('captcha_enabled'); $use_captcha = $this->getUseCaptcha(); if ($use_captcha && $captcha_enabled) { if ($captcha_enabled == 1) { $captcha_image = new JSecurImage(); $valid = $captcha_image->check($this->_data['captcha']); if (!$valid) { JError::raiseNotice(500, JText::_('RST_TICKET_CAPTCHA_ERROR')); return; } } elseif ($captcha_enabled == 2) { $privatekey = RSTicketsProHelper::getConfig('recaptcha_private_key'); $response = JReCAPTCHA::checkAnswer($privatekey, @$_SERVER['REMOTE_ADDR'], @$this->_data['recaptcha_challenge_field'], @$this->_data['recaptcha_response_field']); if ($response === false || !$response->is_valid) { $this->recaptcha_error = @$response->error; JError::raiseNotice(500, JText::_('RST_TICKET_CAPTCHA_ERROR')); return; } } } } $this->_data['agent'] = @$_SERVER['HTTP_USER_AGENT']; $this->_data['referer'] = @$_SERVER['HTTP_REFERER']; $this->_data['ip'] = @$_SERVER['REMOTE_ADDR']; $correct_files = array(); if ($this->getCanUpload()) { $department =& JTable::getInstance('RSTicketsPro_Departments', 'Table'); $department->load($this->_data['department_id']); $upload_extensions = str_replace("\r\n", "\n", $department->upload_extensions); $upload_extensions = explode("\n", $upload_extensions); $files = JRequest::get('files'); $files = @$files['rst_files']; if (is_array($files)) { foreach ($files['tmp_name'] as $i => $file_tmp) { if ($files['error'][$i] == 4) { continue; } switch ($files['error'][$i]) { default: $msg = 'RST_TICKET_UPLOAD_ERROR'; break; case 1: $msg = 'RST_TICKET_UPLOAD_ERROR_INI_SIZE'; break; case 2: $msg = 'RST_TICKET_UPLOAD_ERROR_FORM_SIZE'; break; case 3: $msg = 'RST_TICKET_UPLOAD_ERROR_PARTIAL'; break; case 6: $msg = 'RST_TICKET_UPLOAD_ERROR_NO_TMP_DIR'; break; case 7: $msg = 'RST_TICKET_UPLOAD_ERROR_CANT_WRITE'; break; case 8: $msg = 'RST_TICKET_UPLOAD_ERROR_PHP_EXTENSION'; break; } $file_name = $files['name'][$i]; if ($files['error'][$i]) { JError::raiseWarning(500, JText::sprintf($msg, $file_name)); return; } if (!RSTicketsProHelper::isAllowedExtension(RSTicketsProHelper::getExtension($file_name), $upload_extensions)) { $upload_extensions = implode(', ', $upload_extensions); JError::raiseNotice(500, JText::sprintf('RST_TICKET_UPLOAD_EXTENSION_ERROR', $file_name, $upload_extensions)); return; } if ($department->upload_size > 0 && $files['size'][$i] > $department->upload_size * 1048576) { JError::raiseWarning(500, JText::sprintf('RST_TICKET_UPLOAD_SIZE_ERROR', $file_name, $department->upload_size)); return; } $correct_files[] = array('src' => 'upload', 'tmp_name' => $file_tmp, 'name' => $file_name); } } } RSTicketsProHelper::addTicket($this->_data, $correct_custom_fields, $correct_files); $redirect = RSTicketsProHelper::getConfig('submit_redirect'); if ($redirect && $mainframe->isSite()) { $mainframe->redirect($redirect); } else { $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=submit', false), JText::_('RST_TICKET_SUBMIT_OK')); } }
function deletemessage() { $mainframe =& JFactory::getApplication(); $user = JFactory::getUser(); if ($user->get('guest')) { $link = JRequest::getURI(); $link = base64_encode($link); $user_option = RSTicketsProHelper::isJ16() ? 'com_users' : 'com_user'; $mainframe->redirect(RSTicketsProHelper::route('index.php?option=' . $user_option . '&view=login&return=' . $link, false)); } $is_staff = RSTicketsProHelper::isStaff(); if (!$is_staff) { JError::raiseWarning(500, JText::_('RST_CANNOT_DELETE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $permissions = RSTicketsProHelper::getCurrentPermissions(); $cid = JRequest::getInt('cid'); $message =& JTable::getInstance('RSTicketsPro_Ticket_Messages', 'Table'); $message->load($cid); // can update his own replies if (!$permissions->delete_ticket_replies && $message->user_id == $user->get('id')) { JError::raiseWarning(500, JText::_('RST_CANNOT_DELETE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } // can update customer replies $is_customer = !RSTicketsProHelper::isStaff($message->user_id); if (!$permissions->delete_ticket_replies_customers && $is_customer) { JError::raiseWarning(500, JText::_('RST_CANNOT_DELETE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } // can update staff replies $is_other_staff = !$is_customer && $message->user_id != $user->get('id'); if (!$permissions->delete_ticket_replies_staff && $is_other_staff) { JError::raiseWarning(500, JText::_('RST_CANNOT_DELETE_TICKET_MESSAGE')); $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false)); } $this->_db->setQuery("DELETE FROM #__rsticketspro_ticket_messages WHERE id='" . $cid . "' LIMIT 1"); $this->_db->query(); $this->_db->setQuery("UPDATE #__rsticketspro_tickets SET `replies`=`replies`-1 WHERE `id`='" . $message->ticket_id . "'"); $this->_db->query(); $this->_db->setQuery("SELECT `replies` FROM #__rsticketspro_tickets WHERE `id`='" . $message->ticket_id . "'"); if ($this->_db->loadResult() < 0) { $this->_db->setQuery("UPDATE #__rsticketspro_tickets SET `replies`=0 WHERE `id`='" . $message->ticket_id . "'"); $this->_db->query(); } $ticket_id = $message->ticket_id; $mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=ticket&cid=' . $ticket_id, false), JText::_('RST_DELETE_TICKET_MESSAGE_OK')); }