function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $action = 'profile_page')
{
global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned;
?>
<div role="tabpanel">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="active"><a href="#profile-info" aria-controls="profile-info" role="tab" data-toggle="tab"><?php
echo $hesklang['pinfo'];
?>
</a></li>
<?php
if (!$is_profile_page) {
?>
<li role="presentation"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php
echo $hesklang['permissions'];
?>
</a></li>
<?php
}
?>
<li role="presentation"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php
echo $hesklang['sig'];
?>
</a></li>
<li role="presentation"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php
echo $hesklang['pref'];
?>
</a></li>
<li role="presentation"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php
echo $hesklang['notn'];
?>
</a></li>
</ul>
<!-- Tab panes -->
<div class="tab-content summaryList tabPadding">
<div role="tabpanel" class="tab-pane fade in active" id="profile-info">
<div class="form-group">
<label for="name" class="col-md-3 control-label"><?php
echo $hesklang['real_name'];
?>
: <font class="important">*</font></label>
<div class="col-md-9">
<input type="text" class="form-control" name="name" size="40" maxlength="50" value="<?php
echo $_SESSION[$session_array]['name'];
?>
" placeholder="<?php
echo htmlspecialchars($hesklang['real_name']);
?>
" />
</div>
</div>
<div class="form-group">
<label for="email" class="col-md-3 control-label"><?php
echo $hesklang['email'];
?>
: <font class="important">*</font></label>
<div class="col-md-9">
<input type="text" class="form-control" name="email" size="40" maxlength="255" placeholder="<?php
echo htmlspecialchars($hesklang['email']);
?>
" value="<?php
echo $_SESSION[$session_array]['email'];
?>
" />
</div>
</div>
<?php
if (!$is_profile_page || $_SESSION['isadmin']) {
?>
<div class="form-group">
<label for="user" class="col-md-3 control-label"><?php
echo $hesklang['username'];
?>
: <font
class="important">*</font></label>
<div class="col-md-9">
<input type="text" class="form-control" name="user" size="40" maxlength="20"
value="<?php
echo $_SESSION[$session_array]['user'];
?>
"
placeholder="<?php
echo htmlspecialchars($hesklang['username']);
?>
"/>
</div>
</div>
<?php
}
$passwordRequiredSpan = $action == 'create_user' ? '' : 'display:none';
?>
<div class="form-group">
<label for="pass" class="col-md-3 control-label"><?php
echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass'];
?>
: <span class="important" style="<?php
echo $passwordRequiredSpan;
?>
">*</span></label>
<div class="col-md-9">
<input type="password" class="form-control" name="newpass" autocomplete="off" size="40" placeholder="<?php
echo htmlspecialchars($hesklang['pass']);
?>
" value="<?php
echo isset($_SESSION[$session_array]['cleanpass']) ? $_SESSION[$session_array]['cleanpass'] : '';
?>
" onkeyup="javascript:hesk_checkPassword(this.value)" />
</div>
</div>
<div class="form-group">
<label for="confirmPass" class="col-md-3 control-label"><?php
echo $hesklang['confirm_pass'];
?>
: <span class="important" style="<?php
echo $passwordRequiredSpan;
?>
">*</span></label>
<div class="col-md-9">
<input type="password" name="newpass2" class="form-control" autocomplete="off" placeholder="<?php
echo htmlspecialchars($hesklang['confirm_pass']);
?>
" size="40" value="<?php
echo isset($_SESSION[$session_array]['cleanpass']) ? $_SESSION[$session_array]['cleanpass'] : '';
?>
" />
</div>
</div>
<div class="form-group">
<label for="pwStrength" class="col-md-3 control-label"><?php
echo $hesklang['pwdst'];
?>
:</label>
<div class="col-md-9">
<div class="progress">
<div id="progressBar" class="progress-bar progress-bar-danger" role="progressbar" aria-valuemin="0" aria-valuemax="100" style="width: 0%">
</div>
</div>
</div>
</div>
<?php
if (!$is_profile_page) {
?>
<div class="blankSpace"></div>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<?php
if ($hesk_settings['autoassign']) {
?>
<div class="checkbox">
<label><input type="checkbox" name="autoassign"
value="Y" <?php
if (!isset($_SESSION[$session_array]['autoassign']) || $_SESSION[$session_array]['autoassign'] == 1) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['user_aa'];
?>
</label>
</div>
<?php
}
?>
</div>
</div>
<?php
}
?>
</div>
<?php
if (!$is_profile_page) {
?>
<div role="tabpanel" class="tab-pane fade" id="permissions">
<div class="form-group">
<label for="administrator" class="col-md-3 control-label"><?php
echo $hesklang['permission_template_colon'];
?>
</label>
<div class="col-md-9">
<?php
// Get list of permission templates. If current user is not admin, exclude permission tpl 1
$excludeSql = $_SESSION['isadmin'] ? '' : " WHERE `heskprivileges` <> 'ALL'";
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`" . $excludeSql);
$templates = array();
echo '<select name="template" id="permission-tpl" class="form-control" onchange="updateCheckboxes()">';
while ($row = hesk_dbFetchAssoc($res)) {
array_push($templates, $row);
$selected = $_SESSION[$session_array]['permission_template'] == $row['id'] ? 'selected' : '';
echo '<option value="' . $row['id'] . '" ' . $selected . '>' . htmlspecialchars($row['name']) . '</option>';
}
$selected = $_SESSION[$session_array]['permission_template'] == '-1' ? 'selected' : '';
echo '<option value="-1" ' . $selected . '>' . htmlspecialchars($hesklang['custom']) . '</option>';
echo '</select>';
outputCheckboxJavascript();
?>
</div>
</div>
<div id="options">
<div class="form-group">
<label for="categories[]" class="col-md-3 control-label"><?php
echo $hesklang['allowed_cat'];
?>
: <font class="important">*</font></label>
<div class="col-md-9">
<?php
foreach ($hesk_settings['categories'] as $catid => $catname) {
echo '<div class="checkbox"><label><input id="cat-' . $catid . '" class="cat-checkbox"
type="checkbox" name="categories[]" onchange="setTemplateToCustom()" value="' . $catid . '" ';
if (in_array($catid, $_SESSION[$session_array]['categories'])) {
echo ' checked="checked" ';
}
echo ' />' . $catname . '</label></div> ';
}
?>
</div>
</div>
<div class="form-group">
<label for="features[]" class="col-md-3 control-label"><?php
echo $hesklang['allow_feat'];
?>
: <font class="important">*</font></label>
<div class="col-md-9">
<?php
foreach ($hesk_settings['features'] as $k) {
echo '<div class="checkbox"><label><input id="feat-' . $k . '" class="feat-checkbox"
type="checkbox" name="features[]" onchange="setTemplateToCustom()" value="' . $k . '" ';
if (in_array($k, $_SESSION[$session_array]['features'])) {
echo ' checked="checked" ';
}
echo ' />' . $hesklang[$k] . '</label></div> ';
}
?>
</div>
</div>
</div>
</div>
<?php
}
?>
<div role="tabpanel" class="tab-pane fade" id="signature">
<div class="form-group">
<label for="signature" class="col-md-3 control-label"><?php
echo $hesklang['signature_max'];
?>
:</label>
<div class="col-md-9">
<textarea class="form-control" name="signature" rows="6" placeholder="<?php
echo htmlspecialchars($hesklang['sig']);
?>
" cols="40"><?php
echo $_SESSION[$session_array]['signature'];
?>
</textarea>
<?php
echo $hesklang['sign_extra'];
?>
</div>
</div>
</div>
<div role="tabpanel" class="tab-pane fade" id="preferences">
<?php
if (!$is_profile_page || $can_reply_tickets) {
?>
<div class="form-group">
<label for="afterreply" class="col-sm-3 control-label"><?php
echo $hesklang['aftrep'];
?>
:</label>
<div class="col-sm-9">
<div class="radio">
<label><input type="radio" name="afterreply" value="0" <?php
if (!$_SESSION[$session_array]['afterreply']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['showtic'];
?>
</label>
</div>
<div class="radio">
<label><input type="radio" name="afterreply" value="1" <?php
if ($_SESSION[$session_array]['afterreply'] == 1) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['gomain'];
?>
</label>
</div>
<div class="radio">
<label><input type="radio" name="afterreply" value="2" <?php
if ($_SESSION[$session_array]['afterreply'] == 2) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['shownext'];
?>
</label>
</div>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label"><?php
echo $hesklang['defaults'];
?>
:</label>
<div class="col-sm-9">
<?php
if ($hesk_settings['time_worked']) {
?>
<div class="checkbox">
<label><input type="checkbox" name="autostart" value="1" <?php
if (!empty($_SESSION[$session_array]['autostart'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['autoss'];
?>
</label>
</div>
<?php
}
?>
<div class="checkbox">
<label><input type="checkbox" name="notify_customer_new" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_customer_new'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pncn'];
?>
</label><br />
</div>
<div class="checkbox">
<label><input type="checkbox" name="notify_customer_reply" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_customer_reply'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pncr'];
?>
</label><br />
</div>
<div class="checkbox">
<label><input type="checkbox" name="show_suggested" value="1" <?php
if (!empty($_SESSION[$session_array]['show_suggested'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pssy'];
?>
</label><br />
</div>
</div>
</div>
<?php
}
?>
<div class="form-group">
<label for="autoRefresh" class="col-sm-3 control-label"><?php
echo $hesklang['ticket_auto_refresh'];
?>
</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="autorefresh" name="autorefresh" value="<?php
echo $_SESSION[$session_array]['autorefresh'];
?>
">
<span class="help-block"><?php
echo $hesklang['autorefresh_restrictions'];
?>
</span>
</div>
</div>
</div>
<div role="tabpanel" class="tab-pane fade" id="notifications">
<?php
$disabledText = !$_SESSION[$session_array]['isadmin'] && strpos($_SESSION[$session_array]['heskprivileges'], 'can_change_notification_settings') === false ? 'disabled' : '';
if (!$is_profile_page) {
$disabledText = '';
}
if ($disabledText == 'disabled') {
?>
<div class="alert alert-info"><?php
echo $hesklang['notifications_disabled_info'];
?>
</div>
<?php
}
?>
<div class="form-group">
<?php
if (!$is_profile_page || $can_view_tickets) {
if (!$is_profile_page || $can_view_unassigned) {
?>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_new_unassigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['nwts'];
?>
<?php
echo $hesklang['unas'];
?>
</label></div></div>
<?php
if ($disabledText == 'disabled') {
?>
<input type="hidden" name="notify_new_unassigned" value="<?php
echo !empty($_SESSION[$session_array]['notify_new_unassigned']) ? '1' : '0';
?>
">
<?php
}
} else {
?>
<input type="hidden" name="notify_new_unassigned" value="0" />
<?php
}
?>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_new_my" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_new_my'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['nwts'];
?>
<?php
echo $hesklang['s_my'];
?>
</label></div></div>
<?php
if ($disabledText == 'disabled') {
?>
<input type="hidden" name="notify_new_my" value="<?php
echo !empty($_SESSION[$session_array]['notify_new_my']) ? '1' : '0';
?>
">
<?php
}
if (!$is_profile_page || $can_view_unassigned) {
?>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['ncrt'];
?>
<?php
echo $hesklang['unas'];
?>
</label></div></div>
<?php
if ($disabledText == 'disabled') {
?>
<input type="hidden" name="notify_reply_unassigned" value="<?php
echo !empty($_SESSION[$session_array]['notify_reply_unassigned']) ? '1' : '0';
?>
">
<?php
}
} else {
?>
<input type="hidden" name="notify_reply_unassigned" value="0" />
<?php
}
?>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_reply_my" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_reply_my'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['ncrt'];
?>
<?php
echo $hesklang['s_my'];
?>
</label></div></div>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_assigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_assigned'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['ntam'];
?>
</label></div></div>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_note" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_note'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['ntnote'];
?>
</label></div></div>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_pm" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_pm'])) {
echo 'checked="checked"';
}
echo ' ' . $disabledText;
?>
/> <?php
echo $hesklang['npms'];
?>
</label></div></div>
<?php
if ($disabledText == 'disabled') {
?>
<input type="hidden" name="notify_reply_my" value="<?php
echo !empty($_SESSION[$session_array]['notify_reply_my']) ? '1' : '0';
?>
">
<input type="hidden" name="notify_assigned" value="<?php
echo !empty($_SESSION[$session_array]['notify_assigned']) ? '1' : '0';
?>
">
<input type="hidden" name="notify_note" value="<?php
echo !empty($_SESSION[$session_array]['notify_note']) ? '1' : '0';
?>
">
<input type="hidden" name="notify_pm" value="<?php
echo !empty($_SESSION[$session_array]['notify_pm']) ? '1' : '0';
?>
">
<?php
}
if ($_SESSION['isadmin']) {
?>
<div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_note_unassigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_note_unassigned'])) {
echo 'checked="checked"';
}
?>
> <?php
echo $hesklang['notify_note_unassigned'];
?>
</label></div> </div>
<?php
}
}
?>
</div>
</div>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<?php
if ($action == 'profile_page') {
?>
<input type="hidden" name="action" value="update">
<input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
">
<input type="submit" class="btn btn-default" value="<?php
echo $hesklang['update_profile'];
?>
">
<?php
} elseif ($action == 'create_user') {
?>
<input type="hidden" name="a" value="new" />
<input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
" />
<input type="submit" value="<?php
echo $hesklang['create_user'];
?>
" class="btn btn-default">
<a href="manage_users.php?a=reset_form" class="btn btn-danger"><?php
echo $hesklang['refi'];
?>
</a></p>
<?php
} elseif ($action == 'edit_user') {
?>
<input type="hidden" name="a" value="save" />
<input type="hidden" name="userid" value="<?php
echo intval(hesk_GET('id'));
?>
" />
<input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
" />
<input type="hidden" name="active" value="<?php
echo $_SESSION[$session_array]['active'];
?>
">
<input class="btn btn-default" type="submit" value="<?php
echo $hesklang['save_changes'];
?>
" />
<a class="btn btn-danger" href="manage_users.php"><?php
echo $hesklang['dich'];
?>
</a>
<?php
}
?>
</div>
</div>
</div>
</div>
<script language="Javascript" type="text/javascript"><!--
hesk_checkPassword(document.form1.newpass.value);
//-->
</script>
<?php
}
function toggle_type()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']);
$_SESSION['selcat2'] = $catid;
if (intval(hesk_GET('s'))) {
$type = 1;
$tmp = $hesklang['cpriv'];
} else {
$type = 0;
$tmp = $hesklang['cpub'];
}
/* Update auto-assign settings */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php');
}
hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS');
}
<h3 align="center"><?php
echo $hesklang['profile_for'] . ' <b>' . $_SESSION['new']['user'];
?>
</b></h3>
<p align="center"><?php
echo $hesklang['req_marked_with'];
?>
<span class="important">*</span></p>
<?php
if ($hesk_settings['can_sel_lang']) {
/* Update preferred language in the database? */
if (isset($_GET['save_language'])) {
$newlang = hesk_input(hesk_GET('language'));
/* Only update if it's a valid language */
if (isset($hesk_settings['languages'][$newlang])) {
$newlang = $newlang == HESK_DEFAULT_LANGUAGE ? "NULL" : "'" . hesk_dbEscape($newlang) . "'";
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `language`={$newlang} WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1");
}
}
$str = '<form method="get" action="profile.php" style="margin:0;padding:0;border:0;white-space:nowrap;">';
$str .= '<input type="hidden" name="save_language" value="1" />';
$str .= '<p>' . $hesklang['chol'] . ': ';
if (!isset($_GET)) {
$_GET = array();
}
foreach ($_GET as $k => $v) {
if ($k == 'language' || $k == 'save_language') {
continue;
// Get all the required files and functions
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
hesk_load_database_functions();
// Is rating enabled?
if (!$hesk_settings['rating']) {
die($hesklang['rdis']);
}
// Rating value
$rating = intval(hesk_GET('rating', 0));
// Rating can only be 1 or 5
if ($rating != 1 && $rating != 5) {
die($hesklang['attempt']);
}
// Reply ID
$reply_id = intval(hesk_GET('id', 0)) or die($hesklang['attempt']);
// Ticket tracking ID
$trackingID = hesk_cleanID() or die($hesklang['attempt']);
// Connect to database
hesk_dbConnect();
// Get reply info to verify tickets match
$result = hesk_dbQuery("SELECT `replyto`,`rating`,`staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$reply_id}' LIMIT 1");
$reply = hesk_dbFetchAssoc($result);
// Does the ticket ID match the one in the request?
$result = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='{$reply['replyto']}' LIMIT 1");
// -> Ticket found?
if (hesk_dbNumRows($result) != 1) {
die($hesklang['attempt']);
}
// -> Does the tracking ID match?
$ticket = hesk_dbFetchAssoc($result);
break;
default:
$_GET['time'] = 3;
$selected['time'][3] = 'selected="selected"';
}
}
unset($tmp);
// Start SQL statement for selecting tickets
$sql = "SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE ";
// Some default settings
$archive = array(1 => 0, 2 => 0);
$s_my = array(1 => 1, 2 => 1);
$s_ot = array(1 => 1, 2 => 1);
$s_un = array(1 => 1, 2 => 1);
// --> TICKET CATEGORY
$category = intval(hesk_GET('category', 0));
// Make sure user has access to this category
if ($category && hesk_okCategory($category, 0)) {
$sql .= " `category`='{$category}' ";
} else {
$sql .= hesk_myCategories();
}
// Show only tagged tickets?
if (!empty($_GET['archive'])) {
$archive[1] = 1;
$sql .= " AND `archive`='1' ";
}
// Ticket owner preferences
$fid = 1;
require HESK_PATH . 'inc/assignment_search.inc.php';
// --> TICKET STATUS
* Removing any of the copyright notices without purchasing a license
* is expressly forbidden. To remove HESK copyright notice you must purchase
* a license for this script. For more information on how to obtain
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', '../');
/* Get all the required files and functions */
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
require HESK_PATH . 'inc/admin_functions.inc.php';
$id = hesk_input(hesk_GET('i'));
$query = hesk_input(hesk_utf8_urldecode(hesk_GET('q')));
$type = hesk_input(hesk_GET('t', 'text'));
$maxlen = intval(hesk_GET('m', 255));
$query = stripslashes($query);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML; 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title><?php
echo $hesklang['opt'];
?>
</title>
<meta http-equiv="Content-Type" content="text/html;charset=<?php
echo $hesklang['ENCODING'];
?>
" />
<style type="text/css">
body
function show_message()
{
global $hesk_settings, $hesklang, $admins;
$id = intval(hesk_GET('id'));
/* Get the message details */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1");
$num = hesk_dbNumRows($res);
if ($num) {
$pm = hesk_dbFetchAssoc($res);
/* Allowed to read the message? */
if ($pm['to'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['from'];
}
} elseif ($pm['from'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['to'];
}
$hesk_settings['mailtmp']['this'] = 'from';
$hesk_settings['mailtmp']['other'] = 'to';
$hesk_settings['mailtmp']['m_from'] = $hesklang['m_to'];
$hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>';
$hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>';
$hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>';
} else {
hesk_process_message($hesklang['m_ena'], 'mail.php');
}
/* Mark as read */
if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) {
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1");
}
$pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
$pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true);
?>
<div class="container mail-from-user-table">
<div>
<div>
<div class="form-inline mail-info-table">
<div class="form-group mail-from-date-subject">
<div class="form-inline">
<span><b><?php
echo $hesk_settings['mailtmp']['m_from'];
?>
</b></span>
<span><?php
echo $pm['name'];
?>
</span>
</div>
<div class="form-inline">
<span><b><?php
echo $hesklang['date'];
?>
</b></span>
<span><?php
echo $pm['dt'];
?>
</span>
</div>
<div class="form-inline">
<span><b><?php
echo $hesklang['m_sub'];
?>
</b></span>
<span><?php
echo $pm['subject'];
?>
</span>
</div>
</div><!-- end mail-from-date-subject -->
<div class="form-group mail-icons" style="float: right;">
<?php
$folder = '&folder=outbox';
if ($pm['to'] == $_SESSION['id']) {
echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><img src="../img/mail.png" width="16" height="16" alt="' . $hesklang['mau'] . '" title="' . $hesklang['mau'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a> ';
$folder = '';
}
echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><img src="../img/delete.png" width="16" height="16" alt="' . $hesklang['delm'] . '" title="' . $hesklang['delm'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a>';
?>
</div><!-- end mail-icons -->
</div>
<br/><br/>
<p><?php
echo strip_tags($pm['message']);
?>
</p>
</div>
</div>
</div><!-- end mail-from-user-table -->
<br /><br/><br/>
<?php
}
// END if $num
$_SESSION['hide']['list'] = 1;
}
function remove_contract()
{
global $hesk_settings, $hesklang;
hesk_token_check();
$_SERVER['PHP_SELF'] = 'contracts.php#tab_edit-cont';
$con = intval(hesk_GET('id'));
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "contracts` WHERE NOT EXISTS\n\t(SELECT NULL FROM`" . hesk_dbEscape($hesk_settings['db_pfix']) . "contractforclient` as `cc` WHERE `cc`.`contract_Id`='" . intval($con) . "') && `id`='" . intval($con) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_error("{$hesklang['con_req']}.");
}
hesk_process_messages($hesklang['con_removed_db'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
/* Show ticket */
hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete attachment action */
if (isset($_GET['delatt']) && hesk_token_check()) {
if (!$can_delete || !$can_edit) {
hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']);
$reply = intval(hesk_GET('reply', 0));
if ($reply < 1) {
$reply = 0;
}
$note = intval(hesk_GET('note', 0));
if ($note < 1) {
$note = 0;
}
/* Get attachment info */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att = hesk_dbFetchAssoc($res);
/* Is ticket ID valid for this attachment? */
if ($att['ticket_id'] != $trackingID) {
hesk_process_messages($hesklang['trackID_not_found'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
/* Delete file from server */
hesk_unlink(HESK_PATH . $hesk_settings['attach_dir'] . '/' . $att['saved_name']);
function show_message()
{
global $hesk_settings, $hesklang, $admins;
$id = intval(hesk_GET('id'));
/* Get the message details */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1");
$num = hesk_dbNumRows($res);
if ($num) {
$pm = hesk_dbFetchAssoc($res);
/* Allowed to read the message? */
if ($pm['to'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['from'];
}
} elseif ($pm['from'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['to'];
}
$hesk_settings['mailtmp']['this'] = 'from';
$hesk_settings['mailtmp']['other'] = 'to';
$hesk_settings['mailtmp']['m_from'] = $hesklang['m_to'];
$hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>';
$hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>';
$hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>';
} else {
hesk_process_message($hesklang['m_ena'], 'mail.php');
}
/* Mark as read */
if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) {
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1");
}
$pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
echo $pm['dt'];
$pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true);
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>
<td valign="top">
<table border="0">
<tr>
<td><b><?php
echo $hesk_settings['mailtmp']['m_from'];
?>
</b></td>
<td><?php
echo $pm['name'];
?>
</td>
</tr>
<tr>
<td><b><?php
echo $hesklang['date'];
?>
</b></td>
<td><?php
echo $pm['dt'];
?>
</td>
</tr>
<tr>
<td><b><?php
echo $hesklang['m_sub'];
?>
</b></td>
<td><?php
echo $pm['subject'];
?>
</td>
</tr>
</table>
</td>
<td class="text-right" style="vertical-align:top;">
<?php
$folder = '&folder=outbox';
if ($pm['to'] == $_SESSION['id']) {
echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><i style="font-size: 14px" class="fa fa-envelope-o"></i></a> ';
$folder = '';
}
echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><i class="fa fa-times" style="font-size: 14px; color: red"></i></a>';
?>
</td>
</tr>
</table>
<p><?php
echo $pm['message'];
?>
</p>
</td>
</tr>
</table>
</div><hr />
<?php
}
// END if $num
$_SESSION['hide']['list'] = 1;
}
function unban_email()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Delete from bans
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_emails` WHERE `id`=" . intval(hesk_GET('id')) . " LIMIT 1");
// Redirect either to banned emails or ticket page from now on
$redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999) : 'banned_emails.php';
// Show success
hesk_process_messages($hesklang['email_unbanned'], $redirect_to, 'SUCCESS');
}
function toggleAdmin($admin)
{
global $hesk_settings, $hesklang;
$id = hesk_GET('id');
if ($id == 1 || $id == 2) {
hesk_process_messages($hesklang['cannot_change_admin_staff'], $_SERVER['PHP_SELF']);
}
if ($admin) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` SET `heskprivileges` = 'ALL',\n `categories` = 'ALL' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_now_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
} else {
// Get default privileges
$res = hesk_dbQuery("SELECT `heskprivileges`, `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`\n WHERE `id` = 2");
$row = hesk_dbFetchAssoc($res);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`\n SET `heskprivileges` = '" . hesk_dbEscape($row['heskprivileges']) . "',\n `categories` = '" . hesk_dbEscape($row['categories']) . "' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_no_longer_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
}
function toggle_active()
{
global $hesk_settings, $hesklang;
/* Security check */
hesk_token_check();
$myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']);
$_SESSION['seluser'] = $myuser;
if (intval($myuser) == $_SESSION['id']) {
//-- You can't deactivate yourself!
hesk_process_messages($hesklang['self_deactivation'], './manage_users.php');
}
if (intval(hesk_GET('s'))) {
$active = 1;
$tmp = $hesklang['user_activated'];
$notificationSql = "";
} else {
$active = 0;
$tmp = $hesklang['user_deactivated'];
// Revoke any manager rights
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser));
$notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0,\n `notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0";
}
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `active` = '" . $active . "'" . $notificationSql . " WHERE `id` = '" . intval($myuser) . "'");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php');
}
hesk_process_messages($tmp, './manage_users.php', 'SUCCESS');
}
// Staff doesn't need to fill in required custom fields
$v['req'] = '';
if ($v['type'] == 'checkbox' && !isset($_GET["c_{$k}"])) {
$k_value = array();
if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) {
foreach ($_SESSION["c_{$k}"] as $myCB) {
$k_value[] = stripslashes(hesk_input($myCB));
}
}
} elseif (isset($_SESSION["c_{$k}"])) {
$k_value = stripslashes(hesk_input($_SESSION["c_{$k}"]));
} elseif (isset($_GET["c_{$k}"])) {
if ($v['type'] == 'checkbox') {
$k_value = explode('-CHECKBOX-', $_GET["c_{$k}"]);
} else {
$k_value = stripslashes(hesk_GET("c_{$k}"));
}
} else {
$k_value = '';
}
switch ($v['type']) {
/* Radio box */
case 'radio':
echo '<div class="form-group"><label class="col-sm-3 control-label">' . $v['name'] . ': ' . $v['req'] . '</label><div align="left" class="col-sm-9">';
$options = explode('#HESK#', $v['value']);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
foreach ($options as $option) {
if (strlen($k_value) == 0 || $k_value == $option) {
$k_value = $option;
$checked = 'checked="checked"';
} else {
function toggle_sticky()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$id = intval(hesk_GET('id')) or hesk_error($hesklang['kb_art_id']);
$catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']);
$sticky = empty($_GET['s']) ? 0 : 1;
$_SESSION['artord'] = $id;
/* Update article "sticky" status */
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "' LIMIT 1");
/* Update article order */
update_article_order($catid);
$tmp = $sticky ? $hesklang['ason'] : $hesklang['asoff'];
hesk_process_messages($tmp, './manage_knowledgebase.php?a=manage_cat&catid=' . $catid, 'SUCCESS');
}
function show_message()
{
global $hesk_settings, $hesklang, $admins;
$id = intval(hesk_GET('id'));
/* Get the message details */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1");
$num = hesk_dbNumRows($res);
if ($num) {
$pm = hesk_dbFetchAssoc($res);
/* Allowed to read the message? */
if ($pm['to'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['from'];
}
} elseif ($pm['from'] == $_SESSION['id']) {
if (!isset($_SESSION['mail']['subject'])) {
$_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject'];
}
if (!isset($_SESSION['mail']['to'])) {
$_SESSION['mail']['to'] = $pm['to'];
}
$hesk_settings['mailtmp']['this'] = 'from';
$hesk_settings['mailtmp']['other'] = 'to';
$hesk_settings['mailtmp']['m_from'] = $hesklang['m_to'];
$hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>';
$hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>';
$hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>';
} else {
hesk_process_message($hesklang['m_ena'], 'mail.php');
}
/* Mark as read */
if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) {
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1");
}
$pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
$pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true);
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="7" height="7"><img src="../img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornerstop"></td>
<td><img src="../img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
<td class="roundcornersleft"> </td>
<td>
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>
<td valign="top">
<table border="0">
<tr>
<td><b><?php
echo $hesk_settings['mailtmp']['m_from'];
?>
</b></td>
<td><?php
echo $pm['name'];
?>
</td>
</tr>
<tr>
<td><b><?php
echo $hesklang['date'];
?>
</b></td>
<td><?php
echo $pm['dt'];
?>
</td>
</tr>
<tr>
<td><b><?php
echo $hesklang['m_sub'];
?>
</b></td>
<td><?php
echo $pm['subject'];
?>
</td>
</tr>
</table>
</td>
<td style="text-align:right; vertical-align:top;">
<?php
$folder = '&folder=outbox';
if ($pm['to'] == $_SESSION['id']) {
echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><img src="../img/mail.png" width="16" height="16" alt="' . $hesklang['mau'] . '" title="' . $hesklang['mau'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a> ';
$folder = '';
}
echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><img src="../img/delete.png" width="16" height="16" alt="' . $hesklang['delm'] . '" title="' . $hesklang['delm'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a>';
?>
</td>
</tr>
</table>
<hr />
<p><?php
echo $pm['message'];
?>
</p>
</td>
<td class="roundcornersright"> </td>
</tr>
<tr>
<td><img src="../img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornersbottom"></td>
<td width="7" height="7"><img src="../img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>
<br /><hr />
<?php
}
// END if $num
$_SESSION['hide']['list'] = 1;
}
} else {
$sql .= hesk_myCategories();
}
// Show only tagged tickets?
if (!empty($_GET['archive'])) {
$archive[1] = 1;
$sql .= " AND `archive`='1' ";
}
// Ticket owner preferences
$fid = 1;
require HESK_PATH . 'inc/assignment_search.inc.php';
// --> TICKET STATUS
$possible_status = array(0 => 'NEW', 1 => 'WAITING REPLY', 2 => 'REPLIED', 3 => 'RESOLVED (CLOSED)', 4 => 'IN PROGRESS', 5 => 'ON HOLD');
$status = $possible_status;
// Process statuses unless overridden with "s_all" variable
if (!hesk_GET('s_all')) {
foreach ($status as $k => $v) {
if (empty($_GET['s' . $k])) {
unset($status[$k]);
}
}
}
// How many statuses are we pulling out of the database?
$tmp = count($status);
// Do we need to search by status?
if ($tmp < count($possible_status)) {
// If no statuses selected, show default (all except RESOLVED)
if ($tmp == 0) {
$status = $possible_status;
unset($status[3]);
}
function hesk_getLanguage()
{
global $hesk_settings, $hesklang, $_SESSION;
$language = $hesk_settings['language'];
/* Remember what the default language is for some special uses like mass emails */
define('HESK_DEFAULT_LANGUAGE', $hesk_settings['language']);
/* Can users select language? */
if (empty($hesk_settings['can_sel_lang'])) {
return hesk_returnLanguage();
}
/* Is a non-default language selected? If not use default one */
if (isset($_GET['language'])) {
$language = hesk_input(hesk_GET('language')) or $language = $hesk_settings['language'];
} elseif (isset($_COOKIE['hesk_language'])) {
$language = hesk_input(hesk_COOKIE('hesk_language')) or $language = $hesk_settings['language'];
} else {
return hesk_returnLanguage();
}
/* non-default language selected. Check if it's a valid one, if not use default one */
if ($language != $hesk_settings['language'] && isset($hesk_settings['languages'][$language])) {
$hesk_settings['language'] = $language;
}
/* Remember and set the selected language */
setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/');
return hesk_returnLanguage();
}
case 12:
/* All time */
$date_from = hesk_getOldestDate();
$date_to = date('Y-m-d');
$selected['time'][12] = 'selected="selected"';
$is_all_time = 1;
break;
default:
$_GET['time'] = 3;
$selected['time'][3] = 'selected="selected"';
}
$query_string = 'reports.php?w=0&time=' . $_GET['time'];
}
unset($tmp);
/* Type */
$type = intval(hesk_GET('type', 1));
if (isset($selected['type'][$type])) {
$selected['type'][$type] = 'selected="selected"';
}
// Setup date SQL so we don't have to call functions several times
$hesk_settings['dt_sql'] = " `dt` BETWEEN '" . hesk_dbEscape($date_from) . " 00:00:00' AND '" . hesk_dbEscape($date_to) . " 23:59:59' ";
/* Print header */
require_once HESK_PATH . 'inc/header.inc.php';
/* Print main manage users page */
require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
?>
</td>
</tr>
<tr>
<td>
}
$row = hesk_dbFetchAssoc($res);
// Private or draft article or category?
if ($row['cat_type'] || $row['art_type']) {
if (empty($_SESSION['id'])) {
// This is a staff-only attachment
hesk_error($hesklang['attpri']);
} elseif ($row['art_type'] == 2) {
// Need permission to manage KB to access draft attachments
require HESK_PATH . 'inc/admin_functions.inc.php';
hesk_checkPermission('can_man_kb');
}
}
} else {
// Attachmend ID and ticket tracking ID
$att_id = intval(hesk_GET('att_id', 0)) or die($hesklang['id_not_valid']);
$tic_id = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}");
// Connect to database
hesk_dbConnect();
// Get attachment info
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='{$att_id}' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_error($hesklang['id_not_valid'] . ' (att_id)');
}
$file = hesk_dbFetchAssoc($res);
// Is ticket ID valid for this attachment?
if ($file['ticket_id'] != $tic_id) {
hesk_error($hesklang['trackID_not_found']);
}
// Verify email address match if needed
if (empty($_SESSION['id'])) {
}
// Owner
if ($tmp = intval(hesk_GET('owner', 0))) {
$sql .= " AND `owner`={$tmp} ";
$owner_input = $tmp;
$hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer);
} else {
$owner_input = 0;
}
/* Date */
/* -> Check for compatibility with old date format */
if (preg_match("/(\\d{4})-(\\d{2})-(\\d{2})/", hesk_GET('dt'), $m)) {
$_GET['dt'] = $m[2] . $m[3] . $m[1];
}
/* -> Now process the date value */
$dt = preg_replace('/[^0-9]/', '', hesk_GET('dt'));
if (strlen($dt) == 8) {
$date = substr($dt, 4, 4) . '-' . substr($dt, 0, 2) . '-' . substr($dt, 2, 2);
$date_input = substr($dt, 0, 2) . '/' . substr($dt, 2, 2) . '/' . substr($dt, 4, 4);
/* This search is valid even if no query is entered */
if ($no_query) {
$hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer);
}
$sql .= " AND `dt` BETWEEN '{$date} 00:00:00' AND '{$date} 23:59:59' ";
} else {
$date = '';
$date_input = '';
}
/* Any errors? */
if (strlen($hesk_error_buffer)) {
hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
* Trade Agreements with the United States of America or
* with the European Union.
* Removing any of the copyright notices without purchasing a license
* is expressly forbidden. To remove HESK copyright notice you must purchase
* a license for this script. For more information on how to obtain
* a license please visit the page below:
* https://www.hesk.com/buy.php
*******************************************************************************/
/* Check if this is a valid include */
if (!defined('IN_SCRIPT')) {
die('Invalid attempt');
}
$tmp = intval(hesk_GET('limit'));
$maxresults = $tmp > 0 ? $tmp : $hesk_settings['max_listings'];
$tmp = intval(hesk_GET('page', 1));
$page = $tmp > 1 ? $tmp : 1;
/* Acceptable $sort values and default asc(1)/desc(0) setting */
$sort_possible = array('trackid' => 1, 'lastchange' => 0, 'name' => 1, 'subject' => 1, 'status' => 1, 'lastreplier' => 1, 'priority' => 1, 'category' => 1, 'dt' => 0, 'id' => 1);
/* These values should have collate appended in SQL */
$sort_collation = array('name', 'subject');
/* Acceptable $group values and default asc(1)/desc(0) setting */
$group_possible = array('owner' => 1, 'priority' => 1, 'category' => 1);
/* Start the order by part of the SQL query */
$sql .= " ORDER BY ";
/* Group tickets? Default: no */
if (isset($_GET['g']) && !is_array($_GET['g']) && isset($group_possible[$_GET['g']])) {
$group = hesk_input($_GET['g']);
if ($group == 'priority' && isset($_GET['sort']) && !is_array($_GET['sort']) && $_GET['sort'] == 'priority') {
// No need to group by priority if we are already sorting by priority
} elseif ($group == 'owner') {
function order_saved()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']);
$_SESSION['canned']['selcat2'] = $tplid;
$tpl_move = intval(hesk_GET('move'));
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1");
if (hesk_dbAffectedRows() != 1) {
hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}.");
}
/* Update all category fields with new order */
$result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC');
$i = 10;
while ($mytpl = hesk_dbFetchAssoc($result)) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1");
$i += 10;
}
header('Location: manage_ticket_templates.php');
exit;
}
function print_add_ticket()
{
global $hesk_settings, $hesklang;
// Auto-focus first empty or error field
define('AUTOFOCUS', true);
// Varibles for coloring the fields in case of errors
if (!isset($_SESSION['iserror'])) {
$_SESSION['iserror'] = array();
}
if (!isset($_SESSION['isnotice'])) {
$_SESSION['isnotice'] = array();
}
if (!isset($_SESSION['c_category'])) {
$_SESSION['c_category'] = 0;
}
hesk_cleanSessionVars('already_submitted');
// Print header
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['submit_ticket'];
require_once HESK_PATH . 'inc/header.inc.php';
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="3"><img src="img/headerleftsm.jpg" width="3" height="25" alt="" /></td>
<td class="headersm"><?php
hesk_showTopBar($hesklang['submit_ticket']);
?>
</td>
<td width="3"><img src="img/headerrightsm.jpg" width="3" height="25" alt="" /></td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="smaller"><a href="<?php
echo $hesk_settings['site_url'];
?>
" class="smaller"><?php
echo $hesk_settings['site_title'];
?>
</a> >
<a href="<?php
echo $hesk_settings['hesk_url'];
?>
" class="smaller"><?php
echo $hesk_settings['hesk_title'];
?>
</a>
> <?php
echo $hesklang['submit_ticket'];
?>
</span></td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<?php
// This will handle error, success and notice messages
hesk_handle_messages();
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornerstop"></td>
<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
<td class="roundcornersleft"> </td>
<td>
<!-- START FORM -->
<p style="text-align:center"><?php
echo $hesklang['use_form_below'];
?>
<font class="important"> *</font></p>
<form method="post" action="submit_ticket.php?submit=1" name="form1" enctype="multipart/form-data">
<!-- Contact info -->
<table border="0" width="100%">
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['name'];
?>
: <font class="important">*</font></td>
<td width="80%"><input type="text" name="name" size="40" maxlength="30" value="<?php
if (isset($_SESSION['c_name'])) {
echo stripslashes(hesk_input($_SESSION['c_name']));
}
?>
" <?php
if (in_array('name', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
/></td>
</tr>
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['email'];
?>
: <font class="important">*</font></td>
<td width="80%"><input type="text" name="email" size="40" maxlength="255" value="<?php
if (isset($_SESSION['c_email'])) {
echo stripslashes(hesk_input($_SESSION['c_email']));
}
?>
" <?php
if (in_array('email', $_SESSION['iserror'])) {
echo ' class="isError" ';
} elseif (in_array('email', $_SESSION['isnotice'])) {
echo ' class="isNotice" ';
}
?>
<?php
if ($hesk_settings['detect_typos']) {
echo ' onblur="Javascript:hesk_suggestEmail(0)"';
}
?>
/></td>
</tr>
<?php
if ($hesk_settings['confirm_email']) {
?>
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['confemail'];
?>
: <font class="important">*</font></td>
<td width="80%"><input type="text" name="email2" size="40" maxlength="255" value="<?php
if (isset($_SESSION['c_email2'])) {
echo stripslashes(hesk_input($_SESSION['c_email2']));
}
?>
" <?php
if (in_array('email2', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
/></td>
</tr>
<?php
}
// End if $hesk_settings['confirm_email']
?>
</table>
<div id="email_suggestions"></div>
<hr />
<!-- Department and priority -->
<?php
$is_table = 0;
hesk_load_database_functions();
// Get categories
hesk_dbConnect();
$res = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `type`='0' ORDER BY `cat_order` ASC");
if (hesk_dbNumRows($res) == 1) {
// Only 1 public category, no need for a select box
$row = hesk_dbFetchAssoc($res);
echo '<input type="hidden" name="category" value="' . $row['id'] . '" />';
} elseif (hesk_dbNumRows($res) < 1) {
// No public categories, set it to default one
echo '<input type="hidden" name="category" value="1" />';
} else {
// Is the category ID preselected?
if (!empty($_GET['catid'])) {
$_SESSION['c_category'] = intval(hesk_GET('catid'));
}
// List available categories
$is_table = 1;
?>
<table border="0" width="100%">
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['category'];
?>
: <font class="important">*</font></td>
<td width="80%"><select name="category" <?php
if (in_array('category', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
>
<?php
while ($row = hesk_dbFetchAssoc($res)) {
echo '<option value="' . $row['id'] . '"' . ($_SESSION['c_category'] == $row['id'] ? ' selected="selected"' : '') . '>' . $row['name'] . '</option>';
}
?>
</select></td>
</tr>
<?php
}
/* Can customer assign urgency? */
if ($hesk_settings['cust_urgency']) {
if (!$is_table) {
echo '<table border="0" width="100%">';
$is_table = 1;
}
?>
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['priority'];
?>
: <font class="important">*</font></td>
<td width="80%"><select name="priority" <?php
if (in_array('priority', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
>
<option value="3" <?php
if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 3) {
echo 'selected="selected"';
}
?>
><?php
echo $hesklang['low'];
?>
</option>
<option value="2" <?php
if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 2) {
echo 'selected="selected"';
}
?>
><?php
echo $hesklang['medium'];
?>
</option>
<option value="1" <?php
if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 1) {
echo 'selected="selected"';
}
?>
><?php
echo $hesklang['high'];
?>
</option>
</select></td>
</tr>
<?php
}
/* Need to close the table? */
if ($is_table) {
echo '</table> <hr />';
}
?>
<!-- START CUSTOM BEFORE -->
<?php
/* custom fields BEFORE comments */
$print_table = 0;
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use'] && $v['place'] == 0) {
if ($print_table == 0) {
echo '<table border="0" width="100%">';
$print_table = 1;
}
$v['req'] = $v['req'] ? '<font class="important">*</font>' : '';
if ($v['type'] == 'checkbox') {
$k_value = array();
if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) {
foreach ($_SESSION["c_{$k}"] as $myCB) {
$k_value[] = stripslashes(hesk_input($myCB));
}
}
} elseif (isset($_SESSION["c_{$k}"])) {
$k_value = stripslashes(hesk_input($_SESSION["c_{$k}"]));
} else {
$k_value = '';
}
switch ($v['type']) {
/* Radio box */
case 'radio':
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%">';
$options = explode('#HESK#', $v['value']);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
foreach ($options as $option) {
if (strlen($k_value) == 0 || $k_value == $option) {
$k_value = $option;
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />';
}
echo '</td>
</tr>
';
break;
/* Select drop-down box */
/* Select drop-down box */
case 'select':
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><select name="' . $k . '" ' . $cls . '>';
$options = explode('#HESK#', $v['value']);
foreach ($options as $option) {
if (strlen($k_value) == 0 || $k_value == $option) {
$k_value = $option;
$selected = 'selected="selected"';
} else {
$selected = '';
}
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select></td>
</tr>
';
break;
/* Checkbox */
/* Checkbox */
case 'checkbox':
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%">';
$options = explode('#HESK#', $v['value']);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
foreach ($options as $option) {
if (in_array($option, $k_value)) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />';
}
echo '</td>
</tr>
';
break;
/* Large text box */
/* Large text box */
case 'textarea':
$size = explode('#', $v['value']);
$size[0] = empty($size[0]) ? 5 : intval($size[0]);
$size[1] = empty($size[1]) ? 30 : intval($size[1]);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><textarea name="' . $k . '" rows="' . $size[0] . '" cols="' . $size[1] . '" ' . $cls . '>' . $k_value . '</textarea></td>
</tr>
';
break;
/* Default text input */
/* Default text input */
default:
if (strlen($k_value) != 0) {
$v['value'] = $k_value;
}
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><input type="text" name="' . $k . '" size="40" maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" ' . $cls . ' /></td>
</tr>
';
}
}
}
/* If table was started we need to close it */
if ($print_table) {
echo '</table> <hr />';
$print_table = 0;
}
?>
<!-- END CUSTOM BEFORE -->
<!-- ticket info -->
<table border="0" width="100%">
<tr>
<td style="text-align:right" width="150"><?php
echo $hesklang['subject'];
?>
: <font class="important">*</font></td>
<td width="80%"><input type="text" name="subject" size="40" maxlength="40" value="<?php
if (isset($_SESSION['c_subject'])) {
echo stripslashes(hesk_input($_SESSION['c_subject']));
}
?>
" <?php
if (in_array('subject', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
/></td>
</tr>
<tr>
<td style="text-align:right" width="150" valign="top"><?php
echo $hesklang['message'];
?>
: <font class="important">*</font></td>
<td width="80%"><textarea name="message" rows="12" cols="60" <?php
if (in_array('message', $_SESSION['iserror'])) {
echo ' class="isError" ';
}
?>
><?php
if (isset($_SESSION['c_message'])) {
echo stripslashes(hesk_input($_SESSION['c_message']));
}
?>
</textarea>
<!-- START KNOWLEDGEBASE SUGGEST -->
<?php
if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers']) {
?>
<div id="kb_suggestions" style="display:none">
<br /> <br />
<img src="img/loading.gif" width="24" height="24" alt="" border="0" style="vertical-align:text-bottom" /> <i><?php
echo $hesklang['lkbs'];
?>
</i>
</div>
<script language="Javascript" type="text/javascript"><!--
hesk_suggestKB();
//-->
</script>
<?php
}
?>
<!-- END KNOWLEDGEBASE SUGGEST -->
</td>
</tr>
</table>
<!-- START CUSTOM AFTER -->
<?php
/* custom fields AFTER comments */
$print_table = 0;
foreach ($hesk_settings['custom_fields'] as $k => $v) {
if ($v['use'] && $v['place']) {
if ($print_table == 0) {
echo '
<hr />
<table border="0" width="100%">
';
$print_table = 1;
}
$v['req'] = $v['req'] ? '<font class="important">*</font>' : '';
if ($v['type'] == 'checkbox') {
$k_value = array();
if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) {
foreach ($_SESSION["c_{$k}"] as $myCB) {
$k_value[] = stripslashes(hesk_input($myCB));
}
}
} elseif (isset($_SESSION["c_{$k}"])) {
$k_value = stripslashes(hesk_input($_SESSION["c_{$k}"]));
} else {
$k_value = '';
}
switch ($v['type']) {
/* Radio box */
case 'radio':
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%">';
$options = explode('#HESK#', $v['value']);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
foreach ($options as $option) {
if (strlen($k_value) == 0 || $k_value == $option) {
$k_value = $option;
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />';
}
echo '</td>
</tr>
';
break;
/* Select drop-down box */
/* Select drop-down box */
case 'select':
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><select name="' . $k . '" ' . $cls . '>';
$options = explode('#HESK#', $v['value']);
foreach ($options as $option) {
if (strlen($k_value) == 0 || $k_value == $option) {
$k_value = $option;
$selected = 'selected="selected"';
} else {
$selected = '';
}
echo '<option ' . $selected . '>' . $option . '</option>';
}
echo '</select></td>
</tr>
';
break;
/* Checkbox */
/* Checkbox */
case 'checkbox':
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%">';
$options = explode('#HESK#', $v['value']);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
foreach ($options as $option) {
if (in_array($option, $k_value)) {
$checked = 'checked="checked"';
} else {
$checked = '';
}
echo '<label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />';
}
echo '</td>
</tr>
';
break;
/* Large text box */
/* Large text box */
case 'textarea':
$size = explode('#', $v['value']);
$size[0] = empty($size[0]) ? 5 : intval($size[0]);
$size[1] = empty($size[1]) ? 30 : intval($size[1]);
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><textarea name="' . $k . '" rows="' . $size[0] . '" cols="' . $size[1] . '" ' . $cls . '>' . $k_value . '</textarea></td>
</tr>
';
break;
/* Default text input */
/* Default text input */
default:
if (strlen($k_value) != 0) {
$v['value'] = $k_value;
}
$cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '
<tr>
<td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td>
<td width="80%"><input type="text" name="' . $k . '" size="40" maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" ' . $cls . ' /></td>
</tr>
';
}
}
}
/* If table was started we need to close it */
if ($print_table) {
echo '</table>';
$print_table = 0;
}
?>
<!-- END CUSTOM AFTER -->
<?php
/* attachments */
if ($hesk_settings['attachments']['use']) {
?>
<hr />
<table border="0" width="100%">
<tr>
<td style="text-align:right" width="150" valign="top"><?php
echo $hesklang['attachments'];
?>
:</td>
<td width="80%" valign="top">
<?php
for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) {
$cls = $i == 1 && in_array('attachments', $_SESSION['iserror']) ? ' class="isError" ' : '';
echo '<input type="file" name="attachment[' . $i . ']" size="50" ' . $cls . ' /><br />';
}
?>
<a href="file_limits.php" target="_blank" onclick="Javascript:hesk_window('file_limits.php',250,500);return false;"><?php
echo $hesklang['ful'];
?>
</a>
</td>
</tr>
</table>
<?php
}
if ($hesk_settings['question_use'] || $hesk_settings['secimg_use']) {
?>
<hr />
<!-- Security checks -->
<table border="0" width="100%">
<?php
if ($hesk_settings['question_use']) {
?>
<tr>
<td style="text-align:right;vertical-align:top" width="150"><?php
echo $hesklang['verify_q'];
?>
<font class="important">*</font></td>
<td width="80%">
<?php
$value = '';
if (isset($_SESSION['c_question'])) {
$value = stripslashes(hesk_input($_SESSION['c_question']));
}
$cls = in_array('question', $_SESSION['iserror']) ? ' class="isError" ' : '';
echo $hesk_settings['question_ask'] . '<br /><input type="text" name="question" size="20" value="' . $value . '" ' . $cls . ' />';
?>
<br />
</td>
</tr>
<?php
}
if ($hesk_settings['secimg_use']) {
?>
<tr>
<td style="text-align:right;vertical-align:top" width="150"><?php
echo $hesklang['verify_i'];
?>
<font class="important">*</font></td>
<td width="80%">
<?php
// SPAM prevention verified for this session
if (isset($_SESSION['img_verified'])) {
echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy'];
} elseif ($hesk_settings['recaptcha_use']) {
?>
<script type="text/javascript">
var RecaptchaOptions = {
theme : '<?php
echo isset($_SESSION['iserror']) && in_array('mysecnum', $_SESSION['iserror']) ? 'red' : 'white';
?>
',
custom_translations : {
visual_challenge : "<?php
echo hesk_slashJS($hesklang['visual_challenge']);
?>
",
audio_challenge : "<?php
echo hesk_slashJS($hesklang['audio_challenge']);
?>
",
refresh_btn : "<?php
echo hesk_slashJS($hesklang['refresh_btn']);
?>
",
instructions_visual : "<?php
echo hesk_slashJS($hesklang['instructions_visual']);
?>
",
instructions_context : "<?php
echo hesk_slashJS($hesklang['instructions_context']);
?>
",
instructions_audio : "<?php
echo hesk_slashJS($hesklang['instructions_audio']);
?>
",
help_btn : "<?php
echo hesk_slashJS($hesklang['help_btn']);
?>
",
play_again : "<?php
echo hesk_slashJS($hesklang['play_again']);
?>
",
cant_hear_this : "<?php
echo hesk_slashJS($hesklang['cant_hear_this']);
?>
",
incorrect_try_again : "<?php
echo hesk_slashJS($hesklang['incorrect_try_again']);
?>
",
image_alt_text : "<?php
echo hesk_slashJS($hesklang['image_alt_text']);
?>
",
},
};
</script>
<?php
require HESK_PATH . 'inc/recaptcha/recaptchalib.php';
echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, $hesk_settings['recaptcha_ssl']);
} else {
$cls = in_array('mysecnum', $_SESSION['iserror']) ? ' class="isError" ' : '';
echo $hesklang['sec_enter'] . '<br /> <br /><img src="print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />';
}
?>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
?>
<!-- Submit -->
<?php
if ($hesk_settings['submit_notice']) {
?>
<hr />
<div align="center">
<table border="0">
<tr>
<td>
<b><?php
echo $hesklang['before_submit'];
?>
</b>
<ul>
<li><?php
echo $hesklang['all_info_in'];
?>
.</li>
<li><?php
echo $hesklang['all_error_free'];
?>
.</li>
</ul>
<b><?php
echo $hesklang['we_have'];
?>
:</b>
<ul>
<li><?php
echo hesk_htmlspecialchars($_SERVER['REMOTE_ADDR']) . ' ' . $hesklang['recorded_ip'];
?>
</li>
<li><?php
echo $hesklang['recorded_time'];
?>
</li>
</ul>
<p align="center"><input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
" />
<input type="submit" value="<?php
echo $hesklang['sub_ticket'];
?>
" class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /></p>
</td>
</tr>
</table>
</div>
<?php
} else {
?>
<br /> <br />
<table border="0" width="100%">
<tr>
<td style="text-align:right" width="150"> </td>
<td width="80%"><input type="hidden" name="token" value="<?php
hesk_token_echo();
?>
" />
<input type="submit" value="<?php
echo $hesklang['sub_ticket'];
?>
" class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /><br />
<br /> </td>
</tr>
</table>
<?php
}
// End ELSE submit_notice
?>
</form>
<!-- END FORM -->
</td>
<td class="roundcornersright"> </td>
</tr>
<tr>
<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
<td class="roundcornersbottom"></td>
<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>
<?php
hesk_cleanSessionVars('iserror');
hesk_cleanSessionVars('isnotice');
}
function hesk_profile_tab($session_array = 'userdata', $is_profile_page = true, $action = "")
{
global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned, $default_userdata;
?>
<!-- TABS -->
<div class="container tab-content profile-functions-tab">
<?php
if (!$is_profile_page) {
?>
<div class="permissions">
<div class="form-inline">
<label class="col-sm-2 control-label"><?php
echo $hesklang['atype'];
?>
:</label>
<div class="form-group">
<?php
/* Only administrators can create new administrator accounts */
if ($_SESSION['isadmin']) {
if (!isset($_SESSION['userdata']['checked'])) {
$_SESSION['userdata']['checked'] = "";
}
if ($_SESSION['userdata']['checked'] == 'admin') {
?>
<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" checked /> <b><?php
echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
?>
</label><br />
<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php
echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
?>
</label><br/>
<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php
echo $hesklang['aclient'];
?>
</label>
<?php
} elseif ($_SESSION['userdata']['checked'] == 'staff') {
?>
<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php
echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
?>
</label><br />
<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" checked /> <b><?php
echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
?>
</label><br/>
<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php
echo $hesklang['aclient'];
?>
</label>
<?php
} elseif ($_SESSION['userdata']['checked'] == 'client') {
?>
<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php
echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
?>
</label><br />
<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php
echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
?>
</label><br/>
<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" checked /> <?php
echo $hesklang['aclient'];
?>
</label>
<?php
} else {
?>
<label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" <?php
if (isset($_GET['a']) && $_GET['a'] == "edit") {
echo "checked";
}
?>
/> <b><?php
echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can'];
?>
</label><br />
<label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" <?php
if (isset($_GET['a']) && $_GET['a'] == "editb") {
echo "checked";
}
?>
/> <b><?php
echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
?>
</label><br/>
<label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" <?php
if (isset($_GET['a']) && $_GET['a'] == "editc") {
echo "checked";
}
?>
/> <?php
echo $hesklang['aclient'];
?>
</label>
<?php
}
} else {
echo '<b>' . $hesklang['astaff'] . '</b> ' . $hesklang['staff_can'];
}
?>
</div>
</div>
</div><!-- end permissions -->
<?php
}
?>
<ul id="tabs" class="nav nav-tabs profile-functions" data-tabs="tabs">
<li class="active" id="profile-info"><a href="#p-info" aria-controls="p-info" role="tab" data-toggle="tab"><?php
echo $hesklang['pinfo'];
?>
</a></li>
<?php
if (!$is_profile_page) {
?>
<!--<li id="permissions-info"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php
//echo $hesklang['permissions'];
?>
</a></li>-->
<?php
}
?>
<li id="signature-info"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php
echo $hesklang['sig'];
?>
</a></li>
<li class="<?php
if (!isset($_GET['a'])) {
echo "hidden";
}
?>
" id="project_users-info"><a href="#project_users" aria-controls="project_users" role="tab" data-toggle="tab"><?php
echo $hesklang['project'];
?>
</a></li>
<li class="<?php
if (!isset($_GET['a']) || $_GET['a'] == "editc") {
echo "hidden";
}
?>
" id="preferences-info"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php
echo $hesklang['pref'];
?>
</a></li>
<li class="<?php
if (!isset($_GET['a']) || $_GET['a'] == "editc") {
echo "hidden";
}
?>
" id="notifications-info"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php
echo $hesklang['notn'];
?>
</a></li>
</ul>
<!-- PROFILE INFO -->
<div role="tabpanel" class="tab-pane active" id="p-info">
<br />
<div class="profile-information">
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-name"><?php
echo $hesklang['real_name'];
?>
: <font class="important">*</font></label>
<input class="form-control" required="required" title="Required field" type="text" id="profile-information-name" name="name" size="40" maxlength="50" value="<?php
if (isset($_SESSION[$session_array]['name'])) {
echo $_SESSION[$session_array]['name'];
}
?>
"/>
</div>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-email"><?php
echo $hesklang['email'];
?>
: <font class="important">*</font></label>
<input class="form-control" required="required" title="Required field" type="email" id="profile-information-email" name="email" size="40" maxlength="255" value="<?php
if (isset($_SESSION[$session_array]['email'])) {
echo $_SESSION[$session_array]['email'];
}
?>
"/>
</div>
<?php
if (!$is_profile_page || $_SESSION['isadmin']) {
?>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label control-label" for="profile-information-username"><?php
echo $hesklang['username'];
?>
: <font class="important">*</font></label>
<input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php
if (isset($_SESSION[$session_array]['user'])) {
echo $_SESSION[$session_array]['user'];
}
?>
" />
</div>
<?php
} else {
?>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label control-label" for="profile-information-username"><?php
echo $hesklang['username'];
?>
: <font class="important">*</font></label>
<input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php
if (isset($_SESSION[$session_array]['user'])) {
echo $_SESSION[$session_array]['user'];
}
?>
" readonly>
</div>
<?php
}
?>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-address"><?php
echo 'Address';
?>
:</label>
<input class="form-control" type="text" id="profile-information-adress" name="address" size="40" maxlength="255" value="<?php
if (isset($_SESSION[$session_array]['address'])) {
echo $_SESSION[$session_array]['address'];
}
?>
"/>
</div>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-phonenumber"><?php
echo 'Phone Number';
?>
:</label>
<input class="form-control" type="number" min="0" id="profile-information-phonenumber" name="phonenumber" size="40" maxlength="255" value="<?php
if (isset($_SESSION[$session_array]['phonenumber'])) {
echo $_SESSION[$session_array]['phonenumber'];
}
?>
"/>
</div>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-poz_detyres"><?php
echo 'Pozicioni Detyres';
?>
</label>
<input class="form-control" type="text" id="profile-information-poz_detyres" name="poz_detyres" size="40" maxlength="255" value="<?php
if (isset($_SESSION[$session_array]['poz_detyres'])) {
echo $_SESSION[$session_array]['poz_detyres'];
}
?>
"/>
</div>
<!--shtohim fushen "Active" kur celim nje departament -->
<div class="clearfix"></div>
<div class="form-inline project-row1" id="profile-information-row">
<label class="col-sm-2 control-label"><?php
echo $hesklang['def_act'];
?>
: <font class="important">*</font></label>
<input class="form-control" type="checkbox" name="prof_active" value="1" <?php
if (isset($_SESSION[$session_array]['active']) && $_SESSION[$session_array]['active'] == "1") {
echo "checked";
}
?>
/>
</div>
<?php
if (!isset($_GET['a'])) {
?>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="newpass"><?php
echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass'];
?>
:</label>
<input class="form-control" type="password" required="required" title="Required field" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" />
</div>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="newpass2"><?php
echo $hesklang['confirm_pass'];
?>
:</label>
<input class="form-control" required="required" title="Required field" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" />
</div>
<?php
} else {
?>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-newpass"><?php
echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass'];
?>
:</label>
<input class="form-control" type="password" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" />
</div>
<div class="form-inline" id="profile-information-row">
<label class="col-sm-2 control-label" for="profile-information-confirmpass"><?php
echo $hesklang['confirm_pass'];
?>
:</label>
<input class="form-control" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" />
</div>
<?php
}
?>
<div class="form-inline" id="profile-information-pwdst-row">
<label class="col-sm-2 control-label"><?php
echo $hesklang['pwdst'];
?>
:</label>
<label style="vertical-align: top;">
<div class="form-control" style="width: 336px;">
<div id="progressBar" style="font-size: 1px; height: 20px; width: 0px; border: 1px solid white;"></div>
</div>
</label>
</div>
<div class="form-inline <?php
if (!isset($_GET['a']) || $_GET['a'] !== "editc") {
echo "hidden";
}
?>
" id="show-hide-kompani">
<label class="col-sm-2 control-label" for=""><?php
echo $hesklang['company'];
?>
:<font class="important">*</font></label>
<select class="form-control" id="select_company_manage_users" name="company_id" style="width: 336px;">
<option></option>
<?php
$res_comp = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'companies` ');
while ($row_comp = mysqli_fetch_array($res_comp)) {
if ($row_comp['active'] == 1) {
$temp_data = array();
$data_contract = hesk_dbQuery('SELECT id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE active=1 AND company_id =' . $row_comp['id']);
while ($row_contract = mysqli_fetch_array($data_contract)) {
$temp_data[] = $row_contract['id'];
}
if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) {
echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" selected="selected">' . $row_comp['company_name'] . '</option>';
} else {
echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" >' . $row_comp['company_name'] . '</option>';
}
} else {
if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) {
echo '<option selected="selected" disabled>' . $row_comp['company_name'] . '</option>';
}
}
}
?>
</select>
</div>
<br/>
<div class="form-inline <?php
if (!isset($_GET['a']) || $_GET['a'] !== "editc") {
echo "hidden";
}
?>
" id="show-hide-kontrata">
<label class="col-sm-2 control-label" for="select-kontrata"><?php
echo $hesklang['contract'];
?>
:<font class="important">*</font></label>
<select class="multiple form-control" multiple="multiple" id="select-kontrata" name="contract_id[]" style="width: 336px;">
<option></option>
<?php
$res_contract = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` ');
$temp = array();
if (isset($_GET["id"])) {
$res_contract_client = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contractforclient` WHERE client_Id=' . hesk_dbEscape($_GET["id"]));
while ($row_contract_data = mysqli_fetch_array($res_contract_client)) {
$temp[] = $row_contract_data['contract_Id'];
}
}
while ($row_contract = mysqli_fetch_array($res_contract)) {
if ($row_contract['active'] == 1) {
if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) {
echo '<option value="' . $row_contract['id'] . '" selected="selected">' . $row_contract['contract_name'] . '</option>';
} else {
echo '<option value="' . $row_contract['id'] . '" >' . $row_contract['contract_name'] . '</option>';
}
} else {
if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) {
echo '<option selected="selected" disabled>' . $row_contract['contract_name'] . '</option>';
}
}
}
?>
</select>
</div>
<div id="options" class="<?php
if (!isset($_GET['a']) || $_GET['a'] !== "editb") {
echo "hidden";
}
?>
">
<div class="permissions-category-features">
<!--<div class="form-inline">
<label class="col-sm-2 control-label"><?php
//echo $hesklang['allowed_cat'];
?>
: <font class="important">*</font></label>
<label>-->
<?php
/*foreach ($hesk_settings['categories'] as $catid => $catname)
{
echo '<label><input type="checkbox" name="categories[]" value="' . $catid . '" ';
if ( in_array($catid,$_SESSION[$session_array]['categories']) )
{
echo ' checked="checked" ';
}
echo ' />' . $catname . '</label>';
}*/
?>
<!--</label>
</div>-->
<div class="form-inline" id="permissions-features">
<label class="col-sm-2 control-label"><?php
echo $hesklang['allow_feat'];
?>
: <font class="important">*</font></label>
<div class="form-group" style="vertical-align: top;">
<?php
foreach ($hesk_settings['features'] as $k) {
echo '<label><input type="checkbox" name="features[]" value="' . $k . '" ';
if (in_array($k, $_SESSION[$session_array]['features'])) {
echo ' checked="checked" ';
}
echo ' />' . $hesklang[$k] . '</label><br /> ';
}
?>
</div>
</div>
</div><!-- end permissions-category-features -->
</div>
<?php
if (!$is_profile_page && $hesk_settings['autoassign']) {
?>
<div class="form-inline hidden" id="show-hide-optionsClient">
<label class="col-sm-6 control-label"><input type="checkbox" name="autoassign" value="Y" <?php
if (isset($_SESSION[$session_array]['autoassign']) && !empty($_SESSION[$session_array]['autoassign'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['user_aa'];
?>
</label>
</div>
<?php
}
?>
</div><!-- end profile-information -->
</div>
<!-- PROFILE INFO -->
<!-- SIGNATURE -->
<div role="tabpanel" class="tab-pane" id="signature">
<div class="form-inline signature-profile-func">
<label class="control-label col-sm-3"><?php
echo $hesklang['signature_max'];
?>
:</label>
<div class="form-group">
<textarea class="form-control" name="signature" rows="10" cols="60"><?php
echo $_SESSION[$session_array]['signature'];
?>
</textarea><br />
<?php
echo $hesklang['sign_extra'];
?>
</div>
</div><!-- end signature-profile-func -->
</div>
<!-- SIGNATURE -->
<?php
if (!$is_profile_page) {
?>
<!-- Projets for Users -->
<div role="tabpanel" class="tab-pane" id="project_users">
<div class="project_contract_table">
<table class="table table-bordered">
<tr>
<th class="admin_white" style="text-align:left"><b><i><?php
echo $hesklang['id'];
?>
</i></b></th>
<th class="admin_white" style="text-align:left"><b><i><?php
echo $hesklang['name'];
?>
</i></b></th>
<th class="admin_white" style="text-align:left"><b><i><?php
echo $hesklang['contract'];
?>
</i></b></th>
<th class="admin_white" style="text-align:left"><b><i><?php
echo $hesklang['project'];
?>
</i></b></th>
</tr>
<?php
if (isset($_GET['a']) && $_GET['a'] == "edit") {
$t1 = "users";
$t2 = "userforcontract";
$t3 = "userId";
$t4 = "contractId";
} else {
$t1 = "clients";
$t2 = "contractforclient";
$t3 = "client_Id";
$t4 = "contract_Id";
}
$result = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t1 . '` WHERE id=' . intval(hesk_GET('id')) . ' ORDER BY `id` ');
$i = 1;
while ($row = mysqli_fetch_array($result)) {
$staff = hesk_dbQuery('SELECT ' . $t3 . ',' . $t4 . ' FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t2 . '` WHERE ' . $t3 . '=' . $row['id']);
$staff_string = "";
$project_string = "";
while ($row1 = mysqli_fetch_array($staff)) {
$contract_staff = hesk_dbQuery('SELECT contract_name, project_id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE `id` ="' . $row1[$t4] . '"');
$contract = mysqli_fetch_array($contract_staff);
$staff_string .= $contract['contract_name'] . "<br/>";
$project_id = isset($contract['project_id']) ? $contract['project_id'] : "";
if (!empty($project_id)) {
$project_staff = hesk_dbQuery('SELECT project_name FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'projects` WHERE `id` ="' . $project_id . '"');
$project = mysqli_fetch_array($project_staff);
$project_string .= $project['project_name'] . "<br/>";
}
}
echo '<tr>
<td class="$color">' . $row['id'] . '</td>
<td class="$color">' . $row['name'] . '</td>
<td class="$color">' . $staff_string . '</td>
<td class="$color">' . $project_string . '</td>
</tr>';
}
?>
</table>
</div>
</div>
<?php
}
?>
<!-- End Projets for Users -->
<?php
if (!$is_profile_page || $can_reply_tickets) {
?>
<!-- PREFERENCES -->
<div role="tabpanel" class="tab-pane" id="preferences">
<div class="form-group preferences-profile-func">
<div class="form-inline">
<label class="col-sm-3 control-label"><?php
echo $hesklang['aftrep'];
?>
:</label>
<div class="form-group" style="vertical-align: top;">
<label><input type="radio" name="afterreply" value="0" <?php
if (!$_SESSION[$session_array]['afterreply']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['showtic'];
?>
</label><br />
<label><input type="radio" name="afterreply" value="1" <?php
if ($_SESSION[$session_array]['afterreply'] == 1) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['gomain'];
?>
</label><br />
<label><input type="radio" name="afterreply" value="2" <?php
if ($_SESSION[$session_array]['afterreply'] == 2) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['shownext'];
?>
</label><br />
</div>
</div>
<div class="form-inline preferences-profile-defaults">
<label class="col-sm-3 control-label"><?php
echo $hesklang['defaults'];
?>
:</label>
<div class="form-group" style="vertical-align: top;">
<?php
if ($hesk_settings['time_worked']) {
?>
<label><input type="checkbox" name="autostart" value="1" <?php
if (!empty($_SESSION[$session_array]['autostart'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['autoss'];
?>
</label><br />
<?php
}
?>
<label><input type="checkbox" name="notify_customer_new" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_customer_new'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pncn'];
?>
</label><br />
<label><input type="checkbox" name="notify_customer_reply" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_customer_reply'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pncr'];
?>
</label><br />
<label><input type="checkbox" name="show_suggested" value="1" <?php
if (!empty($_SESSION[$session_array]['show_suggested'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['pssy'];
?>
</label><br />
</div>
</div>
</div><!-- end preferences-profile-func -->
</div>
<!-- PREFERENCES -->
<?php
}
?>
<!-- NOTIFICATIONS -->
<div role="tabpanel" class="tab-pane" id="notifications">
<div class="notif-mw"><?php
echo $hesklang['nomw'];
?>
</div>
<div class="notifications-profile-func">
<div class="form-inline">
<div>
<?php
if (!$is_profile_page || $can_view_tickets) {
if (!$is_profile_page || $can_view_unassigned) {
?>
<label><input type="checkbox" name="notify_new_unassigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['nwts'];
?>
<?php
echo $hesklang['unas'];
?>
</label><br />
<?php
}
?>
<label><input type="checkbox" name="notify_new_my" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_new_my'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['nwts'];
?>
<?php
echo $hesklang['s_my'];
?>
</label><br />
<?php
if (!$is_profile_page || $can_view_unassigned) {
?>
<label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['ncrt'];
?>
<?php
echo $hesklang['unas'];
?>
</label><br />
<?php
}
?>
<label><input type="checkbox" name="notify_reply_my" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_reply_my'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['ncrt'];
?>
<?php
echo $hesklang['s_my'];
?>
</label><br />
<label><input type="checkbox" name="notify_assigned" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_assigned'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['ntam'];
?>
</label><br />
<label><input type="checkbox" name="notify_note" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_note'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['ntnote'];
?>
</label><br />
<?php
}
?>
<label><input type="checkbox" name="notify_pm" value="1" <?php
if (!empty($_SESSION[$session_array]['notify_pm'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $hesklang['npms'];
?>
</label><br />
</div>
</div>
</div><!-- end notifications-profile-func -->
</div>
<!-- NOTIFICATIONS -->
</div>
<!-- TABS -->
<script language="Javascript" type="text/javascript"><!--
hesk_checkPassword(document.form1.newpass.value);
//-->
</script>
<?php
if (isset($_SESSION[$session_array])) {
unset($_SESSION[$session_array]);
}
}
function toggle_autoassign()
{
global $hesk_settings, $hesklang;
/* A security check */
hesk_token_check();
$myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']);
$_SESSION['seluser'] = $myuser;
if (intval(hesk_GET('s'))) {
$autoassign = 1;
$tmp = $hesklang['uaaon'];
} else {
$autoassign = 0;
$tmp = $hesklang['uaaoff'];
}
/* Update auto-assign settings */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `autoassign`='{$autoassign}' WHERE `id`='" . intval($myuser) . "'");
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php');
}
hesk_process_messages($tmp, './manage_users.php', 'SUCCESS');
}
function remove_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
// Delete the service message
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
// Were we successful?
if (hesk_dbAffectedRows() == 1) {
hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS');
} else {
hesk_process_messages($hesklang['sm_not_found'], './service_messages.php');
}
}
*******************************************************************************/
define('IN_SCRIPT', 1);
define('HESK_PATH', './');
// Get all the required files and functions
require HESK_PATH . 'hesk_settings.inc.php';
require HESK_PATH . 'inc/common.inc.php';
// Are we in maintenance mode?
hesk_check_maintenance();
hesk_load_database_functions();
hesk_session_start();
// A security check
hesk_token_check();
// Get the tracking ID
$trackingID = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}");
// Get new status
$status = intval(hesk_GET('s', 0));
$oldStatus = $status;
$locked = 0;
// Connect to database
hesk_dbConnect();
// Get the close status. It'll be used later on
$statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsClosedByClient` = 1');
$statusRow = hesk_dbFetchAssoc($statusRes);
$closedStatus = $statusRow['ID'];
if ($status == 3) {
// Is customer closing tickets enabled?
if (!$hesk_settings['custclose']) {
hesk_error($hesklang['attempt']);
}
$status = $closedStatus;
$action = $hesklang['closed'];
require_once HESK_PATH . 'inc/knowledgebase_functions.inc.php';
hesk_load_database_functions();
hesk_session_start();
hesk_dbConnect();
hesk_isLoggedIn();
/* Is Knowledgebase enabled? */
if (!$hesk_settings['kb_enable']) {
hesk_error($hesklang['kbdis']);
}
/* Can this user manage Knowledgebase or just view it? */
$can_man_kb = hesk_checkPermission('can_man_kb', 0);
/* Any category ID set? */
$catid = intval(hesk_GET('category', 1));
$artid = intval(hesk_GET('article', 0));
if (isset($_GET['search'])) {
$query = hesk_input(hesk_GET('search'));
} else {
$query = 0;
}
$hesk_settings['kb_link'] = $artid || $catid != 1 || $query ? '<a href="knowledgebase_private.php" class="smaller">' . $hesklang['gopr'] . '</a>' : ($can_man_kb ? $hesklang['gopr'] : '');
if ($hesk_settings['kb_search'] && $query) {
hesk_kb_search($query);
} elseif ($artid) {
// Show drafts only to staff who can manage knowledgebase
if ($can_man_kb) {
$result = hesk_dbQuery("SELECT t1.*, t2.`name` AS `cat_name`\n\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\n\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\n\t\tWHERE `t1`.`id` = '{$artid}'\n\t\t");
} else {
$result = hesk_dbQuery("SELECT t1.*, t2.`name` AS `cat_name`\n\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\n\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\n\t\tWHERE `t1`.`id` = '{$artid}' AND `t1`.`type` IN ('0', '1')\n\t\t");
}
$article = hesk_dbFetchAssoc($result) or hesk_error($hesklang['kb_art_id']);
hesk_show_kb_article($artid);
$s = intval(hesk_POST('s'));
/* Get time worked in proper format */
$time_worked = hesk_getTime($h . ':' . $m . ':' . $s);
/* Update database */
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1");
/* Show ticket */
hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
}
/* Delete attachment action */
if (isset($_GET['delatt']) && hesk_token_check()) {
if (!$can_delete || !$can_edit) {
hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']);
$reply = intval(hesk_GET('reply', 0));
if ($reply < 1) {
$reply = 0;
}
/* Get attachment info */
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1");
if (hesk_dbNumRows($res) != 1) {
hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
$att = hesk_dbFetchAssoc($res);
/* Is ticket ID valid for this attachment? */
if ($att['ticket_id'] != $trackingID) {
hesk_process_messages($hesklang['trackID_not_found'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999));
}
/* Delete file from server */
hesk_unlink(HESK_PATH . $hesk_settings['attach_dir'] . '/' . $att['saved_name']);
