} else { $errors['err'] = $errors['assign'] = 'Action Denied. You are not allowed to assign/reassign tickets.'; } break; case 'postnote': /* Post Internal Note */ $fields = array(); $fields['title'] = array('type' => 'string', 'required' => 1, 'error' => 'Title required'); $fields['internal_note'] = array('type' => 'string', 'required' => 1, 'error' => 'Note message required'); if (!Validator::process($fields, $_POST, $errors) && !$errors['err']) { $errors['err'] = $errors['note'] = 'Missing or invalid data. Correct the error(s) below and try again!'; } if (!$errors && ($noteId = $ticket->postNote($_POST['title'], $_POST['internal_note']))) { $msg = 'Internal note posted successfully'; //Upload attachments IF ANY - TODO: validate attachment types?? if ($_FILES['attachments'] && ($files = Format::files($_FILES['attachments']))) { $ticket->uploadAttachments($files, $noteId, 'N'); } //Set state: Error on state change not critical! if (isset($_POST['note_ticket_state']) && $_POST['note_ticket_state']) { if ($ticket->setState($_POST['note_ticket_state']) && $ticket->reload()) { $msg .= ' and state changed to ' . strtoupper($_POST['note_ticket_state']); if ($ticket->isClosed()) { $ticket = null; } //Going back to main listing. } } } elseif (!$errors['note']) { $errors['note'] = 'Error(s) occurred. Unable to post the note.'; }
//Just Making sure we don't accept crap...only topicId is expected. if ($thisclient) { $_POST['name'] = $thisclient->getName(); $_POST['email'] = $thisclient->getEmail(); } elseif ($cfg->isCaptchaEnabled()) { if (!$_POST['captcha']) { $errors['captcha'] = 'Enter text shown on the image'; } elseif (strcmp($_SESSION['captcha'], md5($_POST['captcha']))) { $errors['captcha'] = 'Invalid - try again!'; } } //Ticket::create...checks for errors.. if ($ticket = Ticket::create($_POST, $errors, SOURCE)) { $msg = 'Support ticket request created'; //Upload attachments... if ($cfg->allowOnlineAttachments() && $_FILES['attachments'] && ($files = Format::files($_FILES['attachments']))) { $ost->validateFileUploads($files); //Validator sets errors - if any. $ticket->uploadAttachments($files, $ticket->getLastMsgId(), 'M'); } //Logged in...simply view the newly created ticket. if ($thisclient && $thisclient->isValid()) { if (!$cfg->showRelatedTickets()) { $_SESSION['_client']['key'] = $ticket->getExtId(); } //Resetting login Key to the current ticket! session_write_close(); session_regenerate_id(); @header('Location: tickets.php?id=' . $ticket->getExtId()); } //Thank the user and promise speedy resolution!
function add($vars, &$errors) { if (!($id = self::create($vars, $errors))) { return false; } if ($faq = self::lookup($id)) { $faq->updateTopics($vars['topics']); if ($_FILES['attachments'] && ($files = Format::files($_FILES['attachments']))) { $faq->uploadAttachments($files); } $faq->reload(); } return $faq; }
function postReply($vars, $files, $errors, $alert = true) { global $thisstaff, $cfg; if (!$thisstaff || !$thisstaff->isStaff() || !$cfg) { return 0; } if (!$vars['msgId']) { $errors['msgId'] = 'Missing messageId - internal error'; } if (!$vars['response']) { $errors['response'] = 'Resonse message required'; } if ($errors) { return 0; } $sql = 'INSERT INTO ' . TICKET_RESPONSE_TABLE . ' SET created=NOW() ' . ' ,ticket_id=' . db_input($this->getId()) . ' ,msg_id=' . db_input($vars['msgId']) . ' ,response=' . db_input(Format::striptags($vars['response'])) . ' ,staff_id=' . db_input($thisstaff->getId()) . ' ,staff_name=' . db_input($thisstaff->getName()) . ' ,ip_address=' . db_input($thisstaff->getIP()); if (!db_query($sql) || !($respId = db_insert_id())) { return false; } //Set status - if checked. if (isset($vars['reply_ticket_status']) && $vars['reply_ticket_status']) { $this->setStatus($vars['reply_ticket_status']); } /* We can NOT recover from attachment related failures at this point */ //upload files. $attachments = $uploads = array(); //Web based upload.. if ($files && is_array($files) && ($files = Format::files($files))) { $attachments = array_merge($attachments, $files); } //Canned attachments... if ($vars['cannedattachments'] && is_array($vars['cannedattachments'])) { $attachments = array_merge($attachments, $vars['cannedattachments']); } //Upload attachments -ids used on outgoing emails are returned. if ($attachments) { $uploads = $this->uploadAttachments($attachments, $respId, 'R'); } $this->onResponse(); //do house cleaning.. $this->reload(); $dept = $this->getDept(); /* email the user?? - if disabled - the bail out */ if (!$alert) { return $respId; } if (!($tpl = $dept->getTemplate())) { $tpl = $cfg->getDefaultTemplate(); } if (!($email = $cfg->getAlertEmail())) { $email = $cfg->getDefaultEmail(); } if ($tpl && ($msg = $tpl->getReplyMsgTemplate()) && $email) { $body = $this->replaceTemplateVars($msg['body']); $subj = $this->replaceTemplateVars($msg['subj']); $body = str_replace('%response', $vars['response'], $body); if ($vars['signature'] == 'mine') { $signature = $thisstaff->getSignature(); } elseif ($vars['signature'] == 'dept' && $dept && $dept->isPublic()) { $signature = $dept->getSignature(); } else { $signature = ''; } $body = str_replace("%signature", $signature, $body); if ($cfg->stripQuotedReply() && ($tag = $cfg->getReplySeparator())) { $body = "\n{$tag}\n\n" . $body; } //Set attachments if emailing. $attachments = $cfg->emailAttachments() && $uploads ? $this->getAttachments($respId, 'R') : array(); //TODO: setup 5 param (options... e.g mid trackable on replies) $email->send($this->getEmail(), $subj, $body, $attachments); } return $respId; }
} } //Process post...depends on $ticket object above. if ($_POST && is_object($ticket) && $ticket->getId()) { $errors = array(); switch (strtolower($_POST['a'])) { case 'reply': if (!$ticket->checkClientAccess($thisclient)) { //double check perm again! $errors['err'] = 'Access Denied. Possibly invalid ticket ID'; } if (!$_POST['message']) { $errors['message'] = 'Message required'; } //check attachment..if any is set $files = $cfg->allowOnlineAttachments() && $_FILES['attachments'] ? Format::files($_FILES['attachments']) : array(); if ($files) { foreach ($files as $file) { if (!$file['name']) { continue; } if (!$cfg->canUploadFileType($file['name'])) { $errors['attachment'] = 'Invalid file type [ ' . $file['name'] . ' ]'; } elseif ($file['size'] > $cfg->getMaxFileSize()) { $errors['attachment'] = 'File ' . $file['name'] . 'is too big. Max ' . $cfg->getMaxFileSize() . ' bytes allowed'; } } } if (!$errors) { //Everything checked out...do the magic. if ($msgid = $ticket->postMessage($_POST['message'], 'Web')) {
} //Upload NEW attachments IF ANY - TODO: validate attachment types?? if ($_FILES['attachments'] && ($files = Format::files($_FILES['attachments']))) { $canned->uploadAttachments($files); } $canned->reload(); } elseif (!$errors['err']) { $errors['err'] = 'Error updating canned reply. Try again!'; } break; case 'create': if ($id = Canned::create($_POST, $_FILES['attachments'], $errors)) { $msg = 'Canned response added successfully'; $_REQUEST['a'] = null; //Upload attachments if ($_FILES['attachments'] && ($c = Canned::lookup($id)) && ($files = Format::files($_FILES['attachments']))) { $c->uploadAttachments($files); } } elseif (!$errors['err']) { $errors['err'] = 'Unable to add canned response. Correct error(s) below and try again.'; } break; case 'mass_process': if (!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) { $errors['err'] = 'You must select at least one canned response'; } else { $count = count($_POST['ids']); if ($_POST['enable']) { $sql = 'UPDATE ' . CANNED_TABLE . ' SET isenabled=1 WHERE canned_id IN (' . implode(',', $_POST['ids']) . ')'; if (db_query($sql) && ($num = db_affected_rows())) { if ($num == $count) {