$result['status'] = 1;
}
if (isset($_FILES['attachment-file']['name']) && !empty($_FILES['attachment-file']['name'])) {
$error = do_upload($id);
if ($error == "") {
if ((int) $result['status'] == 2) {
squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d AND status=2", time(), $id);
send_memo($result['rep_u'], "User has added an attachment to ticket #" . $result['id'] . ". For more information visit: " . KARNAF_URL . "/edit.php?id=" . $result['id']);
}
echo "<div class=\"status\">Your attachment has been saved.</div><br>";
} else {
echo "<div class=\"status_err\">Error: " . $error . "</div><br>";
}
}
if ($isoper) {
if (IsGroupMember($result['rep_g']) || IsKarnafAdminSession()) {
$isadmin = 1;
}
if ($result['is_private'] && !$isadmin) {
AccessDenied("Ticket is marked as private.");
}
add_log("karnaf_view", $result['id']);
if (isset($_GET['usermode'])) {
$isoper = $isadmin = 0;
} else {
make_menus("Karnaf (HelpDesk)");
}
}
if ($isoper && defined("IRC_MODE")) {
echo "<center>*** You are an IRC Operator and see things users don't ***</center><br>\r\n";
}
sql_free_result($query2);
}
}
}
}
/* Remove waiting for user reply status from tickets that are re-assigned */
squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d AND status=2", time(), $id);
$autoload = 5;
}
/* Add action */
if (isset($_POST['action_text'])) {
if (!$is_private && isset($_POST['team_action']) && $_POST['team_action'] == "on") {
$is_private = 2;
}
if (!empty($_POST['action_text'])) {
if (!empty($_POST['onbehalf_g']) && (IsGroupMember("dalnet-aob") || IsKarnafAdminSession()) && IsGroupMember($_POST['onbehalf_g'])) {
/* Let SRAs/AOB/karnaf-admins add special actions */
$group = $_POST['onbehalf_g'];
}
squery("INSERT INTO karnaf_actions(tid,action,a_by_u,a_by_g,a_time,is_private) VALUES(%d,'%s','%s','%s',%d,%d)", $id, $_POST['action_text'], $nick, $group, time(), $is_private);
squery("UPDATE karnaf_tickets SET last_note='%s' WHERE id=%d", $_POST['action_text'] . " (" . $nick . ")", $id);
$autostatus = "The ticket has been updated.";
if ($is_private != 1) {
$email_update_str = "A new action has been added to the ticket.\r\nAction message: " . $_POST['action_text'];
}
} else {
$autostatus = "Nothing to update...";
}
if ($_POST['close'] == "1") {
if ($result['private_actions']) {
$is_private = 2;
<tr class="Karnaf_Head2">
<td colspan="2" align="center">Add new action</td>
</tr>
<tr>
<td colspan="2">
<textarea rows="8" style="width:99%" name="action_text" id="action_text"></textarea><br>
<?php
if (IsGroupMember("dalnet-aob") || IsKarnafAdminSession()) {
?>
Action on behalf of:
<select name="onbehalf_g">
<option value="">---</option>
<?php
$query2 = squery("SELECT id,name,gdesc FROM groups ORDER BY name");
while ($result2 = sql_fetch_array($query2)) {
if (!IsGroupMember($result2['name']) || $result2['name'] != KARNAF_ADMINS_GROUP && $result2['name'] != "dalnet-aob" && $result2['name'] != "dalnet-sra" && $result2['name'] != $result['rep_g']) {
continue;
}
?>
<option value="<?php
echo $result2['name'];
?>
"><?php
echo $result2['name'];
?>
</option>
<?php
}
sql_free_result($query2);
?>
</select>
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require "../ktools.php";
check_auth();
?>
<select name="cat3" id="cat3" onChange="javascript:loadext(this.value);">
<option value="0">--Select--</option>
<?php
$cat2_id = $_GET['id'];
$query = squery("SELECT id,name,allowed_group FROM karnaf_cat3 WHERE parent=%d ORDER BY priority,name", $cat2_id);
while ($result = sql_fetch_array($query)) {
if (!empty($result['allowed_group']) && !IsGroupMember($result['allowed_group'])) {
continue;
}
?>
<option value="<?php
echo $result['id'];
?>
"><?php
echo $result['name'];
?>
</option>
<?php
}
sql_free_result($query);
?>
</select>
echo $userinfo;
?>
</td>
<td><?php
echo str_replace("<", "<", $result['title']);
?>
</td>
<td>
<?php
if ($result['rep_u'] == $nick) {
echo "<td style=\"border: 1px solid black; background-color: green;\">" . $result['rep_u'] . "</td>\n";
} else {
if (!empty($result['rep_u'])) {
echo "<td><span title=\"" . $result['rep_g'] . "\" style=\"cursor:pointer\">" . $result['rep_u'] . "</span></td>\n";
} else {
if (IsGroupMember($result['rep_g'])) {
echo "<td class=\"karnaf_my_team\">" . $result['rep_g'] . "</td>\n";
} else {
echo "<td class=\"karnaf_not_my_team\">" . $result['rep_g'] . "</td>\n";
}
}
}
?>
</td>
<td><?php
echo $result['spriority'];
?>
</td>
<td><?php
echo showtime($result['open_time']);
?>
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require "../ktools.php";
check_auth();
$query = squery("SELECT g.name,t.body FROM (karnaf_templates AS t LEFT JOIN groups AS g ON g.id=t.group_id) WHERE t.id=%d", $_GET['id']);
while ($result = sql_fetch_array($query)) {
if (!IsGroupMember($result['name']) && !IsKarnafAdminSession()) {
continue;
}
echo $result['body'];
}
sql_free_result($query);
require_once "karnaf_footer.php";
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require_once "karnaf_header.php";
if (isset($_GET['team'])) {
$team = $_GET['team'];
} else {
$team = "none";
}
if (!IsKarnafAdminSession() && !IsGroupMember($team)) {
AccessDenied();
}
show_title("Karnaf - Team Stats");
make_menus("Karnaf (HelpDesk)");
# 1 week:
#$starttime = time() - 604800;
# 30 days:
#$starttime = time() - (86400*30);
if (isset($_GET['months'])) {
$months = (int) $_GET['months'];
} else {
$months = 1;
}
$starttime = time() - 86400 * 30 * $months;
$replies = 0;
$ureplies = 0;
?>
Statistics between <?php
<?
$userinfo = ($result['unick']=="Guest"?$result['uemail']:$result['unick']);
if(!defined("IRC_MODE") && !empty($result['ufullname'])) $userinfo = $result['ufullname'];
if(strlen($userinfo) > 30) $userinfo = substr($userinfo,0,30)."...";
echo $userinfo;
?>
</td>
<td><?php
echo str_replace("<", "<", $result['title']);
?>
</td>
<td>
<?
if($result['rep_u'] == $nick) echo "<td style=\"border: 1px solid black; background-color: green;\">".$result['rep_u']."</td>\n";
else if(!empty($result['rep_u'])) echo "<td><span title=\"".$result['rep_g']."\" style=\"cursor:pointer\">".$result['rep_u']."</span></td>\n";
else if(IsGroupMember($result['rep_g'])) echo "<td class=\"karnaf_my_team\">".$result['rep_g']."</td>\n";
else echo "<td class=\"karnaf_not_my_team\">".$result['rep_g']."</td>\n";
?>
</td>
<td><?php
echo $result['spriority'];
?>
</td>
<td><?php
echo showtime($result['open_time']);
?>
</td>
<td><?php
echo $action_cnt + $reply_cnt;
?>
</td>
$qstr = "SELECT t.id,t.randcode,t.status,t.title,t.description,t.unick,t.ufullname,t.uemail,t.uphone,t.uip,t.rep_u,\nt.rep_g,t.open_time,t.opened_by,t.is_real,t.is_private,t.email_upd,t.memo_upd,c1.name AS cat1_name,c2.name AS cat2_name,c3.name AS\ncat3_name,s.status_name,up.priority_name AS upriority,t.priority,sp.priority_name AS spriority, t.last_note \nFROM (karnaf_tickets AS t INNER JOIN karnaf_cat3 AS c3 ON c3.id=t.cat3_id INNER JOIN karnaf_cat2 AS c2 ON c2.id=c3.parent\nINNER JOIN karnaf_cat1 AS c1 ON c1.id=c2.parent INNER JOIN karnaf_statuses AS s ON s.status_id=t.status INNER JOIN karnaf_priorities AS up ON\nup.priority_id=t.upriority INNER JOIN karnaf_priorities AS sp ON\nsp.priority_id=t.priority) WHERE ";
$argv = array();
if ($status == 999) {
$qstr .= " (t.status!=0 and t.status!=5)";
} else {
$qstr .= " t.status=%d";
array_push($argv, $status);
}
$qstr .= " AND (rep_u='%s' or rep_u='')";
array_push($argv, $nick);
$qstr .= " ORDER BY t.priority DESC,t.open_time";
$cnt = 0;
array_unshift($argv, $qstr);
$query = squery_args($argv);
while ($result = sql_fetch_array($query)) {
if (!IsGroupMember($result['rep_g']) && (!defined("IRC_MODE") || !IsKarnafAdminSession())) {
continue;
}
/* Skip tickets for other teams */
if (strtolower($showall) == "none" && !empty($result['rep_u'])) {
continue;
}
if (strtolower($showall) == "onlymy" && empty($result['rep_u'])) {
continue;
}
$cnt++;
$query2 = squery("SELECT count(*) AS count FROM karnaf_actions WHERE tid=%d", $result['id']);
if ($result2 = sql_fetch_array($query2)) {
$action_cnt = (int) $result2['count'];
} else {
$action_cnt = 0;
$no_cache = 1;
show_title("Edit SQL Tables");
$sql_table = "none";
if (isset($_GET['table'])) {
$sql_table = $_GET['table'];
}
$allowed_tables = array(array("karnaf_priorities", "priority_id", array("priority_id", "priority_name")), array("karnaf_statuses", "status_id", array("status_id", "status_name", array("is_closed", "sqlselect", "select 0,'No' union select 1,'Yes'"))), array("karnaf_cat1", "id", array("name", "priority")), array("karnaf_cat2", "id", array("name", "priority", array("parent", "sqlselect", "select id,name from karnaf_cat1"), array("allowed_group", "sqlselect", "select '' AS id,'---' AS name union select id,name FROM groups ORDER BY name"))), array("karnaf_cat3", "id", array("name", "priority", array("parent", "sqlselect", "select cat2.id,concat(cat1.name,' - ',cat2.name) from (karnaf_cat2 AS cat2 LEFT JOIN karnaf_cat1 AS cat1 ON cat1.id=cat2.parent)"), array("default_priority", "sqlselect", "select priority_id,priority_name FROM karnaf_priorities"), array("default_group", "sqlselect", "select '','---' union select name,name FROM groups WHERE iskarnaf=1"), "extra", array("allowed_group", "sqlselect", "select '' AS id,'---' AS name union select id,name FROM groups ORDER BY name"))), array("karnaf_mail_accounts", "id", array(array("active", "sqlselect", "select 1,'Yes' union select 0,'No'"), array("type", "sqlselect", "select 0,'POP3' union select 1,'IMAP' union select 2,'POP3/SSL' union select 3,'IMAP/SSL'"), "host", "port", "user", array("pass", "password"), array("cat3_id", "sqlselect", "select cat3.id,concat(cat1.name,' - ',cat2.name,' - ',cat3.name) from (karnaf_cat3 AS cat3 LEFT JOIN karnaf_cat2 AS cat2 ON cat3.parent=cat2.id LEFT JOIN karnaf_cat1 AS cat1 ON cat1.id=cat2.parent)"), array("default_group", "sqlselect", "select '','---' union select id,name FROM groups WHERE iskarnaf=1"))), array("karnaf_ldap_accounts", "id", array(array("active", "sqlselect", "select 1,'Yes' union select 0,'No'"), array("type", "sqlselect", "select 0,'LDAP' union select 1,'LDAPS'"), "host", "user", array("pass", "password"), "ou", "filter")), array("users", "id", array("user", "pass", "email")), array("karnaf_mail_rules", "id", array(array("active", "sqlselect", "select 1,'Yes' union select 0,'No'"), "name", "priority", "rcpt_pattern", "to_pattern", "cc_pattern", "subject_pattern", "body_pattern", array("stop_duplicates", "sqlselect", "select 0,'No' union select 1,'Yes'"), array("break", "sqlselect", "select 0,'No' union select 1,'Yes'"), array("set_priority", "sqlselect", "select '' AS priority_id,'---' AS priority_name union select priority_id,priority_name FROM karnaf_priorities ORDER BY priority_id"), array("set_group", "sqlselect", "select '','---' union select name,name FROM groups WHERE iskarnaf=1"), "set_extra", array("set_cat3", "sqlselect", "select 0,'---' union select cat3.id,concat(cat1.name,' - ',cat2.name,' - ',cat3.name) from (karnaf_cat3 AS cat3 LEFT JOIN karnaf_cat2 AS cat2 ON cat3.parent=cat2.id LEFT JOIN karnaf_cat1 AS cat1 ON cat1.id=cat2.parent)"))), array("karnaf_sms_accounts", "id", array(array("active", "sqlselect", "select 1,'Yes' union select 0,'No'"), array("type", "sqlselect", "select 0,'Twilio'"), "account_id", "account_token", "from_number")));
$sql_rows = 0;
foreach ($allowed_tables as $x) {
if ($sql_table == $x[0]) {
$sql_table = $x[0];
$sql_id = $x[1];
$sql_rows = $x[2];
}
}
if (!IsKarnafAdminSession() && !($sql_table == "test-table" && IsGroupMember("test-group"))) {
AccessDenied();
}
if ($sql_table == "none") {
echo "Choose a table to edit:<br>\n";
foreach ($allowed_tables as $table) {
?>
<a href="mng_editsql.php?table=<?php
echo $table[0];
?>
"><?php
echo $table[0];
?>
</a><br>
<?php
}
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information. #
##################################################################
require_once "karnaf_header.php";
CheckOperSession();
if (!IsGroupMember("dalnet-leads") && !IsKarnafAdminSession()) {
AccessDenied();
}
show_title("Manage Karnaf Templates");
make_menus("Karnaf (HelpDesk)");
if (isset($_GET['del'])) {
squery("DELETE FROM karnaf_templates WHERE id=%d", $_GET['del']);
add_log("Karnaf_Templates", "DELETE #" . $_GET['del']);
echo "<div class=\"status\">The template has been deleted.</div><br>";
} else {
if (isset($_POST['id']) && !empty($_POST['id'])) {
squery("UPDATE karnaf_templates SET group_id=%d,subject='%s',body='%s' WHERE id=%d", $_POST['group'], $_POST['subject'], $_POST['body'], $_POST['id']);
add_log("Karnaf_Templates", "UPDATE #" . $_POST['id']);
echo "<div class=\"status\">The template has been updated.</div><br>";
} else {
if (isset($_POST['new'])) {
squery("INSERT INTO karnaf_templates(group_id,subject,body) VALUES(%d,'%s','%s')", $_POST['group'], $_POST['subject'], $_POST['body']);
add_log("Karnaf_Templates", "INSERT " . $_POST['subject']);
echo "<div class=\"status\">The template has been added.</div><br>";
}
}
}
$r_cmd = "Add";