public function log($user) { $defLogs = $this->settings->defKeepLogs ? unserialize($this->settings->defKeepLogs) : array(); mysql_query("INSERT INTO `" . DB_PREFIX . "log` (\n `ts`,`userID`,`ip`,`type`\n ) VALUES (\n UNIX_TIMESTAMP(UTC_TIMESTAMP),'{$user->id}','" . mswIPAddresses() . "','user'\n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Clear previous.. if (isset($defLogs['user']) && $defLogs['user'] > 0) { mysql_query("DELETE FROM `" . DB_PREFIX . "log` WHERE `userID` = '{$user->id}' AND `id` < \n\t(SELECT min(`id`) FROM\n (SELECT `id` FROM `" . DB_PREFIX . "log` \n\t WHERE `userID` = '{$user->id}' \n\t AND `type` = 'user' \n\t ORDER BY `id` DESC LIMIT " . $defLogs['user'] . "\n\t) AS `" . DB_PREFIX . "log`)") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } }
public function updateIP($id, $type = 'ticket') { switch ($type) { case 'ticket': mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `ipAddresses` = '" . mswIPAddresses() . "'\n WHERE `id` = '{$id}'\n "); break; case 'reply': break; } }
public function checkban($s, $dt) { $q = mysql_query("SELECT `id`,`banstamp` FROM `" . DB_PREFIX . "ban`\n WHERE `type` = 'login'\n\t AND `ip` = '" . mswIPAddresses() . "'\n\t AND `count` = '{$s->loginLimit}'\n LIMIT 1\n "); $B = mysql_fetch_object($q); // If found, check ban time against current timestamp.. if (isset($B->id)) { $now = $dt->mswUTC(); $bantime = $B->banstamp; $elapsed = (int) ($now - $bantime) / 60; if ($s->banTime > 0 && $elapsed >= $s->banTime) { // Remove.. mysql_query("DELETE FROM `" . DB_PREFIX . "ban`\n WHERE `type` = 'login'\n\t AND `ip` = '" . mswIPAddresses() . "'\n\t "); return 'ok'; } return 'fail'; } return 'ok'; }
public function log($msg) { if ($this->settings->imap_debug == 'yes') { $id = $this->imapController->id; $existing = file_exists(PATH . $this->log_folder . '/imap-debug-log-' . $id . '.txt') ? trim(file_get_contents(PATH . $this->log_folder . '/imap-debug-log-' . $id . '.txt')) : ''; if ($existing == '') { $message = '- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -' . mswDefineNewline(); $message .= 'IMAP DEBUG LOG: ' . date('d/F/Y @ H:iA', $this->datetime->mswTimeStamp()) . mswDefineNewline(); $message .= '- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -' . mswDefineNewline() . mswDefineNewline(); $message .= 'Imap ID: ' . $id . mswDefineNewline(); $message .= 'Imap Host: ' . $this->imapController->im_host . mswDefineNewline(); $message .= 'Imap User: '******'Imap Port: ' . $this->imapController->im_port . mswDefineNewline(); $message .= 'Imap SSL: ' . ucfirst($this->imapController->im_ssl) . mswDefineNewline(); $message .= 'Imap Folder: ' . $this->imapController->im_name . mswDefineNewline(); $message .= mswDefineNewline() . '= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =' . mswDefineNewline() . mswDefineNewline(); } else { $message = ''; } $message .= '[' . mswIPAddresses() . '-' . date('d/F/Y @ H:i:s', $this->datetime->mswTimeStamp()) . '] Action/Info: ' . str_replace('{nl}', mswDefineNewline(), $msg) . mswDefineNewline(); $message .= mswDefineNewline() . '= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =' . mswDefineNewline() . mswDefineNewline(); @file_put_contents(PATH . $this->log_folder . '/imap-debug-log-' . $id . '.txt', $message, FILE_APPEND); } }
public function addTicketReply() { $tID = (int) $_GET['id']; $array = array('no', $tID, ''); $mergeID = isset($_POST['mergeid']) ? mswReverseTicketNumber($_POST['mergeid']) : '0'; $newID = $mergeID > 0 ? $mergeID : $tID; // Are we merging this ticket.. if ($mergeID > 0) { if (mswRowCount('tickets WHERE `id` = \'' . $mergeID . '\'') > 0) { // Get original ticket and convert it to a reply.. $OTICKET = mswGetTableData('tickets', 'id', $tID); // Get new parent data for department.. $MERGER = mswGetTableData('tickets', 'id', $mergeID); // Account information.. $PORTAL = mswGetTableData('portal', 'id', $MERGER->visitorID); // Add original ticket as reply.. mysql_query("INSERT INTO `" . DB_PREFIX . "replies` (\n `ts`,\n `ticketID`,\n `comments`,\n `replyType`,\n `replyUser`,\n `isMerged`,\n `ipAddresses` \n ) VALUES (\n UNIX_TIMESTAMP(UTC_TIMESTAMP),\n '{$mergeID}',\n '" . mswSafeImportString($OTICKET->comments) . "',\n 'visitor',\n '{$OTICKET->visitorID}',\n 'yes',\n '{$OTICKET->ipAddresses}' \n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Now remove original ticket mysql_query("DELETE FROM `" . DB_PREFIX . "tickets` WHERE `id` = '{$tID}'") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Move any replies attached to original ticket to new parent.. // Update timestamp so they fall in line.. mysql_query("UPDATE `" . DB_PREFIX . "replies` SET\n\t `ts` = UNIX_TIMESTAMP(UTC_TIMESTAMP),\n `ticketID` = '{$mergeID}',\n `isMerged` = 'yes'\n WHERE `ticketID` = '{$tID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Move attachments to new ticket id.. mysql_query("UPDATE `" . DB_PREFIX . "attachments` SET\n `ticketID` = '{$mergeID}',\n `department` = '{$MERGER->department}'\n WHERE `ticketID` = '{$tID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Move custom field data to new ticket.. mysql_query("UPDATE `" . DB_PREFIX . "ticketfields` SET\n `ticketID` = '{$mergeID}'\n WHERE `ticketID` = '{$tID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Remove history for old ticket.. mysql_query("DELETE FROM `" . DB_PREFIX . "tickethistory` WHERE `ticketID` = '{$tID}'") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Move any dispute user data to new ticket.. mysql_query("UPDATE `" . DB_PREFIX . "disputes` SET\n `ticketID` = '{$mergeID}'\n WHERE `ticketID` = '{$tID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Overwrite array.. $array = array('yes', $mergeID, $OTICKET->subject); } } // Add new reply.. mysql_query("INSERT INTO `" . DB_PREFIX . "replies` (\n `ts`,\n `ticketID`,\n `comments`,\n `replyType`,\n `replyUser`,\n `isMerged`,\n `ipAddresses` \n ) VALUES (\n UNIX_TIMESTAMP(UTC_TIMESTAMP),\n '{$newID}',\n '" . mswSafeImportString($_POST['comments']) . "',\n 'admin',\n '{$this->team->id}',\n 'no',\n '" . mswIPAddresses() . "' \n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); $newReply = mysql_insert_id(); // Custom field data.. if (!empty($_POST['customField'])) { // Check to see if any checkboxes arrays are now blank.. // If there are, create empty array to prevent ommission in loop.. if (!empty($_POST['hiddenBoxes'])) { foreach ($_POST['hiddenBoxes'] as $hb) { if (!isset($_POST['customField'][$hb])) { $_POST['customField'][$hb] = array(); } } } foreach ($_POST['customField'] as $k => $v) { $data = ''; // If value is array, its checkboxes.. if (is_array($v)) { if (!empty($v)) { $data = implode('#####', $v); } } else { $data = $v; } $k = (int) $k; // If data exists, update or add entry.. // If blank or 'nothing-selected', delete if exists.. if ($data != '' && $data != 'nothing-selected') { if (mswRowCount('ticketfields WHERE `ticketID` = \'' . $newID . '\' AND `fieldID` = \'' . $k . '\' AND `replyID` = \'' . $newReply . '\'') > 0) { mysql_query("UPDATE `" . DB_PREFIX . "ticketfields` SET\n `fieldData` = '" . mswSafeImportString($data) . "'\n WHERE `ticketID` = '{$newID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '{$newReply}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } else { mysql_query("INSERT INTO `" . DB_PREFIX . "ticketfields` (\n `fieldData`,`ticketID`,`fieldID`,`replyID`\n ) VALUES (\n '" . mswSafeImportString($data) . "','{$newID}','{$k}','{$newReply}'\n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); } } else { mysql_query("DELETE FROM `" . DB_PREFIX . "ticketfields`\n WHERE `ticketID` = '{$newID}'\n AND `fieldID` = '{$k}'\n AND `replyID` = '{$newReply}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); if (mswRowCount('ticketfields') == 0) { @mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "ticketfields`"); } } } } // Update ticket status.. $status = in_array($_POST['status'], array('close', 'open', 'closed', 'submit_report')) ? $_POST['status'] : 'open'; mysql_query("UPDATE `" . DB_PREFIX . "tickets` SET\n `lastrevision` = UNIX_TIMESTAMP(UTC_TIMESTAMP),\n `ticketStatus` = '{$status}',\n `replyStatus` = 'visitor'\n WHERE `id` = '{$newID}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // If specified, add reply as standard response.. if ($_POST['response']) { // Add response.. $dept = empty($_POST['dept']) ? implode(',', $_POST['deptall']) : implode(',', $_POST['dept']); mysql_query("INSERT INTO `" . DB_PREFIX . "responses` (\n `ts`,\n `title`,\n `answer`,\n `departments`\n ) VALUES (\n UNIX_TIMESTAMP(UTC_TIMESTAMP),\n '" . mswSafeImportString($_POST['response']) . "',\n '" . mswSafeImportString($_POST['comments']) . "',\n '" . mswSafeImportString($dept) . "'\n )") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); // Rebuild sequence.. include_once PATH . 'control/classes/class.responses.php'; $MSSTR = new standardResponses(); $MSSTR->rebuildSequence(); } $array[] = $newReply; return $array; }
CUSTOM MAIL HEADERS Custom mail headers should always start 'X-'. Array key is custom header name and array value is the custom header value. Example: $customMailHeaders = array( 'X-Custom' => 'Value', 'X-Custom2' => 'Value 2' ); */ $customMailHeaders = array(); /* GLOBAL MAIL TAGS Tags here are sent to ALL emails.. */ $MSMAIL->smtp_host = $SETTINGS->smtp_host; $MSMAIL->smtp_user = $SETTINGS->smtp_user; $MSMAIL->smtp_pass = $SETTINGS->smtp_pass; $MSMAIL->smtp_port = $SETTINGS->smtp_port; $MSMAIL->debug = $SETTINGS->smtp_debug; $MSMAIL->smtp_sec = $SETTINGS->smtp_security; $MSMAIL->charset = $mail_charset; $MSMAIL->xheaders = $customMailHeaders; $MSMAIL->config = (array) $SETTINGS; $MSMAIL->mailSwitch = $SETTINGS->enableMail; $MSMAIL->addTag('{DATE}', $MSDT->mswDateTimeDisplay(0, $SETTINGS->dateformat)); $MSMAIL->addTag('{TIME}', $MSDT->mswDateTimeDisplay(0, $SETTINGS->timeformat)); $MSMAIL->addTag('{WEBSITE_NAME}', $SETTINGS->website); $MSMAIL->addTag('{WEBSITE_URL}', $SETTINGS->scriptpath); $MSMAIL->addTag('{ADMIN_FOLDER}', $SETTINGS->afolder); $MSMAIL->addTag('{IP}', mswIPAddresses());
if (in_array('attach|input', $eFields)) { for ($i = 0; $i < count($_FILES['attachment']['tmp_name']); $i++) { @unlink($_FILES['attachment']['tmp_name'][$i]); } $ticketAttachments = array(); } } // Check required custom fields.. $customCheckFields = $MSFIELDS->check('reply', $T->department); if (!empty($customCheckFields)) { $eFields = array_merge($eFields, $customCheckFields); } // All ok? if (empty($eFields)) { // Add reply.. $replyID = $MSTICKET->reply(array('ticket' => $T->id, 'visitor' => $LI_ACC->id, 'quoteBody' => '', 'comments' => $_POST['comments'], 'repType' => 'visitor', 'ip' => mswIPAddresses(), 'disID' => isset($PRIV->id) ? $LI_ACC->id : '0')); // Proceed if ok.. if ($replyID > 0) { // Add attachments.. if ($SETTINGS->attachment == 'yes' && !empty($ticketAttachments)) { for ($i = 0; $i < count($ticketAttachments); $i++) { $a_name = $ticketAttachments[$i]['name']; $a_temp = $ticketAttachments[$i]['temp']; $a_size = $ticketAttachments[$i]['size']; $a_mime = $ticketAttachments[$i]['type']; if ($a_name && $a_temp && $a_size > 0) { $atID = $MSTICKET->addAttachment(array('temp' => $a_temp, 'name' => $a_name, 'size' => $a_size, 'mime' => $a_mime, 'tID' => $T->id, 'rID' => $replyID, 'dept' => $T->department, 'incr' => $i)); $attString[] = $SETTINGS->scriptpath . '/?attachment=' . $atID; } } }
if (isset($_SESSION['disputeAccessID']) && (int) $_SESSION['disputeAccessID'] > 0) { $redr = 'index.php?d=' . $_SESSION['disputeAccessID']; unset($_SESSION['disputeAccessID']); } if (isset($_SESSION['redirectPage'])) { $redr = 'index.php?p=open'; unset($_SESSION['redirectPage']); } // Add entry log.. if ($ACC->enableLog == 'yes') { $MSACC->log($ACC->id); } // Clear any ban logs.. $MSACC->clearban(); // Update IP if blank (ie: admin added) if (mswIPAddresses() != $ACC->ip) { $MSACC->updateIP($ACC->id); } $json = array('status' => 'ok', 'field' => 'redirect', 'msg' => $redr); } else { $_SESSION[md5(SECRET_KEY) . '_msw_support'] = $ACC->email; $json = array('status' => 'ok', 'field' => 'suspended', 'msg' => ''); } } else { // Is max attempts and ban time enabled? if ($SETTINGS->loginLimit > 0) { $MSACC->ban(); } $json = array('status' => 'err', 'field' => 'email', 'msg' => $msg_main8); } }
// History if affected rows.. if ($rows > 0) { $MSTICKET->historyLog($T->id, str_replace('{user}', mswSpecialChars($LI_ACC->name), $msg_ticket_history['vis-ticket-close'])); $T = mswGetTableData('tickets', 'id', $T->id); $ticketSystemMsg = $msg_public_ticket13; } } // Add reply.. if (isset($_POST['process'])) { define('T_PERMS', 't'); include PATH . 'control/system/accounts/account-ticket-reply.php'; } // Is IP blank? if ($T->ipAddresses == '' && $T->visitorID == $LI_ACC->id) { $MSTICKET->updateIP($T->id); $T->ipAddresses = mswIPAddresses(); } // Variables.. $title = str_replace('{ticket}', mswTicketNumber($_GET['t']), $msg_showticket4); include PATH . 'control/header.php'; $tpl = new Savant3(); $tpl->assign('TICKET', $T); $tpl->assign('TXT', array($title, $msg_header11, $msg_header3, $msg_main11, $MSYS->levels($T->priority), $MSDT->mswDateTimeDisplay($T->ts, $SETTINGS->dateformat), $MSDT->mswDateTimeDisplay($T->ts, $SETTINGS->timeformat), $msg_viewticket75, $MSYS->department($T->department, $msg_script30), str_replace('{url}', 'index.php?t=' . $_GET['t'] . '&lk=yes', $msg_viewticket45), $msg_public_ticket, $msg_open19, $msg_newticket43, $msg_viewticket101, $msg_showticket5, $msg_viewticket78, $msg_newticket37, $msg_newticket38, $attachRestrictions, $bb_code_buttons, $msg_public_ticket3, $msg_public_ticket4, $msg_public_ticket9, $msg_viewticket27, $msg_public_ticket10)); $tpl->assign('COMMENTS', $MSPARSER->mswTxtParsingEngine($T->comments)); $tpl->assign('CUSTOM_FIELD_DATA', $MSFIELDS->display($T->id)); $tpl->assign('ATTACHMENTS', $MSTICKET->attachments($T->id)); $tpl->assign('TICKET_REPLIES', $MSTICKET->replies($T->id, mswSpecialChars($LI_ACC->name))); $tpl->assign('ENTRY_CUSTOM_FIELDS', $MSFIELDS->build('reply', $T->department)); $tpl->assign('SYSTEM_MESSAGE', !empty($eFields) ? str_replace('{count}', count($eFields), $msg_public_ticket8) : $ticketSystemMsg); // Post fields..will populate on refresh.. $tpl->assign('POST', array('comments' => isset($_POST['comments']) ? mswSpecialChars($_POST['comments']) : ''));
: <?php echo $this->USER_DATA->timezone ? $this->USER_DATA->timezone : $this->SETTINGS->timezone; ?> <br> • <?php echo $this->TXT[6]; ?> : <?php echo ucfirst($this->USER_DATA->language); ?> <br> • <?php echo $this->TXT[8]; ?> : <?php echo mswIPAddresses(); ?> </div> </div> </div> </div> </div> <div class="row-fluid"> <div class="block" style="padding:0;margin:0;margin-top:10px"> <p class="block-heading uppercase"><i class="icon-ticket"></i> <?php echo $this->TXT[3]; ?> </p> <div class="block-body">
$name = $_POST['name']; $email = $_POST['email']; $pass = $MSACC->ms_generate(); $mailT = PATH . 'content/language/' . $SETTINGS->language . '/mail-templates/new-account.txt'; // Create account.. $userID = $MSACC->add(array('name' => $name, 'email' => $email, 'pass' => $pass, 'enabled' => 'yes', 'verified' => 'yes', 'timezone' => $SETTINGS->timezone, 'ip' => mswIPAddresses(), 'notes' => '', 'language' => $SETTINGS->language)); // Send email about new account.. $MSMAIL->addTag('{ACC_NAME}', $name); $MSMAIL->addTag('{ACC_EMAIL}', $email); $MSMAIL->addTag('{PASS}', $pass); $MSMAIL->addTag('{LOGIN_URL}', $SETTINGS->scriptpath); $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $email, 'to_name' => $name, 'subject' => str_replace(array('{website}'), array($SETTINGS->website), $emailSubjects['new-account']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => $mailT, 'language' => $SETTINGS->language, 'alive' => 'yes')); } // Add ticket to database.. if ($userID > 0) { $ID = $MSTICKET->add(array('dept' => $deptID, 'assigned' => $DP->manual_assign == 'yes' ? 'waiting' : '', 'visitor' => $userID, 'subject' => $_POST['subject'], 'quoteBody' => '', 'comments' => $_POST['comments'], 'priority' => $_POST['priority'], 'replyStatus' => 'start', 'ticketStatus' => 'open', 'ip' => mswIPAddresses(), 'notes' => '', 'disputed' => 'no')); // Proceed if ticket added ok.. if ($ID > 0) { // Add attachments.. if ($SETTINGS->attachment == 'yes' && !empty($ticketAttachments)) { for ($i = 0; $i < count($ticketAttachments); $i++) { $a_name = $ticketAttachments[$i]['name']; $a_temp = $ticketAttachments[$i]['temp']; $a_size = $ticketAttachments[$i]['size']; $a_mime = $ticketAttachments[$i]['type']; if ($a_name && $a_temp && $a_size > 0) { $atID = $MSTICKET->addAttachment(array('temp' => $a_temp, 'name' => $a_name, 'size' => $a_size, 'mime' => $a_mime, 'tID' => $ID, 'rID' => 0, 'dept' => $deptID, 'incr' => $i)); $attString[] = $SETTINGS->scriptpath . '/?attachment=' . $atID; } } }