function hesk_autoLogin($noredirect = 0) { global $hesk_settings, $hesklang, $hesk_db_link; if (!$hesk_settings['autologin']) { return false; } $user = hesk_htmlspecialchars(hesk_COOKIE('hesk_username')); $hash = hesk_htmlspecialchars(hesk_COOKIE('hesk_p')); define('HESK_USER', $user); if (empty($user) || empty($hash)) { return false; } /* Login cookies exist, now lets limit brute force attempts */ hesk_limitBfAttempts(); /* Check username */ $result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1"); if (hesk_dbNumRows($result) != 1) { setcookie('hesk_username', ''); setcookie('hesk_p', ''); header('Location: index.php?a=login¬ice=1'); exit; } $res = hesk_dbFetchAssoc($result); /* Check password */ if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass'])) { setcookie('hesk_username', ''); setcookie('hesk_p', ''); header('Location: index.php?a=login¬ice=1'); exit; } // Set user details foreach ($res as $k => $v) { $_SESSION[$k] = $v; } /* Check if default password */ if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') { hesk_process_messages($hesklang['chdp'], 'NOREDIRECT', 'NOTICE'); } // Set a tag that will be used to expire sessions after username or password change $_SESSION['session_verify'] = hesk_activeSessionCreateTag($user, $_SESSION['pass']); // We don't need the password hash anymore unset($_SESSION['pass']); /* Login successful, clean brute force attempts */ hesk_cleanBfAttempts(); /* Regenerate session ID (security) */ hesk_session_regenerate_id(); /* Get allowed categories */ if (empty($_SESSION['isadmin'])) { $_SESSION['categories'] = explode(',', $_SESSION['categories']); } /* Renew cookies */ setcookie('hesk_username', "{$user}", strtotime('+1 year')); setcookie('hesk_p', "{$hash}", strtotime('+1 year')); /* Close any old tickets here so Cron jobs aren't necessary */ if ($hesk_settings['autoclose']) { $revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']); $dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400); // Notify customer of closed ticket? if ($hesk_settings['notify_closed']) { // Get list of tickets $result = hesk_dbQuery("SELECT * FROM `" . $hesk_settings['db_pfix'] . "tickets` WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' "); if (hesk_dbNumRows($result) > 0) { global $ticket; // Load required functions? if (!function_exists('hesk_notifyCustomer')) { require HESK_PATH . 'inc/email_functions.inc.php'; } while ($ticket = hesk_dbFetchAssoc($result)) { $ticket['dt'] = hesk_date($ticket['dt'], true); $ticket['lastchange'] = hesk_date($ticket['lastchange'], true); $ticket = hesk_ticketToPlain($ticket, 1, 0); hesk_notifyCustomer('ticket_closed'); } } } // Update ticket statuses and history in database hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`='3', `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' "); } /* If session expired while a HESK page is open just continue using it, don't redirect */ if ($noredirect) { return true; } /* Redirect to the destination page */ header('Location: ' . hesk_verifyGoto()); exit; }
function print_login() { global $hesk_settings, $hesklang; $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login']; require_once HESK_PATH . 'inc/header.inc.php'; if (hesk_isREQUEST('notice')) { hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT'); } if (!isset($_SESSION['a_iserror'])) { $_SESSION['a_iserror'] = array(); } ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="3"><img src="../img/headerleftsm.jpg" width="3" height="25" alt="" /></td> <td class="headersm"><?php echo $hesklang['login']; ?> </td> <td width="3"><img src="../img/headerrightsm.jpg" width="3" height="25" alt="" /></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="3"> <tr> <td><span class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?> " class="smaller"><?php echo $hesk_settings['site_title']; ?> </a> > <?php echo $hesklang['admin_login']; ?> </span></td> </tr> </table> </td> </tr> <tr> <td> <br /> <?php /* This will handle error, success and notice messages */ hesk_handle_messages(); ?> <br /> <div align="center"> <table border="0" cellspacing="0" cellpadding="0" width="<?php echo $hesk_settings['secimg_use'] == 2 ? '60' : '50'; ?> % "> <tr> <td width="7" height="7"><img src="../img/roundcornerslt.jpg" width="7" height="7" alt="" /></td> <td class="roundcornerstop"></td> <td><img src="../img/roundcornersrt.jpg" width="7" height="7" alt="" /></td> </tr> <tr> <td class="roundcornersleft"> </td> <td> <form action="index.php" method="post" name="form1"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="60" style="text-align:center"><img src="../img/login.png" alt="" width="24" height="24" /></td> <td> <p><b><?php echo $hesklang['admin_login']; ?> </a></b></p> </td> </tr> <tr> <td width="60"> </td> <td> </td> </tr> <tr> <td width="60"> </td> <td><?php echo $hesklang['username']; ?> :<br /> <?php $cls = in_array('user', $_SESSION['a_iserror']) ? ' class="isError" ' : ''; if (defined('HESK_USER')) { $savedUser = HESK_USER; } else { $savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username')); } $is_1 = ''; $is_2 = ''; $is_3 = ''; $remember_user = hesk_POST('remember_user'); if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) { $is_1 = 'checked="checked"'; } elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') { $is_2 = 'checked="checked"'; } else { $is_3 = 'checked="checked"'; } if ($hesk_settings['list_users']) { echo '<select name="user" ' . $cls . '>'; $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC'); while ($row = hesk_dbFetchAssoc($res)) { $sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : ''; echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>'; } echo '</select>'; } else { echo '<input type="text" name="user" size="35" value="' . $savedUser . '" ' . $cls . ' />'; } ?> </td> </tr> <tr> <td width="60"> </td> <td> </td> </tr> <tr> <td width="60"> </td> <td><?php echo $hesklang['pass']; ?> :<br /><input type="password" name="pass" size="35" <?php if (in_array('pass', $_SESSION['a_iserror'])) { echo ' class="isError" '; } ?> /></td> </tr> <?php if ($hesk_settings['secimg_use'] == 2) { ?> <tr> <td width="60"> </td> <td> <hr /> <?php // SPAM prevention verified for this session if (isset($_SESSION['img_a_verified'])) { echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy']; } elseif ($hesk_settings['recaptcha_use']) { ?> <script type="text/javascript"> var RecaptchaOptions = { theme : '<?php echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white'; ?> ', custom_translations : { visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?> ", audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?> ", refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?> ", instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?> ", instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?> ", instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?> ", help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?> ", play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?> ", cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?> ", incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?> ", image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?> ", }, }; </script> <?php require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php'; echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, $hesk_settings['recaptcha_ssl']); } else { $cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : ''; echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />'; } ?> <hr /> </td> </tr> <?php } else { ?> <tr> <td width="60"> </td> <td> </td> </tr> <?php } // End if $hesk_settings['secimg_use'] == 2 if ($hesk_settings['autologin']) { ?> <tr> <td width="60"> </td> <td><label><input type="radio" name="remember_user" value="AUTOLOGIN" <?php echo $is_1; ?> /> <?php echo $hesklang['autologin']; ?> </label><br /> <label><input type="radio" name="remember_user" value="JUSTUSER" <?php echo $is_2; ?> /> <?php echo $hesklang['just_user']; ?> </label><br /> <label><input type="radio" name="remember_user" value="NOTHANKS" <?php echo $is_3; ?> /> <?php echo $hesklang['nothx']; ?> </label></td> </tr> <?php } else { ?> <tr> <td width="60"> </td> <td><label><input type="checkbox" name="remember_user" value="JUSTUSER" <?php echo $is_2; ?> /> <?php echo $hesklang['remember_user']; ?> </label></td> </tr> <?php } // End if $hesk_settings['autologin'] ?> <tr> <td width="60"> </td> <td> </td> </tr> <tr> <td width="60"> </td> <td><input type="submit" value="<?php echo $hesklang['click_login']; ?> " class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /> <input type="hidden" name="a" value="do_login" /> <?php if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) { echo '<input type="hidden" name="goto" value="' . $url . '" />'; } ?> <br /> </td> </tr> </table> </form> </td> <td class="roundcornersright"> </td> </tr> <tr> <td><img src="../img/roundcornerslb.jpg" width="7" height="7" alt="" /></td> <td class="roundcornersbottom"></td> <td width="7" height="7"><img src="../img/roundcornersrb.jpg" width="7" height="7" alt="" /></td> </tr> </table> </div> <p> </p> <?php hesk_cleanSessionVars('a_iserror'); require_once HESK_PATH . 'inc/footer.inc.php'; exit; }
function print_login() { global $hesk_settings, $hesklang; // Tell header to load reCaptcha API if needed if ($hesk_settings['recaptcha_use'] == 2) { define('RECAPTCHA', 1); } $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login']; require_once HESK_PATH . 'inc/header.inc.php'; if (hesk_isREQUEST('notice')) { hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT'); } if (!isset($_SESSION['a_iserror'])) { $_SESSION['a_iserror'] = array(); } ?> <div class="loginError"><?php /* This will handle error, success and notice messages */ hesk_handle_messages(); ?> </div> <div> <div class="panel panel-default form-signin"> <div class="panel-heading"> <h4><span <?php echo $iconDisplay; ?> ><span class="mega-octicon octicon-sign-in"></span> </span><?php echo $hesklang['admin_login']; ?> </a></h4> </div> <div class="panel-body"> <form class="form-signin form-horizontal" role="form" action="index.php" method="post" name="form1"> <?php if (in_array('pass', $_SESSION['a_iserror'])) { echo '<div class="form-group has-error">'; } else { echo '<div class="form-group">'; } ?> <label for="user" class="col-sm-4 control-label"><?php echo $hesklang['username']; ?> :</label> <div class="col-sm-8"> <?php if (defined('HESK_USER')) { $savedUser = HESK_USER; } else { $savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username')); } $is_1 = ''; $is_2 = ''; $is_3 = ''; $remember_user = hesk_POST('remember_user'); if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) { $is_1 = 'checked="checked"'; } elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') { $is_2 = 'checked="checked"'; } else { $is_3 = 'checked="checked"'; } if ($hesk_settings['list_users']) { echo '<select class="form-control" name="user">'; $res = hesk_dbQuery('SELECT `user` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC'); while ($row = hesk_dbFetchAssoc($res)) { $sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : ''; echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>'; } echo '</select>'; } else { echo '<input class="form-control" type="text" name="user" size="35" placeholder="' . htmlspecialchars($hesklang['username']) . '" value="' . $savedUser . '" />'; } ?> </div> </div> <?php if (in_array('pass', $_SESSION['a_iserror'])) { echo '<div class="form-group has-error">'; } else { echo '<div class="form-group">'; } ?> <label for="pass" class="col-sm-4 control-label"><?php echo $hesklang['pass']; ?> :</label> <div class="col-sm-8"> <input type="password" class="form-control" id="pass" name="pass" size="35" placeholder="<?php echo htmlspecialchars($hesklang['pass']); ?> " /> </div> </div> <?php if ($hesk_settings['secimg_use'] == 2) { // SPAM prevention verified for this session if (isset($_SESSION['img_a_verified'])) { echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy']; } elseif ($hesk_settings['recaptcha_use'] == 1) { ?> <script type="text/javascript"> var RecaptchaOptions = { theme : '<?php echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white'; ?> ', custom_translations : { visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?> ", audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?> ", refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?> ", instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?> ", instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?> ", instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?> ", help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?> ", play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?> ", cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?> ", incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?> ", image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?> " } }; </script> <?php require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php'; echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">'; echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true); echo '</div></div>'; } elseif ($hesk_settings['recaptcha_use'] == 2) { ?> <div class="form-group"> <div class="col-md-8 col-md-offset-4"> <div class="g-recaptcha" data-sitekey="<?php echo $hesk_settings['recaptcha_public_key']; ?> "></div> </div> </div> <?php } else { echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">'; $cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : ''; echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />'; echo '</div></div>'; } } // End if $hesk_settings['secimg_use'] == 2 if ($hesk_settings['autologin']) { ?> <div class="form-group"> <div class="col-md-offset-4 col-md-8"> <div class="radio"> <label><input type="radio" name="remember_user" value="AUTOLOGIN" <?php echo $is_1; ?> /> <?php echo $hesklang['autologin']; ?> </label> </div> <div class="radio"> <label><input type="radio" name="remember_user" value="JUSTUSER" <?php echo $is_2; ?> /> <?php echo $hesklang['just_user']; ?> </label> </div> <div class="radio"> <label><input type="radio" name="remember_user" value="NOTHANKS" <?php echo $is_3; ?> /> <?php echo $hesklang['nothx']; ?> </label> </div> </div> </div> <?php } else { ?> <div class="form-group"> <div class="col-md-offset-4 col-md-8"> <div class="checkbox"> <label><input type="checkbox" name="remember_user" value="JUSTUSER" <?php echo $is_2; ?> /> <?php echo $hesklang['remember_user']; ?> </label> </div> </div> </div> <?php } // End if $hesk_settings['autologin'] ?> <div class="form-group"> <div class="col-md-offset-4 col-md-8"> <input type="submit" value="<?php echo $hesklang['click_login']; ?> " class="btn btn-default" /> <input type="hidden" name="a" value="do_login" /> <?php if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) { echo '<input type="hidden" name="goto" value="' . $url . '" />'; } // Do we allow staff password reset? if ($hesk_settings['reset_pass']) { echo '<br /> <br /><a href="password.php" class="smaller">' . $hesklang['fpass'] . '</a>'; } ?> </div> </div> </form> </div> </div> </div> <p> </p> <?php hesk_cleanSessionVars('a_iserror'); require_once HESK_PATH . 'inc/footer.inc.php'; exit; }
function hesk_autoLogin($noredirect = 0) { global $hesk_settings, $hesklang, $hesk_db_link; if (!$hesk_settings['autologin']) { return false; } $user = hesk_htmlspecialchars(hesk_COOKIE('hesk_username')); $hash = hesk_htmlspecialchars(hesk_COOKIE('hesk_p')); define('HESK_USER', $user); if (empty($user) || empty($hash)) { return false; } /* Login cookies exist, now lets limit brute force attempts */ hesk_limitBfAttempts(); /* Check username */ $result = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `user` = '" . hesk_dbEscape($user) . "' LIMIT 1"); if (hesk_dbNumRows($result) != 1) { setcookie('hesk_username', ''); setcookie('hesk_p', ''); header('Location: index.php?a=login¬ice=1'); exit; } $res = hesk_dbFetchAssoc($result); foreach ($res as $k => $v) { $_SESSION[$k] = $v; } /* Check password */ if ($hash != hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass'])) { setcookie('hesk_username', ''); setcookie('hesk_p', ''); header('Location: index.php?a=login¬ice=1'); exit; } /* Check if default password */ if ($_SESSION['pass'] == '499d74967b28a841c98bb4baaabaad699ff3c079') { hesk_process_messages($hesklang['chdp'], 'NOREDIRECT', 'NOTICE'); } unset($_SESSION['pass']); /* Login successful, clean brute force attempts */ hesk_cleanBfAttempts(); /* Regenerate session ID (security) */ hesk_session_regenerate_id(); /* Get allowed categories */ if (empty($_SESSION['isadmin'])) { $_SESSION['categories'] = explode(',', $_SESSION['categories']); } /* Renew cookies */ setcookie('hesk_username', "{$user}", strtotime('+1 year')); setcookie('hesk_p', "{$hash}", strtotime('+1 year')); /* Close any old tickets here so Cron jobs aren't necessary */ if ($hesk_settings['autoclose']) { $revision = sprintf($hesklang['thist3'], hesk_date(), $hesklang['auto']); $dt = date('Y-m-d H:i:s', time() - $hesk_settings['autoclose'] * 86400); hesk_dbQuery("UPDATE `" . $hesk_settings['db_pfix'] . "tickets` SET `status`='3', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `status` = '2' AND `lastchange` <= '" . hesk_dbEscape($dt) . "' "); } /* If session expired while a HESK page is open just continue using it, don't redirect */ if ($noredirect) { return true; } /* Redirect to the destination page */ if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) { $url = str_replace('&', '&', $url); header('Location: ' . $url); } else { header('Location: admin_main.php'); } exit; }
function hesk_getLanguage() { global $hesk_settings, $hesklang, $_SESSION; $language = $hesk_settings['language']; /* Remember what the default language is for some special uses like mass emails */ define('HESK_DEFAULT_LANGUAGE', $hesk_settings['language']); /* Can users select language? */ if (empty($hesk_settings['can_sel_lang'])) { return hesk_returnLanguage(); } /* Is a non-default language selected? If not use default one */ if (isset($_GET['language'])) { $language = hesk_input(hesk_GET('language')) or $language = $hesk_settings['language']; } elseif (isset($_COOKIE['hesk_language'])) { $language = hesk_input(hesk_COOKIE('hesk_language')) or $language = $hesk_settings['language']; } else { return hesk_returnLanguage(); } /* non-default language selected. Check if it's a valid one, if not use default one */ if ($language != $hesk_settings['language'] && isset($hesk_settings['languages'][$language])) { $hesk_settings['language'] = $language; } /* Remember and set the selected language */ setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/'); return hesk_returnLanguage(); }
function hesk_show_kb_article($artid) { global $hesk_settings, $hesklang, $article; // Print header $hesk_settings['tmp_title'] = $article['subject']; require_once HESK_PATH . 'inc/header.inc.php'; hesk_kb_header($hesk_settings['kb_link']); // Update views by 1 - exclude known bots and reloads because of ratings if (!isset($_GET['rated']) && !hesk_detect_bots()) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `views`=`views`+1 WHERE `id`={$artid} LIMIT 1"); } echo '<h1>' . $article['subject'] . '</h1> <fieldset> <legend>' . $hesklang['as'] . '</legend> ' . $article['content']; if (!empty($article['attachments'])) { echo '<p><b>' . $hesklang['attachments'] . ':</b><br />'; $att = explode(',', substr($article['attachments'], 0, -1)); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); echo '<img src="img/clip.png" width="16" height="16" alt="' . $att_name . '" style="align:text-bottom" /> <a href="download_attachment.php?kb_att=' . $att_id . '" rel="nofollow">' . $att_name . '</a><br />'; } echo '</p>'; } // Article rating if ($hesk_settings['kb_rating'] && strpos(hesk_COOKIE('hesk_kb_rate'), 'a' . $artid . '%') === false) { echo ' <div id="rating" class="rate" align="right"> <br />' . $hesklang['rart'] . ' <a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['yes']) . '</a> / <a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['no']) . '</a> </div> '; } echo '</fieldset>'; // Related articles if ($hesk_settings['kb_related']) { require HESK_PATH . 'inc/mail/email_parser.php'; $query = hesk_dbEscape($article['subject'] . ' ' . convert_html_to_text($article['content'])); // Get relevant articles from the database $res = hesk_dbQuery("SELECT t1.`id`, t1.`subject`, MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') AS `score` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . 'kb_articles` AS t1 LEFT JOIN `' . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS t2 ON t1.`catid` = t2.`id` WHERE t1.`type`='0' AND t2.`type`='0' AND MATCH(`subject`,`content`,`keywords`) AGAINST ('{$query}') LIMIT " . intval($hesk_settings['kb_related'] + 1)); // Array with related articles $related_articles = array(); while ($related = hesk_dbFetchAssoc($res)) { // Get base match score from the first article if (!isset($base_score)) { $base_score = $related['score']; } // Ignore this article if ($related['id'] == $artid) { continue; } // Stop when articles reach less than 10% of base score if ($related['score'] / $base_score < 0.1) { break; } // This is a valid related article $related_articles[$related['id']] = $related['subject']; } // Print related articles if we have any valid matches if (count($related_articles)) { echo '<fieldset><legend>' . $hesklang['relart'] . '</legend>'; foreach ($related_articles as $id => $subject) { echo '<img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle;padding:2px;" /> <a href="knowledgebase.php?article=' . $id . '">' . $subject . '</a><br />'; } echo '</fieldset>'; } } if ($article['catid'] == 1) { $link = 'knowledgebase.php'; } else { $link = 'knowledgebase.php?category=' . $article['catid']; } ?> <fieldset> <legend><?php echo $hesklang['ad']; ?> </legend> <table border="0"> <tr> <td><?php echo $hesklang['aid']; ?> : </td> <td><?php echo $article['id']; ?> </td> </tr> <tr> <td><?php echo $hesklang['category']; ?> : </td> <td><a href="<?php echo $link; ?> "><?php echo $article['cat_name']; ?> </a></td> </tr> <?php if ($hesk_settings['kb_date']) { ?> <tr> <td><?php echo $hesklang['dta']; ?> : </td> <td><?php echo hesk_date($article['dt'], true); ?> </td> </tr> <?php } if ($hesk_settings['kb_views']) { ?> <tr> <td><?php echo $hesklang['views']; ?> : </td> <td><?php echo isset($_GET['rated']) ? $article['views'] : $article['views'] + 1; ?> </td> </tr> <?php } if ($hesk_settings['kb_rating']) { $alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated']; echo ' <tr> <td>' . $hesklang['rating'] . ' (' . $hesklang['votes'] . '):</td> <td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /> (' . $article['votes'] . ')</td> </tr> '; } ?> </table> </fieldset> <?php if (!isset($_GET['suggest'])) { ?> <p> <br />« <a href="javascript:history.go(<?php echo isset($_GET['rated']) ? '-2' : '-1'; ?> )"><?php echo $hesklang['back']; ?> </a></p> <?php } else { ?> <p> </p> <?php } }
function print_login() { global $hesk_settings, $hesklang; // Tell header to load reCaptcha API if needed if ($hesk_settings['recaptcha_use'] == 2) { define('RECAPTCHA', 1); } $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['admin_login']; require_once HESK_PATH . 'inc/header.inc.php'; if (hesk_isREQUEST('notice')) { hesk_process_messages($hesklang['session_expired'], 'NOREDIRECT'); } if (!isset($_SESSION['a_iserror'])) { $_SESSION['a_iserror'] = array(); } ?> <nav class="row navbar navbar-default" id="showTopBar-indexPhp"> <div class="menu-wrapper"> <div class="container showTopBar"><?php hesk_showTopBar($hesk_settings['hesk_title']); ?> </div> </div><!-- end showTopBar-indexPhp --> </nav> <div class="container siteUrl-title-admin-indexPhp"> <div class="form-inline"> <span><a href="<?php echo $hesk_settings['site_url']; ?> " class="smaller"><?php echo $hesk_settings['site_title']; ?> </a></span> > <span><?php echo $hesklang['admin_login']; ?> </span> </div> </div> <!-- </td> </tr>--> <!-- start in this page end somewhere... <tr> <td>--> <br/> <br/> <br/> <?php /* This will handle error, success and notice messages */ hesk_handle_messages(); ?> <div class="container"> <div class="col-sm-5 admin-login-top-latest-kb"> <div class="form-group admin-login"> <br/> <div class="container form-group"> <form action="index.php" method="post" name="form1"> <div id="ad-log"><b><?php echo $hesklang['admin_login']; ?> </a></b></div> </br> <div class="form-inline"> <h4><label class="control-label" for="username-admin"><?php echo $hesklang['username']; ?> :</label></h4> <?php $cls = in_array('user', $_SESSION['a_iserror']) ? ' class="isError" ' : ''; if (defined('HESK_USER')) { $savedUser = HESK_USER; } else { $savedUser = hesk_htmlspecialchars(hesk_COOKIE('hesk_username')); } $is_1 = ''; $is_2 = ''; $is_3 = ''; $remember_user = hesk_POST('remember_user'); if ($hesk_settings['autologin'] && (isset($_COOKIE['hesk_p']) || $remember_user == 'AUTOLOGIN')) { $is_1 = 'checked="checked"'; } elseif (isset($_COOKIE['hesk_username']) || $remember_user == 'JUSTUSER') { $is_2 = 'checked="checked"'; } else { $is_3 = 'checked="checked"'; } if ($hesk_settings['list_users']) { echo '<select name="user" ' . $cls . '>'; $res = hesk_dbQuery('SELECT `user` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` ORDER BY `user` ASC'); while ($row = hesk_dbFetchAssoc($res)) { $sel = strtolower($savedUser) == strtolower($row['user']) ? 'selected="selected"' : ''; echo '<option value="' . $row['user'] . '" ' . $sel . '>' . $row['user'] . '</option>'; } echo '</select>'; } else { echo '<input class="form-control" id="username-admin" type="text" name="user" size="35" value="' . $savedUser . '" ' . $cls . ' />'; } ?> </div> <br/> <div class="form-inline"> <h4><label class="control-label" for="password-admin"><?php echo $hesklang['pass']; ?> :</h4><input class="form-control" id="password-admin" type="password" name="pass" size="35" <?php if (in_array('pass', $_SESSION['a_iserror'])) { echo ' class="isError" '; } ?> /> </div> <?php if ($hesk_settings['secimg_use'] == 2) { ?> <br/><br/> <?php // SPAM prevention verified for this session if (isset($_SESSION['img_a_verified'])) { echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy']; } elseif ($hesk_settings['recaptcha_use'] == 1) { ?> <script type="text/javascript"> var RecaptchaOptions = { theme : '<?php echo isset($_SESSION['a_iserror']) && in_array('mysecnum', $_SESSION['a_iserror']) ? 'red' : 'white'; ?> ', custom_translations : { visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?> ", audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?> ", refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?> ", instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?> ", instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?> ", instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?> ", help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?> ", play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?> ", cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?> ", incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?> ", image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?> ", }, }; </script> <?php require_once HESK_PATH . 'inc/recaptcha/recaptchalib.php'; echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, true); } elseif ($hesk_settings['recaptcha_use'] == 2) { ?> <div class="g-recaptcha" data-sitekey="<?php echo $hesk_settings['recaptcha_public_key']; ?> "></div> <?php } else { $cls = in_array('mysecnum', $_SESSION['a_iserror']) ? ' class="isError" ' : ''; echo $hesklang['sec_enter'] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />'; } ?> <br/><br/> <?php } else { ?> <?php } // End if $hesk_settings['secimg_use'] == 2 if ($hesk_settings['autologin']) { ?> <br/> <div class="radios" style="text-align: -webkit-auto; display: inline-block;"> <div class=""> <span> <input type="checkbox" name="remember_user" id="optionsRadios1" value="kot" <?php echo $is_1; ?> checked="checked" /> <?php echo $hesklang['remember_user']; ?> <br /> </span> </div> <div class="radio"> <span> <input type="hidden" name="remember_user" id="optionsRadios2" value="AUTOLOGIN" <?php echo $is_2; ?> checked="checked" /><br /> </span> </div> </div> <?php } else { ?> <label><input type="checkbox" name="remember_user" value="JUSTUSER" class="form-control"<?php echo $is_2; ?> /> <?php echo $hesklang['remember_user']; ?> </label> <?php } // End if $hesk_settings['autologin'] ?> <br/><br/> <button type="submit" class="btn btn-default" id="submit-login"><?php echo $hesklang['click_login']; ?> </button> <input type="hidden" name="a" value="do_login" /> <?php if (hesk_isREQUEST('goto') && ($url = hesk_REQUEST('goto'))) { echo '<input type="hidden" name="goto" value="' . $url . '" />'; } // Do we allow staff password reset? if ($hesk_settings['reset_pass']) { echo '<br /> <br /><div id="forgotpassw"><a href="password.php" class="smaller">' . $hesklang['fpass'] . '</a></div>'; } ?> <br /> </form> </div> </div> <div class="form-inline top-latest-kb-button"> <a href="http://localhost/support/knowledgebase.php#tab_home" target="_blank"><button type="submit" class="btn btn-default" id="top-kb-button" onmouseover="hesk_btn(this,'btn btn-defaultover');" onmouseout="hesk_btn(this,'btn btn-default');">Top Knowledgebase <br/> articles</button></a> <a href="http://localhost/support/knowledgebase.php#tab_profile" target="_blank"><button type="submit" class="btn btn-default" id="latest-kb-button" onmouseover="hesk_btn(this,'btn btn-defaultover');" onmouseout="hesk_btn(this,'btn btn-default');">Latest Knowledgebase <br/> articles</button></a> </div> </div> <div class="col-sm-7 help-staf"><img src="../img/help.jpg" alt="help" /></div> </div> <?php hesk_cleanSessionVars('a_iserror'); require_once HESK_PATH . 'inc/footer.inc.php'; exit; }
function hesk_show_kb_article($artid) { global $hesk_settings, $hesklang, $article; // Print header $hesk_settings['tmp_title'] = $article['subject']; require_once HESK_PATH . 'inc/header.inc.php'; hesk_kb_header($hesk_settings['kb_link']); // Update views by 1 - exclude known bots and reloads because of ratings if (!isset($_GET['rated']) && !hesk_detect_bots()) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `views`=`views`+1 WHERE `id`='" . intval($artid) . "' LIMIT 1"); } echo '<h1>' . $article['subject'] . '</h1> <fieldset> <legend>' . $hesklang['as'] . '</legend> ' . $article['content']; if (!empty($article['attachments'])) { echo '<p><b>' . $hesklang['attachments'] . ':</b><br />'; $att = explode(',', substr($article['attachments'], 0, -1)); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); echo '<img src="img/clip.png" width="16" height="16" alt="' . $att_name . '" style="align:text-bottom" /> <a href="download_attachment.php?kb_att=' . $att_id . '" rel="nofollow">' . $att_name . '</a><br />'; } echo '</p>'; } if ($hesk_settings['kb_rating'] && strpos(hesk_COOKIE('hesk_kb_rate'), 'a' . $artid . '%') === false) { echo ' <div id="rating" class="rate" align="right"> <br />' . $hesklang['rart'] . ' <a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=5&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['yes']) . '</a> / <a href="Javascript:void(0)" onclick="Javascript:window.location=\'knowledgebase.php?rating=1&id=' . $article['id'] . '\'" rel="nofollow">' . strtolower($hesklang['no']) . '</a> </div> '; } echo '</fieldset>'; if ($article['catid'] == 1) { $link = 'knowledgebase.php'; } else { $link = 'knowledgebase.php?category=' . $article['catid']; } ?> <fieldset> <legend><?php echo $hesklang['ad']; ?> </legend> <table border="0"> <tr> <td><?php echo $hesklang['aid']; ?> : </td> <td><?php echo $article['id']; ?> </td> </tr> <tr> <td><?php echo $hesklang['category']; ?> : </td> <td><a href="<?php echo $link; ?> "><?php echo $article['cat_name']; ?> </a></td> </tr> <?php if ($hesk_settings['kb_date']) { ?> <tr> <td><?php echo $hesklang['dta']; ?> : </td> <td><?php echo hesk_date($article['dt']); ?> </td> </tr> <?php } if ($hesk_settings['kb_views']) { ?> <tr> <td><?php echo $hesklang['views']; ?> : </td> <td><?php echo isset($_GET['rated']) ? $article['views'] : $article['views'] + 1; ?> </td> </tr> <?php } if ($hesk_settings['kb_rating']) { $alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated']; echo ' <tr> <td>' . $hesklang['rating'] . ' (' . $hesklang['votes'] . '):</td> <td><img src="img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /> (' . $article['votes'] . ')</td> </tr> '; } ?> </table> </fieldset> <?php if (!isset($_GET['suggest'])) { ?> <p> <br />« <a href="javascript:history.go(<?php echo isset($_GET['rated']) ? '-2' : '-1'; ?> )"><?php echo $hesklang['back']; ?> </a></p> <?php } else { ?> <p> </p> <?php } }