function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $action = 'profile_page') { global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned; ?> <div role="tabpanel"> <!-- Nav tabs --> <ul class="nav nav-tabs" role="tablist"> <li role="presentation" class="active"><a href="#profile-info" aria-controls="profile-info" role="tab" data-toggle="tab"><?php echo $hesklang['pinfo']; ?> </a></li> <?php if (!$is_profile_page) { ?> <li role="presentation"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php echo $hesklang['permissions']; ?> </a></li> <?php } ?> <li role="presentation"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php echo $hesklang['sig']; ?> </a></li> <li role="presentation"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php echo $hesklang['pref']; ?> </a></li> <li role="presentation"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php echo $hesklang['notn']; ?> </a></li> </ul> <!-- Tab panes --> <div class="tab-content summaryList tabPadding"> <div role="tabpanel" class="tab-pane fade in active" id="profile-info"> <div class="form-group"> <label for="name" class="col-md-3 control-label"><?php echo $hesklang['real_name']; ?> : <font class="important">*</font></label> <div class="col-md-9"> <input type="text" class="form-control" name="name" size="40" maxlength="50" value="<?php echo $_SESSION[$session_array]['name']; ?> " placeholder="<?php echo htmlspecialchars($hesklang['real_name']); ?> " /> </div> </div> <div class="form-group"> <label for="email" class="col-md-3 control-label"><?php echo $hesklang['email']; ?> : <font class="important">*</font></label> <div class="col-md-9"> <input type="text" class="form-control" name="email" size="40" maxlength="255" placeholder="<?php echo htmlspecialchars($hesklang['email']); ?> " value="<?php echo $_SESSION[$session_array]['email']; ?> " /> </div> </div> <?php if (!$is_profile_page || $_SESSION['isadmin']) { ?> <div class="form-group"> <label for="user" class="col-md-3 control-label"><?php echo $hesklang['username']; ?> : <font class="important">*</font></label> <div class="col-md-9"> <input type="text" class="form-control" name="user" size="40" maxlength="20" value="<?php echo $_SESSION[$session_array]['user']; ?> " placeholder="<?php echo htmlspecialchars($hesklang['username']); ?> "/> </div> </div> <?php } $passwordRequiredSpan = $action == 'create_user' ? '' : 'display:none'; ?> <div class="form-group"> <label for="pass" class="col-md-3 control-label"><?php echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass']; ?> : <span class="important" style="<?php echo $passwordRequiredSpan; ?> ">*</span></label> <div class="col-md-9"> <input type="password" class="form-control" name="newpass" autocomplete="off" size="40" placeholder="<?php echo htmlspecialchars($hesklang['pass']); ?> " value="<?php echo isset($_SESSION[$session_array]['cleanpass']) ? $_SESSION[$session_array]['cleanpass'] : ''; ?> " onkeyup="javascript:hesk_checkPassword(this.value)" /> </div> </div> <div class="form-group"> <label for="confirmPass" class="col-md-3 control-label"><?php echo $hesklang['confirm_pass']; ?> : <span class="important" style="<?php echo $passwordRequiredSpan; ?> ">*</span></label> <div class="col-md-9"> <input type="password" name="newpass2" class="form-control" autocomplete="off" placeholder="<?php echo htmlspecialchars($hesklang['confirm_pass']); ?> " size="40" value="<?php echo isset($_SESSION[$session_array]['cleanpass']) ? $_SESSION[$session_array]['cleanpass'] : ''; ?> " /> </div> </div> <div class="form-group"> <label for="pwStrength" class="col-md-3 control-label"><?php echo $hesklang['pwdst']; ?> :</label> <div class="col-md-9"> <div class="progress"> <div id="progressBar" class="progress-bar progress-bar-danger" role="progressbar" aria-valuemin="0" aria-valuemax="100" style="width: 0%"> </div> </div> </div> </div> <?php if (!$is_profile_page) { ?> <div class="blankSpace"></div> <div class="form-group"> <div class="col-md-9 col-md-offset-3"> <?php if ($hesk_settings['autoassign']) { ?> <div class="checkbox"> <label><input type="checkbox" name="autoassign" value="Y" <?php if (!isset($_SESSION[$session_array]['autoassign']) || $_SESSION[$session_array]['autoassign'] == 1) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['user_aa']; ?> </label> </div> <?php } ?> </div> </div> <?php } ?> </div> <?php if (!$is_profile_page) { ?> <div role="tabpanel" class="tab-pane fade" id="permissions"> <div class="form-group"> <label for="administrator" class="col-md-3 control-label"><?php echo $hesklang['permission_template_colon']; ?> </label> <div class="col-md-9"> <?php // Get list of permission templates. If current user is not admin, exclude permission tpl 1 $excludeSql = $_SESSION['isadmin'] ? '' : " WHERE `heskprivileges` <> 'ALL'"; $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`" . $excludeSql); $templates = array(); echo '<select name="template" id="permission-tpl" class="form-control" onchange="updateCheckboxes()">'; while ($row = hesk_dbFetchAssoc($res)) { array_push($templates, $row); $selected = $_SESSION[$session_array]['permission_template'] == $row['id'] ? 'selected' : ''; echo '<option value="' . $row['id'] . '" ' . $selected . '>' . htmlspecialchars($row['name']) . '</option>'; } $selected = $_SESSION[$session_array]['permission_template'] == '-1' ? 'selected' : ''; echo '<option value="-1" ' . $selected . '>' . htmlspecialchars($hesklang['custom']) . '</option>'; echo '</select>'; outputCheckboxJavascript(); ?> </div> </div> <div id="options"> <div class="form-group"> <label for="categories[]" class="col-md-3 control-label"><?php echo $hesklang['allowed_cat']; ?> : <font class="important">*</font></label> <div class="col-md-9"> <?php foreach ($hesk_settings['categories'] as $catid => $catname) { echo '<div class="checkbox"><label><input id="cat-' . $catid . '" class="cat-checkbox" type="checkbox" name="categories[]" onchange="setTemplateToCustom()" value="' . $catid . '" '; if (in_array($catid, $_SESSION[$session_array]['categories'])) { echo ' checked="checked" '; } echo ' />' . $catname . '</label></div> '; } ?> </div> </div> <div class="form-group"> <label for="features[]" class="col-md-3 control-label"><?php echo $hesklang['allow_feat']; ?> : <font class="important">*</font></label> <div class="col-md-9"> <?php foreach ($hesk_settings['features'] as $k) { echo '<div class="checkbox"><label><input id="feat-' . $k . '" class="feat-checkbox" type="checkbox" name="features[]" onchange="setTemplateToCustom()" value="' . $k . '" '; if (in_array($k, $_SESSION[$session_array]['features'])) { echo ' checked="checked" '; } echo ' />' . $hesklang[$k] . '</label></div> '; } ?> </div> </div> </div> </div> <?php } ?> <div role="tabpanel" class="tab-pane fade" id="signature"> <div class="form-group"> <label for="signature" class="col-md-3 control-label"><?php echo $hesklang['signature_max']; ?> :</label> <div class="col-md-9"> <textarea class="form-control" name="signature" rows="6" placeholder="<?php echo htmlspecialchars($hesklang['sig']); ?> " cols="40"><?php echo $_SESSION[$session_array]['signature']; ?> </textarea> <?php echo $hesklang['sign_extra']; ?> </div> </div> </div> <div role="tabpanel" class="tab-pane fade" id="preferences"> <?php if (!$is_profile_page || $can_reply_tickets) { ?> <div class="form-group"> <label for="afterreply" class="col-sm-3 control-label"><?php echo $hesklang['aftrep']; ?> :</label> <div class="col-sm-9"> <div class="radio"> <label><input type="radio" name="afterreply" value="0" <?php if (!$_SESSION[$session_array]['afterreply']) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['showtic']; ?> </label> </div> <div class="radio"> <label><input type="radio" name="afterreply" value="1" <?php if ($_SESSION[$session_array]['afterreply'] == 1) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['gomain']; ?> </label> </div> <div class="radio"> <label><input type="radio" name="afterreply" value="2" <?php if ($_SESSION[$session_array]['afterreply'] == 2) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['shownext']; ?> </label> </div> </div> </div> <div class="form-group"> <label class="col-sm-3 control-label"><?php echo $hesklang['defaults']; ?> :</label> <div class="col-sm-9"> <?php if ($hesk_settings['time_worked']) { ?> <div class="checkbox"> <label><input type="checkbox" name="autostart" value="1" <?php if (!empty($_SESSION[$session_array]['autostart'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['autoss']; ?> </label> </div> <?php } ?> <div class="checkbox"> <label><input type="checkbox" name="notify_customer_new" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_new'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncn']; ?> </label><br /> </div> <div class="checkbox"> <label><input type="checkbox" name="notify_customer_reply" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_reply'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncr']; ?> </label><br /> </div> <div class="checkbox"> <label><input type="checkbox" name="show_suggested" value="1" <?php if (!empty($_SESSION[$session_array]['show_suggested'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pssy']; ?> </label><br /> </div> </div> </div> <?php } ?> <div class="form-group"> <label for="autoRefresh" class="col-sm-3 control-label"><?php echo $hesklang['ticket_auto_refresh']; ?> </label> <div class="col-sm-9"> <input type="text" class="form-control" id="autorefresh" name="autorefresh" value="<?php echo $_SESSION[$session_array]['autorefresh']; ?> "> <span class="help-block"><?php echo $hesklang['autorefresh_restrictions']; ?> </span> </div> </div> </div> <div role="tabpanel" class="tab-pane fade" id="notifications"> <?php $disabledText = !$_SESSION[$session_array]['isadmin'] && strpos($_SESSION[$session_array]['heskprivileges'], 'can_change_notification_settings') === false ? 'disabled' : ''; if (!$is_profile_page) { $disabledText = ''; } if ($disabledText == 'disabled') { ?> <div class="alert alert-info"><?php echo $hesklang['notifications_disabled_info']; ?> </div> <?php } ?> <div class="form-group"> <?php if (!$is_profile_page || $can_view_tickets) { if (!$is_profile_page || $can_view_unassigned) { ?> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_new_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['unas']; ?> </label></div></div> <?php if ($disabledText == 'disabled') { ?> <input type="hidden" name="notify_new_unassigned" value="<?php echo !empty($_SESSION[$session_array]['notify_new_unassigned']) ? '1' : '0'; ?> "> <?php } } else { ?> <input type="hidden" name="notify_new_unassigned" value="0" /> <?php } ?> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_new_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_my'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['s_my']; ?> </label></div></div> <?php if ($disabledText == 'disabled') { ?> <input type="hidden" name="notify_new_my" value="<?php echo !empty($_SESSION[$session_array]['notify_new_my']) ? '1' : '0'; ?> "> <?php } if (!$is_profile_page || $can_view_unassigned) { ?> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['unas']; ?> </label></div></div> <?php if ($disabledText == 'disabled') { ?> <input type="hidden" name="notify_reply_unassigned" value="<?php echo !empty($_SESSION[$session_array]['notify_reply_unassigned']) ? '1' : '0'; ?> "> <?php } } else { ?> <input type="hidden" name="notify_reply_unassigned" value="0" /> <?php } ?> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_reply_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_my'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['s_my']; ?> </label></div></div> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_assigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_assigned'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['ntam']; ?> </label></div></div> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_note" value="1" <?php if (!empty($_SESSION[$session_array]['notify_note'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['ntnote']; ?> </label></div></div> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_pm" value="1" <?php if (!empty($_SESSION[$session_array]['notify_pm'])) { echo 'checked="checked"'; } echo ' ' . $disabledText; ?> /> <?php echo $hesklang['npms']; ?> </label></div></div> <?php if ($disabledText == 'disabled') { ?> <input type="hidden" name="notify_reply_my" value="<?php echo !empty($_SESSION[$session_array]['notify_reply_my']) ? '1' : '0'; ?> "> <input type="hidden" name="notify_assigned" value="<?php echo !empty($_SESSION[$session_array]['notify_assigned']) ? '1' : '0'; ?> "> <input type="hidden" name="notify_note" value="<?php echo !empty($_SESSION[$session_array]['notify_note']) ? '1' : '0'; ?> "> <input type="hidden" name="notify_pm" value="<?php echo !empty($_SESSION[$session_array]['notify_pm']) ? '1' : '0'; ?> "> <?php } if ($_SESSION['isadmin']) { ?> <div class="col-md-9 col-md-offset-3"><div class="checkbox"><label><input type="checkbox" name="notify_note_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_note_unassigned'])) { echo 'checked="checked"'; } ?> > <?php echo $hesklang['notify_note_unassigned']; ?> </label></div> </div> <?php } } ?> </div> </div> <div class="form-group"> <div class="col-md-9 col-md-offset-3"> <?php if ($action == 'profile_page') { ?> <input type="hidden" name="action" value="update"> <input type="hidden" name="token" value="<?php hesk_token_echo(); ?> "> <input type="submit" class="btn btn-default" value="<?php echo $hesklang['update_profile']; ?> "> <?php } elseif ($action == 'create_user') { ?> <input type="hidden" name="a" value="new" /> <input type="hidden" name="token" value="<?php hesk_token_echo(); ?> " /> <input type="submit" value="<?php echo $hesklang['create_user']; ?> " class="btn btn-default"> <a href="manage_users.php?a=reset_form" class="btn btn-danger"><?php echo $hesklang['refi']; ?> </a></p> <?php } elseif ($action == 'edit_user') { ?> <input type="hidden" name="a" value="save" /> <input type="hidden" name="userid" value="<?php echo intval(hesk_GET('id')); ?> " /> <input type="hidden" name="token" value="<?php hesk_token_echo(); ?> " /> <input type="hidden" name="active" value="<?php echo $_SESSION[$session_array]['active']; ?> "> <input class="btn btn-default" type="submit" value="<?php echo $hesklang['save_changes']; ?> " /> <a class="btn btn-danger" href="manage_users.php"><?php echo $hesklang['dich']; ?> </a> <?php } ?> </div> </div> </div> </div> <script language="Javascript" type="text/javascript"><!-- hesk_checkPassword(document.form1.newpass.value); //--> </script> <?php }
function toggle_type() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']); $_SESSION['selcat2'] = $catid; if (intval(hesk_GET('s'))) { $type = 1; $tmp = $hesklang['cpriv']; } else { $type = 0; $tmp = $hesklang['cpub']; } /* Update auto-assign settings */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS'); }
<h3 align="center"><?php echo $hesklang['profile_for'] . ' <b>' . $_SESSION['new']['user']; ?> </b></h3> <p align="center"><?php echo $hesklang['req_marked_with']; ?> <span class="important">*</span></p> <?php if ($hesk_settings['can_sel_lang']) { /* Update preferred language in the database? */ if (isset($_GET['save_language'])) { $newlang = hesk_input(hesk_GET('language')); /* Only update if it's a valid language */ if (isset($hesk_settings['languages'][$newlang])) { $newlang = $newlang == HESK_DEFAULT_LANGUAGE ? "NULL" : "'" . hesk_dbEscape($newlang) . "'"; hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `language`={$newlang} WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"); } } $str = '<form method="get" action="profile.php" style="margin:0;padding:0;border:0;white-space:nowrap;">'; $str .= '<input type="hidden" name="save_language" value="1" />'; $str .= '<p>' . $hesklang['chol'] . ': '; if (!isset($_GET)) { $_GET = array(); } foreach ($_GET as $k => $v) { if ($k == 'language' || $k == 'save_language') { continue;
// Get all the required files and functions require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; hesk_load_database_functions(); // Is rating enabled? if (!$hesk_settings['rating']) { die($hesklang['rdis']); } // Rating value $rating = intval(hesk_GET('rating', 0)); // Rating can only be 1 or 5 if ($rating != 1 && $rating != 5) { die($hesklang['attempt']); } // Reply ID $reply_id = intval(hesk_GET('id', 0)) or die($hesklang['attempt']); // Ticket tracking ID $trackingID = hesk_cleanID() or die($hesklang['attempt']); // Connect to database hesk_dbConnect(); // Get reply info to verify tickets match $result = hesk_dbQuery("SELECT `replyto`,`rating`,`staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$reply_id}' LIMIT 1"); $reply = hesk_dbFetchAssoc($result); // Does the ticket ID match the one in the request? $result = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='{$reply['replyto']}' LIMIT 1"); // -> Ticket found? if (hesk_dbNumRows($result) != 1) { die($hesklang['attempt']); } // -> Does the tracking ID match? $ticket = hesk_dbFetchAssoc($result);
break; default: $_GET['time'] = 3; $selected['time'][3] = 'selected="selected"'; } } unset($tmp); // Start SQL statement for selecting tickets $sql = "SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE "; // Some default settings $archive = array(1 => 0, 2 => 0); $s_my = array(1 => 1, 2 => 1); $s_ot = array(1 => 1, 2 => 1); $s_un = array(1 => 1, 2 => 1); // --> TICKET CATEGORY $category = intval(hesk_GET('category', 0)); // Make sure user has access to this category if ($category && hesk_okCategory($category, 0)) { $sql .= " `category`='{$category}' "; } else { $sql .= hesk_myCategories(); } // Show only tagged tickets? if (!empty($_GET['archive'])) { $archive[1] = 1; $sql .= " AND `archive`='1' "; } // Ticket owner preferences $fid = 1; require HESK_PATH . 'inc/assignment_search.inc.php'; // --> TICKET STATUS
* Removing any of the copyright notices without purchasing a license * is expressly forbidden. To remove HESK copyright notice you must purchase * a license for this script. For more information on how to obtain * a license please visit the page below: * https://www.hesk.com/buy.php *******************************************************************************/ define('IN_SCRIPT', 1); define('HESK_PATH', '../'); /* Get all the required files and functions */ require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; require HESK_PATH . 'inc/admin_functions.inc.php'; $id = hesk_input(hesk_GET('i')); $query = hesk_input(hesk_utf8_urldecode(hesk_GET('q'))); $type = hesk_input(hesk_GET('t', 'text')); $maxlen = intval(hesk_GET('m', 255)); $query = stripslashes($query); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML; 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en"> <head> <title><?php echo $hesklang['opt']; ?> </title> <meta http-equiv="Content-Type" content="text/html;charset=<?php echo $hesklang['ENCODING']; ?> " /> <style type="text/css"> body
function show_message() { global $hesk_settings, $hesklang, $admins; $id = intval(hesk_GET('id')); /* Get the message details */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1"); $num = hesk_dbNumRows($res); if ($num) { $pm = hesk_dbFetchAssoc($res); /* Allowed to read the message? */ if ($pm['to'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['from']; } } elseif ($pm['from'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['to']; } $hesk_settings['mailtmp']['this'] = 'from'; $hesk_settings['mailtmp']['other'] = 'to'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to']; $hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>'; $hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>'; $hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>'; } else { hesk_process_message($hesklang['m_ena'], 'mail.php'); } /* Mark as read */ if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1"); } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']); $pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true); ?> <div class="container mail-from-user-table"> <div> <div> <div class="form-inline mail-info-table"> <div class="form-group mail-from-date-subject"> <div class="form-inline"> <span><b><?php echo $hesk_settings['mailtmp']['m_from']; ?> </b></span> <span><?php echo $pm['name']; ?> </span> </div> <div class="form-inline"> <span><b><?php echo $hesklang['date']; ?> </b></span> <span><?php echo $pm['dt']; ?> </span> </div> <div class="form-inline"> <span><b><?php echo $hesklang['m_sub']; ?> </b></span> <span><?php echo $pm['subject']; ?> </span> </div> </div><!-- end mail-from-date-subject --> <div class="form-group mail-icons" style="float: right;"> <?php $folder = '&folder=outbox'; if ($pm['to'] == $_SESSION['id']) { echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><img src="../img/mail.png" width="16" height="16" alt="' . $hesklang['mau'] . '" title="' . $hesklang['mau'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a> '; $folder = ''; } echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><img src="../img/delete.png" width="16" height="16" alt="' . $hesklang['delm'] . '" title="' . $hesklang['delm'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a>'; ?> </div><!-- end mail-icons --> </div> <br/><br/> <p><?php echo strip_tags($pm['message']); ?> </p> </div> </div> </div><!-- end mail-from-user-table --> <br /><br/><br/> <?php } // END if $num $_SESSION['hide']['list'] = 1; }
function remove_contract() { global $hesk_settings, $hesklang; hesk_token_check(); $_SERVER['PHP_SELF'] = 'contracts.php#tab_edit-cont'; $con = intval(hesk_GET('id')); hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "contracts` WHERE NOT EXISTS\n\t(SELECT NULL FROM`" . hesk_dbEscape($hesk_settings['db_pfix']) . "contractforclient` as `cc` WHERE `cc`.`contract_Id`='" . intval($con) . "') && `id`='" . intval($con) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error("{$hesklang['con_req']}."); } hesk_process_messages($hesklang['con_removed_db'], $_SERVER['PHP_SELF'], 'SUCCESS'); }
$revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); /* Show ticket */ hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); } /* Delete attachment action */ if (isset($_GET['delatt']) && hesk_token_check()) { if (!$can_delete || !$can_edit) { hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } $att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']); $reply = intval(hesk_GET('reply', 0)); if ($reply < 1) { $reply = 0; } $note = intval(hesk_GET('note', 0)); if ($note < 1) { $note = 0; } /* Get attachment info */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } $att = hesk_dbFetchAssoc($res); /* Is ticket ID valid for this attachment? */ if ($att['ticket_id'] != $trackingID) { hesk_process_messages($hesklang['trackID_not_found'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } /* Delete file from server */ hesk_unlink(HESK_PATH . $hesk_settings['attach_dir'] . '/' . $att['saved_name']);
function show_message() { global $hesk_settings, $hesklang, $admins; $id = intval(hesk_GET('id')); /* Get the message details */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1"); $num = hesk_dbNumRows($res); if ($num) { $pm = hesk_dbFetchAssoc($res); /* Allowed to read the message? */ if ($pm['to'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['from']; } } elseif ($pm['from'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['to']; } $hesk_settings['mailtmp']['this'] = 'from'; $hesk_settings['mailtmp']['other'] = 'to'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to']; $hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>'; $hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>'; $hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>'; } else { hesk_process_message($hesklang['m_ena'], 'mail.php'); } /* Mark as read */ if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1"); } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']); echo $pm['dt']; $pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true); ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <td valign="top"> <table border="0"> <tr> <td><b><?php echo $hesk_settings['mailtmp']['m_from']; ?> </b></td> <td><?php echo $pm['name']; ?> </td> </tr> <tr> <td><b><?php echo $hesklang['date']; ?> </b></td> <td><?php echo $pm['dt']; ?> </td> </tr> <tr> <td><b><?php echo $hesklang['m_sub']; ?> </b></td> <td><?php echo $pm['subject']; ?> </td> </tr> </table> </td> <td class="text-right" style="vertical-align:top;"> <?php $folder = '&folder=outbox'; if ($pm['to'] == $_SESSION['id']) { echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><i style="font-size: 14px" class="fa fa-envelope-o"></i></a> '; $folder = ''; } echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><i class="fa fa-times" style="font-size: 14px; color: red"></i></a>'; ?> </td> </tr> </table> <p><?php echo $pm['message']; ?> </p> </td> </tr> </table> </div><hr /> <?php } // END if $num $_SESSION['hide']['list'] = 1; }
function unban_email() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Delete from bans hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_emails` WHERE `id`=" . intval(hesk_GET('id')) . " LIMIT 1"); // Redirect either to banned emails or ticket page from now on $redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999) : 'banned_emails.php'; // Show success hesk_process_messages($hesklang['email_unbanned'], $redirect_to, 'SUCCESS'); }
function toggleAdmin($admin) { global $hesk_settings, $hesklang; $id = hesk_GET('id'); if ($id == 1 || $id == 2) { hesk_process_messages($hesklang['cannot_change_admin_staff'], $_SERVER['PHP_SELF']); } if ($admin) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` SET `heskprivileges` = 'ALL',\n `categories` = 'ALL' WHERE `id` = " . intval($id)); hesk_process_messages($hesklang['permission_template_now_admin'], $_SERVER['PHP_SELF'], 'SUCCESS'); } else { // Get default privileges $res = hesk_dbQuery("SELECT `heskprivileges`, `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`\n WHERE `id` = 2"); $row = hesk_dbFetchAssoc($res); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`\n SET `heskprivileges` = '" . hesk_dbEscape($row['heskprivileges']) . "',\n `categories` = '" . hesk_dbEscape($row['categories']) . "' WHERE `id` = " . intval($id)); hesk_process_messages($hesklang['permission_template_no_longer_admin'], $_SERVER['PHP_SELF'], 'SUCCESS'); } }
function toggle_active() { global $hesk_settings, $hesklang; /* Security check */ hesk_token_check(); $myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']); $_SESSION['seluser'] = $myuser; if (intval($myuser) == $_SESSION['id']) { //-- You can't deactivate yourself! hesk_process_messages($hesklang['self_deactivation'], './manage_users.php'); } if (intval(hesk_GET('s'))) { $active = 1; $tmp = $hesklang['user_activated']; $notificationSql = ""; } else { $active = 0; $tmp = $hesklang['user_deactivated']; // Revoke any manager rights hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser)); $notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0,\n `notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0"; } hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `active` = '" . $active . "'" . $notificationSql . " WHERE `id` = '" . intval($myuser) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php'); } hesk_process_messages($tmp, './manage_users.php', 'SUCCESS'); }
// Staff doesn't need to fill in required custom fields $v['req'] = ''; if ($v['type'] == 'checkbox' && !isset($_GET["c_{$k}"])) { $k_value = array(); if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) { foreach ($_SESSION["c_{$k}"] as $myCB) { $k_value[] = stripslashes(hesk_input($myCB)); } } } elseif (isset($_SESSION["c_{$k}"])) { $k_value = stripslashes(hesk_input($_SESSION["c_{$k}"])); } elseif (isset($_GET["c_{$k}"])) { if ($v['type'] == 'checkbox') { $k_value = explode('-CHECKBOX-', $_GET["c_{$k}"]); } else { $k_value = stripslashes(hesk_GET("c_{$k}")); } } else { $k_value = ''; } switch ($v['type']) { /* Radio box */ case 'radio': echo '<div class="form-group"><label class="col-sm-3 control-label">' . $v['name'] . ': ' . $v['req'] . '</label><div align="left" class="col-sm-9">'; $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($options as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } else {
function toggle_sticky() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $id = intval(hesk_GET('id')) or hesk_error($hesklang['kb_art_id']); $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']); $sticky = empty($_GET['s']) ? 0 : 1; $_SESSION['artord'] = $id; /* Update article "sticky" status */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `sticky`='" . intval($sticky) . " ' WHERE `id`='" . intval($id) . "' LIMIT 1"); /* Update article order */ update_article_order($catid); $tmp = $sticky ? $hesklang['ason'] : $hesklang['asoff']; hesk_process_messages($tmp, './manage_knowledgebase.php?a=manage_cat&catid=' . $catid, 'SUCCESS'); }
function show_message() { global $hesk_settings, $hesklang, $admins; $id = intval(hesk_GET('id')); /* Get the message details */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' LIMIT 1"); $num = hesk_dbNumRows($res); if ($num) { $pm = hesk_dbFetchAssoc($res); /* Allowed to read the message? */ if ($pm['to'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['from']; } } elseif ($pm['from'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['to']; } $hesk_settings['mailtmp']['this'] = 'from'; $hesk_settings['mailtmp']['other'] = 'to'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to']; $hesk_settings['mailtmp']['outbox'] = '<b>' . $hesklang['outbox'] . '</b>'; $hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">' . $hesklang['inbox'] . '</a>'; $hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">' . $hesklang['outbox'] . '</a>'; } else { hesk_process_message($hesklang['m_ena'], 'mail.php'); } /* Mark as read */ if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' LIMIT 1"); } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']); $pm['dt'] = hesk_dateToString($pm['dt'], 0, 1, 0, true); ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="7" height="7"><img src="../img/roundcornerslt.jpg" width="7" height="7" alt="" /></td> <td class="roundcornerstop"></td> <td><img src="../img/roundcornersrt.jpg" width="7" height="7" alt="" /></td> </tr> <tr> <td class="roundcornersleft"> </td> <td> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <td valign="top"> <table border="0"> <tr> <td><b><?php echo $hesk_settings['mailtmp']['m_from']; ?> </b></td> <td><?php echo $pm['name']; ?> </td> </tr> <tr> <td><b><?php echo $hesklang['date']; ?> </b></td> <td><?php echo $pm['dt']; ?> </td> </tr> <tr> <td><b><?php echo $hesklang['m_sub']; ?> </b></td> <td><?php echo $pm['subject']; ?> </td> </tr> </table> </td> <td style="text-align:right; vertical-align:top;"> <?php $folder = '&folder=outbox'; if ($pm['to'] == $_SESSION['id']) { echo '<a href="mail.php?a=mark_unread&id=' . $id . '&token=' . hesk_token_echo(0) . '"><img src="../img/mail.png" width="16" height="16" alt="' . $hesklang['mau'] . '" title="' . $hesklang['mau'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a> '; $folder = ''; } echo '<a href="mail.php?a=delete&id=' . $id . '&token=' . hesk_token_echo(0) . $folder . '" onclick="return hesk_confirmExecute(\'' . hesk_makeJsString($hesklang['delm']) . '?\');"><img src="../img/delete.png" width="16" height="16" alt="' . $hesklang['delm'] . '" title="' . $hesklang['delm'] . '" class="optionWhiteOFF" onmouseover="this.className=\'optionWhiteON\'" onmouseout="this.className=\'optionWhiteOFF\'" /></a>'; ?> </td> </tr> </table> <hr /> <p><?php echo $pm['message']; ?> </p> </td> <td class="roundcornersright"> </td> </tr> <tr> <td><img src="../img/roundcornerslb.jpg" width="7" height="7" alt="" /></td> <td class="roundcornersbottom"></td> <td width="7" height="7"><img src="../img/roundcornersrb.jpg" width="7" height="7" alt="" /></td> </tr> </table> <br /><hr /> <?php } // END if $num $_SESSION['hide']['list'] = 1; }
} else { $sql .= hesk_myCategories(); } // Show only tagged tickets? if (!empty($_GET['archive'])) { $archive[1] = 1; $sql .= " AND `archive`='1' "; } // Ticket owner preferences $fid = 1; require HESK_PATH . 'inc/assignment_search.inc.php'; // --> TICKET STATUS $possible_status = array(0 => 'NEW', 1 => 'WAITING REPLY', 2 => 'REPLIED', 3 => 'RESOLVED (CLOSED)', 4 => 'IN PROGRESS', 5 => 'ON HOLD'); $status = $possible_status; // Process statuses unless overridden with "s_all" variable if (!hesk_GET('s_all')) { foreach ($status as $k => $v) { if (empty($_GET['s' . $k])) { unset($status[$k]); } } } // How many statuses are we pulling out of the database? $tmp = count($status); // Do we need to search by status? if ($tmp < count($possible_status)) { // If no statuses selected, show default (all except RESOLVED) if ($tmp == 0) { $status = $possible_status; unset($status[3]); }
function hesk_getLanguage() { global $hesk_settings, $hesklang, $_SESSION; $language = $hesk_settings['language']; /* Remember what the default language is for some special uses like mass emails */ define('HESK_DEFAULT_LANGUAGE', $hesk_settings['language']); /* Can users select language? */ if (empty($hesk_settings['can_sel_lang'])) { return hesk_returnLanguage(); } /* Is a non-default language selected? If not use default one */ if (isset($_GET['language'])) { $language = hesk_input(hesk_GET('language')) or $language = $hesk_settings['language']; } elseif (isset($_COOKIE['hesk_language'])) { $language = hesk_input(hesk_COOKIE('hesk_language')) or $language = $hesk_settings['language']; } else { return hesk_returnLanguage(); } /* non-default language selected. Check if it's a valid one, if not use default one */ if ($language != $hesk_settings['language'] && isset($hesk_settings['languages'][$language])) { $hesk_settings['language'] = $language; } /* Remember and set the selected language */ setcookie('hesk_language', $hesk_settings['language'], time() + 31536000, '/'); return hesk_returnLanguage(); }
case 12: /* All time */ $date_from = hesk_getOldestDate(); $date_to = date('Y-m-d'); $selected['time'][12] = 'selected="selected"'; $is_all_time = 1; break; default: $_GET['time'] = 3; $selected['time'][3] = 'selected="selected"'; } $query_string = 'reports.php?w=0&time=' . $_GET['time']; } unset($tmp); /* Type */ $type = intval(hesk_GET('type', 1)); if (isset($selected['type'][$type])) { $selected['type'][$type] = 'selected="selected"'; } // Setup date SQL so we don't have to call functions several times $hesk_settings['dt_sql'] = " `dt` BETWEEN '" . hesk_dbEscape($date_from) . " 00:00:00' AND '" . hesk_dbEscape($date_to) . " 23:59:59' "; /* Print header */ require_once HESK_PATH . 'inc/header.inc.php'; /* Print main manage users page */ require_once HESK_PATH . 'inc/show_admin_nav.inc.php'; ?> </td> </tr> <tr> <td>
} $row = hesk_dbFetchAssoc($res); // Private or draft article or category? if ($row['cat_type'] || $row['art_type']) { if (empty($_SESSION['id'])) { // This is a staff-only attachment hesk_error($hesklang['attpri']); } elseif ($row['art_type'] == 2) { // Need permission to manage KB to access draft attachments require HESK_PATH . 'inc/admin_functions.inc.php'; hesk_checkPermission('can_man_kb'); } } } else { // Attachmend ID and ticket tracking ID $att_id = intval(hesk_GET('att_id', 0)) or die($hesklang['id_not_valid']); $tic_id = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}"); // Connect to database hesk_dbConnect(); // Get attachment info $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='{$att_id}' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { hesk_error($hesklang['id_not_valid'] . ' (att_id)'); } $file = hesk_dbFetchAssoc($res); // Is ticket ID valid for this attachment? if ($file['ticket_id'] != $tic_id) { hesk_error($hesklang['trackID_not_found']); } // Verify email address match if needed if (empty($_SESSION['id'])) {
} // Owner if ($tmp = intval(hesk_GET('owner', 0))) { $sql .= " AND `owner`={$tmp} "; $owner_input = $tmp; $hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer); } else { $owner_input = 0; } /* Date */ /* -> Check for compatibility with old date format */ if (preg_match("/(\\d{4})-(\\d{2})-(\\d{2})/", hesk_GET('dt'), $m)) { $_GET['dt'] = $m[2] . $m[3] . $m[1]; } /* -> Now process the date value */ $dt = preg_replace('/[^0-9]/', '', hesk_GET('dt')); if (strlen($dt) == 8) { $date = substr($dt, 4, 4) . '-' . substr($dt, 0, 2) . '-' . substr($dt, 2, 2); $date_input = substr($dt, 0, 2) . '/' . substr($dt, 2, 2) . '/' . substr($dt, 4, 4); /* This search is valid even if no query is entered */ if ($no_query) { $hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer); } $sql .= " AND `dt` BETWEEN '{$date} 00:00:00' AND '{$date} 23:59:59' "; } else { $date = ''; $date_input = ''; } /* Any errors? */ if (strlen($hesk_error_buffer)) { hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
* Trade Agreements with the United States of America or * with the European Union. * Removing any of the copyright notices without purchasing a license * is expressly forbidden. To remove HESK copyright notice you must purchase * a license for this script. For more information on how to obtain * a license please visit the page below: * https://www.hesk.com/buy.php *******************************************************************************/ /* Check if this is a valid include */ if (!defined('IN_SCRIPT')) { die('Invalid attempt'); } $tmp = intval(hesk_GET('limit')); $maxresults = $tmp > 0 ? $tmp : $hesk_settings['max_listings']; $tmp = intval(hesk_GET('page', 1)); $page = $tmp > 1 ? $tmp : 1; /* Acceptable $sort values and default asc(1)/desc(0) setting */ $sort_possible = array('trackid' => 1, 'lastchange' => 0, 'name' => 1, 'subject' => 1, 'status' => 1, 'lastreplier' => 1, 'priority' => 1, 'category' => 1, 'dt' => 0, 'id' => 1); /* These values should have collate appended in SQL */ $sort_collation = array('name', 'subject'); /* Acceptable $group values and default asc(1)/desc(0) setting */ $group_possible = array('owner' => 1, 'priority' => 1, 'category' => 1); /* Start the order by part of the SQL query */ $sql .= " ORDER BY "; /* Group tickets? Default: no */ if (isset($_GET['g']) && !is_array($_GET['g']) && isset($group_possible[$_GET['g']])) { $group = hesk_input($_GET['g']); if ($group == 'priority' && isset($_GET['sort']) && !is_array($_GET['sort']) && $_GET['sort'] == 'priority') { // No need to group by priority if we are already sorting by priority } elseif ($group == 'owner') {
function order_saved() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']); $_SESSION['canned']['selcat2'] = $tplid; $tpl_move = intval(hesk_GET('move')); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}."); } /* Update all category fields with new order */ $result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC'); $i = 10; while ($mytpl = hesk_dbFetchAssoc($result)) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1"); $i += 10; } header('Location: manage_ticket_templates.php'); exit; }
function print_add_ticket() { global $hesk_settings, $hesklang; // Auto-focus first empty or error field define('AUTOFOCUS', true); // Varibles for coloring the fields in case of errors if (!isset($_SESSION['iserror'])) { $_SESSION['iserror'] = array(); } if (!isset($_SESSION['isnotice'])) { $_SESSION['isnotice'] = array(); } if (!isset($_SESSION['c_category'])) { $_SESSION['c_category'] = 0; } hesk_cleanSessionVars('already_submitted'); // Print header $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['submit_ticket']; require_once HESK_PATH . 'inc/header.inc.php'; ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="3"><img src="img/headerleftsm.jpg" width="3" height="25" alt="" /></td> <td class="headersm"><?php hesk_showTopBar($hesklang['submit_ticket']); ?> </td> <td width="3"><img src="img/headerrightsm.jpg" width="3" height="25" alt="" /></td> </tr> </table> <table width="100%" border="0" cellspacing="0" cellpadding="3"> <tr> <td><span class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?> " class="smaller"><?php echo $hesk_settings['site_title']; ?> </a> > <a href="<?php echo $hesk_settings['hesk_url']; ?> " class="smaller"><?php echo $hesk_settings['hesk_title']; ?> </a> > <?php echo $hesklang['submit_ticket']; ?> </span></td> </tr> </table> </td> </tr> <tr> <td> <?php // This will handle error, success and notice messages hesk_handle_messages(); ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td> <td class="roundcornerstop"></td> <td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td> </tr> <tr> <td class="roundcornersleft"> </td> <td> <!-- START FORM --> <p style="text-align:center"><?php echo $hesklang['use_form_below']; ?> <font class="important"> *</font></p> <form method="post" action="submit_ticket.php?submit=1" name="form1" enctype="multipart/form-data"> <!-- Contact info --> <table border="0" width="100%"> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['name']; ?> : <font class="important">*</font></td> <td width="80%"><input type="text" name="name" size="40" maxlength="30" value="<?php if (isset($_SESSION['c_name'])) { echo stripslashes(hesk_input($_SESSION['c_name'])); } ?> " <?php if (in_array('name', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> /></td> </tr> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['email']; ?> : <font class="important">*</font></td> <td width="80%"><input type="text" name="email" size="40" maxlength="255" value="<?php if (isset($_SESSION['c_email'])) { echo stripslashes(hesk_input($_SESSION['c_email'])); } ?> " <?php if (in_array('email', $_SESSION['iserror'])) { echo ' class="isError" '; } elseif (in_array('email', $_SESSION['isnotice'])) { echo ' class="isNotice" '; } ?> <?php if ($hesk_settings['detect_typos']) { echo ' onblur="Javascript:hesk_suggestEmail(0)"'; } ?> /></td> </tr> <?php if ($hesk_settings['confirm_email']) { ?> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['confemail']; ?> : <font class="important">*</font></td> <td width="80%"><input type="text" name="email2" size="40" maxlength="255" value="<?php if (isset($_SESSION['c_email2'])) { echo stripslashes(hesk_input($_SESSION['c_email2'])); } ?> " <?php if (in_array('email2', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> /></td> </tr> <?php } // End if $hesk_settings['confirm_email'] ?> </table> <div id="email_suggestions"></div> <hr /> <!-- Department and priority --> <?php $is_table = 0; hesk_load_database_functions(); // Get categories hesk_dbConnect(); $res = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `type`='0' ORDER BY `cat_order` ASC"); if (hesk_dbNumRows($res) == 1) { // Only 1 public category, no need for a select box $row = hesk_dbFetchAssoc($res); echo '<input type="hidden" name="category" value="' . $row['id'] . '" />'; } elseif (hesk_dbNumRows($res) < 1) { // No public categories, set it to default one echo '<input type="hidden" name="category" value="1" />'; } else { // Is the category ID preselected? if (!empty($_GET['catid'])) { $_SESSION['c_category'] = intval(hesk_GET('catid')); } // List available categories $is_table = 1; ?> <table border="0" width="100%"> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['category']; ?> : <font class="important">*</font></td> <td width="80%"><select name="category" <?php if (in_array('category', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> > <?php while ($row = hesk_dbFetchAssoc($res)) { echo '<option value="' . $row['id'] . '"' . ($_SESSION['c_category'] == $row['id'] ? ' selected="selected"' : '') . '>' . $row['name'] . '</option>'; } ?> </select></td> </tr> <?php } /* Can customer assign urgency? */ if ($hesk_settings['cust_urgency']) { if (!$is_table) { echo '<table border="0" width="100%">'; $is_table = 1; } ?> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['priority']; ?> : <font class="important">*</font></td> <td width="80%"><select name="priority" <?php if (in_array('priority', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> > <option value="3" <?php if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 3) { echo 'selected="selected"'; } ?> ><?php echo $hesklang['low']; ?> </option> <option value="2" <?php if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 2) { echo 'selected="selected"'; } ?> ><?php echo $hesklang['medium']; ?> </option> <option value="1" <?php if (isset($_SESSION['c_priority']) && $_SESSION['c_priority'] == 1) { echo 'selected="selected"'; } ?> ><?php echo $hesklang['high']; ?> </option> </select></td> </tr> <?php } /* Need to close the table? */ if ($is_table) { echo '</table> <hr />'; } ?> <!-- START CUSTOM BEFORE --> <?php /* custom fields BEFORE comments */ $print_table = 0; foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && $v['place'] == 0) { if ($print_table == 0) { echo '<table border="0" width="100%">'; $print_table = 1; } $v['req'] = $v['req'] ? '<font class="important">*</font>' : ''; if ($v['type'] == 'checkbox') { $k_value = array(); if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) { foreach ($_SESSION["c_{$k}"] as $myCB) { $k_value[] = stripslashes(hesk_input($myCB)); } } } elseif (isset($_SESSION["c_{$k}"])) { $k_value = stripslashes(hesk_input($_SESSION["c_{$k}"])); } else { $k_value = ''; } switch ($v['type']) { /* Radio box */ case 'radio': echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%">'; $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($options as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } else { $checked = ''; } echo '<label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />'; } echo '</td> </tr> '; break; /* Select drop-down box */ /* Select drop-down box */ case 'select': $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><select name="' . $k . '" ' . $cls . '>'; $options = explode('#HESK#', $v['value']); foreach ($options as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; $selected = 'selected="selected"'; } else { $selected = ''; } echo '<option ' . $selected . '>' . $option . '</option>'; } echo '</select></td> </tr> '; break; /* Checkbox */ /* Checkbox */ case 'checkbox': echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%">'; $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($options as $option) { if (in_array($option, $k_value)) { $checked = 'checked="checked"'; } else { $checked = ''; } echo '<label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />'; } echo '</td> </tr> '; break; /* Large text box */ /* Large text box */ case 'textarea': $size = explode('#', $v['value']); $size[0] = empty($size[0]) ? 5 : intval($size[0]); $size[1] = empty($size[1]) ? 30 : intval($size[1]); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><textarea name="' . $k . '" rows="' . $size[0] . '" cols="' . $size[1] . '" ' . $cls . '>' . $k_value . '</textarea></td> </tr> '; break; /* Default text input */ /* Default text input */ default: if (strlen($k_value) != 0) { $v['value'] = $k_value; } $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><input type="text" name="' . $k . '" size="40" maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" ' . $cls . ' /></td> </tr> '; } } } /* If table was started we need to close it */ if ($print_table) { echo '</table> <hr />'; $print_table = 0; } ?> <!-- END CUSTOM BEFORE --> <!-- ticket info --> <table border="0" width="100%"> <tr> <td style="text-align:right" width="150"><?php echo $hesklang['subject']; ?> : <font class="important">*</font></td> <td width="80%"><input type="text" name="subject" size="40" maxlength="40" value="<?php if (isset($_SESSION['c_subject'])) { echo stripslashes(hesk_input($_SESSION['c_subject'])); } ?> " <?php if (in_array('subject', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> /></td> </tr> <tr> <td style="text-align:right" width="150" valign="top"><?php echo $hesklang['message']; ?> : <font class="important">*</font></td> <td width="80%"><textarea name="message" rows="12" cols="60" <?php if (in_array('message', $_SESSION['iserror'])) { echo ' class="isError" '; } ?> ><?php if (isset($_SESSION['c_message'])) { echo stripslashes(hesk_input($_SESSION['c_message'])); } ?> </textarea> <!-- START KNOWLEDGEBASE SUGGEST --> <?php if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers']) { ?> <div id="kb_suggestions" style="display:none"> <br /> <br /> <img src="img/loading.gif" width="24" height="24" alt="" border="0" style="vertical-align:text-bottom" /> <i><?php echo $hesklang['lkbs']; ?> </i> </div> <script language="Javascript" type="text/javascript"><!-- hesk_suggestKB(); //--> </script> <?php } ?> <!-- END KNOWLEDGEBASE SUGGEST --> </td> </tr> </table> <!-- START CUSTOM AFTER --> <?php /* custom fields AFTER comments */ $print_table = 0; foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && $v['place']) { if ($print_table == 0) { echo ' <hr /> <table border="0" width="100%"> '; $print_table = 1; } $v['req'] = $v['req'] ? '<font class="important">*</font>' : ''; if ($v['type'] == 'checkbox') { $k_value = array(); if (isset($_SESSION["c_{$k}"]) && is_array($_SESSION["c_{$k}"])) { foreach ($_SESSION["c_{$k}"] as $myCB) { $k_value[] = stripslashes(hesk_input($myCB)); } } } elseif (isset($_SESSION["c_{$k}"])) { $k_value = stripslashes(hesk_input($_SESSION["c_{$k}"])); } else { $k_value = ''; } switch ($v['type']) { /* Radio box */ case 'radio': echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%">'; $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($options as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; $checked = 'checked="checked"'; } else { $checked = ''; } echo '<label><input type="radio" name="' . $k . '" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />'; } echo '</td> </tr> '; break; /* Select drop-down box */ /* Select drop-down box */ case 'select': $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><select name="' . $k . '" ' . $cls . '>'; $options = explode('#HESK#', $v['value']); foreach ($options as $option) { if (strlen($k_value) == 0 || $k_value == $option) { $k_value = $option; $selected = 'selected="selected"'; } else { $selected = ''; } echo '<option ' . $selected . '>' . $option . '</option>'; } echo '</select></td> </tr> '; break; /* Checkbox */ /* Checkbox */ case 'checkbox': echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%">'; $options = explode('#HESK#', $v['value']); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; foreach ($options as $option) { if (in_array($option, $k_value)) { $checked = 'checked="checked"'; } else { $checked = ''; } echo '<label><input type="checkbox" name="' . $k . '[]" value="' . $option . '" ' . $checked . ' ' . $cls . ' /> ' . $option . '</label><br />'; } echo '</td> </tr> '; break; /* Large text box */ /* Large text box */ case 'textarea': $size = explode('#', $v['value']); $size[0] = empty($size[0]) ? 5 : intval($size[0]); $size[1] = empty($size[1]) ? 30 : intval($size[1]); $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150" valign="top">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><textarea name="' . $k . '" rows="' . $size[0] . '" cols="' . $size[1] . '" ' . $cls . '>' . $k_value . '</textarea></td> </tr> '; break; /* Default text input */ /* Default text input */ default: if (strlen($k_value) != 0) { $v['value'] = $k_value; } $cls = in_array($k, $_SESSION['iserror']) ? ' class="isError" ' : ''; echo ' <tr> <td style="text-align:right" width="150">' . $v['name'] . ': ' . $v['req'] . '</td> <td width="80%"><input type="text" name="' . $k . '" size="40" maxlength="' . $v['maxlen'] . '" value="' . $v['value'] . '" ' . $cls . ' /></td> </tr> '; } } } /* If table was started we need to close it */ if ($print_table) { echo '</table>'; $print_table = 0; } ?> <!-- END CUSTOM AFTER --> <?php /* attachments */ if ($hesk_settings['attachments']['use']) { ?> <hr /> <table border="0" width="100%"> <tr> <td style="text-align:right" width="150" valign="top"><?php echo $hesklang['attachments']; ?> :</td> <td width="80%" valign="top"> <?php for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) { $cls = $i == 1 && in_array('attachments', $_SESSION['iserror']) ? ' class="isError" ' : ''; echo '<input type="file" name="attachment[' . $i . ']" size="50" ' . $cls . ' /><br />'; } ?> <a href="file_limits.php" target="_blank" onclick="Javascript:hesk_window('file_limits.php',250,500);return false;"><?php echo $hesklang['ful']; ?> </a> </td> </tr> </table> <?php } if ($hesk_settings['question_use'] || $hesk_settings['secimg_use']) { ?> <hr /> <!-- Security checks --> <table border="0" width="100%"> <?php if ($hesk_settings['question_use']) { ?> <tr> <td style="text-align:right;vertical-align:top" width="150"><?php echo $hesklang['verify_q']; ?> <font class="important">*</font></td> <td width="80%"> <?php $value = ''; if (isset($_SESSION['c_question'])) { $value = stripslashes(hesk_input($_SESSION['c_question'])); } $cls = in_array('question', $_SESSION['iserror']) ? ' class="isError" ' : ''; echo $hesk_settings['question_ask'] . '<br /><input type="text" name="question" size="20" value="' . $value . '" ' . $cls . ' />'; ?> <br /> </td> </tr> <?php } if ($hesk_settings['secimg_use']) { ?> <tr> <td style="text-align:right;vertical-align:top" width="150"><?php echo $hesklang['verify_i']; ?> <font class="important">*</font></td> <td width="80%"> <?php // SPAM prevention verified for this session if (isset($_SESSION['img_verified'])) { echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang['vrfy']; } elseif ($hesk_settings['recaptcha_use']) { ?> <script type="text/javascript"> var RecaptchaOptions = { theme : '<?php echo isset($_SESSION['iserror']) && in_array('mysecnum', $_SESSION['iserror']) ? 'red' : 'white'; ?> ', custom_translations : { visual_challenge : "<?php echo hesk_slashJS($hesklang['visual_challenge']); ?> ", audio_challenge : "<?php echo hesk_slashJS($hesklang['audio_challenge']); ?> ", refresh_btn : "<?php echo hesk_slashJS($hesklang['refresh_btn']); ?> ", instructions_visual : "<?php echo hesk_slashJS($hesklang['instructions_visual']); ?> ", instructions_context : "<?php echo hesk_slashJS($hesklang['instructions_context']); ?> ", instructions_audio : "<?php echo hesk_slashJS($hesklang['instructions_audio']); ?> ", help_btn : "<?php echo hesk_slashJS($hesklang['help_btn']); ?> ", play_again : "<?php echo hesk_slashJS($hesklang['play_again']); ?> ", cant_hear_this : "<?php echo hesk_slashJS($hesklang['cant_hear_this']); ?> ", incorrect_try_again : "<?php echo hesk_slashJS($hesklang['incorrect_try_again']); ?> ", image_alt_text : "<?php echo hesk_slashJS($hesklang['image_alt_text']); ?> ", }, }; </script> <?php require HESK_PATH . 'inc/recaptcha/recaptchalib.php'; echo recaptcha_get_html($hesk_settings['recaptcha_public_key'], null, $hesk_settings['recaptcha_ssl']); } else { $cls = in_array('mysecnum', $_SESSION['iserror']) ? ' class="isError" ' : ''; echo $hesklang['sec_enter'] . '<br /> <br /><img src="print_sec_img.php?' . rand(10000, 99999) . '" width="150" height="40" alt="' . $hesklang['sec_img'] . '" title="' . $hesklang['sec_img'] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' . '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="img/reload.png" height="24" width="24" alt="' . $hesklang['reload'] . '" title="' . $hesklang['reload'] . '" border="0" style="vertical-align:text-bottom" /></a>' . '<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />'; } ?> </td> </tr> <?php } ?> </table> <?php } ?> <!-- Submit --> <?php if ($hesk_settings['submit_notice']) { ?> <hr /> <div align="center"> <table border="0"> <tr> <td> <b><?php echo $hesklang['before_submit']; ?> </b> <ul> <li><?php echo $hesklang['all_info_in']; ?> .</li> <li><?php echo $hesklang['all_error_free']; ?> .</li> </ul> <b><?php echo $hesklang['we_have']; ?> :</b> <ul> <li><?php echo hesk_htmlspecialchars($_SERVER['REMOTE_ADDR']) . ' ' . $hesklang['recorded_ip']; ?> </li> <li><?php echo $hesklang['recorded_time']; ?> </li> </ul> <p align="center"><input type="hidden" name="token" value="<?php hesk_token_echo(); ?> " /> <input type="submit" value="<?php echo $hesklang['sub_ticket']; ?> " class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /></p> </td> </tr> </table> </div> <?php } else { ?> <br /> <br /> <table border="0" width="100%"> <tr> <td style="text-align:right" width="150"> </td> <td width="80%"><input type="hidden" name="token" value="<?php hesk_token_echo(); ?> " /> <input type="submit" value="<?php echo $hesklang['sub_ticket']; ?> " class="orangebutton" onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /><br /> <br /> </td> </tr> </table> <?php } // End ELSE submit_notice ?> </form> <!-- END FORM --> </td> <td class="roundcornersright"> </td> </tr> <tr> <td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td> <td class="roundcornersbottom"></td> <td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td> </tr> </table> <?php hesk_cleanSessionVars('iserror'); hesk_cleanSessionVars('isnotice'); }
function hesk_profile_tab($session_array = 'userdata', $is_profile_page = true, $action = "") { global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned, $default_userdata; ?> <!-- TABS --> <div class="container tab-content profile-functions-tab"> <?php if (!$is_profile_page) { ?> <div class="permissions"> <div class="form-inline"> <label class="col-sm-2 control-label"><?php echo $hesklang['atype']; ?> :</label> <div class="form-group"> <?php /* Only administrators can create new administrator accounts */ if ($_SESSION['isadmin']) { if (!isset($_SESSION['userdata']['checked'])) { $_SESSION['userdata']['checked'] = ""; } if ($_SESSION['userdata']['checked'] == 'admin') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" checked /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php echo $hesklang['aclient']; ?> </label> <?php } elseif ($_SESSION['userdata']['checked'] == 'staff') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" checked /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php echo $hesklang['aclient']; ?> </label> <?php } elseif ($_SESSION['userdata']['checked'] == 'client') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" checked /> <?php echo $hesklang['aclient']; ?> </label> <?php } else { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" <?php if (isset($_GET['a']) && $_GET['a'] == "edit") { echo "checked"; } ?> /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" <?php if (isset($_GET['a']) && $_GET['a'] == "editb") { echo "checked"; } ?> /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" <?php if (isset($_GET['a']) && $_GET['a'] == "editc") { echo "checked"; } ?> /> <?php echo $hesklang['aclient']; ?> </label> <?php } } else { echo '<b>' . $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; } ?> </div> </div> </div><!-- end permissions --> <?php } ?> <ul id="tabs" class="nav nav-tabs profile-functions" data-tabs="tabs"> <li class="active" id="profile-info"><a href="#p-info" aria-controls="p-info" role="tab" data-toggle="tab"><?php echo $hesklang['pinfo']; ?> </a></li> <?php if (!$is_profile_page) { ?> <!--<li id="permissions-info"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php //echo $hesklang['permissions']; ?> </a></li>--> <?php } ?> <li id="signature-info"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php echo $hesklang['sig']; ?> </a></li> <li class="<?php if (!isset($_GET['a'])) { echo "hidden"; } ?> " id="project_users-info"><a href="#project_users" aria-controls="project_users" role="tab" data-toggle="tab"><?php echo $hesklang['project']; ?> </a></li> <li class="<?php if (!isset($_GET['a']) || $_GET['a'] == "editc") { echo "hidden"; } ?> " id="preferences-info"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php echo $hesklang['pref']; ?> </a></li> <li class="<?php if (!isset($_GET['a']) || $_GET['a'] == "editc") { echo "hidden"; } ?> " id="notifications-info"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php echo $hesklang['notn']; ?> </a></li> </ul> <!-- PROFILE INFO --> <div role="tabpanel" class="tab-pane active" id="p-info"> <br /> <div class="profile-information"> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-name"><?php echo $hesklang['real_name']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-name" name="name" size="40" maxlength="50" value="<?php if (isset($_SESSION[$session_array]['name'])) { echo $_SESSION[$session_array]['name']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-email"><?php echo $hesklang['email']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="email" id="profile-information-email" name="email" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['email'])) { echo $_SESSION[$session_array]['email']; } ?> "/> </div> <?php if (!$is_profile_page || $_SESSION['isadmin']) { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label control-label" for="profile-information-username"><?php echo $hesklang['username']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php if (isset($_SESSION[$session_array]['user'])) { echo $_SESSION[$session_array]['user']; } ?> " /> </div> <?php } else { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label control-label" for="profile-information-username"><?php echo $hesklang['username']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php if (isset($_SESSION[$session_array]['user'])) { echo $_SESSION[$session_array]['user']; } ?> " readonly> </div> <?php } ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-address"><?php echo 'Address'; ?> :</label> <input class="form-control" type="text" id="profile-information-adress" name="address" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['address'])) { echo $_SESSION[$session_array]['address']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-phonenumber"><?php echo 'Phone Number'; ?> :</label> <input class="form-control" type="number" min="0" id="profile-information-phonenumber" name="phonenumber" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['phonenumber'])) { echo $_SESSION[$session_array]['phonenumber']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-poz_detyres"><?php echo 'Pozicioni Detyres'; ?> </label> <input class="form-control" type="text" id="profile-information-poz_detyres" name="poz_detyres" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['poz_detyres'])) { echo $_SESSION[$session_array]['poz_detyres']; } ?> "/> </div> <!--shtohim fushen "Active" kur celim nje departament --> <div class="clearfix"></div> <div class="form-inline project-row1" id="profile-information-row"> <label class="col-sm-2 control-label"><?php echo $hesklang['def_act']; ?> : <font class="important">*</font></label> <input class="form-control" type="checkbox" name="prof_active" value="1" <?php if (isset($_SESSION[$session_array]['active']) && $_SESSION[$session_array]['active'] == "1") { echo "checked"; } ?> /> </div> <?php if (!isset($_GET['a'])) { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="newpass"><?php echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass']; ?> :</label> <input class="form-control" type="password" required="required" title="Required field" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" /> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="newpass2"><?php echo $hesklang['confirm_pass']; ?> :</label> <input class="form-control" required="required" title="Required field" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" /> </div> <?php } else { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-newpass"><?php echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass']; ?> :</label> <input class="form-control" type="password" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" /> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-confirmpass"><?php echo $hesklang['confirm_pass']; ?> :</label> <input class="form-control" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" /> </div> <?php } ?> <div class="form-inline" id="profile-information-pwdst-row"> <label class="col-sm-2 control-label"><?php echo $hesklang['pwdst']; ?> :</label> <label style="vertical-align: top;"> <div class="form-control" style="width: 336px;"> <div id="progressBar" style="font-size: 1px; height: 20px; width: 0px; border: 1px solid white;"></div> </div> </label> </div> <div class="form-inline <?php if (!isset($_GET['a']) || $_GET['a'] !== "editc") { echo "hidden"; } ?> " id="show-hide-kompani"> <label class="col-sm-2 control-label" for=""><?php echo $hesklang['company']; ?> :<font class="important">*</font></label> <select class="form-control" id="select_company_manage_users" name="company_id" style="width: 336px;"> <option></option> <?php $res_comp = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'companies` '); while ($row_comp = mysqli_fetch_array($res_comp)) { if ($row_comp['active'] == 1) { $temp_data = array(); $data_contract = hesk_dbQuery('SELECT id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE active=1 AND company_id =' . $row_comp['id']); while ($row_contract = mysqli_fetch_array($data_contract)) { $temp_data[] = $row_contract['id']; } if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) { echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" selected="selected">' . $row_comp['company_name'] . '</option>'; } else { echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" >' . $row_comp['company_name'] . '</option>'; } } else { if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) { echo '<option selected="selected" disabled>' . $row_comp['company_name'] . '</option>'; } } } ?> </select> </div> <br/> <div class="form-inline <?php if (!isset($_GET['a']) || $_GET['a'] !== "editc") { echo "hidden"; } ?> " id="show-hide-kontrata"> <label class="col-sm-2 control-label" for="select-kontrata"><?php echo $hesklang['contract']; ?> :<font class="important">*</font></label> <select class="multiple form-control" multiple="multiple" id="select-kontrata" name="contract_id[]" style="width: 336px;"> <option></option> <?php $res_contract = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` '); $temp = array(); if (isset($_GET["id"])) { $res_contract_client = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contractforclient` WHERE client_Id=' . hesk_dbEscape($_GET["id"])); while ($row_contract_data = mysqli_fetch_array($res_contract_client)) { $temp[] = $row_contract_data['contract_Id']; } } while ($row_contract = mysqli_fetch_array($res_contract)) { if ($row_contract['active'] == 1) { if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) { echo '<option value="' . $row_contract['id'] . '" selected="selected">' . $row_contract['contract_name'] . '</option>'; } else { echo '<option value="' . $row_contract['id'] . '" >' . $row_contract['contract_name'] . '</option>'; } } else { if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) { echo '<option selected="selected" disabled>' . $row_contract['contract_name'] . '</option>'; } } } ?> </select> </div> <div id="options" class="<?php if (!isset($_GET['a']) || $_GET['a'] !== "editb") { echo "hidden"; } ?> "> <div class="permissions-category-features"> <!--<div class="form-inline"> <label class="col-sm-2 control-label"><?php //echo $hesklang['allowed_cat']; ?> : <font class="important">*</font></label> <label>--> <?php /*foreach ($hesk_settings['categories'] as $catid => $catname) { echo '<label><input type="checkbox" name="categories[]" value="' . $catid . '" '; if ( in_array($catid,$_SESSION[$session_array]['categories']) ) { echo ' checked="checked" '; } echo ' />' . $catname . '</label>'; }*/ ?> <!--</label> </div>--> <div class="form-inline" id="permissions-features"> <label class="col-sm-2 control-label"><?php echo $hesklang['allow_feat']; ?> : <font class="important">*</font></label> <div class="form-group" style="vertical-align: top;"> <?php foreach ($hesk_settings['features'] as $k) { echo '<label><input type="checkbox" name="features[]" value="' . $k . '" '; if (in_array($k, $_SESSION[$session_array]['features'])) { echo ' checked="checked" '; } echo ' />' . $hesklang[$k] . '</label><br /> '; } ?> </div> </div> </div><!-- end permissions-category-features --> </div> <?php if (!$is_profile_page && $hesk_settings['autoassign']) { ?> <div class="form-inline hidden" id="show-hide-optionsClient"> <label class="col-sm-6 control-label"><input type="checkbox" name="autoassign" value="Y" <?php if (isset($_SESSION[$session_array]['autoassign']) && !empty($_SESSION[$session_array]['autoassign'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['user_aa']; ?> </label> </div> <?php } ?> </div><!-- end profile-information --> </div> <!-- PROFILE INFO --> <!-- SIGNATURE --> <div role="tabpanel" class="tab-pane" id="signature"> <div class="form-inline signature-profile-func"> <label class="control-label col-sm-3"><?php echo $hesklang['signature_max']; ?> :</label> <div class="form-group"> <textarea class="form-control" name="signature" rows="10" cols="60"><?php echo $_SESSION[$session_array]['signature']; ?> </textarea><br /> <?php echo $hesklang['sign_extra']; ?> </div> </div><!-- end signature-profile-func --> </div> <!-- SIGNATURE --> <?php if (!$is_profile_page) { ?> <!-- Projets for Users --> <div role="tabpanel" class="tab-pane" id="project_users"> <div class="project_contract_table"> <table class="table table-bordered"> <tr> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['id']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['name']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['contract']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['project']; ?> </i></b></th> </tr> <?php if (isset($_GET['a']) && $_GET['a'] == "edit") { $t1 = "users"; $t2 = "userforcontract"; $t3 = "userId"; $t4 = "contractId"; } else { $t1 = "clients"; $t2 = "contractforclient"; $t3 = "client_Id"; $t4 = "contract_Id"; } $result = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t1 . '` WHERE id=' . intval(hesk_GET('id')) . ' ORDER BY `id` '); $i = 1; while ($row = mysqli_fetch_array($result)) { $staff = hesk_dbQuery('SELECT ' . $t3 . ',' . $t4 . ' FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t2 . '` WHERE ' . $t3 . '=' . $row['id']); $staff_string = ""; $project_string = ""; while ($row1 = mysqli_fetch_array($staff)) { $contract_staff = hesk_dbQuery('SELECT contract_name, project_id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE `id` ="' . $row1[$t4] . '"'); $contract = mysqli_fetch_array($contract_staff); $staff_string .= $contract['contract_name'] . "<br/>"; $project_id = isset($contract['project_id']) ? $contract['project_id'] : ""; if (!empty($project_id)) { $project_staff = hesk_dbQuery('SELECT project_name FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'projects` WHERE `id` ="' . $project_id . '"'); $project = mysqli_fetch_array($project_staff); $project_string .= $project['project_name'] . "<br/>"; } } echo '<tr> <td class="$color">' . $row['id'] . '</td> <td class="$color">' . $row['name'] . '</td> <td class="$color">' . $staff_string . '</td> <td class="$color">' . $project_string . '</td> </tr>'; } ?> </table> </div> </div> <?php } ?> <!-- End Projets for Users --> <?php if (!$is_profile_page || $can_reply_tickets) { ?> <!-- PREFERENCES --> <div role="tabpanel" class="tab-pane" id="preferences"> <div class="form-group preferences-profile-func"> <div class="form-inline"> <label class="col-sm-3 control-label"><?php echo $hesklang['aftrep']; ?> :</label> <div class="form-group" style="vertical-align: top;"> <label><input type="radio" name="afterreply" value="0" <?php if (!$_SESSION[$session_array]['afterreply']) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['showtic']; ?> </label><br /> <label><input type="radio" name="afterreply" value="1" <?php if ($_SESSION[$session_array]['afterreply'] == 1) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['gomain']; ?> </label><br /> <label><input type="radio" name="afterreply" value="2" <?php if ($_SESSION[$session_array]['afterreply'] == 2) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['shownext']; ?> </label><br /> </div> </div> <div class="form-inline preferences-profile-defaults"> <label class="col-sm-3 control-label"><?php echo $hesklang['defaults']; ?> :</label> <div class="form-group" style="vertical-align: top;"> <?php if ($hesk_settings['time_worked']) { ?> <label><input type="checkbox" name="autostart" value="1" <?php if (!empty($_SESSION[$session_array]['autostart'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['autoss']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_customer_new" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_new'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncn']; ?> </label><br /> <label><input type="checkbox" name="notify_customer_reply" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_reply'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncr']; ?> </label><br /> <label><input type="checkbox" name="show_suggested" value="1" <?php if (!empty($_SESSION[$session_array]['show_suggested'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pssy']; ?> </label><br /> </div> </div> </div><!-- end preferences-profile-func --> </div> <!-- PREFERENCES --> <?php } ?> <!-- NOTIFICATIONS --> <div role="tabpanel" class="tab-pane" id="notifications"> <div class="notif-mw"><?php echo $hesklang['nomw']; ?> </div> <div class="notifications-profile-func"> <div class="form-inline"> <div> <?php if (!$is_profile_page || $can_view_tickets) { if (!$is_profile_page || $can_view_unassigned) { ?> <label><input type="checkbox" name="notify_new_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['unas']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_new_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_my'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['s_my']; ?> </label><br /> <?php if (!$is_profile_page || $can_view_unassigned) { ?> <label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['unas']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_reply_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_my'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['s_my']; ?> </label><br /> <label><input type="checkbox" name="notify_assigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_assigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ntam']; ?> </label><br /> <label><input type="checkbox" name="notify_note" value="1" <?php if (!empty($_SESSION[$session_array]['notify_note'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ntnote']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_pm" value="1" <?php if (!empty($_SESSION[$session_array]['notify_pm'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['npms']; ?> </label><br /> </div> </div> </div><!-- end notifications-profile-func --> </div> <!-- NOTIFICATIONS --> </div> <!-- TABS --> <script language="Javascript" type="text/javascript"><!-- hesk_checkPassword(document.form1.newpass.value); //--> </script> <?php if (isset($_SESSION[$session_array])) { unset($_SESSION[$session_array]); } }
function toggle_autoassign() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']); $_SESSION['seluser'] = $myuser; if (intval(hesk_GET('s'))) { $autoassign = 1; $tmp = $hesklang['uaaon']; } else { $autoassign = 0; $tmp = $hesklang['uaaoff']; } /* Update auto-assign settings */ $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `autoassign`='{$autoassign}' WHERE `id`='" . intval($myuser) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php'); } hesk_process_messages($tmp, './manage_users.php', 'SUCCESS'); }
function remove_sm() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Get ID $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']); // Delete the service message hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1"); // Were we successful? if (hesk_dbAffectedRows() == 1) { hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS'); } else { hesk_process_messages($hesklang['sm_not_found'], './service_messages.php'); } }
*******************************************************************************/ define('IN_SCRIPT', 1); define('HESK_PATH', './'); // Get all the required files and functions require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; // Are we in maintenance mode? hesk_check_maintenance(); hesk_load_database_functions(); hesk_session_start(); // A security check hesk_token_check(); // Get the tracking ID $trackingID = hesk_cleanID() or die("{$hesklang['int_error']}: {$hesklang['no_trackID']}"); // Get new status $status = intval(hesk_GET('s', 0)); $oldStatus = $status; $locked = 0; // Connect to database hesk_dbConnect(); // Get the close status. It'll be used later on $statusRes = hesk_dbQuery('SELECT `ID` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses` WHERE `IsClosedByClient` = 1'); $statusRow = hesk_dbFetchAssoc($statusRes); $closedStatus = $statusRow['ID']; if ($status == 3) { // Is customer closing tickets enabled? if (!$hesk_settings['custclose']) { hesk_error($hesklang['attempt']); } $status = $closedStatus; $action = $hesklang['closed'];
require_once HESK_PATH . 'inc/knowledgebase_functions.inc.php'; hesk_load_database_functions(); hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); /* Is Knowledgebase enabled? */ if (!$hesk_settings['kb_enable']) { hesk_error($hesklang['kbdis']); } /* Can this user manage Knowledgebase or just view it? */ $can_man_kb = hesk_checkPermission('can_man_kb', 0); /* Any category ID set? */ $catid = intval(hesk_GET('category', 1)); $artid = intval(hesk_GET('article', 0)); if (isset($_GET['search'])) { $query = hesk_input(hesk_GET('search')); } else { $query = 0; } $hesk_settings['kb_link'] = $artid || $catid != 1 || $query ? '<a href="knowledgebase_private.php" class="smaller">' . $hesklang['gopr'] . '</a>' : ($can_man_kb ? $hesklang['gopr'] : ''); if ($hesk_settings['kb_search'] && $query) { hesk_kb_search($query); } elseif ($artid) { // Show drafts only to staff who can manage knowledgebase if ($can_man_kb) { $result = hesk_dbQuery("SELECT t1.*, t2.`name` AS `cat_name`\n\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\n\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\n\t\tWHERE `t1`.`id` = '{$artid}'\n\t\t"); } else { $result = hesk_dbQuery("SELECT t1.*, t2.`name` AS `cat_name`\n\t\tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\n\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\n\t\tWHERE `t1`.`id` = '{$artid}' AND `t1`.`type` IN ('0', '1')\n\t\t"); } $article = hesk_dbFetchAssoc($result) or hesk_error($hesklang['kb_art_id']); hesk_show_kb_article($artid);
$s = intval(hesk_POST('s')); /* Get time worked in proper format */ $time_worked = hesk_getTime($h . ':' . $m . ':' . $s); /* Update database */ $revision = sprintf($hesklang['thist14'], hesk_date(), $time_worked, $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); /* Show ticket */ hesk_process_messages($hesklang['twu'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); } /* Delete attachment action */ if (isset($_GET['delatt']) && hesk_token_check()) { if (!$can_delete || !$can_edit) { hesk_process_messages($hesklang['no_permission'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } $att_id = intval(hesk_GET('delatt')) or hesk_error($hesklang['inv_att_id']); $reply = intval(hesk_GET('reply', 0)); if ($reply < 1) { $reply = 0; } /* Get attachment info */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` WHERE `att_id`='" . intval($att_id) . "' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { hesk_process_messages($hesklang['id_not_valid'] . ' (att_id)', 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } $att = hesk_dbFetchAssoc($res); /* Is ticket ID valid for this attachment? */ if ($att['ticket_id'] != $trackingID) { hesk_process_messages($hesklang['trackID_not_found'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999)); } /* Delete file from server */ hesk_unlink(HESK_PATH . $hesk_settings['attach_dir'] . '/' . $att['saved_name']);