Пример #1
0
function update_profile()
{
    global $hesk_settings, $hesklang, $can_view_unassigned;
    /* A security check */
    hesk_token_check('POST');
    $sql_pass = '';
    $sql_username = '';
    $hesk_error_buffer = '';
    $_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
    $_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
    $_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
    /* Signature */
    if (strlen($_SESSION['new']['signature']) > 255) {
        $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
    }
    /* Admins can change username */
    if ($_SESSION['isadmin']) {
        $_SESSION['new']['user'] = hesk_input(hesk_POST('user')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_username'] . '</li>';
        /* Check for duplicate usernames */
        $result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user`='" . hesk_dbEscape($_SESSION['new']['user']) . "' AND `id`!='" . intval($_SESSION['id']) . "' LIMIT 1");
        if (hesk_dbNumRows($result) != 0) {
            $hesk_error_buffer .= '<li>' . $hesklang['duplicate_user'] . '</li>';
        } else {
            $sql_username = "******" . hesk_dbEscape($_SESSION['new']['user']) . "'";
        }
    }
    /* Change password? */
    $newpass = hesk_input(hesk_POST('newpass'));
    $passlen = strlen($newpass);
    if ($passlen > 0) {
        /* At least 5 chars? */
        if ($passlen < 5) {
            $hesk_error_buffer .= '<li>' . $hesklang['password_not_valid'] . '</li>';
        } else {
            $newpass2 = hesk_input(hesk_POST('newpass2'));
            if ($newpass != $newpass2) {
                $hesk_error_buffer .= '<li>' . $hesklang['passwords_not_same'] . '</li>';
            } else {
                $v = hesk_Pass2Hash($newpass);
                if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') {
                    define('WARN_PASSWORD', true);
                }
                $sql_pass = '******'' . $v . '\'';
            }
        }
    }
    /* After reply */
    $_SESSION['new']['afterreply'] = intval(hesk_POST('afterreply'));
    if ($_SESSION['new']['afterreply'] != 1 && $_SESSION['new']['afterreply'] != 2) {
        $_SESSION['new']['afterreply'] = 0;
    }
    /* Auto-start ticket timer */
    $_SESSION['new']['autostart'] = isset($_POST['autostart']) ? 1 : 0;
    /* Notifications */
    $_SESSION['new']['notify_new_unassigned'] = empty($_POST['notify_new_unassigned']) || !$can_view_unassigned ? 0 : 1;
    $_SESSION['new']['notify_new_my'] = empty($_POST['notify_new_my']) ? 0 : 1;
    $_SESSION['new']['notify_reply_unassigned'] = empty($_POST['notify_reply_unassigned']) || !$can_view_unassigned ? 0 : 1;
    $_SESSION['new']['notify_reply_my'] = empty($_POST['notify_reply_my']) ? 0 : 1;
    $_SESSION['new']['notify_assigned'] = empty($_POST['notify_assigned']) ? 0 : 1;
    $_SESSION['new']['notify_note'] = empty($_POST['notify_note']) ? 0 : 1;
    $_SESSION['new']['notify_pm'] = empty($_POST['notify_pm']) ? 0 : 1;
    /* Any errors? */
    if (strlen($hesk_error_buffer)) {
        /* Process the session variables */
        $_SESSION['new'] = hesk_stripArray($_SESSION['new']);
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
    } else {
        /* Update database */
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET\r\n\t    `name`='" . hesk_dbEscape($_SESSION['new']['name']) . "',\r\n\t    `email`='" . hesk_dbEscape($_SESSION['new']['email']) . "',\r\n\t\t`signature`='" . hesk_dbEscape($_SESSION['new']['signature']) . "'\r\n        {$sql_username}\r\n\t\t{$sql_pass} ,\r\n\t    `afterreply`='" . intval($_SESSION['new']['afterreply']) . "' ,\r\n        `autostart`='" . intval($_SESSION['new']['autostart']) . "' ,\r\n\t    `notify_new_unassigned`='" . intval($_SESSION['new']['notify_new_unassigned']) . "' ,\r\n        `notify_new_my`='" . intval($_SESSION['new']['notify_new_my']) . "' ,\r\n        `notify_reply_unassigned`='" . intval($_SESSION['new']['notify_reply_unassigned']) . "' ,\r\n        `notify_reply_my`='" . intval($_SESSION['new']['notify_reply_my']) . "' ,\r\n        `notify_assigned`='" . intval($_SESSION['new']['notify_assigned']) . "' ,\r\n        `notify_pm`='" . intval($_SESSION['new']['notify_pm']) . "',\r\n        `notify_note`='" . intval($_SESSION['new']['notify_note']) . "'\r\n\t    WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1");
        /* Process the session variables */
        $_SESSION['new'] = hesk_stripArray($_SESSION['new']);
        /* Update session variables */
        foreach ($_SESSION['new'] as $k => $v) {
            $_SESSION[$k] = $v;
        }
        unset($_SESSION['new']);
        hesk_process_messages($hesklang['profile_updated_success'], 'profile.php', 'SUCCESS');
    }
}
Пример #2
0
')) {return true;}
else {return false;}
}
//-->
</script>

<?php 
/* This will handle error, success and notice messages */
hesk_handle_messages();
?>

&nbsp;<br />

<?php 
if (isset($_SESSION['new_sm']) && !isset($_SESSION['edit_sm'])) {
    $_SESSION['new_sm'] = hesk_stripArray($_SESSION['new_sm']);
}
if (isset($_SESSION['preview_sm'])) {
    hesk_service_message($_SESSION['new_sm']);
}
?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr>
		<td width="7" height="7"><img src="../img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornerstop"></td>
		<td><img src="../img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
	</tr>
	<tr>
	<td class="roundcornersleft">&nbsp;</td>
	<td>
function manage_category()
{
    global $hesk_settings, $hesklang;
    $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']);
    $result = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'kb_categories` ORDER BY `parent` ASC, `cat_order` ASC');
    $kb_cat = array();
    while ($cat = hesk_dbFetchAssoc($result)) {
        $kb_cat[] = $cat;
        if ($cat['id'] == $catid) {
            $this_cat = $cat;
        }
    }
    if (isset($_SESSION['manage_cat'])) {
        $_SESSION['manage_cat'] = hesk_stripArray($_SESSION['manage_cat']);
        $this_cat['type'] = $_SESSION['manage_cat']['type'];
        $this_cat['parent'] = $_SESSION['manage_cat']['parent'];
        $this_cat['name'] = $_SESSION['manage_cat']['title'];
    }
    /* Translate main category "Knowledgebase" if needed */
    $kb_cat[0]['name'] = $hesklang['kb_text'];
    require HESK_PATH . 'inc/treemenu/TreeMenu.php';
    $icon = HESK_PATH . 'img/folder.gif';
    $expandedIcon = HESK_PATH . 'img/folder-expanded.gif';
    $menu = new HTML_TreeMenu();
    $thislevel = array('0');
    $nextlevel = array();
    $i = 1;
    $j = 1;
    while (count($kb_cat) > 0) {
        foreach ($kb_cat as $k => $cat) {
            if (in_array($cat['parent'], $thislevel)) {
                $up = $cat['parent'];
                $my = $cat['id'];
                $type = $cat['type'] ? '*' : '';
                $text_short = $cat['name'] . $type . ' (' . $cat['articles'] . ', ' . $cat['articles_private'] . ', ' . $cat['articles_draft'] . ')';
                if (isset($node[$up])) {
                    $node[$my] =& $node[$up]->addItem(new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option' . $j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true)));
                } else {
                    $node[$my] = new HTML_TreeNode(array('hesk_parent' => $this_cat['parent'], 'text' => 'Text', 'text_short' => $text_short, 'hesk_catid' => $cat['id'], 'hesk_select' => 'option' . $j, 'icon' => $icon, 'expandedIcon' => $expandedIcon, 'expanded' => true));
                }
                $nextlevel[] = $cat['id'];
                $j++;
                unset($kb_cat[$k]);
            }
        }
        $thislevel = $nextlevel;
        $nextlevel = array();
        /* Break after 20 recursions to avoid hang-ups in case of any problems */
        if ($i > 20) {
            break;
        }
        $i++;
    }
    $menu->addItem($node[1]);
    // Create the presentation class
    $listBox =& ref_new(new HTML_TreeMenu_Listbox($menu));
    /* Print header */
    require_once HESK_PATH . 'inc/header.inc.php';
    /* Print main manage users page */
    require_once HESK_PATH . 'inc/show_admin_nav.inc.php';
    ?>

	
     <div class="container manage-kb-category-title"><a href="manage_knowledgebase.php" class="smaller"><b><?php 
    echo $hesklang['kb'];
    ?>
</b></a> &gt; <?php 
    echo $hesklang['kb_cat_man'];
    ?>
</div>

	<!-- SUB NAVIGATION -->
	<?php 
    show_subnav('', $catid);
    ?>
	<!-- SUB NAVIGATION -->

	<?php 
    if (!isset($_SESSION['hide']['article_list'])) {
        ?>

     <div class="container category-kb"><?php 
        echo $hesklang['category'];
        ?>
: <span class="black"><?php 
        echo $this_cat['name'];
        ?>
</span></div>

    &nbsp;<br />

    <?php 
        $result = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' ORDER BY `sticky` DESC, `art_order` ASC");
        $num = hesk_dbNumRows($result);
        if ($num == 0) {
            echo '<div class="container kb_no_article">' . $hesklang['kb_no_art'] . ' &nbsp;<br/><br/> 
		<a href="manage_knowledgebase.php?a=add_article&amp;catid=' . $catid . '"><img src="../img/add_article.png" width="16" height="16" alt="' . $hesklang['kb_i_art2'] . '" title="' . $hesklang['kb_i_art2'] . '" border="0" style="border:none;vertical-align:text-bottom" /></a>' . '<a href="manage_knowledgebase.php?a=add_article&amp;catid=' . $catid . '"><b>' . $hesklang['kb_i_art2'] . '</b></a></div>';
        } else {
            /* Get number of sticky articles */
            $res2 = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='{$catid}' AND `sticky` = '1' ");
            $num_sticky = hesk_dbResult($res2);
            $num_nosticky = $num - $num_sticky;
            ?>
        <div class="container insertArticle">
	        <?php 
            echo '<a href="manage_knowledgebase.php?a=add_article&amp;catid=' . $catid . '"><img src="../img/add_article.png" width="16" height="16" alt="' . $hesklang['kb_i_art2'] . '" title="' . $hesklang['kb_i_art2'] . '" border="0" style="border:none;vertical-align:text-bottom" /></a> <a href="manage_knowledgebase.php?a=add_article&amp;catid=' . $catid . '"><b>' . $hesklang['kb_i_art2'] . '</b></a>';
            ?>
	    </div>

	     <div class="container kb_cat_art_title"><?php 
            echo $hesklang['kb_cat_art'];
            ?>
</div>

		<div class="container">
		<table class="table table-bordered table-responsive kb_cat_art_table">
		<tr>
        <th class="admin_white">&nbsp;</th>
		<th class="admin_white"><b><i><?php 
            echo $hesklang['kb_subject'];
            ?>
</i></b></th>
		<th class="admin_white"><b><i><?php 
            echo $hesklang['kb_type'];
            ?>
</i></b></th>
        <th class="admin_white"><b><i><?php 
            echo $hesklang['views'];
            ?>
</i></b></th>
        <?php 
            if ($hesk_settings['kb_rating']) {
                ?>
	        <th class="admin_white" style="white-space:nowrap" nowrap="nowrap" width="130"><b><i><?php 
                echo $hesklang['rating'] . ' (' . $hesklang['votes'] . ')';
                ?>
</i></b></th>
	        <?php 
            }
            ?>
        <th class="admin_white" style="width:120px"><b><i>&nbsp;<?php 
            echo $hesklang['opt'];
            ?>
&nbsp;</i></b></th>
		</tr>
    	<?php 
            $i = 1;
            $j = 1;
            $k = 1;
            $previous_sticky = 1;
            $num = $num_sticky;
            while ($article = hesk_dbFetchAssoc($result)) {
                if ($previous_sticky != $article['sticky']) {
                    $k = 1;
                    $num = $num_nosticky;
                    $previous_sticky = $article['sticky'];
                }
                if (isset($_SESSION['artord']) && $article['id'] == $_SESSION['artord']) {
                    $color = 'admin_green';
                    unset($_SESSION['artord']);
                } elseif ($article['sticky']) {
                    $color = 'admin_yellow';
                } else {
                    $color = $i ? 'admin_white' : 'admin_gray';
                }
                $tmp = $i ? 'White' : 'Blue';
                $style = 'class="option' . $tmp . 'OFF" onmouseover="this.className=\'option' . $tmp . 'ON\'" onmouseout="this.className=\'option' . $tmp . 'OFF\'"';
                $i = $i ? 0 : 1;
                switch ($article['type']) {
                    case '1':
                        $type = '<span class="kb_private">' . $hesklang['kb_private'] . '</span>';
                        break;
                    case '2':
                        $type = '<span class="kb_draft">' . $hesklang['kb_draft'] . '</span>';
                        break;
                    default:
                        $type = '<span class="kb_published">' . $hesklang['kb_published'] . '</span>';
                }
                if ($hesk_settings['kb_rating']) {
                    $alt = $article['rating'] ? sprintf($hesklang['kb_rated'], sprintf("%01.1f", $article['rating'])) : $hesklang['kb_not_rated'];
                    $rat = '<td class="' . $color . '" style="white-space:nowrap;"><img src="../img/star_' . hesk_round_to_half($article['rating']) * 10 . '.png" width="85" height="16" alt="' . $alt . '" title="' . $alt . '" border="0" style="vertical-align:text-bottom" /> (' . $article['votes'] . ') </td>';
                } else {
                    $rat = '';
                }
                ?>
			<tr>
			<td class="<?php 
                echo $color;
                ?>
"><?php 
                echo $j;
                ?>
.</td>
			<td class="<?php 
                echo $color;
                ?>
"><?php 
                echo $article['subject'];
                ?>
</td>
            <td class="<?php 
                echo $color;
                ?>
"><?php 
                echo $type;
                ?>
</td>
            <td class="<?php 
                echo $color;
                ?>
"><?php 
                echo $article['views'];
                ?>
</td>
            <?php 
                echo $rat;
                ?>
            <td class="<?php 
                echo $color;
                ?>
" style="text-align:center; white-space:nowrap;">
			<?php 
                if ($num > 1) {
                    if ($k == 1) {
                        ?>
                    <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />
                	<a href="manage_knowledgebase.php?a=order_article&amp;id=<?php 
                        echo $article['id'];
                        ?>
&amp;catid=<?php 
                        echo $catid;
                        ?>
&amp;move=15&amp;token=<?php 
                        hesk_token_echo();
                        ?>
"><img src="../img/move_down.png" width="16" height="16" alt="<?php 
                        echo $hesklang['move_dn'];
                        ?>
" title="<?php 
                        echo $hesklang['move_dn'];
                        ?>
" <?php 
                        echo $style;
                        ?>
 /></a>
	            <?php 
                    } elseif ($k == $num) {
                        ?>
					<a href="manage_knowledgebase.php?a=order_article&amp;id=<?php 
                        echo $article['id'];
                        ?>
&amp;catid=<?php 
                        echo $catid;
                        ?>
&amp;move=-15&amp;token=<?php 
                        hesk_token_echo();
                        ?>
"><img src="../img/move_up.png" width="16" height="16" alt="<?php 
                        echo $hesklang['move_up'];
                        ?>
" title="<?php 
                        echo $hesklang['move_up'];
                        ?>
" <?php 
                        echo $style;
                        ?>
 /></a>
                    <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;" />
	            <?php 
                    } else {
                        ?>
					<a href="manage_knowledgebase.php?a=order_article&amp;id=<?php 
                        echo $article['id'];
                        ?>
&amp;catid=<?php 
                        echo $catid;
                        ?>
&amp;move=-15&amp;token=<?php 
                        hesk_token_echo();
                        ?>
"><img src="../img/move_up.png" width="16" height="16" alt="<?php 
                        echo $hesklang['move_up'];
                        ?>
" title="<?php 
                        echo $hesklang['move_up'];
                        ?>
" <?php 
                        echo $style;
                        ?>
 /></a>
					<a href="manage_knowledgebase.php?a=order_article&amp;id=<?php 
                        echo $article['id'];
                        ?>
&amp;catid=<?php 
                        echo $catid;
                        ?>
&amp;move=15&amp;token=<?php 
                        hesk_token_echo();
                        ?>
"><img src="../img/move_down.png" width="16" height="16" alt="<?php 
                        echo $hesklang['move_dn'];
                        ?>
" title="<?php 
                        echo $hesklang['move_dn'];
                        ?>
" <?php 
                        echo $style;
                        ?>
 /></a>
	            <?php 
                    }
                } elseif ($num_sticky > 1 || $num_nosticky > 1) {
                    echo '<img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;vertical-align:text-bottom;" /> <img src="../img/blank.gif" width="16" height="16" alt="" style="padding:3px;border:none;vertical-align:text-bottom;" />';
                }
                ?>
            <a href="manage_knowledgebase.php?a=sticky&amp;s=<?php 
                echo $article['sticky'] ? 0 : 1;
                ?>
&amp;id=<?php 
                echo $article['id'];
                ?>
&amp;catid=<?php 
                echo $catid;
                ?>
&amp;token=<?php 
                hesk_token_echo();
                ?>
"><img src="../img/sticky<?php 
                if (!$article['sticky']) {
                    echo '_off';
                }
                ?>
.png" width="16" height="16" alt="<?php 
                echo $article['sticky'] ? $hesklang['stickyoff'] : $hesklang['stickyon'];
                ?>
" title="<?php 
                echo $article['sticky'] ? $hesklang['stickyoff'] : $hesklang['stickyon'];
                ?>
" <?php 
                echo $style;
                ?>
 /></a>
            <a href="knowledgebase_private.php?article=<?php 
                echo $article['id'];
                ?>
&amp;back=1<?php 
                if ($article['type'] == 2) {
                    echo '&amp;draft=1';
                }
                ?>
" target="_blank"><img src="../img/article_text.png" width="16" height="16" alt="<?php 
                echo $hesklang['viewart'];
                ?>
" title="<?php 
                echo $hesklang['viewart'];
                ?>
" <?php 
                echo $style;
                ?>
 /></a>
            <a href="manage_knowledgebase.php?a=edit_article&amp;id=<?php 
                echo $article['id'];
                ?>
"><img src="../img/edit.png" width="16" height="16" alt="<?php 
                echo $hesklang['edit'];
                ?>
" title="<?php 
                echo $hesklang['edit'];
                ?>
" <?php 
                echo $style;
                ?>
 /></a>
            <a href="manage_knowledgebase.php?a=remove_article&amp;id=<?php 
                echo $article['id'];
                ?>
&amp;token=<?php 
                hesk_token_echo();
                ?>
" onclick="return hesk_confirmExecute('<?php 
                echo hesk_makeJsString($hesklang['del_art']);
                ?>
');"><img src="../img/delete.png" width="16" height="16" alt="<?php 
                echo $hesklang['delete'];
                ?>
" title="<?php 
                echo $hesklang['delete'];
                ?>
" <?php 
                echo $style;
                ?>
 /></a>&nbsp;</td>
			</tr>
            <?php 
                $j++;
                $k++;
            }
            // End while
            ?>
		</table>
		</div>
		<?php 
        }
    }
    // END if hide article list
    /* Manage Category (except the default one) */
    if ($catid != 1) {
        ?>

        &nbsp;<br />


    <div class="container insertCategory">
		<?php 
        echo '<a href="manage_knowledgebase.php?a=add_category&amp;parent=' . $catid . '"><img src="../img/add_category.png" width="16" height="16" alt="' . $hesklang['kb_i_cat2'] . '" title="' . $hesklang['kb_i_cat2'] . '" border="0" style="border:none;vertical-align:text-bottom" /></a> <a href="manage_knowledgebase.php?a=add_category&amp;parent=' . $catid . '"><b>' . $hesklang['kb_i_cat2'] . '</b></a>';
        ?>
	</div>

	<div class="container category-settings-title"><?php 
        echo $hesklang['catset'];
        ?>
</div>
	<div class="container category-settings-form">
	<br/>
		<form action="manage_knowledgebase.php" method="post" name="form1" onsubmit="Javascript:return hesk_deleteIfSelected('dodelete','<?php 
        echo hesk_makeJsString($hesklang['kb_delcat']);
        ?>
')">
			<div class="form-inline">
				<span class="col-sm-2"><b><?php 
        echo $hesklang['kb_cat_title'];
        ?>
:</b></span>
				<span><input class="form-control" type="text" name="title" size="70" maxlength="255" value="<?php 
        echo $this_cat['name'];
        ?>
" /></span>
			</div>
			<br/>
			<div class="form-inline">
				<span class="col-sm-2"><b><?php 
        echo $hesklang['kb_cat_parent'];
        ?>
:</b></span>
				<span><select class="form-control" name="parent"><?php 
        $listBox->printMenu();
        ?>
</select></span>
			</div>
			<br/>
			<div class="form-inline">
				<span class="col-sm-2"><b><?php 
        echo $hesklang['kb_type'];
        ?>
:</b></span>
				<div class="form-group">
					<label><input type="radio" name="type" value="0" <?php 
        if (!$this_cat['type']) {
            echo 'checked="checked"';
        }
        ?>
 /> <b><i><?php 
        echo $hesklang['kb_published'];
        ?>
</i></b></label><br />
					<span><?php 
        echo $hesklang['kb_cat_published'];
        ?>
</span><br/><br/>
					<label><input type="radio" name="type" value="1" <?php 
        if ($this_cat['type']) {
            echo 'checked="checked"';
        }
        ?>
 /> <b><i><?php 
        echo $hesklang['kb_private'];
        ?>
</i></b></label><br />
					<span><?php 
        echo $hesklang['kb_cat_private'];
        ?>
</span>
				</div>
			</div>
			<br/>
	        <div class="form-inline">
				<span class="col-sm-2"><b><?php 
        echo $hesklang['opt'];
        ?>
:</b></span>
				<div class="form-group">
					<label><input type="checkbox" name="dodelete" id="dodelete" value="Y" onclick="Javascript:hesk_toggleLayerDisplay('deleteoptions')" /> <i><?php 
        echo $hesklang['delcat'];
        ?>
</i></label>
					<div id="deleteoptions" style="display: none;">
					<label><input type="radio" name="movearticles" value="Y" checked="checked" /> <?php 
        echo $hesklang['move1'];
        ?>
</label><br />
					<label><input type="radio" name="movearticles" value="N" /> <?php 
        echo $hesklang['move2'];
        ?>
</label>
					</div>
				</div>
	        </div>
			<br/>
	</div>
	<br/>
		<div class="col-sm-6 col-sm-offset-6">
			<input type="hidden" name="a" value="edit_category" />
	        <input type="hidden" name="token" value="<?php 
        hesk_token_echo();
        ?>
" />
	        <input type="hidden" name="catid" value="<?php 
        echo $catid;
        ?>
" /><input type="submit" value="<?php 
        echo $hesklang['save_changes'];
        ?>
" class="btn btn-default save-cat-changes-btn" />
		</div>
	</form>
	

	<?php 
    }
    // END if $catid != 1
    /* Clean unneeded session variables */
    hesk_cleanSessionVars(array('hide', 'manage_cat', 'edit_article'));
    require_once HESK_PATH . 'inc/footer.inc.php';
    exit;
}
Пример #4
0
    /* Can't create admin users */
    $_POST['isadmin'] = 0;
    /* Can only add features he/she has access to */
    $hesk_settings['features'] = array_intersect(explode(',', $_SESSION['heskprivileges']), $hesk_settings['features']);
    /* Can user modify auto-assign setting? */
    if ($hesk_settings['autoassign'] && (!hesk_checkPermission('can_assign_self', 0) || !hesk_checkPermission('can_assign_others', 0))) {
        $hesk_settings['autoassign'] = 0;
    }
}
/* Use any set values, default otherwise */
foreach ($default_userdata as $k => $v) {
    if (!isset($_SESSION['userdata'][$k])) {
        $_SESSION['userdata'][$k] = $v;
    }
}
$_SESSION['userdata'] = hesk_stripArray($_SESSION['userdata']);
/* What should we do? */
if ($action = hesk_REQUEST('a')) {
    if ($action == 'reset_form') {
        $_SESSION['edit_userdata'] = TRUE;
        header('Location: ./manage_users.php');
    } elseif ($action == 'edit') {
        edit_user();
    } elseif (defined('HESK_DEMO')) {
        hesk_process_messages($hesklang['ddemo'], 'manage_users.php', 'NOTICE');
    } elseif ($action == 'new') {
        new_user();
    } elseif ($action == 'save') {
        update_user();
    } elseif ($action == 'remove') {
        remove();
Пример #5
0
function hesk_stripArray($a)
{
    foreach ($a as $k => $v) {
        if (is_array($v)) {
            $a[$k] = hesk_stripArray($v);
        } else {
            $a[$k] = stripslashes($v);
        }
    }
    reset($a);
    return $a;
}
Пример #6
0
function update_profile()
{
    global $hesk_settings, $hesklang, $can_view_unassigned;
    /* A security check */
    hesk_token_check('POST');
    $sql_pass = '';
    $sql_username = '';
    $hesk_error_buffer = '';
    $newvar['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>';
    $newvar['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>';
    $newvar['new']['signature'] = hesk_input(hesk_POST('signature'));
    $newvar['new']['user'] = hesk_input(hesk_POST('user'));
    $newvar['new']['address'] = hesk_input(hesk_POST('address'));
    $newvar['new']['phonenumber'] = hesk_input(hesk_POST('phonenumber'));
    $newvar['new']['poz_detyres'] = hesk_input(hesk_POST('poz_detyres'));
    /* Signature */
    if (strlen($newvar['new']['signature']) > 1000) {
        $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>';
    }
    $sql_username = "******" . hesk_dbEscape($newvar['new']['user']) . "'";
    /* Change password? */
    $newpass_cl = hesk_input(hesk_POST('newpass_cl'));
    $passlen = strlen($newpass_cl);
    if ($passlen > 0) {
        /* At least 5 chars? */
        if ($passlen < 5) {
            $hesk_error_buffer .= '<li>' . $hesklang['password_not_valid'] . '</li>';
        } else {
            $newpass2_cl = hesk_input(hesk_POST('newpass2_cl'));
            if ($newpass_cl != $newpass2_cl) {
                $hesk_error_buffer .= '<li>' . $hesklang['passwords_not_same'] . '</li>';
            } else {
                $v = hesk_Pass2Hash($newpass_cl);
                if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') {
                    define('WARN_PASSWORD', true);
                }
                $sql_pass = '******'' . $v . '\'';
            }
        }
    }
    $id = hesk_input(hesk_POST('userid'));
    /* Any errors? */
    if (strlen($hesk_error_buffer)) {
        /* Process the session variables */
        $newvar['new'] = hesk_stripArray($newvar['new']);
        $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
        //hesk_process_messages($hesk_error_buffer,'NOREDIRECT');
    }
    //else
    //{
    $query = "UPDATE " . hesk_dbEscape($hesk_settings['db_pfix']) . "clients SET \n\t\t\tname='" . hesk_dbEscape($newvar['new']['name']) . "', \n\t\t\temail='" . hesk_dbEscape($newvar['new']['email']) . "', \n\t\t\tuser='******'new']['user']) . "',\n\t\t\taddress='" . hesk_dbEscape($newvar['new']['address']) . "',\n\t\t\tphonenumber='" . hesk_dbEscape($newvar['new']['phonenumber']) . "',\n\t\t\tpoz_detyres='" . hesk_dbEscape($newvar['new']['poz_detyres']) . "',\n\t\t\tsignature='" . hesk_dbEscape($newvar['new']['signature']) . "'\n\t\t\t{$sql_pass}\n\t\t\tWHERE id=" . $id . " LIMIT 1";
    /* Update database */
    $result = hesk_dbQuery($query);
    /* Process the session variables */
    $newvar['new'] = hesk_stripArray($newvar['new']);
    $tmp = $_SESSION['id']['id'];
    $_SESSION['id'] = $newvar['new'];
    $_SESSION['id']['id'] = $tmp;
    /* Update session variables */
    /*foreach ($newvar['new'] as $k => $v)
      {
      	$_SESSION[$k] = $v;
      }*/
    unset($newvar['new']);
    hesk_cleanSessionVars('as_notify');
    hesk_process_messages($hesklang['profile_updated_success'], 'client_profile.php', 'SUCCESS');
    // }
}