function remove_sm() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Get ID $id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']); // Delete the service message hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1"); // Were we successful? if (hesk_dbAffectedRows() == 1) { hesk_process_messages($hesklang['sm_deleted'], './service_messages.php', 'SUCCESS'); } else { hesk_process_messages($hesklang['sm_not_found'], './service_messages.php'); } }
* a license please visit the page below: * https://www.hesk.com/buy.php *******************************************************************************/ define('IN_SCRIPT', 1); define('HESK_PATH', '../'); /* Get all the required files and functions */ require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; require HESK_PATH . 'inc/admin_functions.inc.php'; hesk_load_database_functions(); hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); /* Check permissions for this feature */ hesk_checkPermission('can_view_tickets'); hesk_checkPermission('can_reply_tickets'); /* A security check */ hesk_token_check('POST'); /* Ticket ID */ $trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']); $priority = intval(hesk_POST('priority')); if ($priority < 0 || $priority > 3) { hesk_process_messages($hesklang['inpr'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'NOTICE'); } $options = array(0 => '<font class="critical">' . $hesklang['critical'] . '</font>', 1 => '<font class="important">' . $hesklang['high'] . '</font>', 2 => '<font class="medium">' . $hesklang['medium'] . '</font>', 3 => $hesklang['low']); $revision = sprintf($hesklang['thist8'], hesk_date(), $options[$priority], $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `priority`='{$priority}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['inpr'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'NOTICE'); } hesk_process_messages(sprintf($hesklang['chpri2'], $options[$priority]), 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS');
function change_manager() { global $hesklang, $hesk_settings; $catid = hesk_POST('catid'); $newManagerId = hesk_POST('managerid'); hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` SET `manager` = ' . intval($newManagerId) . ' WHERE `id` = ' . intval($catid)); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } if ($newManagerId == 0) { // There is no new manager. return; } // Add the category to the user's categories list, if not already present $currentCatRs = hesk_dbQuery('SELECT `categories` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = ' . intval($newManagerId)); $currentCategories = hesk_dbFetchAssoc($currentCatRs); $categories = explode(',', $currentCategories['categories']); if (!in_array($catid, $categories)) { hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` SET `categories` = \'' . $currentCategories['categories'] . ',' . $catid . '\' WHERE `id` = ' . intval($newManagerId)); } hesk_process_messages($hesklang['manager_updated'], './manage_categories.php', 'SUCCESS'); }
function hesk_setOnline($user_id) { global $hesk_settings, $hesklang, $hesk_db_link; /* If already online just update... */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` SET `tmp` = `tmp` + 1 WHERE `user_id` = '" . intval($user_id) . "' LIMIT 1"); /* ... else insert a new entry */ if (!hesk_dbAffectedRows()) { hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` (`user_id`) VALUES (" . intval($user_id) . ") "); } return true; }
function order_saved() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']); $_SESSION['canned']['selcat2'] = $tplid; $tpl_move = intval(hesk_GET('move')); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}."); } /* Update all category fields with new order */ $result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC'); $i = 10; while ($mytpl = hesk_dbFetchAssoc($result)) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1"); $i += 10; } header('Location: manage_ticket_templates.php'); exit; }
function toggle_type() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']); $_SESSION['selcat2'] = $catid; if (intval(hesk_GET('s'))) { $type = 1; $tmp = $hesklang['cpriv']; } else { $type = 0; $tmp = $hesklang['cpub']; } /* Update auto-assign settings */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS'); }
function mail_delete() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $ids = mail_get_ids(); if ($ids) { foreach ($ids as $id) { /* If both correspondents deleted the mail remove it from database, otherwise mark as deleted by this user */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `deletedby`='" . intval($_SESSION['id']) . "' WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`=0 LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`!=0 LIMIT 1"); } } hesk_process_messages($hesklang['smdl'], 'NOREDIRECT', 'SUCCESS'); } return true; }
function order_article() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $id = intval(hesk_GET('id')) or hesk_error($hesklang['kb_art_id']); $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['kb_cat_inv']); $move = intval(hesk_GET('move')); $_SESSION['artord'] = $id; $result = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` SET `art_order`=`art_order`+" . intval($move) . " WHERE `id`='" . intval($id) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error($hesklang['kb_art_id']); } /* Update article order */ update_article_order($catid); header('Location: manage_knowledgebase.php?a=manage_cat&catid=' . $catid); exit; }
function toggle_autoassign() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']); $_SESSION['seluser'] = $myuser; if (intval(hesk_GET('s'))) { $autoassign = 1; $tmp = $hesklang['uaaon']; } else { $autoassign = 0; $tmp = $hesklang['uaaoff']; } /* Update auto-assign settings */ $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `autoassign`='{$autoassign}' WHERE `id`='" . intval($myuser) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php'); } hesk_process_messages($tmp, './manage_users.php', 'SUCCESS'); }
function remove_contract() { global $hesk_settings, $hesklang; hesk_token_check(); $_SERVER['PHP_SELF'] = 'contracts.php#tab_edit-cont'; $con = intval(hesk_GET('id')); hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "contracts` WHERE NOT EXISTS\n\t(SELECT NULL FROM`" . hesk_dbEscape($hesk_settings['db_pfix']) . "contractforclient` as `cc` WHERE `cc`.`contract_Id`='" . intval($con) . "') && `id`='" . intval($con) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error("{$hesklang['con_req']}."); } hesk_process_messages($hesklang['con_removed_db'], $_SERVER['PHP_SELF'], 'SUCCESS'); }
function deleteTemplate() { global $hesk_settings, $hesklang; $id = hesk_GET('id'); // Admin/Staff templates cannot be deleted! if ($id == 1 || $id == 2) { hesk_process_messages($hesklang['cannot_delete_admin_or_staff'], $_SERVER['PHP_SELF']); } // Otherwise delete the template hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` WHERE `id` = " . intval($id)); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['no_templates_were_deleted'], $_SERVER['PHP_SELF']); } hesk_process_messages($hesklang['permission_template_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS'); }
function toggle_active() { global $hesk_settings, $hesklang; /* Security check */ hesk_token_check(); $myuser = intval(hesk_GET('id')) or hesk_error($hesklang['no_valid_id']); $_SESSION['seluser'] = $myuser; if (intval($myuser) == $_SESSION['id']) { //-- You can't deactivate yourself! hesk_process_messages($hesklang['self_deactivation'], './manage_users.php'); } if (intval(hesk_GET('s'))) { $active = 1; $tmp = $hesklang['user_activated']; $notificationSql = ""; } else { $active = 0; $tmp = $hesklang['user_deactivated']; // Revoke any manager rights hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser)); $notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0,\n `notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0"; } hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `active` = '" . $active . "'" . $notificationSql . " WHERE `id` = '" . intval($myuser) . "'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['user_not_found'], './manage_users.php'); } hesk_process_messages($tmp, './manage_users.php', 'SUCCESS'); }