<?php if(!defined('OSTSCPINC') || !is_object($thisuser) || !$thisuser->isStaff()) die('Acesso Negado'); $info=($_POST && $errors)?Format::input($_POST):array(); //on error...use the post data ?> <div width="100%"> <?if($errors['err']) {?> <p align="center" id="errormessage"><?=$errors['err']?></p> <?}elseif($msg) {?> <p align="center" class="infomessage"><?=$msg?></p> <?}elseif($warn) {?> <p class="warnmessage"><?=$warn?></p> <?}?> </div> <table width="80%" border="0" cellspacing=1 cellpadding=2> <form action="tickets.php" method="post" enctype="multipart/form-data"> <input type='hidden' name='a' value='open'> <tr><td align="left" colspan=2>Por favor, preencha o formulário abaixo para abrir um novo ticket.</td></tr> <tr> <td align="left" nowrap width="20%"><b>Endereço de E-mail:</b></td> <td> <input type="text" id="email" name="email" size="25" value="<?=$info['email']?>"> <font class="error"><b>*</b> <?=$errors['email']?></font> <? if($cfg->notifyONNewStaffTicket()) {?> <input type="checkbox" name="alertuser" <?=(!$errors || $info['alertuser'])? 'checked': ''?>>Alerte o usuário. <?}?> </td> </tr> <tr> <td align="left" ><b>Nome Completo:</b></td> <td>
<?php if (!defined('KTKADMININC') || !$thisuser->isadmin()) { die(_('Access Denied')); } $info = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($role); if ($role && $_REQUEST['a'] != 'new') { $title = sprintf(_('Edit Role: %s'), $info['dept_access'] == 'SADMIN' ? _('Administrator') : $role['role_name']); $action = 'update'; } else { $title = _('Add New Role'); $action = 'create'; $info['role_enabled'] = isset($info['role_enabled']) ? $info['role_enabled'] : 1; //Default to active } ?> <form action="admin.php" method="POST" name="role"> <input type="hidden" name="do" value="<?php echo $action; ?> "> <input type="hidden" name="a" value="<?php echo Format::htmlchars($_REQUEST['a']); ?> "> <input type="hidden" name="t" value="roles"> <input type="hidden" name="role_id" value="<?php echo $info['role_id']; ?> ">
<?php if (!defined('OSTCLIENTINC')) { die('Access Denied'); } $email = Format::input($_POST['lemail'] ? $_POST['lemail'] : $_GET['e']); $ticketid = Format::input($_POST['lticket'] ? $_POST['lticket'] : $_GET['t']); if ($cfg->isClientEmailVerificationRequired()) { $button = __("Email Access Link"); } else { $button = __("View Ticket"); } ?> <div class="container topheader"><div class="row"> <div id="login-overlay"> <div class="content"> <div class="modal-header"> <div class="modal-title lead"><?php echo __('Check Ticket Status'); ?> </div> </div> <div class="modal-body"> <div class="row"> <div class="col-xs-6"> <p class="lead"></span></p> <ul class="list-unstyled" style="line-height: 2"> <li><span class="fa fa-check text-success"></span><?php echo __('Please provide your email address and a ticket number.'); if ($cfg->isClientEmailVerificationRequired()) { echo ' ' . __('An access link will be emailed to you.');
<?php if (!defined('OSTCLIENTINC') || !is_object($thisclient) || !is_object($ticket)) { die('Kwaheri'); } //bye..see ya //Double check access one last time... if (strcasecmp($thisclient->getEmail(), $ticket->getEmail())) { die('Access Denied'); } $info = $_POST && $errors ? Format::input($_POST) : array(); //Re-use the post info on error...savekeyboards.org $dept = $ticket->getDept(); //Making sure we don't leak out internal dept names $dept = $dept && $dept->isPublic() ? $dept : $cfg->getDefaultDept(); //We roll like that... ?> <table width="100%" cellpadding="1" cellspacing="0" border="0"> <tr><td colspan=2 width=100% class="msg">Ticket #<?php echo $ticket->getExtId(); ?> <a href="view.php?id=<?php echo $ticket->getExtId(); ?> " title="Reload"><span class="Icon refresh"> </span></a></td></tr> <tr> <td width=50%> <table align="center" class="infotable" cellspacing="1" cellpadding="3" width="100%" border=0> <tr> <th width="100" >Ticket Status:</th>
<?php if (!defined('OSTCLIENTINC')) { die('Access Denied'); } $userid = Format::input($_POST['userid']); ?> <h1><?php echo __('Forgot My Password'); ?> </h1> <p><?php echo __('Enter your username or email address in the form below and press the <strong>Send Email</strong> button to have a password reset link sent to your email account on file.'); ?> <form action="pwreset.php" method="post" id="clientLogin"> <div style="width:50%;display:inline-block"> <?php csrf_token(); ?> <input type="hidden" name="do" value="sendmail"/> <strong><?php echo Format::htmlchars($banner); ?> </strong> <br> <div> <label for="username"><?php echo __('Username'); ?> :</label>
<?php if (!defined('OSTADMININC') || !$thisuser->isadmin()) { die($trl->translate("TEXT_ACCESS_DENIED")); } $info = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($group); if ($group && $_REQUEST['a'] != 'new') { $title = 'Edit Group: ' . $group['group_name']; $action = 'update'; } else { $title = 'Add New Group'; $action = 'create'; $info['group_enabled'] = isset($info['group_enabled']) ? $info['group_enabled'] : 1; //Default to active } ?> <table width="100%" border="0" cellspacing=0 cellpadding=0> <form action="admin.php" method="POST" name="group"> <input type="hidden" name="do" value="<?php echo $action; ?> "> <input type="hidden" name="a" value="<?php echo Format::htmlchars($_REQUEST['a']); ?> "> <input type="hidden" name="t" value="groups"> <input type="hidden" name="group_id" value="<?php echo $info['group_id']; ?> ">
static function save($id, $vars, &$errors) { global $cfg; if ($id && $id != $_POST['dept_id']) { $errors['err'] = _('Missing or invalid Dept ID'); } if (!$_POST['email_id'] || !is_numeric($_POST['email_id'])) { $errors['email_id'] = _('Dept email required'); } if (!is_numeric($_POST['tpl_id'])) { $errors['tpl_id'] = _('Template required'); } if (!$_POST['dept_name']) { $errors['dept_name'] = _('Dept name required'); } elseif (strlen($_POST['dept_name']) < 4) { $errors['dept_name'] = _('Dept name must be at least 4 chars.'); } else { $sql = 'SELECT dept_id FROM ' . DEPT_TABLE . ' WHERE dept_name=' . db_input($_POST['dept_name']); if ($id) { $sql .= ' AND dept_id!=' . db_input($id); } if (db_num_rows(db_query($sql))) { $errors['dept_name'] = _('Department already exists'); } } if ($_POST['ispublic'] && !$_POST['dept_signature']) { $errors['dept_signature'] = _('Signature required'); } if (!$_POST['ispublic'] && $_POST['dept_id'] == $cfg->getDefaultDeptId()) { $errors['ispublic'] = _('Default department can not be private'); } if (!$errors) { $sql = ' SET updated=NOW() ' . ',ispublic=' . db_input($_POST['ispublic']) . ',email_id=' . db_input($_POST['email_id']) . ',tpl_id=' . db_input($_POST['tpl_id']) . ',autoresp_email_id=' . db_input($_POST['autoresp_email_id']) . ',manager_id=' . db_input($_POST['manager_id'] ? $_POST['manager_id'] : 0) . ',dept_name=' . db_input(Format::striptags($_POST['dept_name'])) . ',dept_signature=' . db_input(Format::striptags($_POST['dept_signature'])) . ',ticket_auto_response=' . db_input($_POST['ticket_auto_response']) . ',message_auto_response=' . db_input($_POST['message_auto_response']) . ',can_append_signature=' . db_input(isset($_POST['can_append_signature']) ? 1 : 0); if ($id) { $sql = 'UPDATE ' . DEPT_TABLE . ' ' . $sql . ' WHERE dept_id=' . db_input($id); if (!db_query($sql) || !db_affected_rows()) { $errors['err'] = _('Unable to update ') . Format::input($_POST['dept_name']) . _(' Dept. Error occured'); } } else { $sql = 'INSERT INTO ' . DEPT_TABLE . ' ' . $sql . ',created=NOW()'; if (db_query($sql) && ($deptID = db_insert_id())) { return $deptID; } $errors['err'] = _('Unable to create department. Internal error'); } } return $errors ? false : true; }
if (!$errors) { $thisuser->reload(); $_SESSION['TZ_OFFSET'] = $thisuser->getTZoffset(); $_SESSION['daylight'] = $thisuser->observeDaylight(); } } //Tab and Nav options. $nav->setTabActive('profile'); $nav->addSubMenu(array('desc' => $trl->translate("LABEL_MY_PROFILE"), 'href' => 'profile.php', 'iconclass' => 'user')); $nav->addSubMenu(array('desc' => $trl->translate("LABEL_PREFERENCES"), 'href' => 'profile.php?t=pref', 'iconclass' => 'userPref')); $nav->addSubMenu(array('desc' => $trl->translate("LABEL_CHANGE_PASSWORD"), 'href' => 'profile.php?t=passwd', 'iconclass' => 'userPasswd')); //Warnings if any. if ($thisuser->onVacation()) { $warn .= $trl->translate("TEXT_WELCOME_BACK_VACATION"); } $rep = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($thisuser->getData()); // page logic $inc = 'myprofile.inc.php'; switch (strtolower($_REQUEST['t'])) { case 'pref': $inc = 'mypref.inc.php'; break; case 'passwd': $inc = 'changepasswd.inc.php'; break; case 'info': default: $inc = 'myprofile.inc.php'; } //Forced password Change. if ($thisuser->forcePasswdChange()) {
<?php if(!defined('SETUPINC')) die('Kwaheri wafiki!'); $info=($errors && $_POST)?Format::input($_POST):array(); //use post data. if(!isset($info['title'])) { $info['title']='osTicket :: Support Ticket System'; } if(!isset($info['dbhost'])) { $info['dbhost']='localhost'; } if(!isset($info['prefix'])) { $info['prefix']='ost_'; } ?> <div style="padding:3px; padding-top:1px; padding-bottom:5px;"> All fields are required. <form action=install.php method=post name=setup> <table width="100%" cellspacing="0" cellpadding="2" class="setup"> <tr class="title"><td colspan=2>osTicket web path and title</td></tr> <tr class="subtitle"><td colspan=2>Url to osTicket installation on your server and the title.</td></tr> <tr><td width=150>HelpDesk URL:</td><td><b><?=URL?></b></td></tr> <tr> <td>HelpDesk Title:</td><td><input type=text name=title size=40 value="<?=$info['title']?>"> <font class="error"><?=$errors['title']?></font></td> </tr> <tr class="title"><td colspan=2>System email</td></tr> <tr class="subtitle"><td colspan=2>Default system email (e.g support@yourdomain.com) You can change or add more emails later.</td></tr> <tr><td>Default Email:</td><td><input type=text name=sysemail size=40 value="<?=$info['sysemail']?>">
<?php //Note that ticket is initiated in tickets.php. if(!defined('OSTSCPINC') || !@$thisuser->isStaff() || !is_object($ticket) ) die('Invalid path'); if(!$ticket->getId() or (!$thisuser->canAccessDept($ticket->getDeptId()) and $thisuser->getId()!=$ticket->getStaffId())) die('Access Denied'); $info=($_POST && $errors)?Format::input($_POST):array(); //Re-use the post info on error...savekeyboards.org //Auto-lock the ticket if locking is enabled..if locked already simply renew it. if($cfg->getLockTime() && !$ticket->acquireLock()) $warn.='Unable to obtain a lock on the ticket'; //We are ready baby...lets roll. Akon rocks! $dept = $ticket->getDept(); //Dept $staff = $ticket->getStaff(); //Assiged staff. $lock = $ticket->getLock(); //Ticket lock obj $id=$ticket->getId(); //Ticket ID. if($staff) $warn.=' <span class="Icon assignedTicket">Ticket is assigned to '.$staff->getName().'</span>'; if(!$errors['err'] && ($lock && $lock->getStaffId()!=$thisuser->getId())) $errors['err']='This ticket is currently locked by another staff member!'; if(!$errors['err'] && ($emailBanned=BanList::isbanned($ticket->getEmail()))) $errors['err']='Email is in banlist! Must be removed before any reply/response'; if($ticket->isOverdue()) $warn.=' <span class="Icon overdueTicket">Marked overdue!</span>'; ?> <table width="100%" cellpadding="2" cellspacing="0" border="0"> <tr> <td class="msg" width=50%> Ticket #<?=$ticket->getExtId()?> <a href="tickets.php?id=<?=$id?>" title="Reload"><span class="Icon refresh"> </span></a></td>
'kb' => array(__('Knowledgebase Settings'), 'settings.kb'), 'autoresp' => array(__('Autoresponder Settings'), 'settings.autoresponder'), 'alerts' => array(__('Alerts and Notices Settings'), 'settings.alerts'), ); //Handle a POST. $target=($_REQUEST['t'] && $settingOptions[$_REQUEST['t']])?$_REQUEST['t']:'system'; $page = false; if (isset($settingOptions[$target])) $page = $settingOptions[$target]; if($page && $_POST && !$errors) { if($cfg && $cfg->updateSettings($_POST,$errors)) { $msg=sprintf(__('Successfully updated %s'), Format::htmlchars($page[0])); } elseif(!$errors['err']) { $errors['err']=__('Unable to update settings - correct errors below and try again'); } } $config=($errors && $_POST)?Format::input($_POST):Format::htmlchars($cfg->getConfigInfo()); $ost->addExtraHeader('<meta name="tip-namespace" content="'.$page[1].'" />', "$('#content').data('tipNamespace', '".$page[1]."');"); $nav->setTabActive('settings', ('settings.php?t='.$target)); require_once(STAFFINC_DIR.'header.inc.php'); include_once(STAFFINC_DIR."settings-$target.inc.php"); include_once(STAFFINC_DIR.'footer.inc.php'); ?>
function save($id, $vars, &$errors) { global $cfg; if ($id && $id != $_POST['dept_id']) { $errors['err'] = 'Ausente ou inválido identificação do departamento'; } if (!$_POST['email_id'] || !is_numeric($_POST['email_id'])) { $errors['email_id'] = 'E-mail do departamento obrigatório'; } if (!is_numeric($_POST['tpl_id'])) { $errors['tpl_id'] = 'Modelo exigido'; } if (!$_POST['dept_name']) { $errors['dept_name'] = 'Nome do departamento exigido'; } elseif (strlen($_POST['dept_name']) < 4) { $errors['dept_name'] = 'Nome do departamento deve ter no mínimo 4 caracteres.'; } else { $sql = 'SELECT dept_id FROM ' . DEPT_TABLE . ' WHERE dept_name=' . db_input($_POST['dept_name']); if ($id) { $sql .= ' AND dept_id!=' . db_input($id); } if (db_num_rows(db_query($sql))) { $errors['dept_name'] = 'Departamento já existe'; } } if ($_POST['ispublic'] && !$_POST['dept_signature']) { $errors['dept_signature'] = 'Assinatura obrigatória'; } if (!$_POST['ispublic'] && $_POST['dept_id'] == $cfg->getDefaultDeptId()) { $errors['ispublic'] = 'Departamento padrão não pode ser privado'; } if (!$errors) { $sql = ' SET updated=NOW() ' . ',ispublic=' . db_input($_POST['ispublic']) . ',email_id=' . db_input($_POST['email_id']) . ',tpl_id=' . db_input($_POST['tpl_id']) . ',autoresp_email_id=' . db_input($_POST['autoresp_email_id']) . ',manager_id=' . db_input($_POST['manager_id'] ? $_POST['manager_id'] : 0) . ',dept_name=' . db_input(Format::striptags($_POST['dept_name'])) . ',dept_signature=' . db_input(Format::striptags($_POST['dept_signature'])) . ',ticket_auto_response=' . db_input($_POST['ticket_auto_response']) . ',message_auto_response=' . db_input($_POST['message_auto_response']) . ',can_append_signature=' . db_input(isset($_POST['can_append_signature']) ? 1 : 0); if ($id) { $sql = 'UPDATE ' . DEPT_TABLE . ' ' . $sql . ' WHERE dept_id=' . db_input($id); if (!db_query($sql) || !db_affected_rows()) { $errors['err'] = 'Não é possível atualizar ' . Format::input($_POST['dept_name']) . ' Ocorreu um erro no departamento'; } } else { $sql = 'INSERT INTO ' . DEPT_TABLE . ' ' . $sql . ',created=NOW()'; if (db_query($sql) && ($deptID = db_insert_id())) { return $deptID; } $errors['err'] = 'Não é possível criar departamento. Erro interno.'; } } return $errors ? false : true; }
<?php if (!defined('SETUPINC')) { die('Adiaux amikoj!'); } $info = $errors && $_POST ? Format::input($_POST) : array(); //use post data. if (!isset($info['title'])) { $info['title'] = 'KataK Support - Ticket System'; } if (!isset($info['dbhost'])) { $info['dbhost'] = 'localhost'; } if (!isset($info['prefix'])) { $info['prefix'] = 'ost_'; } ?> All fields are required. <form action="upgradeOST.php" method="post" name="setup" id="setup"> <table width="100%" cellspacing="0" cellpadding="2" class="setup"> <tr class="title"><td colspan=2>Admin user</td></tr> <tr class="subtitle"><td colspan=2>Autentication data administrator of the old osTicket system.</td></tr> <tr> <td colspan=2> <table border=0 cellspacing=0 cellpadding=2 class="clean"> <tr><td width=150>Username:</td> <td><input type=text name=username size=20 value="<?php echo $info['username']; ?> "> <span class="error"><?php
<?php if (!defined('KTKUSERINC')) { die('Adiaux amikoj!'); } $e = Format::input($_POST['username'] ? $_POST['username'] : $_GET['e']); ?> <div> <?php if ($errors['err']) { ?> <p id="errormessage"><?php echo $errors['err']; ?> </p> <?php } elseif ($warn) { ?> <p class="warnmessage"><?php echo $warn; ?> </p> <?php } ?> </div> <div style="margin:5px 0px 100px 0; width:100%;"> <p> <?php echo _("To insert or view the status of a ticket, provide us with your login data below.<br/>If you don't have username and password, please ask at the customer service."); ?>
<?php if (!defined('OSTCLIENTINC')) { die('Access Denied'); } $email = Format::input($_POST['luser'] ?: $_GET['e']); $passwd = Format::input($_POST['lpasswd'] ?: $_GET['t']); $content = Page::lookup(Page::getIdByType('banner-client')); if ($content) { list($title, $body) = $ost->replaceTemplateVariables(array($content->getName(), $content->getBody())); } else { $title = 'Sign In'; $body = 'To better serve you, we encourage our clients to register for an account and verify the email address we have on record.'; } ?> <h1><?php echo Format::display($title); ?> </h1> <p><?php echo Format::display($body); ?> </p> <form action="login.php" method="post" id="clientLogin"> <?php csrf_token(); ?> <div style="display:table-row"> <div style="width:40%;display:table-cell;box-shadow: 12px 0 15px -15px rgba(0,0,0,0.4);padding:15px;"> <strong><?php
<?php if (!defined('KTKADMININC') || !$thisuser->isadmin() || !is_object($template)) { die(_('Access Denied')); } $tpl = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($template->getInfo()); ?> <div class="msg"><?php echo _('Email Templates'); ?> </div> <form action="admin.php?t=templates" method="post"> <input type="hidden" name="t" value="templates"> <input type="hidden" name="do" value="update"> <input type="hidden" name="id" value="<?php echo $template->getId(); ?> "> <table width="100%" border="0" cellspacing=0 cellpadding=0> <tr><td> <table width="100%" border="0" cellspacing=0 cellpadding=2 class="tform tpl"> <tr class="header"><td colspan=2 ><?php echo _('Template Info'); ?> </td></tr> <tr class="subheader"><td colspan=2><b><?php echo _('Last updated on'); ?> <?php echo Format::db_daydatetime($template->getUpdateDate()); ?>
<?php if (!defined('OSTADMININC') || basename($_SERVER['SCRIPT_NAME']) == basename(__FILE__)) { die('Habari/Jambo rafiki? '); } //Say hi to our friend.. if (!$thisuser || !$thisuser->isadmin()) { die('Acesso Negado'); } $info = $_POST && $errors ? Format::input($_POST) : Format::htmlchars($cfg->getSMTPInfo()); ?> <div class="msg"><?php echo $title; ?> </div> <table width="98%" border="0" cellspacing=0 cellpadding=0> <form action="admin.php?t=smtp" method="post"> <input type="hidden" name="do" value="salvar"> <input type="hidden" name="t" value="smtp"> <tr><td> <table width="100%" border="0" cellspacing=0 cellpadding=2 class="tform"> <tr class="header"><td colspan=2>Configuração do Servidor SMTP (Opcional)</b></td></tr> <tr class="subheader"><td colspan=2> Quando ativado o sistema irá utilizar um servidor SMTP em vez do email PHP () para emails enviados.<br> Deixe o nome de usuário e senha vazia para o servidor SMTP não exigir autenticação.<br/> <b>Por favor, seja paciente, o sistema irá tentar efetuar login no servidor SMTP para validar a informação de login.</b></td></tr> <tr><th>Permitir SMTP</th> <td> <input type="radio" name="isenabled" value="1" <?php echo $info['isenabled'] ? 'checked' : ''; ?>
function importUsers($org_id) { global $thisstaff; if (!$thisstaff) { Http::response(403, 'Login Required'); } elseif (!($org = Organization::lookup($org_id))) { Http::response(404, 'No such organization'); } $info = array('title' => __('Import Users'), 'action' => "#orgs/{$org_id}/import-users", 'upload_url' => "orgs.php?a=import-users"); if ($_POST) { $status = User::importFromPost($_POST['pasted']); if (is_string($status)) { $info['error'] = $status; } else { Http::response(201, "{\"count\": {$status}}"); } } $info += Format::input($_POST); include STAFFINC_DIR . 'templates/user-import.tmpl.php'; }
<?php $info = $_POST && $errors ? Format::input($_POST) : @Format::htmlchars($org->getInfo()); if (!$info['title']) { $info['title'] = Format::htmlchars($org->getName()); } ?> <script type="text/javascript" src="<?php echo ROOT_PATH; ?> js/jquery.multiselect.min.js"></script> <link rel="stylesheet" href="<?php echo ROOT_PATH; ?> css/jquery.multiselect.css"/> <h3><?php echo $info['title']; ?> </h3> <b><a class="close" href="#"><i class="icon-remove-circle"></i></a></b> <hr/> <?php if ($info['error']) { echo sprintf('<p id="msg_error">%s</p>', $info['error']); } elseif ($info['msg']) { echo sprintf('<p id="msg_notice">%s</p>', $info['msg']); } ?> <ul class="tabs"> <li><a href="#tab-profile" class="active" ><i class="icon-edit"></i> Fields</a></li>
<?php if (!defined('OSTADMININC') || !$thisstaff->isAdmin()) { die('Access Denied'); } //Get the config info. $config = $errors && $_POST ? Format::input($_POST) : $cfg->getConfigInfo(); ?> <table width="100%" border="0" cellspacing=0 cellpadding=0> <form action="admin.php?t=attach" method="post"> <input type="hidden" name="t" value="attach"> <tr> <td> <table width="100%" border="0" cellspacing=0 cellpadding=2 class="tform"> <tr class="header"> <td colspan=2> Attachments Settings</td> </tr> <tr class="subheader"> <td colspan=2"> Before enabling attachments make sure you understand the security settings and issues related to file uploads.</td> </tr> <tr> <th width="165">Allow Attachments:</th> <td> <input type="checkbox" name="allow_attachments" <?php echo $config['allow_attachments'] ? 'checked' : ''; ?> ><b>Allow Attachments</b> (<i>Global Setting</i>) <font class="error"> <?php echo $errors['allow_attachments'];
<?php if (!defined('OSTADMININC') || !$thisuser->isadmin()) { die('Access Denied'); } //Get the config info. $config = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($cfg->getConfig()); //Basic checks for warnings... $warn = array(); if ($config['allow_attachments'] && !$config['upload_dir']) { $errors['allow_attachments'] = 'You need to setup upload dir.'; } else { if (!$config['allow_attachments'] && $config['allow_email_attachments']) { $warn['allow_email_attachments'] = '*Attachments Disabled.'; } if (!$config['allow_attachments'] && ($config['allow_online_attachments'] or $config['allow_online_attachments_onlogin'])) { $warn['allow_online_attachments'] = '<br>*Attachments Disabled.'; } } if (!$errors['enable_captcha'] && $config['enable_captcha'] && !extension_loaded('gd')) { $errors['enable_captcha'] = 'GD required for captcha to work'; } //Not showing err on post to avoid alarming the user...after an update. if (!$errors['err'] && !$msg && $warn) { $errors['err'] = 'Possible errors detected, please check the warnings below'; } $gmtime = Misc::gmtime(); $depts = db_query('SELECT dept_id,dept_name FROM ' . DEPT_TABLE . ' WHERE ispublic=1'); $templates = db_query('SELECT tpl_id,name FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId())); ?> <div class="msg">System Preferences and Settings (v<?php
<?php if (!defined('KTKADMININC') || !is_object($ticket) || !is_object($thisuser) || !$thisuser->isStaff()) { die(_('Access Denied')); } if (!($thisuser->canEditTickets() || $thisuser->isManager() && $ticket->getDeptId() == $thisuser->getDeptId())) { die(_('Access Denied. Perm error.')); } if ($_POST && $errors) { $info = Format::input($_POST); } else { $info = array('email' => $ticket->getEmail(), 'name' => $ticket->getName(), 'phone' => $ticket->getPhone(), 'pri' => $ticket->getPriorityId(), 'topicId' => $ticket->getTopicId(), 'topic' => $ticket->getTopic(), 'subject' => $ticket->getSubject(), 'duedate' => $ticket->getDueDate() ? Format::userdate('m/d/Y', Misc::db2gmtime($ticket->getDueDate())) : '', 'time' => $ticket->getDueDate() ? Format::userdate('G:i', Misc::db2gmtime($ticket->getDueDate())) : ''); } ?> <div width="100%"> <?php if ($errors['err']) { ?> <p align="center" id="errormessage"><?php echo $errors['err']; ?> </p> <?php } elseif ($msg) { ?> <p align="center" class="infomessage"><?php echo $msg; ?> </p> <?php } elseif ($warn) {
$title = sprintf(_('Update: %s %s'), $rep['firstname'], $rep['lastname']); $action = 'update'; $pwdinfo = _('To reset the password enter a new one below (min. 6 chars.)'); $newuser = false; $staff->isadmin() && !strcasecmp(ADMIN_EMAIL, $staff->getEmail()) ? $sysadmin = 1 : ($sysadmin = 0); } else { $title = _('New Staff Member'); $pwdinfo = _('Temp password required (min. 6 chars.)'); $action = 'create'; $rep['resetpasswd'] = isset($rep['resetpasswd']) ? $rep['resetpasswd'] : 1; $rep['isactive'] = isset($rep['isactive']) ? $rep['isactive'] : 1; $rep['dept_id'] = $rep['dept_id'] ? $rep['dept_id'] : $_GET['dept']; $rep['isvisible'] = isset($rep['isvisible']) ? $rep['isvisible'] : 1; $sysadmin = 0; } $rep = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($rep); //get the goodies. $roles = db_query('SELECT role_id,role_name FROM ' . GROUP_TABLE); $depts = db_query('SELECT dept_id,dept_name FROM ' . DEPT_TABLE); ?> <div class="msg"><?php echo $title; ?> </div> <form action="admin.php" method="post"> <input type="hidden" name="do" value="<?php echo $action; ?> "> <input type="hidden" name="a" value="<?php echo Format::htmlchars($_REQUEST['a']);
function importUsers() { global $thisstaff; if (!$thisstaff) { Http::response(403, 'Login Required'); } $info = array('title' => 'Import Customers', 'action' => '#users/import', 'upload_url' => "users.php?do=import-users"); if ($_POST) { $status = User::importFromPost($_POST['pasted']); if (is_string($status)) { $info['error'] = $status; } else { Http::response(201, "{\"count\": {$status}}"); } } $info += Format::input($_POST); include STAFFINC_DIR . 'templates/user-import.tmpl.php'; }
<?php if (!defined('OSTSCPINC') or !$thisuser->canManageKb()) { die('Acceso Denegado'); } $info = $errors && $_POST ? Format::input($_POST) : Format::htmlchars($answer); if ($answer && $_REQUEST['a'] != 'add') { $title = 'Editar Respuesta Predefenida'; $action = 'update'; } else { $title = 'Nueva Respuesta predefinida'; $action = 'add'; $info['isenabled'] = 1; } ?> <div> <?php if ($errors['err']) { ?> <p align="center" id="errormessage"><?php echo $errors['err']; ?> </p> <?php } elseif ($msg) { ?> <p align="center" id="infomessage"><?php echo $msg; ?> </p>
function save($id, $vars, &$errors) { global $cfg; if ($id && $id != $_POST['dept_id']) { $errors['err'] = 'ID de departamento faltante o invalida'; } if (!$_POST['email_id'] || !is_numeric($_POST['email_id'])) { $errors['email_id'] = 'Email de departamento Requerido'; } if (!is_numeric($_POST['tpl_id'])) { $errors['tpl_id'] = 'Plantilla Requerida'; } if (!$_POST['dept_name']) { $errors['dept_name'] = 'Nombre de departamento Requerido'; } elseif (strlen($_POST['dept_name']) < 4) { $errors['dept_name'] = 'El nombre del departamento debe tener a menos 4 caracteres'; } else { $sql = 'SELECT dept_id FROM ' . DEPT_TABLE . ' WHERE dept_name=' . db_input($_POST['dept_name']); if ($id) { $sql .= ' AND dept_id!=' . db_input($id); } if (db_num_rows(db_query($sql))) { $errors['dept_name'] = 'Este departamento ya existe'; } } if ($_POST['ispublic'] && !$_POST['dept_signature']) { $errors['dept_signature'] = 'Firma Requerida'; } if (!$_POST['ispublic'] && $_POST['dept_id'] == $cfg->getDefaultDeptId()) { $errors['ispublic'] = 'El departamento por defecto no puede ser privado'; } if (!$errors) { $sql = ' SET updated=NOW() ' . ',ispublic=' . db_input($_POST['ispublic']) . ',email_id=' . db_input($_POST['email_id']) . ',tpl_id=' . db_input($_POST['tpl_id']) . ',autoresp_email_id=' . db_input($_POST['autoresp_email_id']) . ',manager_id=' . db_input($_POST['manager_id'] ? $_POST['manager_id'] : 0) . ',dept_name=' . db_input(Format::striptags($_POST['dept_name'])) . ',dept_signature=' . db_input(Format::striptags($_POST['dept_signature'])) . ',ticket_auto_response=' . db_input($_POST['ticket_auto_response']) . ',message_auto_response=' . db_input($_POST['message_auto_response']) . ',can_append_signature=' . db_input(isset($_POST['can_append_signature']) ? 1 : 0); if ($id) { $sql = 'UPDATE ' . DEPT_TABLE . ' ' . $sql . ' WHERE dept_id=' . db_input($id); if (!db_query($sql) || !db_affected_rows()) { $errors['err'] = 'No se puede actualizar ' . Format::input($_POST['dept_name']) . ' Se produjo un error en el departamento'; } } else { $sql = 'INSERT INTO ' . DEPT_TABLE . ' ' . $sql . ',created=NOW()'; if (db_query($sql) && ($deptID = db_insert_id())) { return $deptID; } $errors['err'] = 'No se puede crear el departamento. Error interno'; } } return $errors ? false : true; }