function createNote($ext_id)
{
global $thisstaff;
if (!$thisstaff) {
Http::response(403, "Login required");
} elseif (!isset($_POST['note']) || !$_POST['note']) {
Http::response(422, "Send `note` parameter");
} elseif (!($note = QuickNote::create(array('staff_id' => $thisstaff->getId(), 'body' => Format::sanitize($_POST['note']), 'created' => new SqlFunction('NOW'), 'ext_id' => $ext_id)))) {
Http::response(500, "Unable to create new note");
} elseif (!$note->save(true)) {
Http::response(500, "Unable to create new note");
}
$show_options = true;
include STAFFINC_DIR . 'templates/note.tmpl.php';
}
function htmlchars($var, $sanitize = false)
{
static $phpversion = null;
if (is_array($var)) {
return array_map(array('Format', 'htmlchars'), $var);
}
if ($sanitize) {
$var = Format::sanitize($var);
}
if (!isset($phpversion)) {
$phpversion = phpversion();
}
$flags = ENT_COMPAT;
if ($phpversion >= '5.4.0') {
$flags |= ENT_HTML401;
}
try {
return htmlspecialchars((string) $var, $flags, 'UTF-8', false);
} catch (Exception $e) {
return $var;
}
}
static function fromVars($vars, $update = false)
{
// Try and lookup by email address
$user = static::lookupByEmail($vars['email']);
if (!$user) {
$name = $vars['name'];
if (!$name) {
list($name) = explode('@', $vars['email'], 2);
}
$user = User::create(array('name' => Format::htmldecode(Format::sanitize($name, false)), 'created' => new SqlFunction('NOW'), 'updated' => new SqlFunction('NOW'), 'default_email' => UserEmail::ensure($vars['email'])));
// Is there an organization registered for this domain
list($mailbox, $domain) = explode('@', $vars['email'], 2);
if (isset($vars['org_id'])) {
$user->set('org_id', $vars['org_id']);
} elseif ($org = Organization::forDomain($domain)) {
$user->setOrganization($org, false);
}
try {
$user->save(true);
$user->emails->add($user->default_email);
// Attach initial custom fields
$user->addDynamicData($vars);
} catch (OrmException $e) {
return null;
}
} elseif ($update) {
$errors = array();
$user->updateInfo($vars, $errors, true);
}
/* INICIO
Anthony Parisi
*/
if (isset($_SESSION["crmEmail"])) {
$mysqli = new mysqli("localhost", "root", "ip15x0", "vtigercrm600");
$sqlUser = $mysqli->query("SELECT MAX(id) FROM `vtigercrm600`.vtiger_modtracker_detail;");
$resUser = $sqlUser->fetch_array();
$mysqli->query("UPDATE `vtigercrm600`.`vtiger_contactdetails` SET `mobile` = '" . $_SESSION["crmPhone"] . "' WHERE UPPER(`vtiger_contactdetails`.`email`) = UPPER('" . $_SESSION["crmEmail"] . "');");
$mysqli->query("INSERT INTO `vtigercrm600`.vtiger_modtracker_detail(id,fieldname,prevalue,postvalue) VALUES('" . $resUser[0] . "','email',NULL,'" . $_SESSION["crmPhone"] . "');");
unset($_SESSION["crmEmail"]);
unset($_SESSION["crmPhone"]);
}
/* FIN */
return $user;
}
function save($refetch = false)
{
if (count($this->dirty)) {
$this->set('updated', new SqlFunction('NOW'));
}
if (isset($this->dirty['notes'])) {
$this->notes = Format::sanitize($this->notes);
}
return parent::save($refetch);
}
function save($id, $vars, &$errors, $allowempty = false)
{
//Cleanup.
$vars['name'] = Format::striptags(trim($vars['name']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal error. Try again');
}
if (!$vars['type']) {
$errors['type'] = __('Type is required');
}
if (!$vars['name']) {
$errors['name'] = __('Name is required');
} elseif (($pid = self::getIdByName($vars['name'])) && $pid != $id) {
$errors['name'] = __('Name already exists');
}
if (!$vars['body'] && !$allowempty) {
$errors['body'] = __('Page body is required');
}
if ($errors) {
return false;
}
//save
$sql = ' updated=NOW() ' . ', `type`=' . db_input($vars['type']) . ', name=' . db_input($vars['name']) . ', body=' . db_input(Format::sanitize($vars['body'])) . ', isactive=' . db_input($vars['isactive'] ? 1 : 0) . ', notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . PAGE_TABLE . ' SET ' . $sql . ' WHERE id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this site page'));
} else {
$sql = 'INSERT INTO ' . PAGE_TABLE . ' SET ' . $sql . ', created=NOW()';
if (!db_query($sql) || !($id = db_insert_id())) {
$errors['err'] = sprintf(__('Unable to create %s.'), __('this site page')) . ' ' . __('Internal error occurred');
return false;
}
$sql = 'UPDATE ' . PAGE_TABLE . ' SET `content_id`=`id`' . ' WHERE id=' . db_input($id);
if (!db_query($sql)) {
return false;
}
return $id;
}
return false;
}
function save($id, $vars, &$errors)
{
if (!$vars['subject']) {
$errors['subject'] = 'Message subject is required';
}
if (!$vars['body']) {
$errors['body'] = 'Message body is required';
}
if (!$id) {
if (!$vars['tpl_id']) {
$errors['tpl_id'] = 'Template set is required';
}
if (!$vars['code_name']) {
$errors['code_name'] = 'Code name is required';
}
}
if ($errors) {
return false;
}
$vars['body'] = Format::sanitize($vars['body'], false);
if ($id) {
$sql = 'UPDATE ' . EMAIL_TEMPLATE_TABLE . ' SET updated=NOW() ' . ', subject=' . db_input($vars['subject']) . ', body=' . db_input($vars['body']) . ' WHERE id=' . db_input($this->getId());
return db_query($sql);
} else {
$sql = 'INSERT INTO ' . EMAIL_TEMPLATE_TABLE . ' SET created=NOW(),
updated=NOW(), tpl_id=' . db_input($vars['tpl_id']) . ', code_name=' . db_input($vars['code_name']) . ', subject=' . db_input($vars['subject']) . ', body=' . db_input($vars['body']);
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
}
return null;
}
function save($id, $vars, &$errors)
{
$vars['username'] = Format::striptags($vars['username']);
$vars['firstname'] = Format::striptags($vars['firstname']);
$vars['lastname'] = Format::striptags($vars['lastname']);
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal Error');
}
if (!$vars['firstname']) {
$errors['firstname'] = __('First name required');
}
if (!$vars['lastname']) {
$errors['lastname'] = __('Last name required');
}
$error = '';
if (!$vars['username'] || !Validator::is_username($vars['username'], $error)) {
$errors['username'] = $error ? $error : __('Username is required');
} elseif (($uid = Staff::getIdByUsername($vars['username'])) && $uid != $id) {
$errors['username'] = __('Username already in use');
}
if (!$vars['email'] || !Validator::is_valid_email($vars['email'])) {
$errors['email'] = __('Valid email is required');
} elseif (Email::getIdByEmail($vars['email'])) {
$errors['email'] = __('Already in use system email');
} elseif (($uid = Staff::getIdByEmail($vars['email'])) && $uid != $id) {
$errors['email'] = __('Email already in use by another agent');
}
if ($vars['phone'] && !Validator::is_phone($vars['phone'])) {
$errors['phone'] = __('Valid phone number is required');
}
if ($vars['mobile'] && !Validator::is_phone($vars['mobile'])) {
$errors['mobile'] = __('Valid phone number is required');
}
if ($vars['passwd1'] || $vars['passwd2'] || !$id) {
if ($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2'])) {
$errors['passwd2'] = __('Passwords do not match');
} elseif ($vars['backend'] != 'local' || $vars['welcome_email']) {
// Password can be omitted
} elseif (!$vars['passwd1'] && !$id) {
$errors['passwd1'] = __('Temporary password is required');
$errors['temppasswd'] = __('Required');
} elseif ($vars['passwd1'] && strlen($vars['passwd1']) < 6) {
$errors['passwd1'] = __('Password must be at least 6 characters');
}
}
if (!$vars['dept_id']) {
$errors['dept_id'] = __('Department is required');
}
if (!$vars['group_id']) {
$errors['group_id'] = __('Group is required');
}
if (!$vars['timezone_id']) {
$errors['timezone_id'] = __('Time zone selection is required');
}
// Ensure we will still have an administrator with access
if ($vars['isadmin'] !== '1' || $vars['isactive'] !== '1') {
$sql = 'select count(*), max(staff_id) from ' . STAFF_TABLE . ' WHERE isadmin=1 and isactive=1';
if (($res = db_query($sql)) && (list($count, $sid) = db_fetch_row($res))) {
if ($count == 1 && $sid == $id) {
$errors['isadmin'] = __('Cowardly refusing to remove or lock out the only active administrator');
}
}
}
if ($errors) {
return false;
}
$sql = 'SET updated=NOW() ' . ' ,isadmin=' . db_input($vars['isadmin']) . ' ,isactive=' . db_input($vars['isactive']) . ' ,isvisible=' . db_input(isset($vars['isvisible']) ? 1 : 0) . ' ,onvacation=' . db_input(isset($vars['onvacation']) ? 1 : 0) . ' ,assigned_only=' . db_input(isset($vars['assigned_only']) ? 1 : 0) . ' ,dept_id=' . db_input($vars['dept_id']) . ' ,group_id=' . db_input($vars['group_id']) . ' ,timezone_id=' . db_input($vars['timezone_id']) . ' ,daylight_saving=' . db_input(isset($vars['daylight_saving']) ? 1 : 0) . ' ,username='******'username']) . ' ,firstname=' . db_input($vars['firstname']) . ' ,lastname=' . db_input($vars['lastname']) . ' ,email=' . db_input($vars['email']) . ' ,backend=' . db_input($vars['backend']) . ' ,phone="' . db_input(Format::phone($vars['phone']), false) . '"' . ' ,phone_ext=' . db_input($vars['phone_ext']) . ' ,mobile="' . db_input(Format::phone($vars['mobile']), false) . '"' . ' ,signature=' . db_input(Format::sanitize($vars['signature'])) . ' ,notes=' . db_input(Format::sanitize($vars['notes']));
if ($vars['passwd1']) {
$sql .= ' ,passwd=' . db_input(Passwd::hash($vars['passwd1']));
if (isset($vars['change_passwd'])) {
$sql .= ' ,change_passwd=1';
}
} elseif (!isset($vars['change_passwd'])) {
$sql .= ' ,change_passwd=0';
}
if ($id) {
$sql = 'UPDATE ' . STAFF_TABLE . ' ' . $sql . ' WHERE staff_id=' . db_input($id);
if (db_query($sql) && db_affected_rows()) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this agent')) . ' ' . __('Internal error occurred');
} else {
$sql = 'INSERT INTO ' . STAFF_TABLE . ' ' . $sql . ', created=NOW()';
if (db_query($sql) && ($uid = db_insert_id())) {
return $uid;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this agent')) . ' ' . __('Internal error occurred');
}
return false;
}
function save($id, $vars, &$errors)
{
// Required fields
if (!$vars['namespace'] || !isset($vars['body']) || !isset($vars['staff_id'])) {
return false;
}
$sql = ' SET `namespace`=' . db_input($vars['namespace']) . ' ,body=' . db_input(Format::sanitize($vars['body'], false)) . ' ,staff_id=' . db_input($vars['staff_id']);
if (!$id) {
$sql = 'INSERT INTO ' . DRAFT_TABLE . $sql . ' ,created=NOW()';
if (!db_query($sql) || !($draft = self::lookup(db_insert_id()))) {
return false;
}
// Cloned attachments...
if ($vars['attachments'] && is_array($vars['attachments'])) {
$draft->attachments->upload($vars['attachments'], true);
}
return $draft;
} else {
$sql = 'UPDATE ' . DRAFT_TABLE . $sql . ' WHERE id=' . db_input($id);
if (db_query($sql) && db_affected_rows() == 1) {
return $this;
}
}
}
function log($priority, $title, $message, $alert = false, $force = false)
{
//We are providing only 3 levels of logs. Windows style.
switch ($priority) {
case LOG_EMERG:
case LOG_ALERT:
case LOG_CRIT:
case LOG_ERR:
$level = 1;
//Error
break;
case LOG_WARN:
case LOG_WARNING:
$level = 2;
//Warning
break;
case LOG_NOTICE:
case LOG_INFO:
case LOG_DEBUG:
default:
$level = 3;
//Debug
}
$loglevel = array(1 => 'Error', 'Warning', 'Debug');
$info = array('title' => &$title, 'level' => $loglevel[$level], 'level_id' => $level, 'body' => &$message);
Signal::send('syslog', null, $info);
//Logging everything during upgrade.
if ($this->getConfig()->getLogLevel() < $level && !$force) {
return false;
}
//Alert admin if enabled...
if ($alert && $this->getConfig()->getLogLevel() >= $level) {
$this->alertAdmin($title, $message);
}
//Save log based on system log level settings.
$sql = 'INSERT INTO ' . SYSLOG_TABLE . ' SET created=NOW(), updated=NOW() ' . ',title=' . db_input(Format::sanitize($title, true)) . ',log_type=' . db_input($loglevel[$level]) . ',log=' . db_input(Format::sanitize($message, false)) . ',ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
db_query($sql, false);
return true;
}
function save($id, $vars, &$errors)
{
global $cfg;
$vars['title'] = Format::striptags(trim($vars['title']));
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal error. Try again');
}
if (!$vars['title']) {
$errors['title'] = __('Title required');
} elseif (strlen($vars['title']) < 3) {
$errors['title'] = __('Title is too short. 3 chars minimum');
} elseif (($cid = self::getIdByTitle($vars['title'])) && $cid != $id) {
$errors['title'] = __('Title already exists');
}
if (!$vars['response']) {
$errors['response'] = __('Response text is required');
}
if ($errors) {
return false;
}
$sql = ' updated=NOW() ' . ',dept_id=' . db_input($vars['dept_id'] ?: 0) . ',isenabled=' . db_input($vars['isenabled']) . ',title=' . db_input($vars['title']) . ',response=' . db_input(Format::sanitize($vars['response'])) . ',notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . CANNED_TABLE . ' SET ' . $sql . ' WHERE canned_id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this canned response'));
} else {
$sql = 'INSERT INTO ' . CANNED_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this canned response')) . ' ' . __('Internal error occurred');
}
return false;
}
function getClean()
{
return trim($this->body, " <>br/\t\n\r") ? Format::sanitize($this->body) : '';
}
static function fromVars($vars)
{
// Try and lookup by email address
$user = static::lookupByEmail($vars['email']);
if (!$user) {
$name = $vars['name'];
if (!$name) {
list($name) = explode('@', $vars['email'], 2);
}
$user = User::create(array('name' => Format::htmldecode(Format::sanitize($name, false)), 'created' => new SqlFunction('NOW'), 'updated' => new SqlFunction('NOW'), 'default_email' => UserEmail::ensure($vars['email'])));
// Is there an organization registered for this domain
list($mailbox, $domain) = explode('@', $vars['email'], 2);
if (isset($vars['org_id'])) {
$user->set('org_id', $vars['org_id']);
} elseif ($org = Organization::forDomain($domain)) {
$user->setOrganization($org, false);
}
try {
$user->save(true);
$user->emails->add($user->default_email);
// Attach initial custom fields
$user->addDynamicData($vars);
} catch (OrmException $e) {
return null;
}
}
return $user;
}
function create($vars)
{
global $cfg;
//Must have...
if (!$vars['ticketId'] || !$vars['type'] || !in_array($vars['type'], array('M', 'R', 'N'))) {
return false;
}
$sql = ' INSERT INTO ' . TICKET_THREAD_TABLE . ' SET created=NOW() ' . ' ,thread_type=' . db_input($vars['type']) . ' ,ticket_id=' . db_input($vars['ticketId']) . ' ,title=' . db_input(Format::sanitize($vars['title'], true)) . ' ,body=' . db_input(Format::sanitize($vars['body'], true)) . ' ,staff_id=' . db_input($vars['staffId']) . ' ,poster=' . db_input($vars['poster']) . ' ,source=' . db_input($vars['source']);
if (isset($vars['pid'])) {
$sql .= ' ,pid=' . db_input($vars['pid']);
} elseif (isset($vars['reply_to']) && $vars['reply_to'] instanceof ThreadEntry) {
$sql .= ' ,pid=' . db_input($vars['reply_to']->getId());
}
if ($vars['ip_address']) {
$sql .= ' ,ip_address=' . db_input($vars['ip_address']);
}
//echo $sql;
if (!db_query($sql) || !($entry = self::lookup(db_insert_id(), $vars['ticketId']))) {
return false;
}
/************* ATTACHMENTS *****************/
//Upload/save attachments IF ANY
if ($vars['files']) {
//expects well formatted and VALIDATED files array.
$entry->uploadFiles($vars['files']);
}
//Emailed or API attachments
if ($vars['attachments']) {
$entry->importAttachments($vars['attachments']);
}
//Canned attachments...
if ($vars['cannedattachments'] && is_array($vars['cannedattachments'])) {
$entry->saveAttachments($vars['cannedattachments']);
}
// Email message id (required for all thread posts)
if (!isset($vars['mid'])) {
$vars['mid'] = sprintf('<%s@%s>', Misc::randCode(24), substr(md5($cfg->getUrl()), -10));
}
$entry->saveEmailInfo($vars);
return $entry;
}
function save($id, $vars, &$errors)
{
if (!$vars['grace_period']) {
$errors['grace_period'] = __('Grace period required');
} elseif (!is_numeric($vars['grace_period'])) {
$errors['grace_period'] = __('Numeric value required (in hours)');
}
if (!$vars['name']) {
$errors['name'] = __('Name is required');
} elseif (($sid = SLA::getIdByName($vars['name'])) && $sid != $id) {
$errors['name'] = __('Name already exists');
}
if ($errors) {
return false;
}
$sql = ' updated=NOW() ' . ',isactive=' . db_input($vars['isactive']) . ',name=' . db_input($vars['name']) . ',grace_period=' . db_input($vars['grace_period']) . ',disable_overdue_alerts=' . db_input(isset($vars['disable_overdue_alerts']) ? 1 : 0) . ',enable_priority_escalation=' . db_input(isset($vars['enable_priority_escalation']) ? 1 : 0) . ',notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . SLA_TABLE . ' SET ' . $sql . ' WHERE id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this SLA plan')) . ' ' . __('Internal error occurred');
} else {
if (isset($vars['id'])) {
$sql .= ', id=' . db_input($vars['id']);
}
$sql = 'INSERT INTO ' . SLA_TABLE . ' SET ' . $sql . ',created=NOW() ';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to add %s.'), __('this SLA plan')) . ' ' . __('Internal error occurred');
}
return false;
}
$email=null;
if(!$_POST['email_id'] || !($email=Email::lookup($_POST['email_id'])))
$errors['email_id']=__('Select from email address');
if(!$_POST['email'] || !Validator::is_valid_email($_POST['email']))
$errors['email']=__('Valid recipient email address required');
if(!$_POST['subj'])
$errors['subj']=__('Subject required');
if(!$_POST['message'])
$errors['message']=__('Message required');
if(!$errors && $email){
if($email->send($_POST['email'],$_POST['subj'],
Format::sanitize($_POST['message']),
null, array('reply-tag'=>false))) {
$msg=Format::htmlchars(sprintf(__('Test email sent successfully to <%s>'),
$_POST['email']));
Draft::deleteForNamespace('email.diag');
}
else
$errors['err']=__('Error sending email - try again.');
}elseif($errors['err']){
$errors['err']=__('Error sending email - try again.');
}
}
$nav->setTabActive('emails');
$ost->addExtraHeader('<meta name="tip-namespace" content="emails.diagnostic" />',
"$('#content').data('tipNamespace', '".$tip_namespace."');");
require(STAFFINC_DIR.'header.inc.php');
function save($id, $vars, &$errors)
{
if ($id && $vars['id'] != $id) {
$errors['err'] = __('Missing or invalid team');
}
if (!$vars['name']) {
$errors['name'] = __('Team name is required');
} elseif (strlen($vars['name']) < 3) {
$errors['name'] = __('Team name must be at least 3 chars.');
} elseif (($tid = Team::getIdByName($vars['name'])) && $tid != $id) {
$errors['name'] = __('Team name already exists');
}
if ($errors) {
return false;
}
$sql = 'SET updated=NOW(),isenabled=' . db_input($vars['isenabled']) . ',name=' . db_input($vars['name']) . ',noalerts=' . db_input(isset($vars['noalerts']) ? $vars['noalerts'] : 0) . ',notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . TEAM_TABLE . ' ' . $sql . ',lead_id=' . db_input($vars['lead_id']) . ' WHERE team_id=' . db_input($id);
if (db_query($sql) && db_affected_rows()) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this team')) . ' ' . __('Internal error occurred');
} else {
$sql = 'INSERT INTO ' . TEAM_TABLE . ' ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this team')) . ' ' . __('Internal error occurred');
}
return false;
}
function save($id, $vars, &$errors)
{
$vars['username'] = Format::striptags($vars['username']);
$vars['firstname'] = Format::striptags($vars['firstname']);
$vars['lastname'] = Format::striptags($vars['lastname']);
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal Error';
}
if (!$vars['firstname']) {
$errors['firstname'] = 'First name required';
}
if (!$vars['lastname']) {
$errors['lastname'] = 'Last name required';
}
$error = '';
if (!$vars['username'] || !Validator::is_username($vars['username'], $error)) {
$errors['username'] = $error ? $error : 'Username required';
} elseif (($uid = Staff::getIdByUsername($vars['username'])) && $uid != $id) {
$errors['username'] = '******';
}
if (!$vars['email'] || !Validator::is_email($vars['email'])) {
$errors['email'] = 'Valid email required';
} elseif (Email::getIdByEmail($vars['email'])) {
$errors['email'] = 'Already in-use system email';
} elseif (($uid = Staff::getIdByEmail($vars['email'])) && $uid != $id) {
$errors['email'] = 'Email already in use by another staff member';
}
if ($vars['phone'] && !Validator::is_phone($vars['phone'])) {
$errors['phone'] = 'Valid number required';
}
if ($vars['mobile'] && !Validator::is_phone($vars['mobile'])) {
$errors['mobile'] = 'Valid number required';
}
if ($vars['passwd1'] || $vars['passwd2'] || !$id) {
if ($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2'])) {
$errors['passwd2'] = 'Password(s) do not match';
} elseif ($vars['backend'] != 'local' || $vars['welcome_email']) {
// Password can be omitted
} elseif (!$vars['passwd1'] && !$id) {
$errors['passwd1'] = 'Temp. password required';
$errors['temppasswd'] = 'Required';
} elseif ($vars['passwd1'] && strlen($vars['passwd1']) < 6) {
$errors['passwd1'] = 'Must be at least 6 characters';
}
}
if (!$vars['dept_id']) {
$errors['dept_id'] = 'Department required';
}
if (!$vars['group_id']) {
$errors['group_id'] = 'Group required';
}
if (!$vars['timezone_id']) {
$errors['timezone_id'] = 'Time zone required';
}
if ($errors) {
return false;
}
$sql = 'SET updated=NOW() ' . ' ,isadmin=' . db_input($vars['isadmin']) . ' ,isactive=' . db_input($vars['isactive']) . ' ,isvisible=' . db_input(isset($vars['isvisible']) ? 1 : 0) . ' ,onvacation=' . db_input(isset($vars['onvacation']) ? 1 : 0) . ' ,assigned_only=' . db_input(isset($vars['assigned_only']) ? 1 : 0) . ' ,dept_id=' . db_input($vars['dept_id']) . ' ,group_id=' . db_input($vars['group_id']) . ' ,timezone_id=' . db_input($vars['timezone_id']) . ' ,daylight_saving=' . db_input(isset($vars['daylight_saving']) ? 1 : 0) . ' ,username='******'username']) . ' ,firstname=' . db_input($vars['firstname']) . ' ,lastname=' . db_input($vars['lastname']) . ' ,email=' . db_input($vars['email']) . ' ,backend=' . db_input($vars['backend']) . ' ,phone="' . db_input(Format::phone($vars['phone']), false) . '"' . ' ,phone_ext=' . db_input($vars['phone_ext']) . ' ,mobile="' . db_input(Format::phone($vars['mobile']), false) . '"' . ' ,signature=' . db_input(Format::sanitize($vars['signature'])) . ' ,notes=' . db_input(Format::sanitize($vars['notes']));
if ($vars['passwd1']) {
$sql .= ' ,passwd=' . db_input(Passwd::hash($vars['passwd1']));
if (isset($vars['change_passwd'])) {
$sql .= ' ,change_passwd=1';
}
} elseif (!isset($vars['change_passwd'])) {
$sql .= ' ,change_passwd=0';
}
if ($id) {
$sql = 'UPDATE ' . STAFF_TABLE . ' ' . $sql . ' WHERE staff_id=' . db_input($id);
if (db_query($sql) && db_affected_rows()) {
return true;
}
$errors['err'] = 'Unable to update the user. Internal error occurred';
} else {
$sql = 'INSERT INTO ' . STAFF_TABLE . ' ' . $sql . ', created=NOW()';
if (db_query($sql) && ($uid = db_insert_id())) {
return $uid;
}
$errors['err'] = 'Unable to create user. Internal error';
}
return false;
}
function save($id, $vars, &$errors)
{
global $cfg;
//very basic checks
$vars['name'] = Format::striptags(trim($vars['name']));
$vars['email'] = trim($vars['email']);
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal error. Get technical help.');
}
if (!$vars['email'] || !Validator::is_email($vars['email'])) {
$errors['email'] = __('Valid email required');
} elseif (($eid = Email::getIdByEmail($vars['email'])) && $eid != $id) {
$errors['email'] = __('Email already exists');
} elseif ($cfg && !strcasecmp($cfg->getAdminEmail(), $vars['email'])) {
$errors['email'] = __('Email already used as admin email!');
} elseif (Staff::getIdByEmail($vars['email'])) {
//make sure the email doesn't belong to any of the staff
$errors['email'] = __('Email in use by an agent');
}
if (!$vars['name']) {
$errors['name'] = __('Email name required');
}
if ($vars['mail_active'] || $vars['smtp_active'] && $vars['smtp_auth']) {
if (!$vars['userid']) {
$errors['userid'] = __('Username missing');
}
if (!$id && !$vars['passwd']) {
$errors['passwd'] = __('Password required');
} elseif ($vars['passwd'] && $vars['userid'] && !Crypto::encrypt($vars['passwd'], SECRET_SALT, $vars['userid'])) {
$errors['passwd'] = __('Unable to encrypt password - get technical support');
}
}
list($vars['mail_protocol'], $encryption) = explode('/', $vars['mail_proto']);
$vars['mail_encryption'] = $encryption ?: 'NONE';
if ($vars['mail_active']) {
//Check pop/imapinfo only when enabled.
if (!function_exists('imap_open')) {
$errors['mail_active'] = __("IMAP doesn't exist. PHP must be compiled with IMAP enabled.");
}
if (!$vars['mail_host']) {
$errors['mail_host'] = __('Host name required');
}
if (!$vars['mail_port']) {
$errors['mail_port'] = __('Port required');
}
if (!$vars['mail_protocol']) {
$errors['mail_protocol'] = __('Select protocol');
}
if (!$vars['mail_fetchfreq'] || !is_numeric($vars['mail_fetchfreq'])) {
$errors['mail_fetchfreq'] = __('Fetch interval required');
}
if (!$vars['mail_fetchmax'] || !is_numeric($vars['mail_fetchmax'])) {
$errors['mail_fetchmax'] = __('Maximum emails required');
}
if (!isset($vars['postfetch'])) {
$errors['postfetch'] = __('Indicate what to do with fetched emails');
} elseif (!strcasecmp($vars['postfetch'], 'archive') && !$vars['mail_archivefolder']) {
$errors['postfetch'] = __('Valid folder required');
}
}
if ($vars['smtp_active']) {
if (!$vars['smtp_host']) {
$errors['smtp_host'] = __('Host name required');
}
if (!$vars['smtp_port']) {
$errors['smtp_port'] = __('Port required');
}
}
//abort on errors
if ($errors) {
return false;
}
if (!$errors && ($vars['mail_host'] && $vars['userid'])) {
$sql = 'SELECT email_id FROM ' . EMAIL_TABLE . ' WHERE mail_host=' . db_input($vars['mail_host']) . ' AND userid=' . db_input($vars['userid']);
if ($id) {
$sql .= ' AND email_id!=' . db_input($id);
}
if (db_num_rows(db_query($sql))) {
$errors['userid'] = $errors['host'] = __('Host/userid combination already in use.');
}
}
$passwd = $vars['passwd'] ? $vars['passwd'] : $vars['cpasswd'];
if (!$errors && $vars['mail_active']) {
//note: password is unencrypted at this point...MailFetcher expect plain text.
$fetcher = new MailFetcher(array('host' => $vars['mail_host'], 'port' => $vars['mail_port'], 'username' => $vars['userid'], 'password' => $passwd, 'protocol' => $vars['mail_protocol'], 'encryption' => $vars['mail_encryption']));
if (!$fetcher->connect()) {
//$errors['err']='Invalid login. Check '.Format::htmlchars($vars['mail_protocol']).' settings';
$errors['err'] = sprintf(__('Invalid login. Check %s settings'), Format::htmlchars($vars['mail_protocol']));
$errors['mail'] = '<br>' . $fetcher->getLastError();
} elseif ($vars['mail_archivefolder'] && !$fetcher->checkMailbox($vars['mail_archivefolder'], true)) {
//$errors['postfetch']='Invalid or unknown mail folder! >> '.$fetcher->getLastError().'';
$errors['postfetch'] = sprintf(__('Invalid or unknown mail folder! >> %s'), $fetcher->getLastError());
if (!$errors['mail']) {
$errors['mail'] = __('Invalid or unknown archive folder!');
}
}
}
if (!$errors && $vars['smtp_active']) {
//Check SMTP login only.
require_once 'Mail.php';
// PEAR Mail package
$smtp = mail::factory('smtp', array('host' => $vars['smtp_host'], 'port' => $vars['smtp_port'], 'auth' => (bool) $vars['smtp_auth'], 'username' => $vars['userid'], 'password' => $passwd, 'timeout' => 20, 'debug' => false));
$mail = $smtp->connect();
if (PEAR::isError($mail)) {
$errors['err'] = __('Unable to log in. Check SMTP settings.');
$errors['smtp'] = '<br>' . $mail->getMessage();
} else {
$smtp->disconnect();
//Thank you, sir!
}
}
if ($errors) {
return false;
}
$sql = 'updated=NOW(),mail_errors=0, mail_lastfetch=NULL' . ',email=' . db_input($vars['email']) . ',name=' . db_input(Format::striptags($vars['name'])) . ',dept_id=' . db_input($vars['dept_id']) . ',priority_id=' . db_input($vars['priority_id']) . ',topic_id=' . db_input($vars['topic_id']) . ',noautoresp=' . db_input(isset($vars['noautoresp']) ? 1 : 0) . ',userid=' . db_input($vars['userid']) . ',mail_active=' . db_input($vars['mail_active']) . ',mail_host=' . db_input($vars['mail_host']) . ',mail_protocol=' . db_input($vars['mail_protocol'] ? $vars['mail_protocol'] : 'POP') . ',mail_encryption=' . db_input($vars['mail_encryption']) . ',mail_port=' . db_input($vars['mail_port'] ? $vars['mail_port'] : 0) . ',mail_fetchfreq=' . db_input($vars['mail_fetchfreq'] ? $vars['mail_fetchfreq'] : 0) . ',mail_fetchmax=' . db_input($vars['mail_fetchmax'] ? $vars['mail_fetchmax'] : 0) . ',smtp_active=' . db_input($vars['smtp_active']) . ',smtp_host=' . db_input($vars['smtp_host']) . ',smtp_port=' . db_input($vars['smtp_port'] ? $vars['smtp_port'] : 0) . ',smtp_auth=' . db_input($vars['smtp_auth']) . ',smtp_spoofing=' . db_input(isset($vars['smtp_spoofing']) ? 1 : 0) . ',notes=' . db_input(Format::sanitize($vars['notes']));
//Post fetch email handling...
if ($vars['postfetch'] && !strcasecmp($vars['postfetch'], 'delete')) {
$sql .= ',mail_delete=1,mail_archivefolder=NULL';
} elseif ($vars['postfetch'] && !strcasecmp($vars['postfetch'], 'archive') && $vars['mail_archivefolder']) {
$sql .= ',mail_delete=0,mail_archivefolder=' . db_input($vars['mail_archivefolder']);
} else {
$sql .= ',mail_delete=0,mail_archivefolder=NULL';
}
if ($vars['passwd']) {
//New password - encrypt.
$sql .= ',userpass='******'passwd'], SECRET_SALT, $vars['userid']));
}
if ($id) {
//update
$sql = 'UPDATE ' . EMAIL_TABLE . ' SET ' . $sql . ' WHERE email_id=' . db_input($id);
if (db_query($sql) && db_affected_rows()) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this email')) . ' ' . __('Internal error occurred');
} else {
$sql = 'INSERT INTO ' . EMAIL_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to add %s.'), __('this email')) . ' ' . __('Internal error occurred');
}
return false;
}
function save($id, $vars, &$errors)
{
if (!$id && (!$vars['ipaddr'] || !Validator::is_ip($vars['ipaddr']))) {
$errors['ipaddr'] = 'Valid IP required';
}
if ($errors) {
return false;
}
$sql = ' updated=NOW() ' . ',isactive=' . db_input($vars['isactive']) . ',can_create_tickets=' . db_input($vars['can_create_tickets']) . ',can_exec_cron=' . db_input($vars['can_exec_cron']) . ',notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . API_KEY_TABLE . ' SET ' . $sql . ' WHERE id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = 'Unable to update API key. Internal error occurred';
} else {
$sql = 'INSERT INTO ' . API_KEY_TABLE . ' SET ' . $sql . ',created=NOW() ' . ',ipaddr=' . db_input($vars['ipaddr']) . ',apikey=' . db_input(strtoupper(md5(time() . $vars['ipaddr'] . md5(Misc::randCode(16)))));
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = 'Unable to add API key. Try again!';
}
return false;
}
function save($id, $vars, &$errors)
{
if (!$vars['execorder']) {
$errors['execorder'] = __('Order required');
} elseif (!is_numeric($vars['execorder'])) {
$errors['execorder'] = __('Must be numeric value');
}
if (!$vars['name']) {
$errors['name'] = __('Name required');
} elseif (($sid = self::getIdByName($vars['name'])) && $sid != $id) {
$errors['name'] = __('Name already in use');
}
if (!$errors && !self::validate_rules($vars, $errors) && !$errors['rules']) {
$errors['rules'] = __('Unable to validate rules as entered');
}
$targets = self::getTargets();
if (!$vars['target']) {
$errors['target'] = __('Target required');
} else {
if (!is_numeric($vars['target']) && !$targets[$vars['target']]) {
$errors['target'] = __('Unknown or invalid target');
}
}
if ($errors) {
return false;
}
$emailId = 0;
if (is_numeric($vars['target'])) {
$emailId = $vars['target'];
$vars['target'] = 'Email';
}
$sql = ' updated=NOW() ' . ',isactive=' . db_input($vars['isactive']) . ',target=' . db_input($vars['target']) . ',name=' . db_input($vars['name']) . ',execorder=' . db_input($vars['execorder']) . ',email_id=' . db_input($emailId) . ',dept_id=' . db_input($vars['dept_id']) . ',status_id=' . db_input($vars['status_id']) . ',priority_id=' . db_input($vars['priority_id']) . ',sla_id=' . db_input($vars['sla_id']) . ',topic_id=' . db_input($vars['topic_id']) . ',match_all_rules=' . db_input($vars['match_all_rules']) . ',stop_onmatch=' . db_input(isset($vars['stop_onmatch']) ? 1 : 0) . ',reject_ticket=' . db_input(isset($vars['reject_ticket']) ? 1 : 0) . ',use_replyto_email=' . db_input(isset($vars['use_replyto_email']) ? 1 : 0) . ',disable_autoresponder=' . db_input(isset($vars['disable_autoresponder']) ? 1 : 0) . ',canned_response_id=' . db_input($vars['canned_response_id']) . ',notes=' . db_input(Format::sanitize($vars['notes']));
//Auto assign ID is overloaded...
if ($vars['assign'] && $vars['assign'][0] == 's') {
$sql .= ',team_id=0,staff_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} elseif ($vars['assign'] && $vars['assign'][0] == 't') {
$sql .= ',staff_id=0,team_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} else {
$sql .= ',staff_id=0,team_id=0 ';
}
//no auto-assignment!
if ($id) {
$sql = 'UPDATE ' . FILTER_TABLE . ' SET ' . $sql . ' WHERE id=' . db_input($id);
if (!db_query($sql)) {
$errors['err'] = sprintf(__('Unable to update %s.'), __('this ticket filter')) . ' ' . __('Internal error occurred');
}
} else {
$sql = 'INSERT INTO ' . FILTER_TABLE . ' SET ' . $sql . ',created=NOW() ';
if (!db_query($sql) || !($id = db_insert_id())) {
$errors['err'] = sprintf(__('Unable to add %s.'), __('this ticket filter')) . ' ' . __('Internal error occurred');
}
}
if ($errors || !$id) {
return false;
}
//Success with update/create...save the rules. We can't recover from any errors at this point.
# Don't care about errors stashed in $xerrors
$xerrors = array();
self::save_rules($id, $vars, $xerrors);
return true;
}
function save($id, $vars, &$errors)
{
global $cfg;
$vars['topic'] = Format::striptags(trim($vars['topic']));
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal error occurred');
}
if (!$vars['topic']) {
$errors['topic'] = __('Help topic name is required');
} elseif (strlen($vars['topic']) < 5) {
$errors['topic'] = __('Topic is too short. Five characters minimum');
} elseif (($tid = self::getIdByName($vars['topic'], $vars['topic_pid'])) && $tid != $id) {
$errors['topic'] = __('Topic already exists');
}
if (!is_numeric($vars['dept_id'])) {
$errors['dept_id'] = __('Department selection is required');
}
if ($vars['custom-numbers'] && !preg_match('`(?!<\\\\)#`', $vars['number_format'])) {
$errors['number_format'] = 'Ticket number format requires at least one hash character (#)';
}
if ($errors) {
return false;
}
foreach (array('sla_id', 'form_id', 'page_id', 'topic_pid') as $f) {
if (!isset($vars[$f])) {
$vars[$f] = 0;
}
}
$sql = ' updated=NOW() ' . ',topic=' . db_input($vars['topic']) . ',topic_pid=' . db_input($vars['topic_pid']) . ',dept_id=' . db_input($vars['dept_id']) . ',priority_id=' . db_input($vars['priority_id']) . ',status_id=' . db_input($vars['status_id']) . ',sla_id=' . db_input($vars['sla_id']) . ',form_id=' . db_input($vars['form_id']) . ',page_id=' . db_input($vars['page_id']) . ',isactive=' . db_input($vars['isactive']) . ',ispublic=' . db_input($vars['ispublic']) . ',sequence_id=' . db_input($vars['custom-numbers'] ? $vars['sequence_id'] : 0) . ',number_format=' . db_input($vars['custom-numbers'] ? $vars['number_format'] : '') . ',flags=' . db_input($vars['custom-numbers'] ? self::FLAG_CUSTOM_NUMBERS : 0) . ',noautoresp=' . db_input(isset($vars['noautoresp']) && $vars['noautoresp'] ? 1 : 0) . ',notes=' . db_input(Format::sanitize($vars['notes']));
//Auto assign ID is overloaded...
if ($vars['assign'] && $vars['assign'][0] == 's') {
$sql .= ',team_id=0, staff_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} elseif ($vars['assign'] && $vars['assign'][0] == 't') {
$sql .= ',staff_id=0, team_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} else {
$sql .= ',staff_id=0, team_id=0 ';
}
//no auto-assignment!
$rv = false;
if ($id) {
$sql = 'UPDATE ' . TOPIC_TABLE . ' SET ' . $sql . ' WHERE topic_id=' . db_input($id);
if (!($rv = db_query($sql))) {
$errors['err'] = sprintf(__('Unable to update %s.'), __('this help topic')) . ' ' . __('Internal error occurred');
}
} else {
if (isset($vars['topic_id'])) {
$sql .= ', topic_id=' . db_input($vars['topic_id']);
}
// If in manual sort mode, place the new item directly below the
// parent item
if ($vars['topic_pid'] && $cfg && $cfg->getTopicSortMode() != 'a') {
$sql .= ', `sort`=' . db_input(db_result(db_query('SELECT COALESCE(`sort`,0)+1 FROM ' . TOPIC_TABLE . ' WHERE `topic_id`=' . db_input($vars['topic_pid']))));
}
$sql = 'INSERT INTO ' . TOPIC_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
$rv = $id;
} else {
$errors['err'] = sprintf(__('Unable to create %s.'), __('this help topic')) . ' ' . __('Internal error occurred');
}
}
if (!$cfg || $cfg->getTopicSortMode() == 'a') {
static::updateSortOrder();
}
return $rv;
}
function save($id, $vars, &$errors, $validation = false)
{
//Cleanup.
$vars['name'] = Format::striptags(trim($vars['name']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal error. Try again';
}
if (!$vars['name']) {
$errors['name'] = 'Category name is required';
} elseif (strlen($vars['name']) < 3) {
$errors['name'] = 'Name is too short. 3 chars minimum';
} elseif (($cid = self::findIdByName($vars['name'])) && $cid != $id) {
$errors['name'] = 'Category already exists';
}
if (!$vars['description']) {
$errors['description'] = 'Category description is required';
}
if ($errors) {
return false;
}
/* validation only */
if ($validation) {
return true;
}
//save
$sql = ' updated=NOW() ' . ',ispublic=' . db_input(isset($vars['ispublic']) ? $vars['ispublic'] : 0) . ',name=' . db_input($vars['name']) . ',description=' . db_input(Format::sanitize($vars['description'])) . ',notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . FAQ_CATEGORY_TABLE . ' SET ' . $sql . ' WHERE category_id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = 'Unable to update FAQ category.';
} else {
$sql = 'INSERT INTO ' . FAQ_CATEGORY_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = 'Unable to create FAQ category. Internal error';
}
return false;
}
function save($id, $vars, &$errors, $validation = false)
{
//Cleanup.
$vars['question'] = Format::striptags(trim($vars['question']));
//validate
if ($id && $id != $vars['id']) {
$errors['err'] = __('Internal error. Try again');
}
if (!$vars['question']) {
$errors['question'] = __('Question required');
} elseif (($qid = self::findIdByQuestion($vars['question'])) && $qid != $id) {
$errors['question'] = __('Question already exists');
}
if (!$vars['category_id'] || !($category = Category::lookup($vars['category_id']))) {
$errors['category_id'] = __('Category is required');
}
if (!$vars['answer']) {
$errors['answer'] = __('FAQ answer is required');
}
if ($errors || $validation) {
return !$errors;
}
//save
$sql = ' updated=NOW() ' . ', question=' . db_input($vars['question']) . ', answer=' . db_input(Format::sanitize($vars['answer'], false)) . ', category_id=' . db_input($vars['category_id']) . ', ispublished=' . db_input(isset($vars['ispublished']) ? $vars['ispublished'] : 0) . ', notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . FAQ_TABLE . ' SET ' . $sql . ' WHERE faq_id=' . db_input($id);
if (db_query($sql)) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this FAQ article'));
} else {
$sql = 'INSERT INTO ' . FAQ_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
Signal::send('model.created', FAQ::lookup($id));
return $id;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this FAQ article')) . ' ' . __('Internal error occurred');
}
return false;
}
function parse($value)
{
$config = $this->getConfiguration();
if ($config['html']) {
return Format::sanitize($value);
} else {
return $value;
}
}
function save($id, $vars, &$errors)
{
global $cfg;
if ($id && $id != $vars['id']) {
$errors['err'] = __('Missing or invalid Dept ID (internal error).');
}
if (!$vars['name']) {
$errors['name'] = __('Name required');
} elseif (strlen($vars['name']) < 4) {
$errors['name'] = __('Name is too short.');
} elseif (($did = Dept::getIdByName($vars['name'])) && $did != $id) {
$errors['name'] = __('Department already exists');
}
if (!$vars['ispublic'] && $cfg && $vars['id'] == $cfg->getDefaultDeptId()) {
$errors['ispublic'] = __('System default department cannot be private');
}
if ($errors) {
return false;
}
$sql = 'SET updated=NOW() ' . ' ,ispublic=' . db_input(isset($vars['ispublic']) ? $vars['ispublic'] : 0) . ' ,email_id=' . db_input(isset($vars['email_id']) ? $vars['email_id'] : 0) . ' ,tpl_id=' . db_input(isset($vars['tpl_id']) ? $vars['tpl_id'] : 0) . ' ,sla_id=' . db_input(isset($vars['sla_id']) ? $vars['sla_id'] : 0) . ' ,autoresp_email_id=' . db_input(isset($vars['autoresp_email_id']) ? $vars['autoresp_email_id'] : 0) . ' ,manager_id=' . db_input($vars['manager_id'] ? $vars['manager_id'] : 0) . ' ,dept_name=' . db_input(Format::striptags($vars['name'])) . ' ,dept_signature=' . db_input(Format::sanitize($vars['signature'])) . ' ,group_membership=' . db_input($vars['group_membership']) . ' ,ticket_auto_response=' . db_input(isset($vars['ticket_auto_response']) ? $vars['ticket_auto_response'] : 1) . ' ,message_auto_response=' . db_input(isset($vars['message_auto_response']) ? $vars['message_auto_response'] : 1);
if ($id) {
$sql = 'UPDATE ' . DEPT_TABLE . ' ' . $sql . ' WHERE dept_id=' . db_input($id);
if (db_query($sql) && db_affected_rows()) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this department')) . ' ' . __('Internal error occurred');
} else {
if (isset($vars['id'])) {
$sql .= ', dept_id=' . db_input($vars['id']);
}
$sql = 'INSERT INTO ' . DEPT_TABLE . ' ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this department')) . ' ' . __('Internal error occurred');
}
return false;
}
function save($id, $vars, &$errors)
{
if ($id && $vars['id'] != $id) {
$errors['err'] = __('Missing or invalid group ID');
}
if (!$vars['name']) {
$errors['name'] = __('Group name required');
} elseif (strlen($vars['name']) < 3) {
$errors['name'] = __('Group name must be at least 3 chars.');
} elseif (($gid = Group::getIdByName($vars['name'])) && $gid != $id) {
$errors['name'] = __('Group name already exists');
}
if ($errors) {
return false;
}
$sql = ' SET updated=NOW() ' . ', group_name=' . db_input(Format::striptags($vars['name'])) . ', group_enabled=' . db_input($vars['isactive']) . ', can_create_tickets=' . db_input($vars['can_create_tickets']) . ', can_delete_tickets=' . db_input($vars['can_delete_tickets']) . ', can_edit_tickets=' . db_input($vars['can_edit_tickets']) . ', can_assign_tickets=' . db_input($vars['can_assign_tickets']) . ', can_transfer_tickets=' . db_input($vars['can_transfer_tickets']) . ', can_close_tickets=' . db_input($vars['can_close_tickets']) . ', can_ban_emails=' . db_input($vars['can_ban_emails']) . ', can_manage_premade=' . db_input($vars['can_manage_premade']) . ', can_manage_faq=' . db_input($vars['can_manage_faq']) . ', can_post_ticket_reply=' . db_input($vars['can_post_ticket_reply']) . ', can_view_staff_stats=' . db_input($vars['can_view_staff_stats']) . ', notes=' . db_input(Format::sanitize($vars['notes']));
if ($id) {
$sql = 'UPDATE ' . GROUP_TABLE . ' ' . $sql . ' WHERE group_id=' . db_input($id);
if ($res = db_query($sql)) {
return true;
}
$errors['err'] = sprintf(__('Unable to update %s.'), __('this group')) . ' ' . __('Internal error occurred');
} else {
$sql = 'INSERT INTO ' . GROUP_TABLE . ' ' . $sql . ',created=NOW()';
if (($res = db_query($sql)) && ($id = db_insert_id())) {
return $id;
}
$errors['err'] = sprintf(__('Unable to create %s.'), __('this group')) . ' ' . __('Internal error occurred');
}
return false;
}
$errors = array();
$email = null;
if (!$_POST['email_id'] || !($email = Email::lookup($_POST['email_id']))) {
$errors['email_id'] = __('Select from email address');
}
if (!$_POST['email'] || !Validator::is_email($_POST['email'])) {
$errors['email'] = __('To email address required');
}
if (!$_POST['subj']) {
$errors['subj'] = __('Subject required');
}
if (!$_POST['message']) {
$errors['message'] = __('Message required');
}
if (!$errors && $email) {
if ($email->send($_POST['email'], $_POST['subj'], Format::sanitize($_POST['message']), null, array('reply-tag' => false))) {
$msg = Format::htmlchars(sprintf(__('Test email sent successfully to <%s>'), $_POST['email']));
Draft::deleteForNamespace('email.diag');
} else {
$errors['err'] = __('Error sending email - try again.');
}
} elseif ($errors['err']) {
$errors['err'] = __('Error sending email - try again.');
}
}
$info = Format::htmlchars($errors && $_POST ? $_POST : $info);
$nav->setTabActive('emails');
$ost->addExtraHeader('<meta name="tip-namespace" content="emails.diagnostic" />', "\$('#content').data('tipNamespace', '" . $tip_namespace . "');");
require STAFFINC_DIR . 'header.inc.php';
?>
<form action="emailtest.php" method="post" id="save">
function save($id, $vars, &$errors)
{
global $cfg;
$vars['topic'] = Format::striptags(trim($vars['topic']));
if ($id && $id != $vars['id']) {
$errors['err'] = 'Internal error. Try again';
}
if (!$vars['topic']) {
$errors['topic'] = 'Help topic required';
} elseif (strlen($vars['topic']) < 5) {
$errors['topic'] = 'Topic is too short. 5 chars minimum';
} elseif (($tid = self::getIdByName($vars['topic'], $vars['topic_pid'])) && $tid != $id) {
$errors['topic'] = 'Topic already exists';
}
if (!is_numeric($vars['dept_id'])) {
$errors['dept_id'] = 'You must select a department';
}
if ($errors) {
return false;
}
foreach (array('sla_id', 'form_id', 'page_id', 'topic_pid') as $f) {
if (!isset($vars[$f])) {
$vars[$f] = 0;
}
}
$sql = ' updated=NOW() ' . ',topic=' . db_input($vars['topic']) . ',topic_pid=' . db_input($vars['topic_pid']) . ',dept_id=' . db_input($vars['dept_id']) . ',priority_id=' . db_input($vars['priority_id']) . ',sla_id=' . db_input($vars['sla_id']) . ',form_id=' . db_input($vars['form_id']) . ',page_id=' . db_input($vars['page_id']) . ',isactive=' . db_input($vars['isactive']) . ',ispublic=' . db_input($vars['ispublic']) . ',noautoresp=' . db_input(isset($vars['noautoresp']) && $vars['noautoresp'] ? 1 : 0) . ',notes=' . db_input(Format::sanitize($vars['notes']));
//Auto assign ID is overloaded...
if ($vars['assign'] && $vars['assign'][0] == 's') {
$sql .= ',team_id=0, staff_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} elseif ($vars['assign'] && $vars['assign'][0] == 't') {
$sql .= ',staff_id=0, team_id=' . db_input(preg_replace("/[^0-9]/", "", $vars['assign']));
} else {
$sql .= ',staff_id=0, team_id=0 ';
}
//no auto-assignment!
$rv = false;
if ($id) {
$sql = 'UPDATE ' . TOPIC_TABLE . ' SET ' . $sql . ' WHERE topic_id=' . db_input($id);
if (!($rv = db_query($sql))) {
$errors['err'] = 'Unable to update topic. Internal error occurred';
}
} else {
if (isset($vars['topic_id'])) {
$sql .= ', topic_id=' . db_input($vars['topic_id']);
}
// If in manual sort mode, place the new item directly below the
// parent item
if ($vars['topic_pid'] && $cfg && $cfg->getTopicSortMode() != 'a') {
$sql .= ', `sort`=' . db_input(db_result(db_query('SELECT COALESCE(`sort`,0)+1 FROM ' . TOPIC_TABLE . ' WHERE `topic_id`=' . db_input($vars['topic_pid']))));
}
$sql = 'INSERT INTO ' . TOPIC_TABLE . ' SET ' . $sql . ',created=NOW()';
if (db_query($sql) && ($id = db_insert_id())) {
$rv = $id;
} else {
$errors['err'] = 'Unable to create the topic. Internal error';
}
}
if (!$cfg || $cfg->getTopicSortMode() == 'a') {
static::updateSortOrder();
}
return $rv;
}
