// Füge eigene hesk_settings hinzu, sodass die Einstellungen beim Speichern über das Web nicht verloren gehen. require(HESK_PATH . 'hesk_settings_own.inc.php'); // require(HESK_PATH . 'inc/common.inc.php'); require(HESK_PATH . 'inc/admin_functions.inc.php'); hesk_load_database_functions(); hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); /* Check permissions for this feature */ hesk_checkPermission('can_view_tickets'); $can_del_notes = hesk_checkPermission('can_del_notes',0); $can_reply = hesk_checkPermission('can_reply_tickets',0); $can_delete = hesk_checkPermission('can_del_tickets',0); $can_edit = hesk_checkPermission('can_edit_tickets',0); $can_archive = hesk_checkPermission('can_add_archive',0); $can_assign_self = hesk_checkPermission('can_assign_self',0); $can_view_unassigned = hesk_checkPermission('can_view_unassigned',0); $can_change_cat = hesk_checkPermission('can_change_cat',0); $can_change_own_cat = hesk_checkPermission('can_change_own_cat',0); $can_ban_emails = hesk_checkPermission('can_ban_emails', 0); $can_unban_emails = hesk_checkPermission('can_unban_emails', 0); $can_ban_ips = hesk_checkPermission('can_ban_ips', 0); $can_unban_ips = hesk_checkPermission('can_unban_ips', 0); $can_resolve = hesk_checkPermission('can_resolve', 0); $can_view_ass_by = hesk_checkPermission('can_view_ass_by', 0); $can_privacy = hesk_checkPermission('can_privacy',0); $can_export = hesk_checkPermission('can_export',0); $can_due_date = hesk_checkPermission('can_due_date',0); // Get ticket ID $trackingID = hesk_cleanID() or print_form(); // Load custom fields require_once(HESK_PATH . 'inc/custom_fields.inc.php'); // Load statuses require_once(HESK_PATH . 'inc/statuses.inc.php'); $_SERVER['PHP_SELF'] = 'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999); // We will need some extra functions define('TIMER',1); define('BACK2TOP',1); define('ATTACHMENTS',1); if ($hesk_settings['time_display']) { define('TIMEAGO',1); } if ($hesk_settings['staff_ticket_formatting'] == 2) { define('WYSIWYG',1); define('STYLE_CODE',1); } /* Get ticket info */ $res = hesk_dbQuery("SELECT `t1`.* , `t2`.name AS `repliername` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` AS `t1` LEFT JOIN `".hesk_dbEscape($hesk_settings['db_pfix'])."users` AS `t2` ON `t1`.`replierid` = `t2`.`id` WHERE `trackid`='".hesk_dbEscape($trackingID)."' LIMIT 1"); /* Ticket found? */ if (hesk_dbNumRows($res) != 1) { /* Ticket not found, perhaps it was merged with another ticket? */ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `merged` LIKE '%#".hesk_dbEscape($trackingID)."#%' LIMIT 1"); if (hesk_dbNumRows($res) == 1) { /* OK, found in a merged ticket. Get info */ $ticket = hesk_dbFetchAssoc($res); hesk_process_messages( sprintf($hesklang['tme'], $trackingID, $ticket['trackid']) ,'NOREDIRECT','NOTICE'); $trackingID = $ticket['trackid']; } else { /* Nothing found, error out */ hesk_process_messages($hesklang['ticket_not_found'],'NOREDIRECT'); print_form(); } } else { /* We have a match, get ticket info */ $ticket = hesk_dbFetchAssoc($res); } // Has this ticket been anonymized? $ticket['anonymized'] = ( $ticket['name'] == $hesklang['anon_name'] && $ticket['email'] == $hesklang['anon_email'] && $ticket['subject'] == $hesklang['anon_subject'] && $ticket['message'] == $hesklang['anon_message'] && $ticket['message_html'] == $hesklang['anon_message'] && $ticket['ip'] == $hesklang['anon_IP'] ) ? true : false; /* Permission to view this ticket? */ if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id'] && ! hesk_checkPermission('can_view_ass_others',0)) { // Maybe this user is allowed to view tickets he/she assigned? if ( ! $can_view_ass_by || $ticket['assignedby'] != $_SESSION['id']) { hesk_error($hesklang['ycvtao']); } } if (!$ticket['owner'] && ! $can_view_unassigned) { hesk_error($hesklang['ycovtay']); } /* Set last replier name */ if ($ticket['lastreplier']) { if (empty($ticket['repliername'])) { $ticket['repliername'] = $hesklang['staff']; } } else { $ticket['repliername'] = $ticket['name']; } /* Get category name and ID */ $result = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `id`='".intval($ticket['category'])."' LIMIT 1"); /* If this category has been deleted use the default category with ID 1 */ if (hesk_dbNumRows($result) != 1) { $result = hesk_dbQuery("SELECT `id`, `name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `id`='1' LIMIT 1"); } $category = hesk_dbFetchAssoc($result); /* Is this user allowed to view tickets inside this category? */ hesk_okCategory($category['id']); /* Delete post action */ if (isset($_GET['delete_post']) && $can_delete && hesk_token_check()) { $n = intval( hesk_GET('delete_post') ); if ($n) { /* Get last reply ID, we'll need it later */ $res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` DESC LIMIT 1"); $last_reply_id = hesk_dbResult($res,0,0); // Was this post submitted by staff and does it have any attachments? $res = hesk_dbQuery("SELECT `dt`, `staffid`, `attachments` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `id`='".intval($n)."' AND `replyto`='".intval($ticket['id'])."' LIMIT 1"); $reply = hesk_dbFetchAssoc($res); // If the reply was by a staff member update the appropriate columns if ( $reply['staffid'] ) { // Is this the only staff reply? Delete "firstreply" and "firstreplyby" columns if ($ticket['staffreplies'] <= 1) { $staffreplies_sql = ' , `firstreply`=NULL, `firstreplyby`=NULL, `staffreplies`=0 '; } // Are we deleting the first staff reply? Update "firstreply" and "firstreplyby" columns elseif ($reply['dt'] == $ticket['firstreply'] && $reply['staffid'] == $ticket['firstreplyby']) { // Get the new first reply info $res = hesk_dbQuery("SELECT `dt`, `staffid` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' AND `id`!='".intval($n)."' AND `staffid`!=0 ORDER BY `id` ASC LIMIT 1"); // Did we find the new first reply? if ( hesk_dbNumRows($res) ) { $firstreply = hesk_dbFetchAssoc($res); $staffreplies_sql = " , `firstreply`='".hesk_dbEscape($firstreply['dt'])."', `firstreplyby`='".hesk_dbEscape($firstreply['staffid'])."', `staffreplies`=`staffreplies`-1 "; } // The count must have been wrong, update it else { $staffreplies_sql = ' , `firstreply`=NULL, `firstreplyby`=NULL, `staffreplies`=0 '; } } // OK, this is not the first and not the only staff reply, just reduce number else { $staffreplies_sql = ' , `staffreplies`=`staffreplies`-1 '; } } else { $staffreplies_sql = ''; } /* Delete any attachments to this post */ if ( strlen($reply['attachments']) ) { $hesk_settings['server_path'] = dirname(dirname(__FILE__)); /* List of attachments */ $att=explode(',',substr($reply['attachments'], 0, -1)); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); /* Delete attachment files */ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id`='".intval($att_id)."' LIMIT 1"); if (hesk_dbNumRows($res) && $file = hesk_dbFetchAssoc($res)) { hesk_unlink($hesk_settings['server_path'].'/'.$hesk_settings['attach_dir'].'/'.$file['saved_name']); } /* Delete attachments info from the database */ hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id`='".intval($att_id)."'"); } } /* Delete this reply */ hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `id`='".intval($n)."' AND `replyto`='".intval($ticket['id'])."'"); /* Reply wasn't deleted */ if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['repl1'],$_SERVER['PHP_SELF']); } else { $closed_sql = ''; /* Reply deleted. Need to update status and last replier? */ $res = hesk_dbQuery("SELECT `dt`, `staffid` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` DESC LIMIT 1"); if (hesk_dbNumRows($res)) { $replier_id = hesk_dbResult($res,0,1); $last_replier = $replier_id ? 1 : 0; /* Change status? */ $status_sql = ''; if ($last_reply_id == $n) { $status = $ticket['locked'] ? 3 : ($last_replier ? 2 : 1); $status_sql = " , `status`='".intval($status)."' "; // Update closedat and closedby columns as required if ($status == 3) { $closed_sql = " , `closedat`=NOW(), `closedby`=".intval($_SESSION['id'])." "; } } hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `lastchange`=NOW(), `lastreplier`='{$last_replier}', `replierid`='".intval($replier_id)."', `replies`=`replies`-1 $status_sql $closed_sql $staffreplies_sql WHERE `id`='".intval($ticket['id'])."'"); } else { // Update status, closedat and closedby columns as required if ($ticket['locked']) { $status = 3; $closed_sql = " , `closedat`=NOW(), `closedby`=".intval($_SESSION['id'])." "; } else { $status = 0; $closed_sql = " , `closedat`=NULL, `closedby`=NULL "; } hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `lastchange`=NOW(), `lastreplier`='0', `status`='$status', `replies`=0 $staffreplies_sql WHERE `id`='".intval($ticket['id'])."'"); } hesk_process_messages($hesklang['repl'],$_SERVER['PHP_SELF'],'SUCCESS'); } } else { hesk_process_messages($hesklang['repl0'],$_SERVER['PHP_SELF']); } } /* Delete notes action */ if (isset($_GET['delnote']) && hesk_token_check()) { $n = intval( hesk_GET('delnote') ); if ($n) { // Get note info $res = hesk_dbQuery("SELECT `who`, `attachments` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` WHERE `id`={$n}"); if ( hesk_dbNumRows($res) ) { $note = hesk_dbFetchAssoc($res); // Permission to delete note? if ($can_del_notes || $note['who'] == $_SESSION['id']) { // Delete note hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` WHERE `id`='".intval($n)."'"); // Delete attachments if ( strlen($note['attachments']) ) { $hesk_settings['server_path'] = dirname(dirname(__FILE__)); $attachments = array(); $att=explode(',',substr($note['attachments'], 0, -1)); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); $attachments[] = intval($att_id); } if ( count($attachments) ) { $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id` IN (".implode(',', $attachments).") "); while ($file = hesk_dbFetchAssoc($res)) { hesk_unlink($hesk_settings['server_path'].'/'.$hesk_settings['attach_dir'].'/'.$file['saved_name']); } hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id` IN (".implode(',', $attachments).") "); } } } } } header('Location: admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); exit(); } // // : linked Tickets / Open-Project-IDs eingefügt hier sollen Verknüpfungen gelöscht und die Seite erneut aufgerufen werden. Durch den Neuaufruf der Seite wird das HESK-Token nicht mehr in der URL angezeigt. // // selbst eingefügt // // Begin **************************************** Begin // // Wurde eine neue Ticket-ID zur Verknüpfung übersandt, soll diese vor der Ausgabe der Verknüpften Tickets bearbeitet werden. // Daher wird zuerst geprüft, ob eine Ticket-ID an die admin_ticket.php übersandt wurde: if (isset($_POST['link_ticket_id']) && hesk_token_check('POST')) { $linked_tickets = explode(",", $ticket['linkedids']); $link_ticket_id = $_POST['link_ticket_id']; // Prüfung, ob die übertragene Ticket-ID eine Zahl ist if (!is_numeric($link_ticket_id)) { hesk_process_messages("Angegeben Ticket-ID ist keine Zahl und daher keine gültige Ticketnummer",$_SERVER['PHP_SELF']); } // Prüfung, ob die übertragene Ticket-ID nicht ausversehen die Ticket-ID des derzeitigen Tickets ist: elseif ($link_ticket_id == $ticket['id']) { hesk_process_messages("Angegeben Ticket-ID ist dieses Ticket selbst.",$_SERVER['PHP_SELF']); } // Prüfung, ob die übertragene ID bereits verknüpft ist. elseif (!in_array($link_ticket_id, $linked_tickets)) { // Verknüpfung soll nun in beiden Tickets erstellt werden. $res_linking_ticket1 = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($link_ticket_id)."'"); // prüfen, ob das zu verknüpfende Ticket überhaupt existiert: if (hesk_dbNumRows($res_linking_ticket1) != 1) { // Ticket-ID existiert wohl nicht. hesk_process_messages("Angegebene Ticket-ID " . $link_ticket_id . " existiert nicht.",$_SERVER['PHP_SELF']); } else { // wenn das Ticket existiert, soll nun in dieses eine Verknüpfung zum jetzigen geschrieben werden, also das linkedids-field muss erweitert werden: $linking_ticket1 = hesk_dbFetchAssoc($res_linking_ticket1); $custom_field_links1 = $linking_ticket1['linkedids'].$ticket['id'].','; $res_linking_ticket1 = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `linkedids`='".$custom_field_links1."' WHERE `id`='".intval($link_ticket_id)."'"); // Eintragung der per $_POST übertragenen Verknüpfung in das aktuelle Ticket $res_linking_ticket2 = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($ticket['id'])."'"); $linking_ticket2 = hesk_dbFetchAssoc($res_linking_ticket2); $custom_field_links2 = $linking_ticket2['linkedids'].$link_ticket_id.','; $res_linking_ticket2 = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `linkedids`='".$custom_field_links2."' WHERE `id`='".intval($ticket['id'])."'"); array_push($linked_tickets, $link_ticket_id); hesk_process_messages("Ticket " . $link_ticket_id . " wurde verknüpft.",$_SERVER['PHP_SELF'],'SUCCESS'); } } // Ticket ist bereits verknüpft und muss nicht noch einmal verknüpft werden. else { hesk_process_messages("Tickets sind bereits verknüpft.",$_SERVER['PHP_SELF']); } } if (isset($_GET['del_link']) && hesk_token_check('POST') && $can_delete) { // Ticketverlinkungen sollen jeweils gelöscht werden. Zuerst aus dem verlinkten Ticket. // hierzu wird das linkedids-field abgefragt $del_link = $_GET['del_link']; $res_del_from_linked_ticket = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($del_link)."'"); $del_from_linked_ticket = hesk_dbFetchAssoc($res_del_from_linked_ticket); // die zu löschende Ticket-ID wird entfernt. Zu beachten: Beim Schreiben der Ticketnummer in das linkedids-Feld wird automatisch ein , als Trennzeichen verwendet, dieses muss mit gelöscht werden. $del_string_from_linked_ticket = str_replace($ticket['id'].',', "", $del_from_linked_ticket['linkedids']); // Neuer String mit eventuell anderen verknüpften Tickets wird wieder in die Datenbank geschrieben. $res_del_from_linked_ticket = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `linkedids`='".$del_string_from_linked_ticket."' WHERE `id`='".intval($del_link)."'"); // Ticketverlinkung soll nun im eigentlich Ticket, das gerade bearbeitet wird gelöscht werden: $res_del_linked_ticket = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($ticket['id'])."'"); $del_linked_ticket = hesk_dbFetchAssoc($res_del_linked_ticket); // die zu löschende Ticket-ID wird entfernt. Zu beachten: Beim Schreiben der Ticketnummer in das linkedids-Feld wird automatisch ein , als Trennzeichen verwendet, dieses muss mit gelöscht werden. $del_string_linked_ticket = str_replace($del_link.',', "", $del_linked_ticket['linkedids']); // Neuer String mit eventuell anderen verknüpften Tickets wird wieder in die Datenbank geschrieben. $res_del_linked_ticket = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `linkedids`='".$del_string_linked_ticket."' WHERE `id`='".intval($ticket['id'])."'"); hesk_process_messages("Ticket-Verlink wurde gelöscht.",$_SERVER['PHP_SELF'],'SUCCESS'); exit(); } // Prüfung, ob eine OP-ID per http_post übergeben wurde und eingetragen werden soll, sowie die Berechtigung per hesk_token prüfen if (isset($_POST['link_openproject_id']) && hesk_token_check('POST')) { $openprojectid = $_POST['link_openproject_id']; // Nur wenn die übergebene OP# eine Zahl ist, wird diese verlinkt: if (is_numeric($openprojectid)) { // Dieser Part soll die API von Open-Project aufrufen und einen Kommentar in das entsprechende Work-Package schreiben. $op_url = 'https://projekt.schulportal.hessen.de/api/v3/work_packages/'.$openprojectid.'/activities'; $op_ch = curl_init($op_url); curl_setopt($op_ch, CURLOPT_USERPWD, $hesk_settings['op_api']); $op_postdata = json_encode( array( 'comment' => array ( 'format' => 'markdown', 'raw' => 'Dieses Arbeitspaket wurde im Ticket '.$ticket['id'].' in HESK verlinkt.', ) ) ); // Attach encoded JSON string to the POST fields curl_setopt($op_ch, CURLOPT_POSTFIELDS, $op_postdata); // Set the content type to application/json curl_setopt($op_ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); // Return response instead of outputting curl_setopt($op_ch, CURLOPT_RETURNTRANSFER, true); // Execute the POST request $op_result = curl_exec($op_ch); // Close cURL resource curl_close($op_ch); // Eintragung der OP-ID in die Datenbank von HESK, damit der Link erstellt werden kann: $res_linking_op = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `custom8`='".$openprojectid."' WHERE `id`='".intval($ticket['id'])."'"); // Prüfung, ob CURL, bzw. OP einen Error zurückgibt. Die OP-ID wird dennoch in der HESK-DB eingetragen und es erscheint lediglich der Hinweis zum fehlenden Kommentar in OP. Hintergrund: Wenn OP nicht verfügbar ist, kann die OP-Nummer dennoch hier hinterlegt werden. if (strpos($op_result, 'Error') == false) { hesk_process_messages("OP-AP #" . $openprojectid . " verlinkt",$_SERVER['PHP_SELF'],'SUCCESS'); } else { hesk_process_messages("Das angegeben OP-Arbeistpaket #" . $openprojectid . " konnte nicht kommentiert werden. Entweder existiert dieses nicht, oder der Nutzer zum Kommentieren hat keine Zugriffsrechte auf dieses Projekt. In HESK wurde die OP# dennoch hinterlegt.",$_SERVER['PHP_SELF']); } // Ende der API Abfrage } else { hesk_process_messages("Angegeben OP# \"" . $openprojectid . "\" ist keine Zahl und daher keine gültigeS Arbeitspaket und wurde nicht verknüpft.",$_SERVER['PHP_SELF']); } } if (isset($_GET['del_op_link']) && hesk_token_check('POST') && $can_delete) { // Ticketverlinkungen sollen jeweils gelöscht werden. Zuerst aus dem verlinkten Ticket. // hierzu wird das custom8-field abgefragt $del_op_link = $_GET['del_op_link']; $res_del_linked_ticket = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `custom8`='' WHERE `id`='".intval($ticket['id'])."'"); // Kommentar in das OP-Arbeitspaket schreiben, dass die Verlinkung in HESK gelöscht wurde. $comment = 'Die Verlinkung zu diesem Arbeitspaket wurde in HESK im Ticket '.$ticket['id'].' entfernt.'; // Dieser Part soll die API von Open-Project aufrufen und einen Kommentar in das entsprechende Work-Package schreiben. $op_url = 'https://projekt.schulportal.hessen.de/api/v3/work_packages/'.$del_op_link.'/activities'; $op_ch = curl_init($op_url); curl_setopt($op_ch, CURLOPT_USERPWD, $hesk_settings['op_api']); $op_postdata = json_encode( array( 'comment' => array ( 'format' => 'markdown', 'raw' => 'Die Verlinkung zu diesem Arbeitspaket wurde aus dem Ticket '.$ticket['id'].' in HESK entfernt.', ) ) ); // Attach encoded JSON string to the POST fields curl_setopt($op_ch, CURLOPT_POSTFIELDS, $op_postdata); // Set the content type to application/json curl_setopt($op_ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); // Return response instead of outputting curl_setopt($op_ch, CURLOPT_RETURNTRANSFER, true); // Execute the POST request $op_result = curl_exec($op_ch); // Close cURL resource curl_close($op_ch); hesk_process_messages("Verlink zu OpenProject (" . $del_op_link . ") wurde gelöscht.",$_SERVER['PHP_SELF'],'SUCCESS'); exit(); } // if (isset($_GET['bookmark']) && hesk_token_check('POST')) { // bookmark = 1 => Bookmark added if($_GET['bookmark'] == 1) { $bookmark_res = hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."bookmarks` (`ticketid`, `user`) VALUES(" . intval($ticket['id']) . ", " . intval($_SESSION['id']) . ") "); hesk_process_messages("Bookmark wurde für dieses Ticket hinzugefügt.",$_SERVER['PHP_SELF'],'SUCCESS'); } // bookmark = 0 => Bookmark deleted else { $bookmark_res = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."bookmarks` WHERE `ticketid`=" . intval($ticket['id']) . " AND `user`=" . intval($_SESSION['id']) . " "); hesk_process_messages("Bookmark wurde für dieses Ticket entfernt.",$_SERVER['PHP_SELF'],'SUCCESS'); } } // End **************************************** End // // : Display linked Tickets eingefügt hier sollen Verknüpfungen gelöscht und die Seite erneut aufgerufen werden. Durch den Neuaufruf der Seite wird das HESK-Token nicht mehr in der URL angezeigt. // /* Add a note action */ if (isset($_POST['notemsg']) && hesk_token_check('POST')) { // Error buffer $hesk_error_buffer = array(); // Get message $msg = hesk_input( hesk_POST('notemsg') ); // Get attachments $use_legacy_attachments = hesk_POST('use-legacy-attachments', 0); if ($hesk_settings['attachments']['use']) { require(HESK_PATH . 'inc/posting_functions.inc.php'); require(HESK_PATH . 'inc/attachments.inc.php'); $attachments = array(); if ($use_legacy_attachments) { for ($i = 1; $i <= $hesk_settings['attachments']['max_number']; $i++) { $att = hesk_uploadFile($i); if ($att !== false && !empty($att)) { $attachments[$i] = $att; } } } else { // The user used the new drag-and-drop system. $temp_attachment_names = hesk_POST_array('attachments'); foreach ($temp_attachment_names as $temp_attachment_name) { $temp_attachment = hesk_getTemporaryAttachment($temp_attachment_name); if ($temp_attachment !== null) { $attachments[] = $temp_attachment; } } } } $myattachments=''; // We need message and/or attachments to accept note if ( count($attachments) || strlen($msg) || count($hesk_error_buffer) ) { // Any errors? if ( count($hesk_error_buffer) != 0 ) { $_SESSION['note_message'] = hesk_POST('notemsg'); // Remove any successfully uploaded attachments if ($hesk_settings['attachments']['use']) { if ($use_legacy_attachments) { hesk_removeAttachments($attachments); } else { $_SESSION['note_attachments'] = $attachments; } } $tmp = ''; foreach ($hesk_error_buffer as $error) { $tmp .= "
  • $error
    • \n"; } $hesk_error_buffer = $tmp; $hesk_error_buffer = $hesklang['pcer'].'

    '; hesk_process_messages($hesk_error_buffer,'admin_ticket.php?track='.$ticket['trackid'].'&Refresh='.rand(10000,99999)); } // Process attachments if ($hesk_settings['attachments']['use'] && ! empty($attachments) ) { if (!$use_legacy_attachments) { $attachments = hesk_migrateTempAttachments($attachments, $trackingID); } foreach ($attachments as $myatt) { hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` (`ticket_id`,`saved_name`,`real_name`,`size`,`type`) VALUES ('".hesk_dbEscape($trackingID)."','".hesk_dbEscape($myatt['saved_name'])."','".hesk_dbEscape($myatt['real_name'])."','".intval($myatt['size'])."', '1')"); $myattachments .= hesk_dbInsertID() . '#' . $myatt['real_name'] .','; } } // Add note to database $msg = nl2br(hesk_makeURL($msg)); hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` (`ticket`,`who`,`dt`,`message`,`attachments`) VALUES ('".intval($ticket['id'])."','".intval($_SESSION['id'])."',NOW(),'".hesk_dbEscape($msg)."','".hesk_dbEscape($myattachments)."')"); // Update time worked if ($hesk_settings['time_worked'] && ($time_worked = hesk_getTime(hesk_POST('time_worked_notes'))) && $time_worked != '00:00:00') { $parts = explode(':', $ticket['time_worked']); $seconds = ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2]; $parts = explode(':', $time_worked); $seconds += ($parts[0] * 3600) + ($parts[1] * 60) + $parts[2]; require(HESK_PATH . 'inc/reporting_functions.inc.php'); $ticket['time_worked'] = hesk_SecondsToHHMMSS($seconds); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); } /* Notify assigned staff that a note has been added if needed */ if ($ticket['owner'] && $ticket['owner'] != $_SESSION['id']) { $res = hesk_dbQuery("SELECT `email` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='".intval($ticket['owner'])."' AND `notify_note`='1' LIMIT 1"); if (hesk_dbNumRows($res) == 1) { $owner = hesk_dbFetchAssoc($res); // 1. Generate the array with ticket info that can be used in emails $info = array( 'email' => $ticket['email'], 'category' => $ticket['category'], 'priority' => $ticket['priority'], 'owner' => $ticket['owner'], 'trackid' => $ticket['trackid'], 'status' => $ticket['status'], 'name' => $_SESSION['name'], 'subject' => $ticket['subject'], 'message' => stripslashes($msg), 'dt' => hesk_date($ticket['dt'], true), 'lastchange' => hesk_date($ticket['lastchange'], true), 'attachments' => $myattachments, 'due_date' => hesk_format_due_date($ticket['due_date']), 'id' => $ticket['id'], 'time_worked' => $ticket['time_worked'], 'last_reply_by' => $ticket['repliername'], ); // 2. Add custom fields to the array foreach ($hesk_settings['custom_fields'] as $k => $v) { $info[$k] = $v['use'] ? $ticket[$k] : ''; } // 3. Add HTML message to the array $info['message_html'] = $info['message']; // 4. Make sure all values are properly formatted for email $ticket = hesk_ticketToPlain($info, 1, 0); /* Get email functions */ require(HESK_PATH . 'inc/email_functions.inc.php'); /* Format email subject and message for staff */ $subject = hesk_getEmailSubject('new_note',$ticket); list($message, $html_message) = hesk_getEmailMessage('new_note',$ticket,1); /* Send email to staff */ hesk_mail($owner['email'], $subject, $message, $html_message); } } } header('Location: admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); exit(); } /* Update time worked */ if ($hesk_settings['time_worked'] && ($can_reply || $can_edit) && isset($_POST['h']) && isset($_POST['m']) && isset($_POST['s']) && hesk_token_check('POST')) { $h = intval( hesk_POST('h') ); $m = intval( hesk_POST('m') ); $s = intval( hesk_POST('s') ); /* Get time worked in proper format */ $time_worked = hesk_getTime($h . ':' . $m . ':' . $s); /* Update database */ $revision = sprintf($hesklang['thist14'],hesk_date(),$time_worked,addslashes($_SESSION['name']).' ('.$_SESSION['user'].')'); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `time_worked`='" . hesk_dbEscape($time_worked) . "', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "'"); /* Show ticket */ hesk_process_messages($hesklang['twu'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS'); } /* Update due date */ if (isset($_POST['action']) && $_POST['action'] == 'due_date' && hesk_token_check('POST')) { // Check permission if ( ! $can_due_date) { hesk_process_messages($hesklang['can_due_date_e'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'ERROR'); } $new_due_date = hesk_POST('new-due-date'); $sql_overdue_email = ''; if ($new_due_date == '') { $formatted_date = false; $revision = sprintf($hesklang['thist20'], hesk_date(), addslashes($_SESSION['name']).' ('.$_SESSION['user'].')'); } else { $date = hesk_datepicker_get_date($new_due_date); if ($date === false) { hesk_process_messages($hesklang['invalid_due_date'], 'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); } $formatted_date = $date->format('Y-m-d'); $revision = sprintf($hesklang['thist19'], hesk_date(), $formatted_date, addslashes($_SESSION['name']).' ('.$_SESSION['user'].')'); // If this is a future date, we'll reset the $current_date = new DateTime(); if ($date > $current_date) { $sql_overdue_email = '`overdue_email_sent`=0,'; } } hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `due_date` = " . ($formatted_date === false ? 'NULL' : "'".hesk_dbEscape($formatted_date)."'") . ", {$sql_overdue_email} `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' AND (`due_date` IS " . ($formatted_date === false ? 'NOT NULL' : "NULL OR `due_date` != '".hesk_dbEscape($formatted_date)."'") . ")"); /* Show ticket */ hesk_process_messages($hesklang['due_date_updated'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS'); } /* Delete attachment action */ if (isset($_GET['delatt']) && hesk_token_check()) { if ( ! $can_delete || ! $can_edit) { hesk_process_messages($hesklang['no_permission'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); } $att_id = intval( hesk_GET('delatt') ) or hesk_error($hesklang['inv_att_id']); $reply = intval( hesk_GET('reply', 0) ); if ($reply < 1) { $reply = 0; } $note = intval( hesk_GET('note', 0) ); if ($note < 1) { $note = 0; } /* Get attachment info */ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id`='".intval($att_id)."' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { hesk_process_messages($hesklang['id_not_valid'].' (att_id)','admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); } $att = hesk_dbFetchAssoc($res); /* Is ticket ID valid for this attachment? */ if ($att['ticket_id'] != $trackingID) { hesk_process_messages($hesklang['trackID_not_found'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999)); } /* Delete file from server */ hesk_unlink(HESK_PATH.$hesk_settings['attach_dir'].'/'.$att['saved_name']); /* Delete attachment from database */ hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."attachments` WHERE `att_id`='".intval($att_id)."'"); /* Update ticket or reply in the database */ $revision = sprintf($hesklang['thist12'],hesk_date(),$att['real_name'],addslashes($_SESSION['name']).' ('.$_SESSION['user'].')'); if ($reply) { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",','') WHERE `id`='".intval($reply)."'"); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($ticket['id'])."'"); } elseif ($note) { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."notes` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",','') WHERE `id`={$note}"); } else { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `attachments`=REPLACE(`attachments`,'".hesk_dbEscape($att_id.'#'.$att['real_name']).",',''), `history`=CONCAT(`history`,'".hesk_dbEscape($revision)."') WHERE `id`='".intval($ticket['id'])."'"); } hesk_process_messages($hesklang['kb_att_rem'],'admin_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999),'SUCCESS'); } /* Print header */ require_once(HESK_PATH . 'inc/header.inc.php'); /* List of categories */ if ($can_change_cat) { $result = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` ORDER BY `cat_order` ASC"); } else { $result = hesk_dbQuery("SELECT `id`,`name` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE ".hesk_myCategories('id')." ORDER BY `cat_order` ASC"); } $categories_options=''; while ($row=hesk_dbFetchAssoc($result)) { $categories_options.=''; } /* List of users */ $admins = array(); $result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `name` ASC"); while ($row=hesk_dbFetchAssoc($result)) { /* Is this an administrator? */ if ($row['isadmin']) { $admins[$row['id']]=$row['name']; continue; } /* Not admin, is user allowed to view tickets? */ if (strpos($row['heskprivileges'], 'can_view_tickets') !== false) { /* Is user allowed to access this category? */ $cat=substr($row['categories'], 0); $row['categories']=explode(',',$cat); if (in_array($ticket['category'],$row['categories'])) { $admins[$row['id']]=$row['name']; continue; } } } /* Get replies */ if ($ticket['replies']) { $reply = ''; $result = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."replies` WHERE `replyto`='".intval($ticket['id'])."' ORDER BY `id` " . ($hesk_settings['new_top'] ? 'DESC' : 'ASC') ); } else { $reply = false; } // Demo mode if ( defined('HESK_DEMO') ) { $ticket['email'] = 'hidden@demo.com'; $ticket['ip'] = '127.0.0.1'; } /* Print admin navigation */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); /* This will handle error, success and notice messages */ hesk_handle_messages(); // Prepare special custom fields foreach ($hesk_settings['custom_fields'] as $k=>$v) { if ($v['use'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) { switch ($v['type']) { case 'date': $ticket[$k] = hesk_custom_date_display_format($ticket[$k], $v['value']['date_format']); break; } } } /* Do we need or have any canned responses? */ $can_options = hesk_printCanned(); $options = array( 0 => '', 1 => '', 2 => '', 3 => '' ); ?>
    >

      
    >
    »

    ' : ''; $att = explode(',', substr($note['attachments'], 0, -1) ); $num = count($att); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); // Can edit and delete note (attachments)? if ($can_del_notes || $note['who'] == $_SESSION['id']) { // If this is the last attachment and no message, show "delete ticket" link if ($num == 1 && strlen($note['message']) == 0) { echo ' »'; } // Show "delete attachment" link else { echo ' »'; } } echo ' '; // // EDIT: Ausgabe von Anhängen im Browser-Fenster anstatt diese herunterladen zu müssen => Umleitung auf view_attachment.php anstatt download_attachment.php // die view_attachment.php wurde neu erstellt und ist eine abgewandelte download_attachment.php-Datei // // Original: // ****************************************************** // // echo ''.$att_name.'
    // // ****************************************************** $dateiendung = strtolower(pathinfo($att_name, PATHINFO_EXTENSION)); if (in_array($dateiendung, $hesk_settings['view_attachments_extensions'])){ echo ''.$att_name.'
    '; } else { echo ''.$att_name.'
    '; } // } } ?>

    '; ?>

    :
    • :
    • :
    • '; if ( $email_id = hesk_isBannedEmail($ticket['email']) ) { if ($can_unban_emails) { echo ' '.$hesklang['unban_email'].' '; } else { echo $hesklang['eisban']; } } else { echo ' '.$hesklang['savebanemail'].' '; } echo ''; } // Format IP for lookup if ($ticket['ip'] != '' && $ticket['ip'] != 'Unknown' && $ticket['ip'] != $hesklang['unknown']) { echo '
    • '; if ($can_ban_ips) { if ( $ip_id = hesk_isBannedIP($ticket['ip']) ) { if ($can_unban_ips) { echo ' '.$hesklang['unban_ip'].' '; } else { echo $hesklang['ipisban']; } } else { echo ' '.$hesklang['savebanip'].' '; } } echo '
      • '; } ?>
    // // div-span mit E-Mail-Adresse eingefügt ?>
    E-Mail:
    // ?> $v) { if ($v['use'] && $v['place']==0 && hesk_is_custom_field_in_category($k, $ticket['category']) ) { switch ($v['type']) { case 'email': $ticket[$k] = ''.$ticket[$k].''; break; } // // // // Abfrage ob das Custom-Field die Schulnummer ist, damit ein Java-Skript eingefügt wird, mit dem die Schulnummer direkt kopiert werden kann. // // Original: // // ***************************************************** // // echo ' //
    // '.$v['name:'].' // '.$ticket[$k].' //
    '; // // ***************************************************** // if($v['name:'] == "Schulnummer:") { ?>
    '.$v['name:'].' '.$ticket[$k].'
    '; } // Ende } } if ($ticket['message_html'] != '') { ?>

    $v) { if ($v['use'] && $v['place'] && hesk_is_custom_field_in_category($k, $ticket['category']) ) { switch ($v['type']) { case 'email': $ticket[$k] = ''.$ticket[$k].''; break; } // // // // Abfrage ob das Custom-Field jenes für Verknüpfte Tickets oder für die OpenProject-Verlinkung (nur die Nummer des Projekts) ist, die in einer extra Box angezeigt werden und somit hier nicht erscheinen sollen. // // Original: // // ***************************************************** // // echo ' //
    // '.$v['name:'].' // '.$ticket[$k].' //
    '; // // ***************************************************** // if ($v['name:'] != "Verknuepfte Tickets:" AND $v['name:'] != "OpenProject:") { echo '
    '.$v['name:'].' '.$ticket[$k].'
    '; } // // Ende der Bearbeitung // } } /* Print attachments */ hesk_listAttachments($ticket['attachments'], 0 , $i); // Show suggested KB articles if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'] && ! empty($ticket['articles']) ) { $suggested = array(); $suggested_list = ''; // Get article info from the database if (substr($ticket['articles'], -1) == "," ) { $articles = hesk_dbQuery("SELECT `id`,`subject` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `id` IN (".preg_replace('/[^0-9\,]/', '', substr($ticket['articles'], 0, -1)).")"); } else{ $articles = hesk_dbQuery("SELECT `id`,`subject` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."kb_articles` WHERE `id` IN (".preg_replace('/[^0-9\,]/', '', $ticket['articles']).")"); } while ($article=hesk_dbFetchAssoc($articles)) { $suggested[$article['id']] = ''.$article['subject'].''; } // Loop through the IDs to preserve the order they were suggested in $articles = explode(',', $ticket['articles']); foreach ($articles as $article) { if ( isset($suggested[$article]) ) { $suggested_list .= $suggested[$article]; } } // Finally print suggested articles if ( strlen($suggested_list) ) { ?>
    '.$hesklang['sska'].' '; } ?>
    »

    ' : ''; $att = explode(',', substr($note['attachments'], 0, -1) ); $num = count($att); foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); // Can edit and delete note (attachments)? if ($can_del_notes || $note['who'] == $_SESSION['id']) { // If this is the last attachment and no message, show "delete ticket" link if ($num == 1 && strlen($note['message']) == 0) { echo ' »'; } // Show "delete attachment" link else { echo ' »'; } } echo ' '; // // EDIT: Ausgabe von Anhängen im Browser-Fenster anstatt diese herunterladen zu müssen => Umleitung auf view_attachment.php anstatt download_attachment.php // die view_attachment.php wurde neu erstellt und ist eine abgewandelte download_attachment.php-Datei // // Original: // ****************************************************** // // echo ''.$att_name.'
    // // ****************************************************** $dateiendung = strtolower(pathinfo($att_name, PATHINFO_EXTENSION)); if (in_array($dateiendung, $hesk_settings['view_attachments_extensions'])){ echo ''.$att_name.'
    '; } else { echo ''.$att_name.'
    '; } } } ?>

    '; ?>
     
    '.$hesklang['open_action'].']'; } } elseif ($can_resolve) { $status_action = '['.$hesklang['close_action'].']'; } ?>
    >
     
    '; } ?>
    '.$admins[$ticket['owner']].'' : ''.$hesklang['unas'].''; ?>
     
    '.$hesklang['asss'].']'; ?>

    :
    // // ?>
    :
    // // ?>
    :
    :
    :
    :
    :
    ' . $ticket['time_worked'] . '
    '; } ?>
    : Display linked Tickets sowie OpenProject-Verlinkung eingefügt // // selbst eingefügt // // Begin **************************************** Begin // // ?>

    Ticketverknüpfungen

    dies sind drei Verknüpfungen, die separat angezeigt werden sollen. $linked_tickets = explode(",", $ticket['linkedids']); // Prüfung, ob überhaupt Tickets verlinkt sind, sodass auch diese mit ausgegeben werden kann if ($ticket['linkedids'] != "" OR $link_ticket_id != "") { foreach ($linked_tickets as $seperated_linked_tickets) { // Ausgabe aller verlinkten Tickets inkl. Link zu diesen und der Möglichkeit diese zu löschen. $res_linked_ticket = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id`='".intval($seperated_linked_tickets)."'"); $linked_ticket = hesk_dbFetchAssoc($res_linked_ticket); $linked_ticket_trackid = $linked_ticket['trackid']; $linked_ticket_subject = $linked_ticket['subject']; if ($linked_ticket_trackid != "") { echo '
    '; // Die Option zum Löschen wird nur den Supportern angezeigt, welche auch das Ticket selbst löschen dürfen. Hierzu müssen entweder die Rechte in HESK beim Team entsprechend gesetzt sein, oder der Supporter muss administrative Rechte haben. if ($can_delete) { $warnung = "Soll die Verlinkung wirklich entfernt werden?"; echo '
    '; } // Prüfung ob das verlinkte Ticket überhaupt eingesehen werden kann. Wenn es in einer nicht einsehbaren Kategorie liegt, wird das Ticket nicht verlinkt, da sonst eine Zugriffs-Fehlermeldung erscheint. if (hesk_okCategory($linked_ticket['category'], 0)) { echo ''.$seperated_linked_tickets.' '.$linked_ticket_subject.''; } else { echo ''.$seperated_linked_tickets.' '.$linked_ticket_subject.''; } echo '
    '; } } } // Es wurden bisher noch keine Tickets verknüpft. Daher kann keine Ausgabe stattfinden. Das Fehlen von Verlinkungen wird mit - dargestellt: else { echo '
    -
    '; } // Am Ende die Möglichkeit ein weiteres/neues Ticket zu verknüpfen: ?>
    :
    " />

    Open-Project-Verknüpfungen

    $v) { if ($v['name:'] == "OpenProject:") { // Lese die OP-ID aus der Datenbank aus $openprojectid = $ticket[$k]; // Prüfung, ob eine OP-ID in der Datenbank hinterlegt wurde, oder das Feld leer war. Da nur eine ID verknüpft werden soll, wir bei einer leeren Rückgabe das Feld zum Eintragen einer ID angezeigt, ansonsten die ID und bei Berechtigung auch das Löschen-Symbol if ($openprojectid == "") { ?>
    OP#:
    " />
    '; // Die Option zum Löschen wird nur den Supportern angezeigt, welche auch das Ticket selbst löschen dürfen. Hierzu müssen entweder die Rechte in HESK beim Team entsprechend gesetzt sein, oder der Supporter muss administrative Rechte haben. if ($can_delete) { $warnung = "Soll die Verlinkung wirklich entfernt werden?"; echo '
    '; } echo 'OP# '.$openprojectid.'
    '; } } } // // End ************************************************* End // // // // End of Edit // // // Auskommentierung der original Anzeige der letzten Tickets, da diese nicht nach Status sortiert sind und zusätzlich vom Layout her nicht "ansprechend" sind, // sprich: alle Links blau und vor dem Betreff ein Punkt mit dem Status, sowie ohne Tooltip mit weiteren Daten des Tickets. // /* // Display previous tickets if ( ! empty($ticket['email'])) { // How many previous tickets should we show? $show_previous_tickets = 20; // If the ticket has multiple emails, search for the first one only $first_email = strpos($ticket['email'], ',') ? strtok($ticket['email'], ',') : $ticket['email']; // Get recent tickets, ordered by last change $res = hesk_dbQuery("SELECT `trackid`, `status`, `subject` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` WHERE `id` <> ".$ticket['id']." AND `email` <> '' AND ".hesk_dbFormatEmail($first_email)." ORDER BY `lastchange` DESC LIMIT " . ($show_previous_tickets+1)); $past_num = hesk_dbNumRows($res); ?>

    0) echo 'style="display:block"'; ?>> $show_previous_tickets) { hesk_dbFreeResult($res); break; } ?>
    0 && $i > $show_previous_tickets) { echo '
    '.$hesklang['all_previous'].''; } elseif ($past_num == 0) { echo sprintf($hesklang['no_previous'], hesk_htmlspecialchars($first_email)); } ?>
    // // Ende der Auskommentierung // /* Display ticket history */ if (strlen($ticket['history'])) { $history_pieces = explode('', $ticket['history'], -1); ?>

    ', '', $history_piece); $date_and_contents = explode(' | ', $history_piece); if ( ! isset($date_and_contents[1])) { $date_and_contents[1] = $date_and_contents[0]; $date_and_contents[0] = ''; } ?>
    : Display weitere Tickets des Kunden eingefügt // // selbst eingefügt // // Begin **************************************** Begin // // // Stauts-ID 0: Neu // Status-ID 1: Warte auf Antwort // Status-ID 2: Beantwortet // Status-ID 4: In Bearbeitung // Status-ID 5: Wartet auf Bearbeitung // Status-ID 6: Geparkt // Status-ID 7: noch zu testen // Status-ID 8: In Bearbeitung (O.P.) // Status-ID 3: Erledigt // ?>

    weitere Tickets des Kunden

    '.$res_tickets['subject'].'
    '; $n++; } } } } } if ($n == 0) { echo '
    Keine weiteren Tickets gefunden.
    '; } ?>
    // // End of Edit ?> '; foreach ($att as $myatt) { list($att_id, $att_name) = explode('#', $myatt); /* Can edit and delete tickets? */ if ($can_edit && $can_delete) { echo ' »'; } // // EDIT: Ausgabe von Anhängen im Browser-Fenster anstatt diese herunterladen zu müssen => Umleitung auf view_attachment.php anstatt download_attachment.php // die view_attachment.php wurde neu erstellt und ist eine abgewandelte download_attachment.php-Datei // // Original: // ****************************************************** // // echo ' // // // // // //'.$att_name.'
    //'; // // ****************************************************** $dateiendung = strtolower(pathinfo($att_name, PATHINFO_EXTENSION)); if (in_array($dateiendung, $hesk_settings['view_attachments_extensions'])){ echo ' '.$att_name.'
    '; } else { echo ' '.$att_name.'
    '; } // } echo ''; return true; } // End hesk_listAttachments() function hesk_getAdminButtons($isReply=0,$white=1) { global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve, $can_privacy, $can_export; $buttons = array(); // Edit if ($can_edit) { $tmp = $isReply ? '&reply='.$reply['id'] : ''; if ($isReply) { $buttons['more']['edit'] = ' '.$hesklang['btn_edit'].' '; } else { $buttons[] = ' '.$hesklang['btn_edit'].' '; } } if (!$isReply) { // Print ticket button $buttons[] = ' '.$hesklang['btn_print'].' '; } // Lock ticket button if (!$isReply && $can_resolve) { if ($ticket['locked']) { $des = $hesklang['tul'] . ' - ' . $hesklang['isloc']; $buttons['more'][] = ' '.$hesklang['btn_unlock'].' '; } else { $des = $hesklang['tlo'] . ' - ' . $hesklang['isloc']; $buttons['more'][] = ' '.$hesklang['btn_lock'].' '; } } // Tag ticket button if (!$isReply && $can_archive) { if ($ticket['archive']) { $buttons['more'][] = ' '.$hesklang['btn_untag'].' '; } else { $buttons['more'][] = ' '.$hesklang['btn_tag'].' '; } } // // possibility to bookmark a ticket, or to remove the bookmark: // $is_bookmarked = false; // searching in the table bookmark, where a bookmark was set for the ticket AND user: $bookmark_res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."bookmarks` WHERE `ticketid`='" . intval($ticket['id']) . "' AND `user`='" . intval($_SESSION['id']) . "'"); if (hesk_dbNumRows($bookmark_res) != 0) { $is_bookmarked = true; } if ($is_bookmarked) { $buttons['more'][] = ' Bookmark entfernen '; } else { $buttons['more'][] = ' Bookmark hinzufügen '; } // // // Resend email notification button if (!$ticket['anonymized']) { $buttons['more'][] = ' '.$hesklang['btn_resend'].' '; } // Import to knowledgebase button if (!$isReply && $hesk_settings['kb_enable'] && hesk_checkPermission('can_man_kb',0) && !$ticket['anonymized']) { $buttons['more'][] = ' '.$hesklang['btn_import_kb'].' '; } // Export ticket if (!$isReply && $can_export && !$ticket['anonymized']) { $buttons['more'][] = ' '.$hesklang['btn_export'].' '; } // Anonymize ticket if (!$isReply && $can_privacy) { $modal_id = hesk_generate_delete_modal($hesklang['confirm_anony'], $hesklang['privacy_anon_info'], 'anonymize_ticket.php?track='.$trackingID.'&Refresh='.mt_rand(10000,99999).'&token='.hesk_token_echo(0), $hesklang['confirm']); $buttons['more'][] = ' '.$hesklang['btn_anony'].' '; } // Delete ticket or reply if ($can_delete) { if ($isReply) { $url = 'admin_ticket.php'; $tmp = 'delete_post='.$reply['id']; $txt = $hesklang['btn_delr']; $modal_text = $hesklang['confirm_delete_reply']; } else { $url = 'delete_tickets.php'; $tmp = 'delete_ticket=1'; $txt = $hesklang['btn_delt']; $modal_text = $hesklang['confirm_delete_ticket']; } $modal_id = hesk_generate_delete_modal($hesklang['confirm_deletion'], $modal_text, $url.'?track='.$trackingID.'&'.$tmp.'&Refresh='.mt_rand(10000,99999).'&token='.hesk_token_echo(0)); $buttons['more'][] = ' '.$txt.' '; } // Format and return the HTML for buttons $button_code = ''; foreach ($buttons as $button) { if (is_array($button)) { $more_class = $isReply ? 'more ' : ''; $label = ' '; if ($isReply) { $label = ' '; } $button_code .= '
    '; if (isset($button['edit'])) { $button_code .= $button['edit']; unset($button['edit']); } $button_code .= $label.'
    '; } else { $button_code .= $button; } } $button_code .= ''; return $button_code; } // END hesk_getAdminButtons() function print_form() { global $hesk_settings, $hesklang; global $trackingID; /* Print header */ require_once(HESK_PATH . 'inc/header.inc.php'); /* Print admin navigation */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>

    0) { if ($hesk_settings['new_top']) { if ($i >= $hesk_settings['hide_replies']) { $collapsed_replies[] = $reply; } else { $displayed_replies[] = $reply; } } else { if ($i < ($ticket['replies'] - $hesk_settings['hide_replies'])) { $collapsed_replies[] = $reply; } else { $displayed_replies[] = $reply; } } // Never, always show all replies } else { $displayed_replies[] = $reply; } $i++; } $start_previous_replies = true; for ($j = 0; $j < count($collapsed_replies) && $hesk_settings['new_top'] == 0; $j++) { $reply = $collapsed_replies[$j]; if ($start_previous_replies): $start_previous_replies = false; ?>
    »

    ' . $hesklang['rnh'] . '

    '; } elseif ($reply['rating'] == 5) { echo '

    ' . $hesklang['rh'] . '

    '; } } /* Show "unread reply" message? */ if ($reply['staffid'] && !$reply['read']) { echo '

    ' . $hesklang['unread'] . '

    '; } ?>
    '; } } for ($j = 0; $j < count($displayed_replies); $j++) { $reply = $displayed_replies[$j]; ?>
    »

    '.$hesklang['rnh'].'

    '; } elseif ($reply['rating']==5) { echo '

    '.$hesklang['rh'].'

    '; } } /* Show "unread reply" message? */ if ($reply['staffid'] && ! $reply['read']) { echo '

    '.$hesklang['unread'].'

    '; } ?>
    »

    ' . $hesklang['rnh'] . '

    '; } elseif ($reply['rating'] == 5) { echo '

    ' . $hesklang['rh'] . '

    '; } } /* Show "unread reply" message? */ if ($reply['staffid'] && !$reply['read']) { echo '

    ' . $hesklang['unread'] . '

    '; } ?>
    '; } } return $i; } // End hesk_printTicketReplies() function hesk_printReplyForm() { global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $options, $can_assign_self, $can_resolve; // Force assigning a ticket before allowing to reply? if ($hesk_settings['require_owner'] && ! $ticket['owner']) { hesk_show_notice($hesklang['atbr'].($can_assign_self ? '

    '.$hesklang['attm'].'' : ''), $hesklang['owneed']); return ''; } ?>
    '; ?>
    '; if (empty($ticket['owner'])) { echo ''; } else { echo ''; } echo ''; echo ''; } ?>
    >
    17) OR ($tag == 0) OR ($tag == 6)) { ?>   Vor 07:00 bzw. nach 18:00 Uhr darf nur nach der Freigabe in Signal-Gruppe durch Su-Koordination, SG-Leitung oder Stellvertretung geantwortet werden