Guest User

Untitled

a guest
Sep 25th, 2017
524
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 74.03 KB | None | 0 0
  1. <?php
  2. //TICKET SYSTEM
  3. $ver="1.1";
  4. include "config.php";
  5. $logdir="$BaseDir/admin/logs";
  6. $date=date("Y/m/d@H:i:s");
  7. $date2=date("Y-m-d H:i:s");
  8. $ip=$_SERVER['REMOTE_ADDR'];
  9. $m=@$_REQUEST['m'];
  10. $m2=@$_REQUEST['m2'];
  11. $no=@$_REQUEST['no']; if (!isset($no)){$no=false;}
  12. $code=@$_REQUEST['code'];if (!isset($code)){$code=false;}
  13. $email=@$_REQUEST['email'];
  14. $loggedinas=@getenv(REMOTE_USER);
  15. $adminaccess=0;
  16. $MaxAdminLevel=7; #admin modes: 1=basic 2=edit users 4=edit ticket headers
  17. $defaultpagecolour='cccccc';
  18.  
  19.  
  20.  
  21. OpenDB();
  22.  
  23. if (strlen($loggedinas)>1){
  24. $UserSettings=GetUserSettings($loggedinas);
  25. $pagecolour=$UserSettings['pagecolour'];
  26. $SnippetSize=$UserSettings['snippetsize'];
  27. } else {
  28. $pagecolour=$defaultpagecolour;
  29. $SnippetSize=0;
  30. }
  31.  
  32. $FormCheckJS="<SCRIPT LANGUAGE=\"JavaScript\">
  33. <!-- Begin
  34. fun"."ction checkrequired(which) {
  35. var pass=true;
  36. for (i=0;i<which.length;i++) {
  37. var tempobj=which.elements[i];
  38. if (((tempobj.type==\"text\"||tempobj.type==\"textarea\")&&
  39. tempobj.value=='')||(tempobj.type.toString().charAt(0)==\"s\"&&
  40. tempobj.selectedIndex==0)) {
  41. pass=false;
  42. break;
  43. }
  44. }
  45. if (!pass) {
  46. shortFieldName=tempobj.name.toUpperCase();
  47. alert(\"The \"+shortFieldName+\" field is a required field.\");
  48. return false;
  49. } else {
  50. return true;
  51. }
  52. }
  53.  
  54. // End -->
  55. </SCRIPT>";
  56. #$MiniFormWidth=560; // SENDING width-560
  57. if ($m=='iframe'){
  58. $PageWidth=$_REQUEST['width'];
  59. h2();
  60. print "<center><table border=0 width=$PageWidth><tr><td>";
  61. style();
  62. switch ($m2){
  63. case "new":ShowNewTicketForm();break;
  64. case "newticket": RegisterNewTicket(); break;
  65.  
  66. }
  67. print "</td></tr></table></center>";
  68. f2();
  69. } else {
  70.  
  71.  
  72. if (strlen($loggedinas)>1){
  73. $adminaccess=Getadmin($loggedinas);
  74. $UserDetails=GetUserDetails($loggedinas,1);
  75. $loggedinasno=$UserDetails['no'];if (!isset($loggedinasno)){$loggedinasno=0;}
  76. } else {
  77. $loggedinasno=0;
  78. }
  79.  
  80. $buttons="<center>
  81. <a href='?' class='bold'>[HOME]</a>";
  82.  
  83. if ($adminaccess>0){
  84. $buttons.="<br><a href='..' class='NoUnderline2'>[EXIT ADMIN MODE]</a>
  85. - <a href='?m=showopen' class='NoUnderline2'>[OPEN TICKETS]</a>
  86. - <a href='?m=showwaiting' class='NoUnderline2'>[WAITING TICKETS]</a>
  87. - <a href='?m=showclosed' class='NoUnderline2'>[CLOSED TICKETS]</a>
  88. - <a href='?m=edituser' class='NoUnderline2'>[EDIT PASSWORD]</a>
  89. - <a href='?m=searchform' class='NoUnderline2'>[SEARCH]</a> ";
  90. if ($adminaccess>2){
  91. $buttons.="- <a href='?m=reports' class='NoUnderline2'>[REPORTS]</a>";
  92. }
  93.  
  94. if ($adminaccess & 4){
  95. $buttons.=" - <a href='?m=editusers' class='NoUnderline2'>[EDIT USERS]</a>";
  96. if ($adminaccess>64){
  97. $buttons.="<br><a href='?m=emailstaffform' class='NoUnderline2'>[EMAIL STAFF]</a>";
  98. }
  99. }
  100.  
  101. if ($adminaccess>=$TemplateAdminLevel){
  102. $buttons.=" - <a href='?m=ShowTemplates' class='NoUnderline2'>[EDIT TEMPLATES]</a>";
  103. }
  104.  
  105. if (count($PrivateLinks>0)){
  106. $buttons.="<br>";
  107. $cli=0;
  108. foreach($PrivateLinks as $k=>$v){
  109. if ($cli>0){$buttons.=" - ";}
  110. $buttons.="<a href='$v' class='NoUnderline2' target='_BLANK'>[$k]</a>";
  111. $cli++;
  112. }
  113. }
  114. } else if (strlen($loggedinas)<2){
  115. $buttons.=" - <a href='admin' class='NoUnderline2'>[ADMIN ACCESS]</a>";
  116. if (count($ClientLinks>0)){
  117. $buttons.="<br>";
  118. $cli=0;
  119. foreach($ClientLinks as $k=>$v){
  120. if ($cli>0){$buttons.=" - ";}
  121. $buttons.="<a href='$v' class='NoUnderline2' target='_BLANK'>[$k]</a>";
  122. $cli++;
  123. }
  124. }
  125. }
  126.  
  127. $buttons.="</center>";
  128.  
  129. h();
  130.  
  131. if (isset($m)){
  132. switch($m){
  133. case "newticket": RegisterNewTicket(); break;
  134. case "showticket": ShowTicket($no,$code); break;
  135. case "UPDATE/SEND": AddToTicket($no,$code); ShowTicket($no,$code,$email); break;
  136. case "UPDATE AND DO NOT SEND": AddToTicket($no,$code,"",0); ShowTicket($no,$code,$email); break;
  137. case "showclosed": ShowTickets("status=0"); break;
  138. case "showopen": AutoReload($AutoReloadSeconds); ShowTickets("status=1"); break;
  139. case "showwaiting": ShowTickets("status=2"); break;
  140. case "retrieveticket": RetrieveTicket($code,$email); break;
  141. case "editusers": ShowEditUsersForm(); break;
  142. case "edituser": ShowEditUsersForm(); break;
  143. case "updateusers": UpdateUsers(); break;
  144. case "reports": ShowReportsScreen(); break;
  145. case "DelLine": DeleteLine(); break;
  146. case "DelTicket": DeleteTicket(); break;
  147. case "SendAssignNotice": SendAssignNotice(); break;
  148. case "searchform": ShowSearchForm(); break;
  149. case "search": DoSearch(); break;
  150. case "emailstaffform": EmailStaffForm(); break;
  151. case "emailstaff": EmailStaff(); break;
  152. case "updateticketheader": UpdateTicketheader($no); break;
  153. case "ResendEmail": ResendEmail($no); break;
  154. case "ShowTemplates": ShowTemplates(); break;
  155. case "AddTemplates": AddTemplates(); break;
  156. case "UpdateTemplates": UpdateTemplates(); break;
  157. case "newform": ShowNewTicketForm(); break;
  158. }
  159.  
  160. } else {
  161. #print "ADMIN=$admin<br>";
  162. if ($adminaccess>0){
  163. ShowTickets("status=1");
  164. ShowTickets("status=2");
  165. }
  166. ShowNewTicketForm();
  167. ShowRetrieveTicketForm();
  168. }
  169. f();
  170. }
  171.  
  172. CloseDB();
  173.  
  174. ###############################################################
  175. #function NewFrom(){
  176. #col1=$col1&clientname=$clientname&clientemail=$clientemail&clientphone=$clientphone
  177. #}
  178. ###############################################################
  179. function FlashPageBG($rep=1,$ChosenCol=0){
  180. global $pagecolour;
  181. $dwell=100;
  182. $d=0;
  183.  
  184. if ($ChosenCol==0){$ChosenCol=$pagecolour;}
  185.  
  186. print "
  187. <script language=\"JavaScript\">
  188. <!--
  189. var backColor = new Array();
  190. var dwellTime = 100;
  191. backColor[0] = '#FF0000';
  192. backColor[1] = '#00ff00';
  193. backColor[2] = '#0000ff';
  194. backColor[3] = '#ff00ff';
  195. backColor[4] = '$ChosenCol';
  196. function flashBG(whichColor){
  197. document.bgColor = backColor[whichColor];
  198. }
  199. var t = null;
  200. var d = dwellTime;
  201. ";
  202. for($x=1;$x<=$rep;$x++){
  203. print "t = setTimeout('flashBG(0)',($d));";
  204. $d=$d+$dwell;
  205. print "t = setTimeout('flashBG(1)',($d));";
  206. $d=$d+$dwell;
  207. print "t = setTimeout('flashBG(2)',($d));";
  208. $d=$d+$dwell;
  209. print "t = setTimeout('flashBG(3)',($d));";
  210. $d=$d+$dwell;
  211. print "t = setTimeout('flashBG(4)',($d));";
  212. }
  213. print "
  214. t = null;
  215. //-->
  216. </script>
  217. ";
  218. }
  219. ###############################################################
  220. function UpdateTemplates(){
  221. global $adminaccess,$TemplateAdminLevel;
  222. if ($adminaccess>=$TemplateAdminLevel){
  223. $noA=$_POST['no'];
  224. $buttontitleA=$_POST['button'];
  225. $templateA=$_POST['template'];
  226. $notesA=$_POST['notes'];
  227. $companyA=$_POST['company'];
  228. $qty=count($buttontitleA);
  229.  
  230. $sqlA=array();
  231. for($x=0;$x<$qty;$x++){
  232. $sql="UPDATE templates SET buttontitle='".mysql_escape_string($buttontitleA[$x])."',template='".mysql_escape_string($templateA[$x])."',notes='".mysql_escape_string($notesA[$x])."',company='".mysql_escape_string($companyA[$x])."' WHERE no=".$noA[$x];
  233. PutSQL($sql);
  234. }
  235.  
  236. ShowTemplates();
  237.  
  238. }
  239.  
  240. }
  241.  
  242. ###############################################################
  243. function AddTemplates(){
  244. global $adminaccess,$TemplateAdminLevel;
  245. if ($adminaccess>=$TemplateAdminLevel){
  246. $buttontitleA=$_POST['button'];
  247. $templateA=$_POST['template'];
  248. $notesA=$_POST['notes'];
  249. $companyA=$_POST['company'];
  250. $qty=count($buttontitleA);
  251. $sqlA=array();
  252. for($x=0;$x<$qty;$x++){
  253. $sqlA[]="INSERT INTO templates (buttontitle,template,notes,company) VALUES ('".mysql_escape_string($buttontitleA[$x])."','".mysql_escape_string($templateA[$x])."','".mysql_escape_string($notesA[$x])."','".mysql_escape_string($companyA[$x])."')";
  254. }
  255.  
  256. foreach($sqlA as $sql){
  257. PutSQL($sql);
  258. }
  259.  
  260. ShowTemplates();
  261. }
  262. }
  263. ###############################################################
  264. function ShowTemplates(){
  265. global $adminaccess,$col1val,$TemplateAdminLevel;
  266.  
  267.  
  268. $b="Existing templates can be edited or new ones added at the bottom of this page. The company option is a dropdown which specifies which company templates will be shown for. If a template is generic can suitab;e for all companies, it should be specified as [GLOBAL]. The text in the 'button' field will be shown on the button used to activate the template (so keep it short). The template can be typed or edited in the large box. The 'notes' field is information shown in red above the ticket box, intended to act as a reminder or instructions to anyone using the template (e.g. remind the user to change the PASSWORD within the template).";
  269. msg("INSTRUCTIONS",$b,1);
  270.  
  271. if ($adminaccess>=$TemplateAdminLevel){
  272. $sql="SELECT * FROM templates ORDER BY company";
  273. $result=GetSQL($sql);
  274. $b="<form method='post' name='updateTemplates'><input type='submit' value='SAVE CHANGES'><input type='hidden'name='m' value='UpdateTemplates'><table border=0 width='100%'><tr><td> </td><td>TEMPLATE</td><td>NOTES</td></tr>";
  275. while ($row=mysql_fetch_array($result)){
  276. $no=$row['no'];
  277. $buttontitle=$row['buttontitle'];
  278. $template=$row['template'];
  279. $notes=$row['notes'];
  280. $company=$row['company'];
  281.  
  282. $dropdown="<select name='company[]'><option value='$company'>$company</option><option value='[GLOBAL]'>[GLOBAL]</option>";
  283. foreach($col1val as $v){
  284. if (strlen($v)>0){
  285. $dropdown.="<option value='$v'>$v</option>";
  286. }
  287. }
  288. $dropdown.="</select>";
  289.  
  290. $b.="<tr><td>LINE: $no<input type='hidden' name='no[]' value=$no><br>COMPANY:<br>$dropdown<br>BUTTON:<br><input type='text' name=button[]' value='$buttontitle'></td><td><textarea cols=50 rows=10 name='template[]'>$template</textarea></td><td><textarea cols=15 rows=10 name='notes[]'>$notes</textarea></td></tr>";
  291. }
  292. $b.="</table><input type='submit' value='SAVE CHANGES'></form><hr>";
  293.  
  294.  
  295. $dropdown="<select name='company[]'><option value='[GLOBAL]'>[GLOBAL]</option>";
  296. foreach($col1val as $v){
  297. if (strlen($v)>0){
  298. $dropdown.="<option value='$v'>$v</option>";
  299. }
  300. }
  301. $dropdown.="</select>";
  302.  
  303. $b.="<form method='post' name='newTemplates'><input type='submit' value='ADD'><input type='hidden'name='m' value='AddTemplates'><table border=0 width='100%'><tr><td> </td><td>TEMPLATE</td><td>NOTES</td></tr>";
  304. for($x=1;$x<=1;$x++){
  305. $b.="<tr><td>COMPANY<br>$dropdown<br>BUTTON<br><input type='text' name=button[]' value=''></td><td><textarea cols=50 rows=10 name='template[]'></textarea></td><td><textarea cols=15 rows=10 name='notes[]'></textarea></td></tr>";
  306. }
  307. $b.="</table><input type='submit' value='ADD'></form>";
  308.  
  309. msg("EDIT TEMPLATES",$b);
  310. }
  311. }
  312. ###############################################################
  313. function ResendEmail($no){
  314. global $adminaccess;
  315. if ($adminaccess>=4){
  316. $l=@$_REQUEST['l'];
  317.  
  318. $sql="SELECT * FROM ticket WHERE no=$no";
  319. $row=GetSQLRow($sql);
  320. $email=$row['clientemail'];
  321. $clientname=$row['clientname'];
  322. $code=$row['code'];
  323. $status=$row['status'];
  324.  
  325. $sql="SELECT * FROM tline WHERE no=$l";
  326. $row=GetSQLRow($sql);
  327. $info=$row['info'];
  328.  
  329. SendUpdateEmail($clientname,$email,$code,$info,$status);
  330. msg("RESENT","Email resent",1);
  331. } else {
  332. NA();
  333. }
  334. ShowTicket($no);
  335. }
  336.  
  337. ###############################################################
  338. function AutoReload($s){
  339. global $URL,$m;
  340. $s2=$s-2;
  341. print "<meta http-equiv='refresh' content='$s2;url=$URL/admin/?m=$m'>";
  342. print "<center><form name='counter'><font size=1>Page will reload in about <input type='text' size='3' name='timer' style='border-width: 0px; background-color: #ffffee; font-family:courier; font-size: 8pt;'> seconds.</font></form></center>";
  343. print "<script>
  344. <!--
  345. //
  346. var milisec=0
  347. var seconds=$s
  348. document.counter.timer.value='$s'
  349.  
  350. function display(){
  351. if (milisec<=0){
  352. milisec=9
  353. seconds-=1
  354. }
  355. if (seconds<=-1){
  356. milisec=0
  357. seconds+=1
  358. }
  359. else
  360. milisec-=1
  361. document.counter.timer.value=seconds
  362. setTimeout(\"display()\",100)
  363. }
  364. display()
  365. -->
  366. </script>
  367. ";
  368. }
  369. ###############################################################
  370. function GetUserSettings($user){
  371. global $defaultpagecolour;
  372. #$ret=array();
  373. $sql="SELECT * FROM user WHERE uname='$user'";
  374. $row=GetSQLRow($sql);
  375. #$row['pagecolor']=$row['pagecolour'];
  376. if (strlen($row['pagecolour'])<4){$row['pagecolour']=$defaultpagecolour;}
  377. return $row;
  378. }
  379. ###############################################################
  380. function UpdateTicketheader($no){
  381. global $adminaccess;
  382. if ($adminaccess<4){
  383. ShowTicket($no);
  384. return;
  385. }
  386. $newclientname=$_POST['newclientname'];
  387. $newclientemail=$_POST['newclientemail'];
  388. $newclientphone=$_POST['newclientphone'];
  389. $sql="UPDATE ticket SET clientname='$newclientname',clientemail='$newclientemail',clientphone='$newclientphone' WHERE no=$no";
  390. PutSQL($sql);
  391.  
  392. $b="Ticket creator details updated ($newclientname/$newclientemail/$newclientphone)";
  393. msg("UPDATED",$b);
  394. ShowTicket($no);
  395.  
  396. }
  397.  
  398. ###############################################################
  399. function EmailStaff(){
  400. global $DefaultFromName,$DefaultFromAddress;
  401. $subject=$_POST['subject'];
  402. $message=$_POST['message'];
  403. $s=array("\n","\\u2019","\r");
  404. $r=array("<br>","'","");
  405. $message=str_replace($s,$r,$message);
  406. $b="";
  407.  
  408. $sql="SELECT * FROM user WHERE uname <> 'root'";
  409. $result=GetSQL($sql);
  410. while ($row=mysql_fetch_array($result)){
  411. $uname=$row['uname'];
  412. $upass=$row['upass'];
  413. $name=$row['name'];
  414. $email=$row['email'];
  415. $details="<br> <br><font size=1>This is a semi-automated email, any reply to it will not be seen my a human. A reminder of your account details:<br>USERNAME: <font face='courier' size=1>$uname</font> &nbsp; PASSWORD: <font face='courier' size=1>$upass</font></font><br>";
  416. $message2=" <br> <br>Dear $name,<br> <br>$message<br> <br>Regards,<br>$DefaultFromName.$details";
  417. SendEmail($email,$DefaultFromAddress,$DefaultFromName,$subject,$message2);
  418. $b.="SENDING TO: $name ($email)<br>";
  419. }
  420.  
  421. msg("EMAIL SENT",$b);
  422.  
  423. }
  424. ###############################################################
  425. function EmailStaffForm(){
  426. $b="<form method='post'><input name='m' value='emailstaff' type='hidden'>
  427. <table border=0>
  428. <tr><td>SUBJECT:</td><td><input type='text' name='subject' size=45></td></tr>
  429. <tr><td>MESSAGE:</td><td><textarea name='message' cols=70 rows=10></textarea></td></tr>
  430. <tr><td> </td><td><input type='submit' value='SEND'></td></tr>
  431. </table>
  432. </form>";
  433. msg("SEND EMAIL TO ALL REGISTERED STAFF",$b);
  434. }
  435.  
  436. ###############################################################
  437. function DoSearch(){
  438. global $col1name,$LinesPerPage,$m;
  439. $pn=@$_REQUEST['pn'];
  440. if ($pn>0){
  441. $start=($pn-1)*$LinesPerPage;
  442. } else {
  443. $start=0;
  444. }
  445. $col1=@$_REQUEST[$col1name]; $col1=trim($col1);
  446. $name=rawurldecode(@$_REQUEST['name']); $name=mysql_real_escape_string($name); $name=trim($name);
  447. $email=@$_REQUEST['email']; $email=trim($email);
  448. $phone=@$_REQUEST['phone']; $phone=trim($phone);
  449. $linker=@$_REQUEST['linker'];
  450.  
  451. $u="?m=search&linker=$linker";
  452.  
  453. $sql="SELECT * FROM ticket WHERE ";
  454.  
  455. $sql2="";
  456. if (strlen($col1)>=1){
  457. $sql2.="col1 LIKE '%$col1%'";
  458. $u.="&COMPANY=$col1";
  459. }
  460. if (strlen($name)>=1){
  461. if (strlen($sql2)>1){$sql2.=" $linker ";}
  462. $sql2.="clientname LIKE '%$name%'";
  463. $u.="&name=$name";
  464. }
  465. if (strlen($email)>=1){
  466. if (strlen($sql2)>1){$sql2.=" $linker ";}
  467. $sql2.="clientemail LIKE '%$email%'";
  468. $u.="&email=$email";
  469. }
  470. if (strlen($phone)>=1){
  471. if (strlen($sql2)>1){$sql2.=" $linker ";}
  472. $sql2.="clientphone LIKE '%$phone%'";
  473. $u.="&phone=$phone";
  474. }
  475.  
  476.  
  477. // Multiple pages?
  478. $result=GetSQL($sql.$sql2);
  479. #print "SQL=$sql$sql2<br>";
  480. $count=mysql_num_rows($result);
  481. $PageCount=ceil($count/$LinesPerPage);
  482. $PageList="";
  483. if ($PageCount>1){
  484. if ($pn<1){$pn=1;}
  485. $PageList.="SELECT PAGE: ";
  486. if ($pn>1){
  487. $prev=$pn-1;
  488. $PageList.=" <a href='$u&pn=$prev'>&lt;&lt;PREV</a>";
  489. } else {
  490. $PageList.=" <font color='#999999'>&lt;&lt;PREV</font>";
  491. }
  492. for($x=1;$x<=$PageCount;$x++){
  493. if ($x==$pn){
  494. $PageList.=" $x";
  495. } else {
  496. $PageList.=" <a href='$u&pn=$x'>$x</a>";
  497. }
  498. }
  499. if ($pn<$PageCount){
  500. $next=$pn+1;
  501. $PageList.=" <a href='$u&pn=$next'>NEXT&gt;&gt;</a>";
  502. } else {
  503. $PageList.=" <font color='#999999'>NEXT&gt;&gt;</font>";
  504. }
  505. }
  506. # / Multiple pages?
  507.  
  508. #print "<br>SQL=$sql2<br>";
  509.  
  510.  
  511. $sql.=$sql2." ORDER BY col1,clientemail,created LIMIT $start,$LinesPerPage";
  512.  
  513.  
  514.  
  515. if ($result=GetSQL($sql)){
  516. $num=mysql_num_rows($result);
  517. if ($num>0){
  518. $b="";
  519. if (strlen($PageList)>1){
  520. $b.="$PageList<hr>";
  521. }
  522. $b.="<table width='100%' border=0 cellspacing=0><tr><td><b>".strtoupper($col1name)."</b></td><td><b>NAME</b></td><td><b>EMAIL</b></td><td><b>PHONE</b></td><td><b>STATUS</b></td></tr>";
  523. $bg=0;
  524. while ($row=mysql_fetch_array($result)){
  525. $no=$row['no'];
  526. $a1="<a href='?m=showticket&no=".$no."'>";
  527. $col1x=$row['col1'];
  528. $clientname=$row['clientname'];
  529. $clientemail=$row['clientemail'];
  530. $clientphone=$row['clientphone'];
  531. $statusx=$row['status'];
  532. if ($statusx==1){
  533. $statusy='OPEN';
  534. } else if ($statusx==2){
  535. $statusy='WAITING';
  536. } else {
  537. $statusy='CLOSED';
  538. }
  539. $sql2="SELECT info FROM tline WHERE ticketno=$no ORDER BY no";
  540. $row2=GetSQLRow($sql2);
  541. $info=$row2['info'];
  542. $bg++;if ($bg>=2){$bg=0;}if ($bg==1){$bgcol='#dddddd';} else {$bgcol='#ffffff';}
  543. $b.="<tr style='background-color: $bgcol;'><td>$a1$col1x</a></td><td>$a1$clientname</a></td><td>$a1$clientemail</a></td><td>$clientphone</td><td>$statusy</td></tr><tr style='background-color: $bgcol;'><td colspan=5 style='font-size:10px;color:#666666;font-style:italic;'>$info</td></tr>";
  544. }
  545. $b.="</table>$PageList";
  546. } else {
  547. $b="";
  548. }
  549.  
  550. } else {
  551. $b="";
  552. }
  553.  
  554. if (strlen($b)>0){
  555. msg("SEARCH RESULTS",$b);
  556. } else {
  557. msg("SEARCH RESULTS","<b>No results found!</b>");
  558. }
  559. ShowSearchForm($col1,$name,$email,$phone,$linker);
  560. }
  561. ###############################################################
  562. function ShowSearchForm($col1="",$clientname="",$clientemail="",$clientphone="",$linker=""){
  563. global $col1name,$col1val;
  564. $b="<center><form method='get'><input type='hidden' name='m' value='search'><table border=0>";
  565.  
  566. if (strlen($col1name)>0){
  567. $b.="<tr><td align='right'>$col1name:</td><td>";
  568. if (count($col1val)>0){
  569. $b.="<select name='$col1name'>";
  570. foreach($col1val as $v){
  571. $b.="<option value='$v'";
  572. if ($col1==$v){$b.=" selected='selected'";}
  573. $b.=">$v</option>";
  574. }
  575. $b.="</select>";
  576. } else {
  577. $r.="<input name='$col1name' type='text' size=30 value='$col1'>";
  578. }
  579. }
  580. $b.="</td></tr>";
  581. $b.="<tr><td align='right'>Name:</td><td><input name='name' id='name' type='text' size=30 value=\"$clientname\"></td></tr>
  582. <tr><td align='right'>Email address:</td><td><input name='email' id='email' type='text' size=30 value='$clientemail'></td></tr>
  583. <tr><td align='right'>Phone:</td><td><input name='phone' id='phone' type='text' size=30 value='$clientphone'></td></tr>";
  584. $b.="<tr><td>Search Type:</td><td>
  585.  
  586. AND <input type='radio' name='linker' value='AND'";
  587. if ($linker<>"OR"){$b.=" checked='checked'";}
  588. $b.="> OR <input type='radio' name='linker' value='OR'";
  589. if ($linker=="OR"){$b.=" checked='checked'";}
  590. $b.=">
  591. </td></tr>";
  592. $b.="<tr><td colspan=2 align='center'><input type='submit' value='SEARCH'></td></tr></table></form></center>";
  593. msg("SEARCH",$b);
  594.  
  595. }
  596. ###############################################################
  597. function SendAssignNotice(){
  598. global $loggedinas,$loggedinasno,$date,$ip,$URL,$DefaultFromAddress,$DefaultFromName;
  599. $name=$_REQUEST['assignto'];
  600. $no=$_REQUEST['no'];
  601. $email=GetEmailAddress($name);
  602. $details=GetUserDetails($name,2);
  603. $assignedtono=$details['no'];
  604.  
  605. $U="$URL/admin/?m=showticket&no=$no";
  606. $info="This ticket has been assigned to $name";
  607. $info2=" <br>Dear $name,<br> <br>Ticket no. $no has been assigned to you. You may view and edit this ticket at <a href='$U'>$URL</a><br> <br>Regards,<br>$DefaultFromName.";
  608. $sunject="Ticket no. $no has been assigned to you";
  609.  
  610. $sql="UPDATE ticket SET lastmod='$date',lastmodby=$loggedinasno,assignedto=$assignedtono WHERE no=$no";
  611. PutSQL($sql);
  612. $sql="INSERT INTO tline (ticketno,date,modby,info,ip) VALUES ($no,'$date',$loggedinasno,'$info','$ip')";
  613. PutSQL($sql);
  614.  
  615. SendEmail($email,$DefaultFromAddress,$DefaultFromName,$sunject,$info2);
  616.  
  617. msg("ASSIGN TICKET","Assigning ticket no. $no to $name ($email)");
  618. ShowTicket($no);
  619. }
  620. ###############################################################
  621. function GetEmailAddress($name,$searchon="name"){
  622. $sql="SELECT email FROM user WHERE $searchon='$name'";
  623. #print "SQL=$sql<br>";
  624. $row=GetSQLRow($sql);
  625. $email=$row['email'];
  626. return $email;
  627. }
  628. ###############################################################
  629. function ShowReportsScreen(){
  630. global $col1val;
  631. $t="REPORT OPTIONS";
  632. $b="Reports will be available soon...";
  633.  
  634. msg($t,$b);
  635.  
  636.  
  637. $sql="SELECT * FROM ticket";
  638. $result=GetSQL($sql);
  639. $count=mysql_num_rows($result);
  640. $b="<table border=0><tr><td><b>Tickets on system:</b> </td><td> $count</td></tr>";
  641. foreach ($col1val as $company){
  642. if (strlen($company)>0){
  643. $sql="SELECT * FROM ticket WHERE col1='$company'";
  644. $result=GetSQL($sql);
  645. $count=mysql_num_rows($result);
  646. $b.="<tr><td><b>$company:</b></td><td>$count</td></tr>";
  647. }
  648. }
  649. $b.="</table>";
  650. msg("NO. OF TICKETS RECORDED",$b);
  651. }
  652. ###############################################################
  653. function DeleteLine(){
  654. global $AllowRootDel,$loggedinas,$adminaccess;
  655. $ticket=$_REQUEST['no'];
  656. if (($AllowRootDel>=1) && ($adminaccess>=127)){
  657. $l=$_REQUEST['l'];
  658. $sql="DELETE FROM tline WHERE no=$l";
  659. DoSQL($sql);
  660. $t="DELETE LINE No. $l";
  661. $b="I have deleted line no. $l from ticket no. $ticket for you!";
  662. msg($t,$b,1);
  663. ShowTicket($ticket);
  664. } else {
  665. NA();
  666. ShowTicket($ticket);
  667. }
  668. }
  669. ###############################################################
  670. function DeleteTicket(){
  671. global $AllowRootDel,$loggedinas,$adminaccess;
  672. $ticket=$_REQUEST['no'];
  673. if (($AllowRootDel>=1) && ($adminaccess>=127)){
  674. #$l=$_REQUEST['l'];
  675. $sql="DELETE FROM ticket WHERE no=$ticket";
  676. DoSQL($sql);
  677. $t="DELETE TICKET No. $ticket";
  678. $b="I have deleted ticket no. $ticket for you!";
  679. msg($t,$b,1);
  680. } else {
  681. NA();
  682. }
  683. ShowTickets("status=0");
  684. ShowTickets("status=1");
  685. }
  686. ###############################################################
  687. function UpdateUsers(){
  688. global $adminaccess,$URL,$date,$loggedinas,$MaxAdminLevel,$DefaultFromAddress,$DefaultFromName;
  689. #print "ADMIN: $adminaccess<br>";
  690. if ($adminaccess<1){NA();return;}
  691. $no=$_POST['no'];
  692. $uname=@$_POST['uname'];
  693. $upass=$_POST['upass'];
  694. $name=$_POST['name'];
  695. $phone=$_POST['phone'];
  696. $email=$_POST['email'];
  697. $admin=$_POST['admin'];
  698. $pagecolour=$_POST['pagecolour'];
  699. $snippetsize=$_POST['snippetsize'];
  700. $sqlA=array();
  701. $x=0;
  702. foreach($no as $n){
  703. if (($n==0) && ($adminaccess>=4)){
  704. if (strlen($uname)>1){
  705. $u=CheckUserName($uname);
  706. $e=CheckEmail($email[$x]);
  707. if (($e==0) && ($u==0)){
  708. #print "U=$u and E=$e<br>";
  709. $al=$admin[$x];
  710. if ($al>$MaxAdminLevel){$al=$MaxAdminLevel;}
  711. $sqlA[]="INSERT INTO user (uname,upass,name,phone,email,created,adminlevel,pagecolour,snippetsize) VALUES ('".$uname."','".$upass[$x]."','".$name[$x]."','".$phone[$x]."','".$email[$x]."','$date',".$al.",'".$pagecolour[$x]."',".$snippetsize[$x].")";
  712. $m="Hi ".$name[$x].",<br> <br>An account has been set up for you at <a href='$URL'>$URL</a> with the following details:<br> <br><center><table border=0><tr><td><b>USERNAME:</b></td><td><font face='courier'>$uname</font></td></tr><tr><td><b>PASSWORD:</b></td><td><font face='courier'>".$upass[$x]."</font></td></tr></table></center><br> <br>To log in, go to the site and click on the <a href='$URL/admin'>[ADMIN ACCESS]</a> link. Please also change your password to something easier for you to remember by clicking on <a href='$URL/admin/?m=edituser'>[CHANGE PASSWORD]</a>.<br> <br>Regards,<br>$DefaultFromName.";
  713. SendEmail($email[$x],$DefaultFromAddress,$DefaultFromName,"New TICKET account",$m);
  714. #SendEmail("mark.jackson.mjs@gmail.com","mark.jackson.mjs@gmail.com","NO REPLY","[DEV COPY]: New TICKET account",$m);
  715. } else {
  716. $b='';
  717. if ($u==1){$b.="USERNAME (".$uname.") already exists! Please use another username.<br>";}
  718. if ($e==1){$b.="EMAIL (".$email[$x].") already exists! Please use another email address.<br>";}
  719. msg("DUPLICATE ENTRY",$b,1);
  720. }
  721. }
  722. } else {
  723. if ($adminaccess>=4){
  724. $sqlA[]="UPDATE user SET upass='".$upass[$x].
  725. "',name='".$name[$x].
  726. "',phone='".$phone[$x].
  727. "',email='".$email[$x].
  728. "',adminlevel=".$admin[$x].
  729. ",pagecolour='".$pagecolour[$x].
  730. "',snippetsize=".$snippetsize[$x].
  731. " WHERE no=$n";
  732. } else if ($adminaccess>0){
  733. $sqlA[]="UPDATE user SET upass='".$upass[$x].
  734. "',pagecolour='".$pagecolour[$x].
  735. "',snippetsize=".$snippetsize[$x].
  736. " WHERE no=$n";
  737. }
  738. }
  739. $x++;
  740. }
  741.  
  742. foreach($sqlA as $sql){
  743. PutSQL($sql);
  744. }
  745.  
  746. MakeHTPasswdFile();
  747.  
  748. ShowEditUsersForm();
  749.  
  750. }
  751. ###############################################################
  752. function CheckUserName($u){
  753. $sql="SELECT uname FROM user WHERE uname='$u'";
  754. $row=GetSQLRow($sql);
  755. if ($row['uname']==$u){return 1;} else {return 0;}
  756. }
  757. ###############################################################
  758. function CheckEmail($e){
  759. $sql="SELECT email FROM user WHERE email='$e'";
  760. $row=GetSQLRow($sql);
  761. if ($row['email']==$e){return 1;} else {return 0;}
  762. }
  763. ###############################################################
  764. function ShowEditUsersForm(){
  765. global $adminaccess,$loggedinas,$BaseDir;
  766. #print (1 & 8)."<br>";
  767. #print (5 & 7)."<br>";
  768. print "<script type=\"text/javascript\" src=\"jscolor.js\"></script>";
  769. if ($adminaccess <1){NA();return;}
  770. if ($adminaccess < 4){
  771. $w="WHERE uname='$loggedinas'";
  772. } else {
  773. $w="";
  774. }
  775. $sql="SELECT * from user $w";
  776. $result=GetSQL($sql);
  777. $UMJava="<script type=\"text/javascript\">
  778. //<![CDATA[
  779. document.write('<div><input id=\"unmask\" value=\"1\" type=\"checkbox\" onclick=\"unmaskPassword(\'id_newpassword\')\"/><label for=\"id_newpasswordunmask\">Unmask<\/label><\/div>');
  780. document.getElementById(\"id_newpassword\").setAttribute(\"autocomplete\", \"off\");
  781. //]]>
  782. </script>";
  783. $b="<form name='EditUsers' method='post'><table width='100%'><input type='hidden' name='m' value='updateusers'>
  784. <tr><td><b>USERNAME</b></td><td><b>PASSWORD</b></td><td><b>NAME</b></td><td><b>PHONE</b></td><td><b>EMAIL</b></td><td><b>ACCESS</b></td><td><b>PAGE COLOUR</b></td><td><b>SNIPPET SIZE</b></td></tr>";
  785. $x=0;
  786. while ($row=mysql_fetch_array($result)){
  787. $x++;
  788. $no=$row['no'];
  789. $uname=$row['uname'];
  790. $upass=$row['upass'];
  791. $name=$row['name'];
  792. $phone=$row['phone'];
  793. $email=$row['email'];
  794. $admin=$row['adminlevel'];
  795. $pagecolour=$row['pagecolour'];
  796. $snippetsize=$row['snippetsize'];
  797. #if (!is_int($snippetsize)){$snippetsize=0;}
  798.  
  799. $b.="<tr><td><input type='hidden' name='no[]' value=$no>$uname</td>
  800. <td><input size=10 type='password' name='upass[]' value='$upass' id='pwd$no'>";
  801. # pwd$no
  802. if ($adminaccess>4){
  803. if ($adminaccess>8){$b.="<input type='radio' name='show$no' onclick=\"JavaScript:document.getElementById('pwd$no').type='text';\"><input type='radio' name='show$no' checked='checked' onclick=\"JavaScript:document.getElementById('pwd$no').type='password';\">";}
  804.  
  805. $b.=" </td>
  806. <td><input size=16 type='text' name='name[]' value='$name'></td>
  807. <td><input size=12 type='text' name='phone[]' value='$phone'></td>
  808. <td><input size=20 type='text' name='email[]' value='$email'></td>
  809. <td><input size=3 type='text' name='admin[]' value='$admin'></td>
  810. <td><input size=7 type='text' name='pagecolour[]' value='$pagecolour' class=\"color\"></td>
  811. <td><input size=3 type='text' name='snippetsize[]' value='$snippetsize'></td>
  812. </tr>";
  813. } else {
  814. $b.=" </td>
  815. <td><input size=16 type='hidden' name='name[]' value='$name'>$name</td>
  816. <td><input size=12 type='hidden' name='phone[]' value='$phone'>$phone</td>
  817. <td><input size=20 type='hidden' name='email[]' value='$email'>$email</td>
  818. <td><input size=3 type='hidden' name='admin[]' value='$admin'>$admin</td>
  819. <td><input size=7 type='text' name='pagecolour[]' value='$pagecolour' class=\"color\"></td>
  820. <td><input size=3 type='text' name='snippetsize[]' value='$snippetsize'></td>
  821. </tr>";
  822. }
  823. }
  824. if ($adminaccess>=4){
  825. $b.="<tr><td align='center' colspan=8><b>/---------------------------------------------------------------------------------[ NEW USER ]------------------------------------------------------------------------------------\</b></td></tr>
  826. <tr><td><b>USERNAME</b></td><td><b>PASSWORD</b></td><td><b>NAME</b></td><td><b>PHONE</b></td><td><b>EMAIL</b></td><td><b>ACCESS</b></td></tr>
  827. <tr><td><input type='hidden' name='no[]' value=0>
  828. <input size=10 type='text' name='uname' value=''></td>
  829. <td><input size=10 type='password' name='upass[]' value=''></td>
  830. <td><input size=16 type='text' name='name[]' value=''></td>
  831. <td><input size=12 type='text' name='phone[]' value=''></td>
  832. <td><input size=20 type='text' name='email[]' value=''></td>
  833. <td><input size=3 type='text' name='admin[]' value=1></td>
  834. <td><input size=7 type='text' name='pagecolour[]' value='#cccccc' class='color'></td>
  835. <td><input size=3 type='text' name='snippetsize[]' value='0'></td>
  836. </tr>";
  837. }
  838. $b.="<tr><td colspan=8---><hr></td></tr></table>
  839. <input type='submit' name='submit' value='COMMIT CHANGES'></form><br>";
  840. if ($adminaccess>4){
  841. $b.="<b>ACCESS NOTES:</b><br>Numbers are used to grant specific access, if multiple access is required, add the numbers together:<br><table border=0><tr><td width=20>0</td><td>Disabled (accounts can't be deleted because users may have contributed to tickets).</td></tr><tr><td width=20>1</td><td>General Access, able to update tickets.</td></tr><tr><td width=20>2</td><td>View Reports.</td></tr><tr><td>4</td><td>Super Admin, able to edit users.</td></tr></table>";
  842. }
  843. msg("EDIT USERS",$b);
  844.  
  845.  
  846.  
  847. }
  848. ###############################################################
  849. function RetrieveTicket($code,$email){
  850. list($no)=split("T",$code);
  851. ShowTicket($no,$code,$email);
  852. }
  853. ###############################################################
  854. function AddToTicket($no,$passedcode="",$passedemail="",$SendEmail=1){
  855. global $adminaccess,$date,$loggedinasno,$ip,$URL,$DefaultFromAddress,$DefaultFromName,$SendEmailToClient,$ShowLinksInEmail,$logdir;
  856. #print "SHOW LINKS IN EMAIL = $ShowLinksInEmail<br>";
  857. $sql="SELECT * from ticket WHERE no=$no";
  858. $row=GetSQLRow($sql);
  859. $code=$row['code'];
  860. $clientname=$row['clientname'];
  861. $clientemail=$row['clientemail'];
  862. $col1=$row['col1'];
  863. if (($adminaccess>0) || (($passedcode=$code) && ($passedemail=$clientemail))){
  864. $info=mysql_escape_string($_POST['info']);
  865. $mod=@$_POST['mod'];
  866. if ($mod=='close'){
  867. $status=0;
  868. $info.="<br><b>CLOSED ($date)</b>";
  869. } else if ($mod=='wait'){
  870. $status=2;
  871. $info.="<br><b>WAITING ($date)</b>";
  872. } else if ($mod=='expire'){
  873. $status=0;
  874. $info.="<br><b>EXPIRED ($date) - May be re-opened if assistance is still required</b>";
  875. } else {
  876. $status=1;
  877. }
  878. #print "CLOSE=$close<br>";
  879. if ($SendEmail==0){
  880. $info.="<br><b>FTR (NOT SENT TO CLIENT)</b>";
  881. }
  882.  
  883. $sql="UPDATE ticket SET status=$status,lastmod='$date',lastmodby=$loggedinasno WHERE no=$no";
  884. PutSQL($sql);
  885.  
  886. $sql="INSERT INTO tline (ticketno,date,modby,info,ip) VALUES ($no,'$date',$loggedinasno,'$info','$ip')";
  887. $tline=PutSQL($sql);
  888. $fn="$logdir/$no.$tline.log";
  889. $log="TICKET NO: $no
  890. TICKET LINE: $tline
  891. DATE: $date
  892. UPDATED BY CODE: $loggedinasno
  893. IP: $ip
  894. INFO: $info";
  895. Logit($fn,$log);
  896.  
  897. if ($SendEmail==1){
  898. SendUpdateEmail($clientname,$clientemail,$code,$info,$status);
  899. }
  900.  
  901.  
  902.  
  903.  
  904. msg('','TICKET UPDATED');
  905.  
  906. } else {
  907. NA();
  908. }
  909.  
  910. }
  911.  
  912.  
  913. ###############################################################
  914. function Logit($fn,$log){
  915. #print "LOGGING TO: $fn<br>";
  916. $f=@fopen($fn,"w");
  917. fwrite($f,$log);
  918. @fclose($f);
  919. }
  920. ###############################################################
  921. function SendUpdateEmail($clientname,$clientemail,$code,$info,$status){
  922. global $date,$DefaultFromAddress,$DefaultFromName,$ShowLinksInEmail,$URL,$SendEmailToClient,$adminaccess,$loggedinasno;
  923. $message="&nbsp;<br>Dear $clientname,<br> <br>Your support request ticket ($code) has been ";
  924. if ($status==0){
  925. $message.="<b>CLOSED ($date)</b>.";
  926. if ($ShowLinksInEmail>0){$message.=" It may be viewed at";}
  927. $subject="CLOSED support ticket no.: $code";
  928. } else {
  929. $message.="updated";
  930. if ($ShowLinksInEmail>0){$message.=" and may be viewed/updated at";}
  931. $subject="Support ticket no.: $code";
  932. }
  933. $U="?m=retrieveticket&code=".$code."&email=".$clientemail;
  934. $U2=$URL."/".$U;
  935. if ($ShowLinksInEmail>0){$message.=" <a href='$U2'>$U2</a>";}
  936. $message.=".<br> <br>The update is shown below:<br> <br><table width='100%' bgcolor='#dddddd'><tr><td><font face='courier'>$info</font></td></tr></table>";
  937. if ($ShowLinksInEmail>0){$message.="<br> <br>If you need to respond, please do so by updating this ticket <a href='$U2'>HERE</a>.<br><font color='red'>Please do not reply to this email as it will not be seen by a human.</font>";}
  938. $message.="<br> <br>Regards,<br>$DefaultFromName.";
  939.  
  940. if ($SendEmailToClient>=1){
  941. $s=array("\\r\\n","\n");
  942. $r=array(" <br>"," <br>");
  943. $message=str_replace($s,$r,$message);
  944. #print "<textarea cols=70 rows=5>$message</textarea>";
  945. SendEmail($clientemail,$DefaultFromAddress,$DefaultFromName,$subject,$message);
  946. }
  947.  
  948. if ($adminaccess>0){
  949. #print "$loggedinasno<br>";
  950. $AdminEmail=GetEmailAddress($loggedinasno,"no");
  951. $message=" <br><center><font color='red'><b>FOR THE RECORD: Your additions to ticket no. $code</b></font></center><br>$message";
  952. SendEmail($AdminEmail,$AdminEmail,$DefaultFromName,"FTR: ".$subject,$message);
  953. }
  954. #SendEmail("mark.jackson.mjs@gmail.com","mark.jackson.mjs@gmail.com","NO REPLY","[DEV COPY]: ".$subject,$message);
  955. }
  956. ###############################################################
  957. function ShowTicket($no,$passedcode="",$passedemail=""){
  958. global $adminaccess,$URL,$AllowRootDel,$loggedinas,$col1name,$border,$date2;
  959. $sql="SELECT * from ticket WHERE no=$no";
  960. $row=GetSQLRow($sql);
  961. $col1=$row['col1'];
  962. $clientname=$row['clientname'];
  963. $clientemail=$row['clientemail'];
  964. $clientphone=$row['clientphone'];
  965. $created=$row['created'];
  966. $lastmod=$row['lastmod'];
  967. $lastmodby=$row['lastmodby'];if ($lastmodby>0){$UserDetails=GetUserDetails($lastmodby);$lastmodby=$UserDetails['name'];} else {$lastmodby=$clientname;}
  968. $code=$row['code'];
  969. $status=$row['status'];
  970.  
  971.  
  972. if (($adminaccess>0) || (($passedcode==$code) && (strtolower($passedemail)==strtolower($clientemail)))){
  973. $r="<table border=$border width='100%'>
  974. <tr><td width='50%' rowspan=5 align='left'><img src='$URL/ticket150.jpg' border=0 alt='TICKET'></td><td>
  975. <table border=$border>";
  976.  
  977. #
  978.  
  979. if (strlen($col1name)>0){
  980. $col1nameU=strtoupper($col1name);
  981. $r.="<tr><td><b>$col1nameU:</b></td><td>$col1</td></tr>";
  982. }
  983.  
  984. // Work out age according to ticket start and either current time or closed time
  985. if ($status==0){
  986. $age=strtotime($lastmod)-strtotime($created);
  987. } else {
  988. $age=strtotime($date2)-strtotime($created);
  989. }
  990. $age=MakeAgeString($age);
  991. // END AGE
  992. $NewForm=" <a href=\"?m=newform&col1=$col1&clientname=$clientname&clientemail=$clientemail&clientphone=$clientphone\" class='small'>[NEW]</a> <a href=\"?m=search&name=$clientname\" class='small'>[SEARCH]</a>";
  993. if ($adminaccess>=4){
  994. $r.="<form name='updatedetails' method='post'>
  995. <input type='hidden' name='m' value='updateticketheader'>
  996. <input type='hidden' name='no' value=$no>
  997. <tr><td><b>NAME:</b></td><td><input type='text' name='newclientname' value=\"$clientname\">$NewForm</td></tr>
  998. <tr><td><b>EMAIL:</b></td><td><input type='text' name='newclientemail' size=25 value='$clientemail'>";
  999. if (strpos($clientemail," ")===false){
  1000. } else {
  1001. $e2=str_replace(" ","<font style='background-color:red'>&nbsp;</font>",$clientemail);
  1002. $r.="<br><font color='red'>NOTE: There is a space in the email address shown by a red bar ($e2). This may be due to copying/pasting and may cause problems on some systems</font>";
  1003. }
  1004. $r.="<a href='?m=search&email=$clientemail' class='small'>[SEARCH]</a></td></tr>
  1005. <tr><td><b>PHONE:</b></td><td><input type='text' name='newclientphone' value='$clientphone'><input type='submit' class='smallbutton' name='submit' value='EDIT'></td></tr></form>";
  1006. } else {
  1007. $r.="<tr><td><b>NAME:</b></td><td>$clientname";
  1008. if ($adminaccess>=1){$r.=" $NewForm";}
  1009. $r.="</td></tr>
  1010. <tr><td><b>EMAIL:</b></td><td>$clientemail";
  1011. if (strpos($clientemail," ")===false){
  1012. } else {
  1013. $e2=str_replace(" ","<font style='background-color:red'>&nbsp;</font>",$clientemail);
  1014. $r.="<br><font color='red'>NOTE: There is a space in the email address shown by a red bar ($e2). This may be due to copying/pasting and may cause problems on some systems</font>";
  1015. }
  1016. $r.="</td></tr>
  1017. <tr><td><b>PHONE:</b></td><td>$clientphone</td></tr>";
  1018. }
  1019.  
  1020. $r.="<tr><td><b>CREATED:</b></td><td>$created (AGE: $age)</td></tr>
  1021. <tr><td><b>LAST MOD:</b></td><td>$lastmod</td></tr>
  1022. <tr><td><b>LAST MOD BY:</b></td><td>$lastmodby</td></tr>";
  1023.  
  1024.  
  1025.  
  1026. if ($adminaccess>0){
  1027. $r.="<tr><td><form method='post'><b>ASSIGN TO:</b></td><td><select name='assignto'>".GetStaffList()."</select><input type='hidden' name='m' value='SendAssignNotice'><input type='hidden' name='no' value='$no'><input type='submit' value='SEND'></form></td></tr>";
  1028. $U="?m=retrieveticket&code=".$code."&email=".$clientemail;
  1029. $r.="<tr><td><b>LOGIN AS USER:</b></td><td><a href='$URL/$U'>$code</a></td></tr>";
  1030. }
  1031. $r.="</table></td></tr>
  1032. </table>";
  1033.  
  1034.  
  1035.  
  1036. $t="TICKET NO. $no";
  1037. msg($t,$r);
  1038. $sql="SELECT * FROM tline WHERE ticketno=$no ORDER BY no";
  1039. #print "SQL=$sql<br>";
  1040. $result=GetSQL($sql);
  1041. #print "======<br>";
  1042. $x=0;
  1043. while ($row=mysql_fetch_array($result)){
  1044. $x++;
  1045. $date=$row['date'];
  1046. $modby=$row['modby'];
  1047. $lineno=$row['no'];
  1048.  
  1049. if ($modby>=1){
  1050. $UserDetails=GetUserDetails($modby);
  1051. $modby=$UserDetails['name'];
  1052. } else {
  1053. $modby='---';
  1054. }
  1055.  
  1056. $info=$row['info'];
  1057. #$body=$info;
  1058. $info=str_replace("\n"," <br>",$info);
  1059. $body="Dear $clientname,\n\nThis is a copy of the update to your support ticket and has been sent by normal email in case you have problems receiving email from our ticket system. If you need to respond, we can deal with your request quicker if you update the ticket (by visiting $URL/$U) rather than reply to this email :\n\n$info\n\nRegards,\n\nOUCPLD Support.\n\n";
  1060. $s=array("<b>","</b>","%","<br>","\n"," ","<",">","\\","?","\$","&","\"","@","#");
  1061. $r=array("\n***","***","%25","%0A","%0A","%20","&lt;","&gt;","%22","%3f","%24","%26","%40","%23");
  1062. $body=str_replace($s,$r,$body);
  1063. #$body=strip_tags($body);
  1064. $ip=$row['ip'];
  1065. if ($modby=="---"){$t="$date by $clientname ($ip)";} else {$t="$date by $modby ($ip)";}
  1066. if (($AllowRootDel>=1) && ($adminaccess>=127)){
  1067. $t.=" <a href='?m=DelLine&l=$lineno&no=$no'><font size=1>[DEL]</font></a>";
  1068. }
  1069. if ($adminaccess>=4){
  1070. $t.=" <a href='?m=ResendEmail&l=$lineno&no=$no'><font size=1>[RESEND EMAIL]</font></a>";
  1071. }
  1072. if ($adminaccess>=1){
  1073. $t.=" <a href=\"mailto:$clientemail?subject=SUPPORT%20REQUEST:%20$code&body=$body\"><font size=1>[SEND AS NORMAL EMAIL]</font></a>";
  1074. }
  1075.  
  1076. $b="<font face='courier'>$info</font>";
  1077. msg($t,$b,3);
  1078. }
  1079. if (($AllowRootDel>=1) && ($adminaccess>=127) && ($x==0)){
  1080. $t="EMPTY TICKET";
  1081. $b="This ticket is empty. This shouldn't be able to happen because a ticket is only created when a request is made. It may be because all lines have been removed from the ticket, in which case, you may want to delete the ticket itself.<br> <br>Click <a href='?m=DelTicket&no=$no'>[HERE]</a> to delete it.";
  1082. msg($t,$b,1);
  1083. }
  1084. ShowAddToTicketForm($no,$passedcode,$passedemail);
  1085. } else {
  1086. NA();
  1087. }
  1088. }
  1089. ###############################################################
  1090.  
  1091. function ShowTickets($s="status>0"){
  1092. global $adminaccess,$col1name,$date2,$LinesPerPage,$m,$SnippetSize;
  1093. $pn=@$_REQUEST['pn'];
  1094. if ($pn>0){
  1095. $start=($pn-1)*$LinesPerPage;
  1096. } else {
  1097. $start=0;
  1098. }
  1099. if ($adminaccess==0){NA(); return;}
  1100.  
  1101.  
  1102. // Multiple pages?
  1103. $sql="SELECT * FROM ticket WHERE $s";
  1104. $result=GetSQL($sql);
  1105. $count=mysql_num_rows($result);
  1106. $PageCount=ceil($count/$LinesPerPage);
  1107. $PageList="";
  1108. if ($PageCount>1){
  1109. if ($pn<1){$pn=1;}
  1110. $PageList.="SELECT PAGE: ";
  1111. if ($pn>1){
  1112. $prev=$pn-1;
  1113. $PageList.=" <a href='?m=$m&pn=$prev'>&lt;&lt;PREV</a>";
  1114. } else {
  1115. $PageList.=" <font color='#cccccc'>&lt;&lt;PREV</font>";
  1116. }
  1117. for($x=1;$x<=$PageCount;$x++){
  1118. if ($x==$pn){
  1119. $PageList.=" $x";
  1120. } else {
  1121. $PageList.=" <a href='?m=$m&pn=$x'>$x</a>";
  1122. }
  1123. }
  1124. if ($pn<$PageCount){
  1125. $next=$pn+1;
  1126. $PageList.=" <a href='?m=$m&pn=$next'>NEXT&gt;&gt;</a>";
  1127. } else {
  1128. $PageList.=" <font color='#cccccc'>NEXT&gt;&gt;</font>";
  1129. }
  1130. $PageList.=" <font color='#999999' size=1>($count tickets in system)</font>";
  1131. }
  1132. # / Multiple pages?
  1133.  
  1134.  
  1135. $sql="SELECT * FROM ticket WHERE $s ORDER BY no DESC LIMIT $start,$LinesPerPage";
  1136. $result=GetSQL($sql);
  1137. $num_rows=mysql_num_rows($result);
  1138. $r="";
  1139. if (strlen($PageList)>1){
  1140. $r.="$PageList<br>";
  1141. }
  1142.  
  1143. $r.="<table class='small' border=0 width='100%' cellspacing=0 cellpadding=0><tr><td class='tdsolidL'>No.</td>";
  1144. $cols=8;
  1145. if (strlen($col1name)>0){
  1146. $col1nameU=strtoupper($col1name);
  1147. $r.="<td class='tdsolid'>$col1nameU</td>";
  1148. $cols++;
  1149. }
  1150.  
  1151. $r.="<td class='tdsolid'>CLIENT</td><td class='tdsolid'>EMAIL</td><td class='tdsolid'>PHONE</td><td class='tdsolid'>CREATED</td><td class='tdsolid'>AGE</td><td class='tdsolid'>MOD BY</td><td class='tdsolid'>ASSIGNED</td><td class='tdsolid'>CODE</td></tr>";
  1152. #$r.="<tr><td colspan=$cols><hr></td></tr>";
  1153. $x=0; $linecount=0;
  1154. while (($row=mysql_fetch_array($result)) && ($linecount<=$LinesPerPage)){
  1155. $linecount++;
  1156. $no=$row['no'];
  1157. $col1=$row['col1'];
  1158. $clientname=$row['clientname'];
  1159. $clientemail=$row['clientemail'];
  1160. $clientphone=$row['clientphone'];
  1161. $created=$row['created'];
  1162. $lastmod=$row['lastmod'];
  1163. $lastmodby=$row['lastmodby'];
  1164. $status=$row['status'];
  1165. $code=$row['code'];
  1166. $assignedto=$row['assignedto'];
  1167. if ($assignedto>=1){
  1168. $row=GetUserDetails($assignedto);
  1169. $assignedtoname=$row['name'];
  1170. } else if ($assignedto=='0'){
  1171. $assignedtoname="--anyone--";
  1172. } else {
  1173. $assignedtoname="-na-";
  1174. }
  1175. // Get first line from ticket, i.e. support request
  1176. $sql2="SELECT info FROM tline WHERE ticketno=$no ORDER BY no";
  1177. $row2=GetSQLRow($sql2);
  1178. $info=$row2['info'];
  1179. // Limit size of display
  1180. if (strlen($info)>$SnippetSize){
  1181. $info=substr($info,0,$SnippetSize)."... <font color='#aaaaaa'>(cut at $SnippetSize chars)</font>";
  1182. }
  1183. // Work out age according to ticket start and either current time or closed time
  1184. if ($status==0){
  1185. $age=strtotime($lastmod)-strtotime($created);
  1186. } else {
  1187. $age=strtotime($date2)-strtotime($created);
  1188. }
  1189. $age=MakeAgeString($age);
  1190. // END AGE
  1191.  
  1192. if ($lastmodby==0){
  1193. $lastmodby=$clientname;
  1194. } else {
  1195. $UserDetails=GetUserDetails($lastmodby);
  1196. $lastmodby=$UserDetails['name'];
  1197. }
  1198. $x++;if ($x>1){
  1199. $x=0;
  1200. $tdstyle="class=row1";
  1201. } else {
  1202. $tdstyle="class=row2";
  1203. }
  1204. $r.="<tr><td $tdstyle><a href='?m=showticket&no=$no' $tdstyle>$no</a></td>";
  1205. if (strlen($col1name)>0){
  1206. $r.="<td $tdstyle>$col1</td>";
  1207. }
  1208. $r.="<td $tdstyle>$clientname</td>
  1209. <td $tdstyle>$clientemail</td>
  1210. <td $tdstyle>$clientphone</td>
  1211. <td $tdstyle>$created</td>
  1212. <td $tdstyle>$age</td>
  1213. <td $tdstyle>$lastmodby</td>
  1214. <td $tdstyle>$assignedtoname</td>
  1215. <td $tdstyle>$code</td>
  1216. </tr>";
  1217.  
  1218. if ($SnippetSize>0){$r.="<tr><td $tdstyle colspan=10 style='font-size:10px;color:#666666;font-style:italic;'>$info</td></tr>";}
  1219. }
  1220. if ($num_rows==0){$r.="<td colspan=10 align='center'><font size=3 color='#999999'><b>NO TICKETS IN THIS CATEGORY</b></font></td>
  1221. </tr>";}
  1222. $r.="</table>$PageList";
  1223. $t="TICKETS";
  1224. switch ($s){
  1225. case "status=0": $t="CLOSED TICKETS (showing $num_rows)"; break;
  1226. case "status=1": $t="OPEN TICKETS (showing $num_rows)"; break;
  1227. case "status=2": $t="WAITING TICKETS (showing $num_rows)"; break;
  1228. }
  1229. msg($t,$r);
  1230.  
  1231. if (($s=="status=1") && ($linecount>0)){
  1232. FlashPageBG(2);
  1233. }
  1234. }
  1235. ###############################################################
  1236. function MakeAgeString($age){
  1237. $age=$age/60;
  1238. if ($age>1439){$age=sprintf("%5.1f", $age/1440)." days";}
  1239. else if ($age>59){$age=sprintf("%5.1f", $age/60)." hours";}
  1240. else {$age=sprintf("%5.0f", $age)." mins";}
  1241. return($age);
  1242. }
  1243. ###############################################################
  1244. function GetStaffList(){
  1245. $sql="SELECT * FROM user ORDER BY name";
  1246. $result=GetSQL($sql);
  1247. $r="<option value=''></option>";
  1248. while ($row=mysql_fetch_array($result)){
  1249. $name=$row['name'];
  1250. if ($name<>"Root User"){$r.="<option value='$name'>$name</option>";}
  1251. }
  1252. return $r;
  1253. }
  1254. ###############################################################
  1255. function ShowAddToTicketForm($no,$passedcode,$passedemail){
  1256. global $loggedinas,$adminaccess,$templates,$BaseDir,$AllowClientCloseTicket;
  1257. $b="";
  1258. $c="\n\n<script type=\"text/javascript\" language=\"javascript\"><!--
  1259.  
  1260. func"."tion ChgText(newtext,note)
  1261. {
  1262. var MyElement = document.getElementById(\"info\");
  1263. MyElement.value = newtext;
  1264.  
  1265. var MyElement2 = document.getElementById(\"warning\");
  1266. MyElement2.innerHTML = \"<b>TEMPLATE IN USE - CHECK THE WORDING AND MAKE SURE USERNAME/PASSWORD ARE CORECT</b><br><font color=\'red\'>\" + note + \"</font>\";
  1267.  
  1268. return true;
  1269. }
  1270.  
  1271. //-->
  1272. </script>\n\n
  1273. <center><b>TEMPLATES</b><br>";
  1274.  
  1275. $sql="SELECT col1 FROM ticket WHERE no=$no";
  1276. $row=GetSQLRow($sql);
  1277. $c1=$row['col1'];
  1278. $sql="SELECT * FROM templates WHERE company='$c1' OR company='[GLOBAL]' ORDER BY company";
  1279. #print "SQL=$sql<br>";
  1280. $result=GetSQL($sql);
  1281. while ($row=mysql_fetch_array($result)){
  1282. $template=mysql_escape_string($row['template']);
  1283. $butt=mysql_escape_string($row['buttontitle']);
  1284. $note=mysql_escape_string($row['notes']);
  1285. #print "T=$template<br>B=$butt<br>N=$note<br>";
  1286. $c.=" <input type='button' onclick=\"ChgText('$template','$note')\" value='$butt'>";
  1287. }
  1288.  
  1289. $c.="</center>";
  1290.  
  1291. if ($adminaccess>0){$b.=$c;}
  1292. $t="Add to ticket";
  1293. $b.="<br><center><div name='warning' id='warning'><b>Everything added here will be recorded on the ticket";
  1294. if (strlen($loggedinas)>1){
  1295. $b.=" (and sent to the client if the [UPDATE/SEND] button is used)";
  1296. }
  1297. $b.="</b></div><br><form name='addtoticket' method='post'>
  1298. <input type='hidden' name='no' value='$no'>
  1299. <input type='hidden' name='code' value='$passedcode'>
  1300. <input type='hidden' name='email' value='$passedemail'>
  1301. <table>
  1302. <tr><td><textarea name='info' id='info' rows=9 cols=80></textarea></td></tr>
  1303. <tr><td><table border=0 width='100%'><tr><td>
  1304. <input type='submit' name='m' value='UPDATE/SEND'>
  1305. "; #addtoticket
  1306. if (($AllowClientCloseTicket>0) || ($adminaccess>0)){$b.=" <input type='radio' name='mod' value='open' checked='checked'>Leave open <input type='radio' name='mod' value='close'>Close <input type='radio' name='mod' value='expire'>Expire <input type='radio' name='mod' value='wait'>Waiting<br><font size=1>LEAVE OPEN: the ticket will remain active<br>CLOSE: The ticket will be closed because the problem has been resolved<br>EXPIRE: close a ticket when the client has not responded<br>WAITING: Waiting for the client to respond</font>";
  1307. }
  1308. $b.="</td><td align='right'>";
  1309. if (strlen($loggedinas)>1){
  1310. $b.="<input type='submit' name='m' value='UPDATE AND DO NOT SEND'>";
  1311. } else {
  1312. $b.="&nbsp;";
  1313. }
  1314. $b.="</td></tr></table>";
  1315. $b.="</td></tr>
  1316. </table></form></center>";
  1317. msg($t,$b);
  1318. }
  1319.  
  1320.  
  1321. ###############################################################
  1322. function NA(){
  1323. global $adminaccess;
  1324. msg("NO ACCESS","You don't have access to do this...<br>Your status level is $adminaccess",1);
  1325. }
  1326.  
  1327. ###############################################################
  1328. function GetUserDetails($srch,$mode=0){
  1329. switch ($mode){
  1330. case 0: $sql="SELECT * FROM user WHERE no=$srch";break;
  1331. case 1: $sql="SELECT * FROM user WHERE uname='$srch'";break;
  1332. case 2: $sql="SELECT * FROM user WHERE name='$srch'";break;
  1333. }
  1334. #print "SQL=$sql<br>";
  1335. $result=GetSQL($sql);
  1336. $row=mysql_fetch_array($result);
  1337. return $row;
  1338. }
  1339. ###############################################################
  1340. function GetSQLRow($sql){
  1341. $result=GetSQL($sql);
  1342. $row=@mysql_fetch_array($result);
  1343. return $row;
  1344. }
  1345. ###############################################################
  1346. function Getadmin($user){
  1347. $sql="SELECT * FROM user WHERE uname='$user'";
  1348. $row=GetSQLRow($sql);
  1349. $admin=$row['adminlevel'];
  1350. return $admin;
  1351. }
  1352. ###############################################################
  1353. function RegisterNewTicket(){
  1354. global $tables,$border,$debug,$date,$ip,$URL,$DefaultFromAddress,$DefaultFromName,$col1name,$SendEmailToClient,$ShowLinksInEmail,$m2,$Inform,$logdir;
  1355. $col1=@mysql_escape_string($_POST[$col1name]);
  1356. $name=mysql_escape_string($_POST['name']);
  1357. $email=mysql_escape_string($_POST['email']);
  1358. $phone=mysql_escape_string($_POST['phone']);
  1359. $info=$_POST['info'];
  1360. $confirm=@$_POST['confirm'];
  1361.  
  1362. $s=array("\\n","\\r");
  1363. $r=array("<br>","");
  1364. $info=str_replace($s,$r,$info);
  1365.  
  1366. $code="T".rand(11111111,99999999);
  1367.  
  1368. $r="";
  1369.  
  1370. $r.="<table border=$border>";
  1371. if (strlen($col1name)>0){
  1372. $r.="<tr><td><b>$col1name:</b></td><td><fonr face='courier'>$col1</font></td></tr>";
  1373. }
  1374. $r.="<tr><td><b>NAME:</b></td><td><fonr face='courier'>$name</font></td></tr><tr><td><b>EMAIL:</b></td><td><fonr face='courier'>$email</font></td></tr><tr><td><b>PHONE:</b></td><td><fonr face='courier'>$phone</font></td></tr><tr><td><b>DATE:</b></td><td><fonr face='courier'>$date</font></td></tr><tr><td colspan=2><b>SUPPORT REQUEST:</b><br><fonr face='courier'>$info</font></td></tr></table>";
  1375.  
  1376. $NotificationDetails=$r;
  1377.  
  1378. $sql="INSERT INTO ticket (col1,clientname,clientemail,clientphone,code,status,created,lastmod,lastmodby,assignedto) VALUES ('$col1','$name','$email','$phone','$code',1,'$date','$date',0,0)";
  1379. $TicketNo=PutSQL($sql);
  1380.  
  1381. $fn="$logdir/$TicketNo.0.log";
  1382. $log="TICKET NO: $TicketNo
  1383. COMPANY: $col1
  1384. NAME: $name
  1385. EMAIL: $email
  1386. PHONE: $phone
  1387. CODE: $TicketNo.$code
  1388. DATE: $date";
  1389. Logit($fn,$log);
  1390.  
  1391. $code=$TicketNo.$code;
  1392. $sql="UPDATE ticket SET code='$code' where no=$TicketNo";
  1393. PutSQL($sql);
  1394.  
  1395. if ($confirm=="on"){
  1396. $r.="<br> <br>CONFIRMATION OF CODE $code REQUESTED";
  1397. }
  1398.  
  1399. $r.="<div class='box'>Ticket progress will be sent to <font face='courier'>$email</font> or can be checked at any time form a web browser by entering your email address and the ticket code: <font face='courier'>$code</font></div>";
  1400.  
  1401. if ($confirm=="on"){$info.="<br> <br>CONFIRMATION OF CODE $code REQUESTED";}
  1402.  
  1403. $sql="INSERT INTO tline (ticketno,modby,date,info,ip) values ($TicketNo,0,'$date','$info','$ip')";
  1404. $LineNo=PutSQL($sql);
  1405.  
  1406. $fn="$logdir/$TicketNo.$LineNo.log";
  1407. $log="TICKET NO: $TicketNo
  1408. TICKET LINE: $LineNo
  1409. DATE: $date
  1410. CREATED BY CODE: $name
  1411. EMAIL: $email
  1412. PHONE: $phone
  1413. IP: $ip
  1414. INFO: $info";
  1415. Logit($fn,$log);
  1416.  
  1417. $r.="<br>New ticket is no. $TicketNo";
  1418. if ($debug>0){$r.=" (ticketline=$LineNo)";}
  1419.  
  1420. if ($m2=='form'){
  1421. $r="Your support request has been registered and you will be sent a confirmation email";
  1422. }
  1423. $r2="<center><table width='80%' style='border-style:solid; border-width:2px; border-color:#ff0000; -moz-border-radius: 0px;' cellspacing=0 cellpadding=5><tr><td align='center' bgcolor='yellow' >
  1424. <h3>IMPORTANT NOTICE</h3>
  1425. this ticket system will sent email from<br> <br>
  1426. <font face='courier'>$DefaultFromName &lt;$DefaultFromAddress&gt;</font><br> <br>
  1427.  
  1428. Some email systems may reject an email if the sender is not in your address book. Please add this address to your address book now.</td></tr></table></center>&nbsp;<br>&nbsp;<br>";
  1429. msg("TICKET REGISTERED",$r2.$r);
  1430.  
  1431.  
  1432.  
  1433. $message="&nbsp;<br>Dear $name,<br> <br>A new support request ticket ($code) has been created for you with the following details:<br> <br>
  1434. <table width='100%' bgcolor='#dddddd'><tr><td><font face='courier'>$info</font></td></tr></table><br>";
  1435. if ($ShowLinksInEmail>0){
  1436. $U="?m=retrieveticket&code=".$code."&email=".$email;
  1437. $U2=$URL."/".$U;
  1438. $message.="Your can see your ticket progress or addfurther information at <a href='$U2'>$U2</a><br> <br>";
  1439. }
  1440. if ($confirm=="on"){$message.="<br><font color='red'><b>IMPORTANT:</b> Please note that you will be required to confirm your identity as the valid reciprient of this email by contacting the helpdesk and confiming the following ticket code: <font face='courier'>$code</font></font><br>";}
  1441. $message.=" <br>Regards,<br>$DefaultFromName.";
  1442.  
  1443. if ($SendEmailToClient>=1){
  1444. SendEmail($email,$DefaultFromAddress,$DefaultFromName,"Support ticket no.: $code",$message);
  1445. }
  1446. #SendEmail("mark.jackson.mjs@gmail.com","mark.jackson.mjs@gmail.com","NO REPLY","[DEV COPY]: Support ticket no.: $code",$message);
  1447.  
  1448. $U="$URL/admin/?m=showticket&no=$TicketNo";
  1449. $message="This email is to inform you that a new ticket has just been registered (no. $TicketNo) with the following details:<br> <br><table border=0 width='100%' bgcolor='#dddddd'><tr><td>$NotificationDetails</td></tr></table><br> <br>The ticket can be seen at: <a href='$U'>$U</a>";
  1450. if (count($Inform)>0){
  1451. foreach ($Inform as $Add){
  1452. SendEmail($Add,$Add,"NO REPLY","[NOTICE OF NEW TICKET]: Support ticket no.: $code",$message);
  1453. }
  1454. }
  1455. }
  1456. ###############################################################
  1457. function ShowRetrieveTicketForm(){
  1458. global $border;
  1459. $r="<center><form method='post' name='new'>
  1460. <input type='hidden' name='m' value='retrieveticket'>
  1461. <table border=$border>
  1462. <tr><td align='right'>Your email address:</td><td><input name='email' type='text' size=30></td></tr>
  1463. <tr><td align='right'>Ticket Code:</td><td><input name='code' type='text' size=30></td></tr>
  1464. <tr><td colspan=2 align='center'><input type='submit' name='submit' value='SUBMIT'></td></tr>
  1465. </table>
  1466. </form></center>";
  1467. msg('RETRIEVE TICKET',$r);
  1468. }
  1469.  
  1470. ###############################################################
  1471. function ShowNewTicketForm(){
  1472. global $border,$debug,$col1name,$col1val,$adminaccess,$m,$PageWidth;
  1473. $col1='';$name=''; $email='';$phone='';$info='';$r='';
  1474. $info=str_replace("<br>","\n",@$_REQUEST['info']);
  1475. $col1passed=@$_REQUEST['col1'];
  1476.  
  1477. $r.="<center><form target='fast' method='post' action='?' onSubmit=\"return checkrequired(this)\">
  1478. <input type='hidden' name='m' value='newticket'>
  1479. <table border=$border>";
  1480. if ((strlen($col1name)>0) &&($m<>'iframe') &&($m<>'newform')){
  1481. $r.="<tr><td align='right'>$col1name:</td><td>";
  1482. if (count($col1val)>0){
  1483. $r.="<select name='$col1name'>";
  1484. foreach($col1val as $v){
  1485. $r.="<option value='$v'>$v</option>";
  1486. }
  1487. $r.="</select>";
  1488. } else {
  1489. $r.="<input name='$col1name' type='text' size=30 value='$col1'>";
  1490. }
  1491. $r.="</td></tr>";
  1492. } else if ($m=='iframe'){
  1493. $r.="<input type='hidden' name='$col1name' value='$col1passed'>
  1494. <input type='hidden' name='m2' value='newticket'>
  1495. <input type='hidden' name='m' value='iframe'>
  1496. <input type='hidden' name='width' value=$PageWidth>";
  1497. } else if (($m=='newform') && ($adminaccess>=1)){
  1498. #print "AA=$adminaccess<br>";
  1499. $name=$_REQUEST['clientname'];
  1500. $email=$_REQUEST['clientemail'];
  1501. $phone=$_REQUEST['clientphone'];
  1502. $col1=$_REQUEST['col1'];
  1503. $r.="<tr><td align='right'>$col1name:</td><td>";
  1504. if (count($col1val)>0){
  1505. $r.="<select name='$col1name'>";
  1506. $r.="<option value='$col1'>$col1</option>";
  1507. foreach($col1val as $v){
  1508. $r.="<option value='$v'>$v</option>";
  1509. }
  1510. $r.="</select>";
  1511. } else {
  1512. $r.="<input name='$col1name' type='text' size=30 value='$col1'>";
  1513. }
  1514. $r.="</td></tr>";
  1515. }
  1516.  
  1517. $noCols=80;
  1518. $noCols=$PageWidth/10;
  1519. $r.="<tr><td align='right'>Full Name:</td><td><input name='name' id='name' type='text' size=30 value=\"$name\"></td></tr>
  1520. <tr><td align='right'>Email address:</td><td><input name='email' id='email' type='text' size=30 value='$email'></td></tr>
  1521. <tr><td align='right'>Phone:</td><td><input name='phone' id='phone' type='text' size=30 value='$phone'></td></tr>";
  1522. if ($adminaccess>0){$r.="<tr><td align='right'>Send 'please confirm' request:</td><td><input name='confirm' id='confirm' type='checkbox'></td></tr>";}
  1523. $r.="<tr><td colspan=2>Support Request:<br><textarea name='info' id='info' cols=$noCols rows=6>$info</textarea></td></tr>
  1524. <tr><td colspan=2 align='center'>
  1525.  
  1526. <input type='submit' name='submit' value='SUBMIT'>
  1527.  
  1528. </td></tr>
  1529. </table>
  1530. </form></center>";
  1531. msg('NEW TICKET',$r);
  1532. }
  1533.  
  1534. ###############################################################
  1535. function OpenDB($x=0){
  1536. global $link,$db,$tables,$dbUserName,$dbUserPass,$server,$debug,$date;
  1537. $link=mysql_connect($server,$dbUserName,$dbUserPass);
  1538. if (!$link) {
  1539. die("Can't connect to server: ".mysql_error()."<br>Giving up...");
  1540. } else if ($debug>=1){
  1541. msg("","CONNECTED TO $server...",2);
  1542. }
  1543.  
  1544. #if ($x==0){$sql="DROP DATABASE $db";GetSQL($sql);}
  1545.  
  1546. $db_selected = mysql_select_db($db,$link);
  1547. if (!$db_selected){
  1548. msg("Couldn't open database ($db): ".mysql_error(),"I couldn't connect to database \"$db\", I will try to create it. Reload this page and if this message appears again, you will have to manually create \"$db\".",1);
  1549. $sql="CREATE database $db";
  1550. mysql_query($sql,$link);
  1551. mysql_select_db($db,$link);
  1552. if (mysql_error()){msg("MySQL ERROR",mysql_error(),1);}
  1553.  
  1554. msg("CREATE TABLE","About to try and create tables.",1);
  1555. $sqlA=array();
  1556. $sqlA[]="CREATE TABLE user (no int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY(no), uname tinytext,upass tinytext,name tinytext,phone tinytext,email tinytext,created datetime,adminlevel int,pagecolour tinytext,snippetsize int)";
  1557. $sqlA[]="INSERT INTO user (uname,upass,name,phone,email,created,adminlevel,snippetsize) VALUES ('root','passwd','Root User','00000 000000','noreply@nodomain.com','$date',127,400)";
  1558. $sqlA[]="CREATE TABLE ticket (no int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY(no),col1 tinytext,clientname tinytext,clientemail tinytext,clientphone tinytext,code tinytext,status int,created datetime,lastmod datetime,lastmodby int,assignedto int)";
  1559. $sqlA[]="CREATE TABLE tline (no int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY(no),ticketno int,date datetime,modby tinytext,info text,ip tinytext)";
  1560. $sqlA[]="CREATE TABLE templates (no int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY(no),buttontitle tinytext,template text,notes tinytext,company tinytext)";
  1561.  
  1562. foreach($sqlA as $sql){
  1563. mysql_query($sql,$link);
  1564. if (mysql_error()){msg("MySQL ERROR",mysql_error(),1);}
  1565. }
  1566. msg("Tables created","Tables created, check for errors...",1);
  1567.  
  1568. #print "X=$x<br>";
  1569.  
  1570. if ($x==0){
  1571. msg("Attempting to open DB again","Attempting to open DB again - if the DB was sucessfully created above, it will now open.",1);
  1572. OpenDB(1);
  1573. MakeHTPasswdFile();
  1574. } else {
  1575. die();
  1576. }
  1577. }
  1578. }
  1579.  
  1580.  
  1581. ###########################################################################
  1582. function MakeHTPasswdFile(){
  1583. global $BaseDir;
  1584. $f=fopen("$BaseDir/admin/.htpasswd","w");
  1585. $sql="SELECT * FROM user";
  1586. $r='';
  1587. if ($result=GetSQL($sql)){
  1588. while ($row=mysql_fetch_array($result)){
  1589. $uname=$row['uname'];
  1590. $upass=$row['upass'];
  1591. $upass=crypt($upass);
  1592. fputs($f,"$uname:$upass\n");
  1593. #$r.="Adding: $uname:$upass<br>";
  1594. }
  1595. }
  1596. fclose($f);
  1597. msg("USER DATABASE UPDATED","$r <br>The user database has been updated.");
  1598. }
  1599. ###############################################################
  1600. function GetSQL($sql){
  1601. global $link;
  1602. $result=mysql_query($sql,$link);
  1603. if (!$result){
  1604. $b="<b>NO RESULTS RETURNED</b>";
  1605. msg("<b>NO RESULTS RETURNED</b>");
  1606. } else {
  1607. return $result;
  1608. }
  1609. }
  1610. ###############################################################
  1611. function DoSQL($sql){
  1612. global $link;
  1613. $result=mysql_query($sql,$link);
  1614. return $result;
  1615.  
  1616. }
  1617. ###############################################################
  1618. function PutSQL($sql){
  1619. global $link;
  1620. $result=mysql_query($sql,$link);
  1621. if ($result==false){
  1622. $r=mysql_error();
  1623. msg("<b>MySQL ERROR</b>",$r."<br><b>SQL:</b><br>".$sql,1);
  1624. } else {
  1625. $result=mysql_insert_id();
  1626. return $result;
  1627. }
  1628. }
  1629. ###############################################################
  1630. function cr($x=1){
  1631. for ($y=0;$y<$x;$y++){
  1632. print "<font size=1> <br> </font>";
  1633. }
  1634. }
  1635.  
  1636. ###############################################################
  1637. function CloseDB(){
  1638. global $link;
  1639. mysql_close($link);
  1640. }
  1641.  
  1642. ###############################################################
  1643. function h(){
  1644. global $PageWidth,$loggedinas,$adminaccess,$buttons,$URL,$BaseDir,$FormCheckJS,$title,$pagecolour;
  1645. if (strlen($loggedinas)>2){$title.=" ($loggedinas)";}
  1646.  
  1647. print "<!DOCTYPE HTML PUBLIC\"-//W3C//DTD HTML 4.0 Transitional//EN\">
  1648. <html>
  1649. <head title='$title'>
  1650. <title>$title</title>
  1651. <link rel='shortcut icon' href='$URL/favicon.ico'>
  1652. $FormCheckJS
  1653. </head><body bgcolor='#$pagecolour'>";
  1654. Style();
  1655. print "<center><br><table border=0 class='page' width=$PageWidth><tr><td>
  1656. <table width='100%' border=0 cellpadding-0 cellspacing=0><tr><td>";
  1657. if (file_exists("$BaseDir/mylogo.png")){print "<img src='$URL/mylogo.png' border=0>";}
  1658. print "&nbsp;</td><td align='right'><a href='$URL'><img src='$URL/head.png' border=0></a></td></tr></table>";
  1659. if (strlen($loggedinas)>1){$t="<center>You are logged in as $loggedinas (admin level $adminaccess)</center>";} else {$t='';}
  1660.  
  1661. msg($t,$buttons);
  1662. }
  1663.  
  1664. ###############################################################
  1665. function h2(){
  1666. global $PageWidth,$loggedinas,$adminaccess,$buttons,$URL,$BaseDir,$FormCheckJS;
  1667. print "<!DOCTYPE HTML PUBLIC\"-//W3C//DTD HTML 4.0 Transitional//EN\">
  1668. <html>
  1669. <head title='FAST'>
  1670. <title='FAST'>
  1671. <link rel='shortcut icon' href='$URL/favicon.ico'>
  1672. $FormCheckJS
  1673. </head><body>";
  1674. Style();
  1675. }
  1676. ###############################################################
  1677. function f($foot=""){
  1678. global $ver;
  1679. print "</td></tr></table><font size=1><i>FAST v$ver</i></font></center></body></html>";
  1680. }
  1681. ###############################################################
  1682. function f2(){
  1683. print "</body></html>";
  1684. }
  1685.  
  1686. ###############################################################
  1687. function msg($t,$b="",$mode=0){
  1688. $px="1px";
  1689. $cp=5;
  1690. $HeaderTextCol='#000000';
  1691. $HeaderBackgroundCol='#bbbbbb';
  1692. $HeaderTextSize="10pt";
  1693. $BodyBackgroundCol='#ffffff';
  1694. $BodyTextCol='#000000';
  1695. $BodyTextSize="10pt";
  1696. $BorderCol='#999999';
  1697. $HeadStyle='';
  1698. $BodyStyle='';
  1699. #$mode=1;
  1700. if ($mode==1){
  1701. $HeaderTextCol='red';
  1702. $HeaderBackgroundCol='yellow';
  1703. $BodyTextCol='red';
  1704. $BorderCol='red';
  1705. } elseif ($mode==2){
  1706. $HeaderTextCol='#999999';
  1707. $HeaderBackgroundCol='#cccccc';
  1708. $BodyTextCol='#999999';
  1709. $BorderCol='#999999';
  1710. $HeadStyle="style='font-family:courier;font-size:8pt;'";
  1711. $BodyStyle="style='font-family:courier;font-size:8pt;'";
  1712. }
  1713. elseif ($mode==3){
  1714. $HeaderTextCol='#000000';
  1715. $HeaderBackgroundCol='#eeeeee';
  1716. $BodyTextCol='#999999';
  1717. $BorderCol='#999999';
  1718. $BodyStyle="style='font-family:courier;font-size:8pt;'";
  1719. }
  1720. print "<table width='100%' style='border-style:solid; border-width:$px; border-color:$BorderCol; -moz-border-radius: 0px;' cellspacing=0 cellpadding=5>";
  1721. if (strlen($t)>=1){
  1722. print "<tr><td align='center' bgcolor='$HeaderBackgroundCol' $HeadStyle><div style='font-color:$HeaderTextCol;font-size:$HeaderTextSize'><b>$t</b></div></td></tr>";}
  1723. if (strlen($b)>=1){
  1724. print "<tr><td bgcolor='$BodyBackgroundCol' $BodyStyle><div style='font-color:$BodyTextCol;font-size:$BodyTextSize'>$b</div></td></tr>";
  1725. }
  1726. print "</table> <br>";
  1727. }
  1728.  
  1729. ###############################################################
  1730. function SendEmail($toEmail,$fromEmail,$fromName,$subject,$message){
  1731. global $date,$ver,$BusinessName,$BusinessWeb,$EmailWidth,$EmailHeadHeight,$EmailHeadImage,$URL,$DefaultFromAddress;
  1732. $s=array("\r","\n","\'");
  1733. $r=array(""," <br>","'");
  1734. $message=str_replace($s,$r,$message);
  1735. #print "<textarea cols=10 rows=5>$message</textarea>";
  1736. $ehead="<table border=0 width=$EmailWidth cellpadding=0 cellspacing=0 style='border-style:solid; border-width:1px; border-color:#000000;'>
  1737. <tr><td><img src=\"$EmailHeadImage\" border=\"0\" width=\"$EmailWidth\" height=\"$EmailHeadHeight\" alt=\"Fast And Simple Ticket Support Email\"><br>
  1738. <table border=0 cellpadding=5 cellspacing=5>
  1739. <tr><td><DIV style=\"FONT: 8pt arial; color:#888888\">From: $fromName <$fromEmail><br>
  1740. Subject: $subject<br>
  1741. Sent: $date</DIV>";
  1742. $htmlmessage="$ehead<DIV style=\"FONT: 10pt arial\">$message</DIV><br>";
  1743. if ($fromEmail==$DefaultFromAddress){
  1744. $htmlmessage.="<DIV style=\"FONT: 8pt arial; color:#ff3333\"><b>PLEASE NOTE:</b> This email is automated and any reply to it will probably not be seen by a human.<br></div>";
  1745. }
  1746. $htmlmessage.="<DIV style=\"FONT: 8pt arial; color:#888888\"><i>This message is from the Fast And Simple Ticket system and may contain confidential and/or legally privileged information; it is intended for the use by the addressee only. If you are not the addressee you must not use, distribute or copy this email. If you have received this communication in error please notify us immediately then delete it.</i> [FAST v$ver]</div>";
  1747. $htmlmessage.="</td></tr></table></td></tr></table></DIV>";
  1748.  
  1749. SendEmail2($toEmail,$fromEmail,$fromName,$subject,$htmlmessage);
  1750. #SendEmail2("mark.jackson.mjs@gmail.com","mark.jackson.mjs@gmail.com","NO REPLY","[DEV COPY]: ".$subject,$htmlmessage);
  1751.  
  1752. }
  1753.  
  1754. ###############################################################
  1755. function SendEmail2($to,$fromEmail,$fromName,$subject,$htmlmessage){
  1756. global $cr;
  1757. $mime_boundary=md5(time())."-2";
  1758. $mime_boundary2= $mime_boundary."-3";
  1759.  
  1760. # Common Headers
  1761. $headers='';
  1762. $headers .= "Message-ID: <".time()."-".$fromEmail.">".$cr;
  1763. $headers .= "Date: ".date('r').$cr;
  1764. $headers .= "From: ".$fromName."<".$fromEmail.">".$cr;
  1765. $headers .= "Reply-To: ".$fromName."<".$fromEmail.">".$cr;
  1766. $headers .= "Return-Path: ".$fromName."<".$fromEmail.">".$cr; // these two to set reply address
  1767. //$headers .= "Message-ID: <".time()."-".$fromaddress.">".$cr;
  1768. $headers .= "X-Mailer: PHP v".phpversion().$cr; // These two to help avoid spam-filters
  1769.  
  1770. # Boundry for marking the split & Multitype Headers
  1771. $headers .= 'Mime-Version: 1.0'.$cr;
  1772. $headers .= "Content-Type: multipart/mixed; boundary=\"".$mime_boundary."\"".$cr.$cr;
  1773. #$headers .= "To: ".$to.$cr;
  1774. #$headers .= "Subject: ".$subject.$cr.$cr;
  1775. $headers .= "This is a MIME-formatted message. If you see this text it means that your".$cr;
  1776. $headers .= "E-mail software does not support MIME-formatted messages.".$cr.$cr;
  1777.  
  1778. # Open the first part of the mail
  1779. $msg ='';
  1780.  
  1781. $msg .= "--".$mime_boundary.$cr;
  1782. $msg .= "Content-Type: multipart/alternative; boundary=\"$mime_boundary2\"".$cr.$cr;
  1783. $msg .= "This is a MIME-formatted message. IF you see this text it means that your".$cr;
  1784. $msg .= "E-mail softare does not support MIME-formatted messages.".$cr.$cr;
  1785. $msg .= "--".$mime_boundary2.$cr;
  1786. $msg .= "Content-Type: text/plain; charset=iso-8859-1; format=flowed".$cr;
  1787. $msg .= "Content-Transfer-Encoding: 7bit".$cr;
  1788. $msg .= "Content-Disposition: inline".$cr.$cr;
  1789. $msg .= strip_tags(str_replace("<br>", "\n", $htmlmessage ));
  1790. $msg .= $cr.$cr;
  1791. $msg .= "--".$mime_boundary2.$cr;
  1792. $msg .= "Content-Type: text/html; charset=iso-8859-1;".$cr;
  1793. #$msg .= "Content-Transfer-Encoding: quoted-printable".$cr;
  1794. $msg .= "Content-Disposition: inline".$cr.$cr;
  1795. $msg .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">".$cr;
  1796. $msg .= "<html>".$cr;
  1797. $msg .= "<body>".$cr;
  1798. #$msg .= mime_html_encode($htmlmessage).$cr;
  1799. $msg .= $htmlmessage.$cr;
  1800. $msg .= "</body>".$cr;
  1801. $msg .= "</html>".$cr;
  1802. $msg .= $cr.$cr;
  1803. $msg .= "--".$mime_boundary2."--".$cr.$cr;
  1804.  
  1805. mail($to, $subject, $msg, $headers);
  1806.  
  1807. }
  1808. ###############################################################
  1809. function mime_html_encode($input , $line_max = 76){
  1810. $cr = "\r\n";//MAIL_MIMEPART_CRLF
  1811. $output = '';
  1812. $line = '';
  1813. $intag = false;
  1814.  
  1815. for($i=0; $i<strlen($input); $i++) {
  1816. $ip=$input{$i};
  1817. $op='';
  1818.  
  1819. if ($intag) {
  1820. if ($ip=="=") $op="=3D";
  1821. else $op= $ip;
  1822. } else {
  1823. if ($ip=="\"") $op='"';//'
  1824. else if ($ip=="&") $op="&";
  1825. else if ($ip=="'") $op="'";
  1826. else $op= $ip;
  1827. }
  1828.  
  1829. if ((strlen($line)+strlen($op))>=$line_max){
  1830. $output.=$line.'='.$cr;
  1831. //if ($intag) $output.=$line.'='.$cr;
  1832. //else $output.=$line.$cr;
  1833. $line='';
  1834. }
  1835. $line.=$op;
  1836.  
  1837. if($ip=='<') {
  1838. $intag=true;
  1839. } else if ($ip=='>') {
  1840. $intag=false;
  1841. }
  1842. }
  1843. return $output.$line.$cr;
  1844. }
  1845.  
  1846.  
  1847. ###############################################################
  1848. function Style(){
  1849. global $ServerName,$Background,$PageWidth;
  1850. print "<style type='text/css'>
  1851. body {font-family: arial, helvetica; font-size: 10pt; margin: 0px; margin:0; padding:0; border:0;}
  1852. table.page {background-color: #ffffff;font-family: arial, helvetica; font-size: 10pt; margin: 0px; -moz-border-radius: 18px; padding: 11px; border: black 2px solid;}
  1853. table {background-color: #ffffff;font-family: arial, helvetica; font-size: 10pt; margin: 0px;}
  1854. a {font-size: 10pt;}
  1855. a.bold {font-size: 10pt; font-weight:bold;}
  1856. a.bold:hover {color:#ff0000}
  1857. a.NoUnderline{TEXT-DECORATION:none;}
  1858. a.NoUnderline:hover{TEXT-DECORATION:none; color:#ff0000}
  1859. a.NoUnderline2{TEXT-DECORATION:none; font-size:8pt;}
  1860. a.NoUnderline2:hover{TEXT-DECORATION:none; font-size:8pt; color:#ff0000}
  1861. a.small{TEXT-DECORATION: none; font-size:8pt;}
  1862. a.small:hover{TEXT-DECORATION: none; font-size:8pt; color:#ff0000;}
  1863. a.big{TEXT-DECORATION: none; font-size:16pt;}
  1864. a.big:hover{TEXT-DECORATION: none; font-size:16pt; color:#ff0000;}
  1865. .smallbutton {padding:0px; font-family:arial; font-size: 6pt;}
  1866. input,textarea,submit,option,select {font-size:10pt;font-family:arial;}
  1867. textarea {padding: 5px; BORDER: black 1px solid; COLOR: #000000; BACKGROUND: #eeeeee; TEXT-DECORATION: none; font-size: 10pt; font-family:courier;}
  1868. .wob {background-color: #666666; color: #cccccc; font-weight: bold;}
  1869. .opts {font-size: 12pt;}
  1870. .border {border: black 1px solid;}
  1871. .box {border: #cccccc 1px solid; padding: 10px;}
  1872. td {vertical-align: top;}
  1873.  
  1874. /* Header used on list of tickets table */
  1875. .tdsolid {border-color: #ffffff; border-width: 1px 1px 1px 0px; border-style: solid; margin: 0;font-size:9pt; padding: 1px 2px; color: #ffffff; background-color: #999999;}
  1876. .tdsolidL {border-color: #ffffff; border-width: 1px 1px 1px 1px; border-style: solid; margin: 0;font-size:9pt; padding: 1px 2px; color: #ffffff; background-color: #999999;}
  1877.  
  1878. /* Rows used for showing lists of tickets */
  1879. .row1 {background-color: #dddddd; border-color: #dddddd; border-width: 1px 1px 1px 1px; border-style: solid; font-size:8pt;}
  1880. .row2 {background-color: #eeeeee; border-color: #eeeeee; border-width: 1px 1px 1px 1px; border-style: solid; font-size:8pt;}
  1881.  
  1882. </style>";
  1883.  
  1884. }
  1885.  
  1886.  
  1887. ?>
Add Comment
Please, Sign In to add comment