osTicket Awesome for osTicket 1.17 (Revision 1) - Basic Ticket Search Fix

1. <?php
2. /*************************************************************************
3.     tickets.php
4.  
5.     Handles all tickets related actions.
6.  
7.     Peter Rotich <peter@osticket.com>
8.     Copyright (c)  2006-2013 osTicket
9.     http://www.osticket.com
10.  
11.     Released under the GNU General Public License WITHOUT ANY WARRANTY.
12.     See LICENSE.TXT for details.
13.  
14.     vim: expandtab sw=4 ts=4 sts=4:
15. **********************************************************************/
16.  
17. require('staff.inc.php');
18. require_once(INCLUDE_DIR.'class.ticket.php');
19. require_once(INCLUDE_DIR.'class.dept.php');
20. require_once(INCLUDE_DIR.'class.filter.php');
21. require_once(INCLUDE_DIR.'class.canned.php');
22. require_once(INCLUDE_DIR.'class.json.php');
23. require_once(INCLUDE_DIR.'class.dynamic_forms.php');
24. require_once(INCLUDE_DIR.'class.export.php');       // For paper sizes
25.  
26.  
27.  
28. // Fetch ticket queues organized by root and sub-queues
29. $queues = CustomQueue::getHierarchicalQueues($thisstaff);
30.  
31. $page='';
32. $ticket = $user = null; //clean start.
33. $redirect = false;
34. //LOCKDOWN...See if the id provided is actually valid and if the user has access.
35. if(isset($_REQUEST['id']) || isset($_REQUEST['number'])) {
36.     if($_REQUEST['id'] && !($ticket=Ticket::lookup($_REQUEST['id'])))
37.          $errors['err']=sprintf(__('%s: Unknown or invalid ID.'), __('ticket'));
38.     elseif($_REQUEST['number'] && !($ticket=Ticket::lookup(array('number' => $_REQUEST['number']))))
39.          $errors['err']=sprintf(__('%s: Unknown or invalid number.'), __('ticket'));
40.      elseif(!$ticket->checkStaffPerm($thisstaff)) {
41.          $errors['err']=__('Access denied. Contact admin if you believe this is in error');
42.          $ticket=null; //Clear ticket obj.
43.      }
44. }
45.  
46. if (!$ticket) {
47.     // Display a ticket queue. Decide the contents
48.     $queue_id = null;
49.  
50.     // Search for user
51.     if (isset($_REQUEST['uid']))
52.         $user = User::lookup($_REQUEST['uid']);
53.  
54.     if (isset($_REQUEST['email']))
55.         $user = User::lookupByEmail($_REQUEST['email']);
56.  
57.     if ($user
58.             && $_GET['a'] !== 'open'
59.     ) {
60.         $criteria = [
61.             ['user__emails__address', 'equal', $user->getDefaultEmailAddress()],
62.             ['user_id', 'equal', $user->id],
63.         ];
64.         if ($S = $_GET['status'])
65.             // The actual state is tracked by the key
66.             $criteria[] = ['status__state', 'includes', [$S => $S]];
67.         $_SESSION['advsearch']['uid'] = $criteria;
68.         $queue_id = "adhoc,uid";
69.     }
70.     // Search for organization tickets
71.     elseif (isset($_GET['orgid'])
72.         && ($org = Organization::lookup($_GET['orgid']))
73.     ) {
74.         $criteria = [
75.             ['user__org__name', 'equal', $org->name],
76.             ['user__org_id', 'equal', $org->id],
77.         ];
78.         if ($S = $_GET['status'])
79.             $criteria[] = ['status__state', 'includes', [$S => $S]];
80.         $_SESSION['advsearch']['orgid'] = $criteria;
81.         $queue_id = "adhoc,orgid";
82.     }
83.     // Basic search (click on 🔍 )
84.     elseif (isset($_GET['a']) && $_GET['a'] === 'search'
85.         && ($_GET['query'])
86.     ) {
87.         $wc = mb_str_wc($_GET['query']);
88.         if ($wc < 4) {
89.             $key = substr(md5($_GET['query']), -10);
90.             $isEmail = Validator::is_email($_GET['query']);
91.             if ($_GET['search-type'] == 'typeahead' || $isEmail) {
92.                 // Use a faster index
93.                 $criteria = ['user__emails__address', 'equal', $_GET['query']];
94.             } else {
95.                 $criteria = [':keywords', null, $_GET['query']];
96.             }
97.             $_SESSION['advsearch'][$key] = [$criteria];
98.             $queue_id = "adhoc,{$key}";
99.         } else {
100.             $errors['err'] = sprintf(
101.                     __('Search term cannot have more than %d keywords', 4));
102.         }
103.     }
104.  
105.     $queue_key = sprintf('::Q:%s', ObjectModel::OBJECT_TYPE_TICKET);
106.     $queue_id = $queue_id ?: @$_GET['queue'] ?: $_SESSION[$queue_key]
107.         ?? $thisstaff->getDefaultTicketQueueId() ?: $cfg->getDefaultTicketQueueId();
108.  
109.     // Recover advanced search, if requested
110.     if (isset($_SESSION['advsearch'])
111.         && strpos($queue_id, 'adhoc') === 0
112.     ) {
113.         list(,$key) = explode(',', $queue_id, 2);
114.         // For queue=queue, use the most recent search
115.         if (!$key) {
116.             reset($_SESSION['advsearch']);
117.             $key = key($_SESSION['advsearch']);
118.         }
119.  
120.         $queue = AdhocSearch::load($key);
121.     }
122.  
123.     if ((int) $queue_id && !isset($queue))
124.         $queue = SavedQueue::lookup($queue_id);
125.  
126.     if (!$queue && ($qid=$cfg->getDefaultTicketQueueId()))
127.         $queue = SavedQueue::lookup($qid);
128.  
129.     if (!$queue && $queues)
130.         list($queue,) = $queues[0];
131.  
132.     if ($queue) {
133.         // Set the queue_id for navigation to turn a top-level item bold
134.         $_REQUEST['queue'] = $queue->getId();
135.         // Make the current queue sticky
136.          $_SESSION[$queue_key] = $queue->getId();
137.     }
138. }
139.  
140. // Configure form for file uploads
141. $response_form = new SimpleForm(array(
142.     'attachments' => new FileUploadField(array('id'=>'attach',
143.         'name'=>'attach:response',
144.         'configuration' => array('extensions'=>'')))
145. ));
146. $note_form = new SimpleForm(array(
147.     'attachments' => new FileUploadField(array('id'=>'attach',
148.         'name'=>'attach:note',
149.         'configuration' => array('extensions'=>'')))
150. ));
151.  
152. //At this stage we know the access status. we can process the post.
153. if($_POST && !$errors):
154.  
155.     if($ticket && $ticket->getId()) {
156.         //More coffee please.
157.         $errors=array();
158.         $lock = $ticket->getLock(); //Ticket lock if any
159.         $role = $ticket->getRole($thisstaff);
160.         $dept = $ticket->getDept();
161.         $isManager = $dept->isManager($thisstaff); //Check if Agent is Manager
162.         switch(strtolower($_POST['a'])):
163.         case 'reply':
164.             if (!$role || !$role->hasPerm(Ticket::PERM_REPLY)) {
165.                 $errors['err'] = __('Action denied. Contact admin for access');
166.             } else {
167.                 $vars = $_POST;
168.                 $vars['files'] = $response_form->getField('attachments')->getFiles();
169.                 $vars['response'] = ThreadEntryBody::clean($vars['response']);
170.                 if(!$vars['response'])
171.                     $errors['response']=__('Response required');
172.  
173.                 if ($cfg->isTicketLockEnabled()) {
174.                     if (!$lock) {
175.                         $errors['err'] = sprintf('%s %s', __('This action requires a lock.'), __('Please try again!'));
176.                     }
177.                     // Use locks to avoid double replies
178.                     elseif ($lock->getStaffId()!=$thisstaff->getId()) {
179.                         $errors['err'] = __('Action Denied. Ticket is locked by someone else!');
180.                     }
181.                     // Attempt to renew the lock if possible
182.                     elseif (($lock->isExpired() && !$lock->renew())
183.                         ||($lock->getCode() != $_POST['lockCode'])
184.                     ) {
185.                         $errors['err'] = sprintf('%s %s', __('Your lock has expired.'), __('Please try again!'));
186.                     }
187.                 }
188.  
189.                 //Make sure the email is not banned
190.                 if(!$errors['err'] && Banlist::isBanned($ticket->getEmail()))
191.                     $errors['err']=__('Email is in banlist. Must be removed to reply.');
192.             }
193.  
194.             $alert =  strcasecmp('none', $_POST['reply-to']);
195.             if (!$errors) {
196.                 // Add new collaborators (if any)
197.                 $_errors = array();
198.                 if (isset($vars['ccs']) && count($vars['ccs']))
199.                     $ticket->addCollaborators($vars['ccs'], array(), $_errors);
200.                 // set status of collaborators
201.                 if ($collabs = $ticket->getCollaborators()) {
202.                     foreach ($collabs as $collaborator) {
203.                         $cid = $collaborator->getUserId();
204.                         // Enable collaborators if they were reselected
205.                         if (!$collaborator->isActive() && ($vars['ccs'] && in_array($cid, $vars['ccs'])))
206.                             $collaborator->setFlag(Collaborator::FLAG_ACTIVE, true);
207.                         // Disable collaborators if they were unchecked
208.                         elseif ($collaborator->isActive() && (!$vars['ccs'] || !in_array($cid, $vars['ccs'])))
209.                             $collaborator->setFlag(Collaborator::FLAG_ACTIVE, false);
210.                         $collaborator->save();
211.                     }
212.                 }
213.             }
214.             if (!$errors && ($response=$ticket->postReply($vars, $errors,
215.                             $alert))) {
216.                 $msg = sprintf(__('%s: Reply posted successfully'),
217.                         sprintf(__('Ticket #%s'),
218.                             sprintf('<a href="tickets.php?id=%d"><b>%s</b></a>',
219.                                 $ticket->getId(), $ticket->getNumber()))
220.                         );
221.  
222.                 // Clear attachment list
223.                 $response_form->setSource(array());
224.                 $response_form->getField('attachments')->reset();
225.  
226.                 // Remove staff's locks
227.                 $ticket->releaseLock($thisstaff->getId());
228.  
229.                 // Cleanup response draft for this user
230.                 Draft::deleteForNamespace(
231.                     'ticket.response.' . $ticket->getId(),
232.                     $thisstaff->getId());
233.  
234.                 if ($ticket->isClosed())
235.                     $ticket = null;
236.  
237.                 $redirect = 'tickets.php';
238.                 if ($ticket && $thisstaff->getReplyRedirect() == 'Ticket')
239.                     $redirect = 'tickets.php?id='.$ticket->getId();
240.  
241.             } elseif (!$errors['err']) {
242.                 $errors['err']=sprintf('%s %s',
243.                     __('Unable to post the reply.'),
244.                     __('Correct any errors below and try again.'));
245.             }
246.             break;
247.         case 'postnote': /* Post Internal Note */
248.             $vars = $_POST;
249.             $vars['files'] = $note_form->getField('attachments')->getFiles();
250.             $vars['note'] = ThreadEntryBody::clean($vars['note']);
251.  
252.             if ($cfg->isTicketLockEnabled()) {
253.                 if (!$lock) {
254.                     $errors['err'] = sprintf('%s %s', __('This action requires a lock.'), __('Please try again!'));
255.                 }
256.                 // Use locks to avoid double replies
257.                 elseif ($lock->getStaffId()!=$thisstaff->getId()) {
258.                     $errors['err'] = __('Action Denied. Ticket is locked by someone else!');
259.                 }
260.                 elseif ($lock->getCode() != $_POST['lockCode']) {
261.                     $errors['err'] = sprintf('%s %s', __('Your lock has expired.'), __('Please try again!'));
262.                 }
263.             }
264.  
265.             $wasOpen = ($ticket->isOpen());
266.             if(($note=$ticket->postNote($vars, $errors, $thisstaff))) {
267.  
268.                 $msg = sprintf(__('%s: %s posted successfully'),
269.                         sprintf(__('Ticket #%s'),
270.                             sprintf('<a href="tickets.php?id=%d"><b>%s</b></a>',
271.                                 $ticket->getId(), $ticket->getNumber())),
272.                         __('Internal note')
273.                         );
274.                 // Clear attachment list
275.                 $note_form->setSource(array());
276.                 $note_form->getField('attachments')->reset();
277.  
278.                 // Remove staff's locks
279.                 $ticket->releaseLock($thisstaff->getId());
280.  
281.                 if($wasOpen && $ticket->isClosed())
282.                     $ticket = null; //Going back to main listing.
283.                 else
284.                     // Ticket is still open -- clear draft for the note
285.                     Draft::deleteForNamespace('ticket.note.'.$ticket->getId(),
286.                         $thisstaff->getId());
287.  
288.                  $redirect = 'tickets.php';
289.                  if ($ticket)
290.                      $redirect ='tickets.php?id='.$ticket->getId();
291.  
292.             } else {
293.  
294.                 if(!$errors['err'])
295.                     $errors['err'] = __('Unable to post internal note - missing or invalid data.');
296.  
297.                 $errors['postnote'] = sprintf('%s %s',
298.                     __('Unable to post the note.'),
299.                     __('Correct any errors below and try again.'));
300.             }
301.             break;
302.         case 'edit':
303.         case 'update':
304.             if(!$ticket || !$role->hasPerm(Ticket::PERM_EDIT))
305.                 $errors['err']=__('Permission Denied. You are not allowed to edit tickets');
306.             elseif($ticket->update($_POST,$errors)) {
307.                 $msg=__('Ticket updated successfully');
308.                 $redirect = 'tickets.php?id='.$ticket->getId();
309.                 $_REQUEST['a'] = null; //Clear edit action - going back to view.
310.                 //Check to make sure the staff STILL has access post-update (e.g dept change).
311.                 if(!$ticket->checkStaffPerm($thisstaff))
312.                     $ticket=null;
313.             } elseif(!$errors['err']) {
314.                 $errors['err']=sprintf('%s %s',
315.                     sprintf(__('Unable to update %s.'), __('this ticket')),
316.                     __('Correct any errors below and try again.')
317.                 );
318.             }
319.             break;
320.         case 'process':
321.             switch(strtolower($_POST['do'])):
322.                 case 'claim':
323.                     if(!$role->hasPerm(Ticket::PERM_EDIT)) {
324.                         $errors['err'] = __('Permission Denied. You are not allowed to assign/claim tickets.');
325.                     } elseif(!$ticket->isOpen()) {
326.                         $errors['err'] = __('Only open tickets can be assigned');
327.                     } elseif($ticket->isAssigned()) {
328.                         $errors['err'] = sprintf(__('Ticket is already assigned to %s'),$ticket->getAssigned());
329.                     } elseif ($ticket->claim()) {
330.                         $msg = __('Ticket is now assigned to you!');
331.                     } else {
332.                         $errors['err'] = sprintf('%s %s', __('Problems assigning the ticket.'), __('Please try again!'));
333.                     }
334.                     break;
335.                 case 'overdue':
336.                     if(!$dept || !$isManager) {
337.                         $errors['err']=__('Permission Denied. You are not allowed to flag tickets overdue');
338.                     } elseif($ticket->markOverdue()) {
339.                         $msg=sprintf(__('Ticket flagged as overdue by %s'),$thisstaff->getName());
340.                         $ticket->logActivity(__('Ticket Marked Overdue'),$msg);
341.                     } else {
342.                         $errors['err']=sprintf('%s %s', __('Problems marking the the ticket overdue.'), __('Please try again!'));
343.                     }
344.                     break;
345.                 case 'banemail':
346.                     if (!$thisstaff->hasPerm(Email::PERM_BANLIST)) {
347.                         $errors['err']=__('Permission Denied. You are not allowed to ban emails');
348.                     } elseif(BanList::includes($ticket->getEmail())) {
349.                         $errors['err']=__('Email already in banlist');
350.                     } elseif(Banlist::add($ticket->getEmail(),$thisstaff->getName())) {
351.                         $msg=sprintf(__('Email %s added to banlist'),$ticket->getEmail());
352.                     } else {
353.                         $errors['err']=__('Unable to add the email to banlist');
354.                     }
355.                     break;
356.                 case 'unbanemail':
357.                     if (!$thisstaff->hasPerm(Email::PERM_BANLIST)) {
358.                         $errors['err'] = __('Permission Denied. You are not allowed to remove emails from banlist.');
359.                     } elseif(Banlist::remove($ticket->getEmail())) {
360.                         $msg = __('Email removed from banlist');
361.                     } elseif(!BanList::includes($ticket->getEmail())) {
362.                         $warn = __('Email is not in the banlist');
363.                     } else {
364.                         $errors['err']=sprintf('%s %s', __('Unable to remove the email from banlist.'), __('Please try again!'));
365.                     }
366.                     break;
367.                 case 'changeuser':
368.                     if (!$role->hasPerm(Ticket::PERM_EDIT)) {
369.                         $errors['err']=__('Permission Denied. You are not allowed to edit tickets');
370.                     } elseif (!$_POST['user_id'] || !($user=User::lookup($_POST['user_id']))) {
371.                         $errors['err'] = __('Unknown user selected');
372.                     } elseif ($ticket->changeOwner($user)) {
373.                         $msg = sprintf(__('Ticket ownership changed to %s'),
374.                             Format::htmlchars($user->getName()));
375.                     } else {
376.                         $errors['err'] = sprintf('%s %s', __('Unable to change ticket ownership.'), __('Please try again!'));
377.                     }
378.                     break;
379.                 case 'addcc':
380.                     if (!$role->hasPerm(Ticket::PERM_EDIT)) {
381.                         $errors['err']=__('Permission Denied. You are not allowed to add collaborators');
382.                     } elseif (!$_POST['user_id'] || !($user=User::lookup($_POST['user_id']))) {
383.                         $errors['err'] = __('Unknown user selected');
384.                   } elseif ($c2 = $ticket->addCollaborator($user, array(), $errors)) {
385.                         $c2->setFlag(Collaborator::FLAG_CC, true);
386.                         $c2->save();
387.                         $msg = sprintf(__('Collaborator %s added'),
388.                             Format::htmlchars($user->getName()));
389.                     }
390.                     else {
391.                       $errors['err'] = sprintf('%s %s', __('Unable to add collaborator.'), __('Please try again!'));
392.                     }
393.                     break;
394.                 default:
395.                     $errors['err']=__('You must select action to perform');
396.             endswitch;
397.             break;
398.         default:
399.             $errors['err']=__('Unknown action');
400.         endswitch;
401.     }elseif($_POST['a']) {
402.  
403.         switch($_POST['a']) {
404.             case 'open':
405.                 $ticket=null;
406.                 if (!$thisstaff ||
407.                         !$thisstaff->hasPerm(Ticket::PERM_CREATE, false)) {
408.                      $errors['err'] = sprintf('%s %s',
409.                              sprintf(__('You do not have permission %s'),
410.                                  __('to create tickets')),
411.                              __('Contact admin for such access'));
412.                 } else {
413.                     $vars = $_POST;
414.  
415.                     if ($vars['uid'] && !($user=User::lookup($vars['uid'])))
416.                         $vars['uid'] = 0;
417.  
418.                     $vars['files'] = $response_form->getField('attachments')->getFiles();
419.  
420.                     if(($ticket=Ticket::open($vars, $errors))) {
421.                         $msg=__('Ticket created successfully');
422.                         $redirect = 'tickets.php?id='.$ticket->getId();
423.                         $_REQUEST['a']=null;
424.                         if (!$ticket->checkStaffPerm($thisstaff) || $ticket->isClosed())
425.                             $ticket=null;
426.                         Draft::deleteForNamespace('ticket.staff%', $thisstaff->getId());
427.                         // Drop files from the response attachments widget
428.                         $response_form->setSource(array());
429.                         $response_form->getField('attachments')->reset();
430.                         $_SESSION[':form-data'] = null;
431.                         // Regenerate Session ID
432.                         $thisstaff->regenerateSession();
433.                     } elseif(!$errors['err']) {
434.                         // ensure that we retain the tid if ticket is created from thread
435.                         if ($_SESSION[':form-data']['ticketId'] || $_SESSION[':form-data']['taskId'])
436.                             $_GET['tid'] = $_SESSION[':form-data']['ticketId'] ?: $_SESSION[':form-data']['taskId'];
437.  
438.                         $errors['err']=sprintf('%s %s',
439.                             __('Unable to create the ticket.'),
440.                             __('Correct any errors below and try again.'));
441.                     }
442.                 }
443.                 break;
444.         }
445.     }
446.     if(!$errors)
447.         $thisstaff ->resetStats(); //We'll need to reflect any changes just made!
448. endif;
449.  
450. if ($redirect) {
451.     if ($msg)
452.         Messages::success($msg);
453.     Http::redirect($redirect);
454. }
455.  
456. // Clear advanced search upon request
457. if (isset($_GET['clear_filter']))
458.     unset($_SESSION['advsearch']);
459.  
460. //Navigation
461. $nav->setTabActive('tickets');
462. $nav->addSubNavInfo('jb-overflowmenu', 'customQ_nav');
463.  
464. // Start with all the top-level (container) queues
465. foreach ($queues as $_) {
466.     list($q, $children) = $_;
467.     if ($q->isPrivate())
468.         continue;
469.     $nav->addSubMenu(function() use ($q, $queue, $children) {
470.         // A queue is selected if it is the one being displayed. It is
471.         // "child" selected if its ID is in the path of the one selected
472.         $_selected = ($queue && $queue->getId() == $q->getId());
473.         $child_selected = $queue
474.             && ($queue->parent_id == $q->getId()
475.                 || false !== strpos($queue->getPath(), "/{$q->getId()}/"));
476.         include STAFFINC_DIR . 'templates/queue-navigation.tmpl.php';
477.  
478.         return ($child_selected || $_selected);
479.     });
480. }
481.  
482. // Add my advanced searches
483. $nav->addSubMenu(function() use ($queue) {
484.     global $thisstaff;
485.     $selected = false;
486.     // A queue is selected if it is the one being displayed. It is
487.     // "child" selected if its ID is in the path of the one selected
488.     $child_selected = $queue instanceof SavedSearch;
489.     include STAFFINC_DIR . 'templates/queue-savedsearches-nav.tmpl.php';
490.     return ($child_selected || $selected);
491. });
492.  
493.  
494. if ($thisstaff->hasPerm(Ticket::PERM_CREATE, false)) {
495.     $nav->addSubMenu(array('desc'=>__('New Ticket'),
496.                            'title'=> __('Open a New Ticket'),
497.                            'href'=>'tickets.php?a=open',
498.                            'iconclass'=>'newTicket',
499.                            'id' => 'new-ticket'),
500.                         (isset($_REQUEST['a']) && $_REQUEST['a']=='open'));
501. }
502.  
503.  
504. $ost->addExtraHeader('<script type="text/javascript" src="js/ticket.js?1d8b790"></script>');
505. $ost->addExtraHeader('<script type="text/javascript" src="js/thread.js?1d8b790"></script>');
506. $ost->addExtraHeader('<meta name="tip-namespace" content="tickets.queue" />',
507.     "$('#content').data('tipNamespace', 'tickets.queue');");
508.  
509. if($ticket) {
510.     $ost->setPageTitle(sprintf(__('Ticket #%s'),$ticket->getNumber()));
511.     $nav->setActiveSubMenu(-1);
512.     $inc = 'ticket-view.inc.php';
513.     if ($_REQUEST['a']=='edit'
514.             && $ticket->checkStaffPerm($thisstaff, Ticket::PERM_EDIT)) {
515.         $inc = 'ticket-edit.inc.php';
516.         if (!$forms) $forms=DynamicFormEntry::forTicket($ticket->getId());
517.         // Auto add new fields to the entries
518.         foreach ($forms as $f) {
519.             $f->filterFields(function($f) { return !$f->isStorable(); });
520.             $f->addMissingFields();
521.         }
522.     } elseif($_REQUEST['a'] == 'print') {
523.         if (!extension_loaded('mbstring'))
524.             $errors['err'] = sprintf('%s %s',
525.                 'mbstring',
526.                 __('extension required to print ticket to PDF'));
527.         elseif (!$ticket->pdfExport($_REQUEST['psize'], $_REQUEST['notes'], $_REQUEST['events']))
528.             $errors['err'] = __('Unable to export the ticket to PDF for print.')
529.                 .' '.__('Internal error occurred');
530.     } elseif ($_GET['a'] == 'zip' && !$ticket->zipExport($_REQUEST['notes'], $_REQUEST['tasks'])) {
531.         $errors['err'] = __('Unable to export the ticket to ZIP.')
532.             .' '.__('Internal error occurred');
533.     } elseif (PluginManager::auditPlugin() && $_REQUEST['a'] == 'export' && strtolower($_REQUEST['t']) == 'audits') {
534.       require_once(sprintf('phar:///%s/plugins/audit.phar/class.audit.php', INCLUDE_DIR));
535.       $show = AuditEntry::$show_view_audits;
536.       $filename = sprintf('%s-audits-%s.csv',
537.               $ticket->getNumber(), strftime('%Y%m%d'));
538.       $tableInfo = AuditEntry::getTableInfo($ticket, true);
539.       if (!Export::audits('ticket', $filename, $tableInfo, $ticket, 'csv', $show))
540.           $errors['err'] = __('Unable to dump query results.')
541.               .' '.__('Internal error occurred');
542.     }
543. } else {
544.     $inc = 'templates/queue-tickets.tmpl.php';
545.     if ((isset($_REQUEST['a']) && $_REQUEST['a']=='open') &&
546.             $thisstaff->hasPerm(Ticket::PERM_CREATE, false)) {
547.         $inc = 'ticket-open.inc.php';
548.     } elseif ($queue) {
549.         // XXX: Check staff access?
550.         $quick_filter = @$_REQUEST['filter'];
551.         $tickets = $queue->getQuery(false, $quick_filter);
552.     }
553.  
554.     //set refresh rate if the user has it configured
555.     if(!$_POST && !isset($_REQUEST['a']) && ($min=(int)$thisstaff->getRefreshRate())) {
556.         $js = "+function(){ var qq = setInterval(function() { if ($.refreshTicketView === undefined) return; clearInterval(qq); $.refreshTicketView({$min}*60000); }, 200); }();";
557.         $ost->addExtraHeader('<script type="text/javascript">'.$js.'</script>',
558.             $js);
559.     }
560. }
561.  
562. require_once(STAFFINC_DIR.'header.inc.php');
563. require_once(STAFFINC_DIR.$inc);
564. print $response_form->getMedia();
565. require_once(STAFFINC_DIR.'footer.inc.php');