<?php/**** @ This file is created by http://DeZender.Net* @ deZender (PH

1. <?php
2. /**
3. *
4. * @ This file is created by http://DeZender.Net
5. * @ deZender (PHP7 Decoder for ionCube Encoder)
6. *
7. * @ Version : 4.0.9.0
8. * @ Author : DeZender
9. * @ Release on : 08.08.2019
10. * @ Official site : http://DeZender.Net
11. *
12. */
13.  
14. global $db;
15. global $user;
16. global $var;
17. global $_POST;
18. global $session;
19. global $CFG;
20. global $lang;
21. global $dfo;
22. global $pars;
23. global $provisioning;
24.  
25. if (!defined('SOURCEDESK')) {
26. exit('Direct access to this file is not permitted.');
27. }
28.  
29. User::status();
30. $tpl = 'bugtracker';
31. $title = $lang['BUGTRACKER']['TITLE'];
32. $var['products'] = unserialize($user->get()['software_products_info']);
33. $already = [];
34.  
35. foreach ($var['products'] as $k => $info) {
36. if (in_array($info['product'], $already)) {
37. unset($var['products'][$k]);
38. }
39. else {
40. array_push($already, $info['product']);
41. }
42. }
43.  
44. $var['success'] = false;
45. $var['new'] = (isset($pars[0]) && ($pars[0] == 'report') ? 1 : 0);
46. if (empty($_POST['pid']) && !empty($pars[1])) {
47. $_POST['pid'] = $pars[1];
48. }
49.  
50. if (isset($_POST['submit'])) {
51. $pid = $db->real_escape_string($_POST['pid']);
52. $sql = $db->query('SELECT `name` FROM ' . $CFG['DB']['PREFIX'] . 'products WHERE ID = \'' . $pid . '\'');
53. $maxSize = '3145728';
54.  
55. if (is_array($_FILES['files'])) {
56. foreach ($_FILES['files']['size'] as $size) {
57. if ($maxSize < $size) {
58. $sizeFail = true;
59. }
60. }
61. }
62.  
63. $obj = $provisioning->get()['software'];
64. $obj->loadOptions($pid, true);
65. $bdept = $obj->getOption('bugtracker_dept');
66.  
67. if ($session->get('aid') != $_POST['aid']) {
68. $var['error'] = $lang['GENERAL']['FORM_TOKEN_ERROR'];
69. }
70. else if ((trim($_POST['description']) == '') || (trim($_POST['reproduce']) == '') || !is_numeric($_POST['pid'])) {
71. $var['error'] = $lang['GENERAL']['FORM_INCOMPLETE_ERROR'];
72. }
73. else if (($sql->num_rows != 1) || !in_array($pid, unserialize($user->get()['software_products']))) {
74. $var['error'] = $lang['BUGTRACKER']['PRODUCT_WRONG'];
75. }
76. else if (is_array($_FILES['files']['name']) && (5 < count($_FILES['files']['name']))) {
77. $var['error'] = $lang['BUGTRACKER']['TOO_MANY_FILES'];
78. }
79. else if (isset($sizeFail)) {
80. $var['error'] = $lang['BUGTRACKER']['TOO_LARGE_FILE'];
81. }
82. else {
83. $info = $sql->fetch_object();
84. $name = @unserialize($info->name)[$CFG['LANG']] ?: $info->name;
85. $desc = nl2br($_POST['description'] ?? '');
86. $repr = nl2br($_POST['reproduce'] ?? '');
87. $desc = str_replace("\r\n", '', $desc);
88. $repr = str_replace("\r\n", '', $repr);
89. $title = $db->real_escape_string(str_replace('%n', $name, $lang['BUGTRACKER']['TICKETTITLE']));
90. $dept = intval($bdept != 0 ? $bdept : $CFG['BUGTRACKER_DEPT']);
91. $text = $db->real_escape_string('<b>' . $lang['GENERAL']['DESCRIPTION'] . ':</b><br />' . $desc . '<br /><br /><b>' . $lang['BUGTRACKER']['STEPS_REPRODUCE'] . ':</b><br />' . $repr);
92. $fromc = $user->get()['name'] . ' <' . $user->get()['mail'] . '>';
93. $db->query('INSERT INTO ' . $CFG['DB']['PREFIX'] . 'support_tickets (subject, dept, created, updated, priority, sender, customer, cc, status) VALUES (\'' . $title . '\', ' . $dept . ', \'' . date('Y-m-d H:i:s') . '\', \'' . date('Y-m-d H:i:s') . '\', 3, \'' . $db->real_escape_string($fromc) . '\', ' . intval($user->get()['ID']) . ', \'\', 0)');
94. $tid = $db->insert_id;
95. $sql = $db->prepare('INSERT INTO ' . $CFG['DB']['PREFIX'] . 'support_ticket_answers (ticket, `time`, subject, message, priority, sender, staff) VALUES (?,?,?,?,?,?,?)');
96. $sql->bind_param('isssisi', $tid, $a = date('Y-m-d H:i:s'), $title, $text, $prio = '3', $d = 'Bugtracker', $e = 0);
97. $sql->execute();
98. $mid = $db->insert_id;
99. if (is_array($_FILES['files']) && (0 < count($_FILES['files']['name']))) {
100. foreach ($_FILES['files']['name'] as $k => $name2) {
101. if (empty($name2) || !is_uploaded_file($_FILES['files']['tmp_name'][$k])) {
102. continue;
103. }
104.  
105. $path = basename(time() . '-' . rand(10000000, 99999999) . '-' . $name2);
106. file_put_contents(__DIR__ . '/../files/tickets/' . $path, file_get_contents($_FILES['files']['tmp_name'][$k]));
107. $db->query('INSERT INTO ' . $CFG['DB']['PREFIX'] . 'support_ticket_attachments (message, name, file) VALUES (' . $mid . ', \'' . $db->real_escape_string($name2) . '\', \'file#' . $db->real_escape_string($path) . '\')');
108. }
109. }
110.  
111. $db->query('INSERT INTO ' . $CFG['DB']['PREFIX'] . 'bugtracker (`user`, `date`, `product`, `ticket`) VALUES (\'' . $user->get()['ID'] . '\', \'' . date('Y-m-d H:i:s') . '\', \'' . $db->real_escape_string($_POST['pid']) . '\', ' . $tid . ')');
112. $var['success'] = true;
113. $user->log('Bug gemeldet (Ticket #' . $tid . ')');
114. $var['new'] = 0;
115.  
116. if (($ntf = AdminNotification::getInstance('Neuer Bug')) !== false) {
117. $ntf->set('product', $name);
118. $ntf->set('customer', $user->get()['name']);
119. .............................................................................................
120. .........................................................
121. ................