restored original files and go to Versino 1.6 ST.

include/class.msgtpl.php

@@ -3,7 +3,7 @@
  class.msgtpl.php
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
@@ -86,6 +86,8 @@ function update($var,&$errors){
  $fields['ticket_autoresp_body'] = array('type'=>'string', 'required'=>1, 'error'=>'Template message required');
  $fields['message_autoresp_subj'] = array('type'=>'string', 'required'=>1, 'error'=>'Subject required');
  $fields['message_autoresp_body'] = array('type'=>'string', 'required'=>1, 'error'=>'Template message required');
+ $fields['ticket_notice_subj'] = array('type'=>'string', 'required'=>1, 'error'=>'Subject required');
+ $fields['ticket_notice_body'] = array('type'=>'string', 'required'=>1, 'error'=>'Template message required');
  $fields['ticket_overlimit_subj'] = array('type'=>'string', 'required'=>1, 'error'=>'Subject required');
  $fields['ticket_overlimit_body'] = array('type'=>'string', 'required'=>1, 'error'=>'Template message required');
  $fields['ticket_reply_subj'] = array('type'=>'string', 'required'=>1, 'error'=>'Subject required');
@@ -122,6 +124,8 @@ function update($var,&$errors){
  ',ticket_autoresp_body='.db_input(Format::striptags($var['ticket_autoresp_body'])).
  ',message_autoresp_subj='.db_input(Format::striptags($var['message_autoresp_subj'])).
  ',message_autoresp_body='.db_input(Format::striptags($var['message_autoresp_body'])).
+ ',ticket_notice_subj='.db_input(Format::striptags($var['ticket_notice_subj'])).
+ ',ticket_notice_body='.db_input(Format::striptags($var['ticket_notice_body'])).
  ',ticket_alert_subj='.db_input(Format::striptags($var['ticket_alert_subj'])).
  ',ticket_alert_body='.db_input(Format::striptags($var['ticket_alert_body'])).
  ',message_alert_subj='.db_input(Format::striptags($var['message_alert_subj'])).
@@ -186,6 +190,8 @@ function create($var,&$errors){
  ',ticket_autoresp_body='.db_input(Format::striptags($info['ticket_autoresp_body'])).
  ',message_autoresp_subj='.db_input(Format::striptags($info['message_autoresp_subj'])).
  ',message_autoresp_body='.db_input(Format::striptags($info['message_autoresp_body'])).
+ ',ticket_notice_subj='.db_input(Format::striptags($info['ticket_notice_subj'])).
+ ',ticket_notice_body='.db_input(Format::striptags($info['ticket_notice_body'])).
  ',ticket_alert_subj='.db_input(Format::striptags($info['ticket_alert_subj'])).
  ',ticket_alert_body='.db_input(Format::striptags($info['ticket_alert_body'])).
  ',message_alert_subj='.db_input(Format::striptags($info['message_alert_subj'])).

include/class.nav.php

@@ -5,14 +5,14 @@ class.nav.php
  Navigation helper classes. Pointless BUT helps keep navigation clean and free from errors.
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
  See LICENSE.TXT for details.
 
  vim: expandtab sw=4 ts=4 sts=4:
- $Id: class.nav.php,v 1.1.2.2 2009/11/29 22:03:28 carlos.delfino Exp $
+ $Id: $
 **********************************************************************/
 class StaffNav {
  var $tabs=array();
@@ -21,15 +21,9 @@ class StaffNav {
  var $activetab;
  var $ptype;
 
- function StaffNav($pagetype='staff',$trl = null){
+ function StaffNav($pagetype='staff'){
  global $thisuser;
 
- if(isset($trl)){
- $this->trl = $trl;
- }else{
- $this->trl = new Translate();
- }
-
  $this->ptype=$pagetype;
  $tabs=array();
  if($thisuser->isAdmin() && strcasecmp($pagetype,'admin')==0) {

include/class.pagenate.php

@@ -5,7 +5,7 @@ class.format.php
  Pagenation support class
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+  Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.

include/class.staff.php

@@ -85,6 +85,10 @@ function observeDaylight() {
  return $this->udata['daylight_saving']?true:false;
  }
 
+ function getRefreshRate(){
+ return $this->udata['auto_refresh_rate'];
+ }
+
  function getPageLimit() {
  global $cfg;
  $limit=$this->udata['max_page_size'];
@@ -196,6 +200,10 @@ function canAccessDept($deptid){
  return ($this->isadmin() ||in_array($deptid,$this->getDepts()))?true:false;
  }
 
+ function canCreateTickets(){
+ return ($this->isadmin() || $this->udata['can_create_tickets'])?true:false;
+ }
+
  function canEditTickets(){
  return ($this->isadmin() || $this->udata['can_edit_tickets'])?true:false;
  }
@@ -242,6 +250,8 @@ function create($vars,&$errors) {
 
  function save($id,$vars,&$errors) {
 
+ include_once(INCLUDE_DIR.'class.dept.php');
+
  if($id && $id!=$vars['staff_id'])
  $errors['err']='Internal Error';
 
@@ -262,6 +272,8 @@ function save($id,$vars,&$errors) {
 
  if(!$vars['email'] || !Validator::is_email($vars['email']))
  $errors['email']='Valid email required';
+ elseif(Email::getIdByEmail($vars['email']))
+ $errors['email']='Already in-use system email';
 
  if($vars['phone'] && !Validator::is_phone($vars['phone']))
  $errors['phone']='Valid number required';
@@ -298,9 +310,9 @@ function save($id,$vars,&$errors) {
  ',firstname='.db_input(Format::striptags($vars['firstname'])).
  ',lastname='.db_input(Format::striptags($vars['lastname'])).
  ',email='.db_input($vars['email']).
- ',phone='.db_input($vars['phone']).
+ ',phone="'.db_input($vars['phone'],false).'"'.
  ',phone_ext='.db_input($vars['phone_ext']).
- ',mobile='.db_input($vars['mobile']).
+ ',mobile="'.db_input($vars['mobile'],false).'"'.
  ',signature='.db_input(Format::striptags($vars['signature']));
 
  if($vars['npassword'])

include/class.sys.php

@@ -5,7 +5,7 @@ class.sys.php
  System core helper.
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
@@ -23,7 +23,7 @@ class Sys {
 
  var $loglevel=array(1=>'Error','Warning','Debug');
 
- static $trl ;
+static $trl ;
 
  static function getTranslatorToLocale($str="us"){
  if(!isset(self::$trl[$str])){

include/class.ticket.php

@@ -5,7 +5,7 @@ class.ticket.php
  The most important class! Don't play with fire please.
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
@@ -38,15 +38,17 @@ class Ticket{
  var $fullname;
  var $staff_id;
  var $dept_id;
+ var $topic_id;
  var $dept_name;
  var $subject;
- var $topic;
+ var $helptopic;
  var $overdue;
 
  var $lastMsgId;
 
  var $dept; //Dept class
  var $staff; //Staff class
+ var $topic; //Topic class
  var $tlock; //TicketLock class
 
  function Ticket($id,$exid=false){
@@ -56,9 +58,10 @@ function Ticket($id,$exid=false){
  function load($id) {
 
 
- $sql =' SELECT ticket.*,lock_id,dept_name,priority_desc FROM '.TICKET_TABLE.' ticket '.
+ $sql =' SELECT ticket.*,topic.topic_id as topicId,lock_id,dept_name,priority_desc FROM '.TICKET_TABLE.' ticket '.
  ' LEFT JOIN '.DEPT_TABLE.' dept ON ticket.dept_id=dept.dept_id '.
  ' LEFT JOIN '.TICKET_PRIORITY_TABLE.' pri ON ticket.priority_id=pri.priority_id '.
+ ' LEFT JOIN '.TOPIC_TABLE.' topic ON ticket.topic_id=topic.topic_id '.
  ' LEFT JOIN '.TICKET_LOCK_TABLE.' tlock ON ticket.ticket_id=tlock.ticket_id AND tlock.expire>NOW() '.
  ' WHERE ticket.ticket_id='.db_input($id); 
  //echo $sql;
@@ -80,6 +83,7 @@ function load($id) {
  $this->priority=$row['priority_desc'];
  $this->staff_id =$row['staff_id'];
  $this->dept_id =$row['dept_id'];
+ $this->topic_id =$row['topicId']; //Note that we're actually joining the topic table to make the topic is not deleted (long story!).
  $this->dept_name =$row['dept_name'];
  $this->subject =$row['subject'];
  $this->topic =$row['topic'];

include/class.topic.php

@@ -5,7 +5,7 @@ class.topic.php
  Help topic helper
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
@@ -46,7 +46,7 @@ function load() {
  $this->topic=$info['topic'];
  $this->dept_id=$info['dept_id'];
  $this->priority_id=$info['priority_id'];
- $this->active=$info['enabled'];
+ $this->active=$info['isactive'];
  $this->autoresp=$info['noautoresp']?false:true;
  $this->info=$info;
  return true;
@@ -84,6 +84,10 @@ function isEnabled() {
  return $this->active?true:false;
  }
 
+ function isActive(){
+ return $this->isEnabled();
+ }
+
  function getInfo() {
  return $this->info;
  }
@@ -110,6 +114,13 @@ function save($id,$vars,&$errors) {
  $errors['topic']='Help topic required';
  elseif(strlen($vars['topic'])<5)
  $errors['topic']='Topic is too short. 5 chars minimum';
+ else{
+ $sql='SELECT topic_id FROM '.TOPIC_TABLE.' WHERE topic='.db_input(Format::striptags($vars['topic']));
+ if($id)
+ $sql.=' AND topic_id!='.db_input($id);
+ if(($res=db_query($sql)) && db_num_rows($res))
+ $errors['topic']='Topic alredy exists';
+ }
 
  if(!$vars['dept_id'])
  $errors['dept_id']='You must select a department';

include/class.usersession.php

@@ -5,14 +5,14 @@ class.usersession.php
  User (client and staff) sessions handle.
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
  See LICENSE.TXT for details.
 
  vim: expandtab sw=4 ts=4 sts=4:
- $Id: class.usersession.php,v 1.1.2.1 2009/08/17 18:38:50 carlos.delfino Exp $
+ $Id: $
 **********************************************************************/
 
 include_once(INCLUDE_DIR.'class.client.php');
@@ -67,7 +67,7 @@ function sessionToken(){
  return($token);
  }
 
- function isvalidSession($htoken,$maxidletime=0){
+ function isvalidSession($htoken,$maxidletime=0,$checkip=false){
  global $cfg;
 
  $token = rawurldecode($htoken);
@@ -90,7 +90,7 @@ function isvalidSession($htoken,$maxidletime=0){
  return FALSE;
  }
  #Make sure IP is still same ( proxy access??????)
- if(strcmp($ip, MD5($this->ip)))
+ if($checkip && strcmp($ip, MD5($this->ip)))
  return FALSE;
 
  $this->validated=TRUE;
@@ -119,7 +119,7 @@ function isValid(){
  if(!$this->getId() || $this->session->getSessionId()!=session_id())
  return false;
 
- return $this->session->isvalidSession($_SESSION['_client']['token'],$cfg->getClientTimeout())?true:false;
+ return $this->session->isvalidSession($_SESSION['_client']['token'],$cfg->getClientTimeout(),false)?true:false;
  }
 
  function refreshSession(){
@@ -157,7 +157,7 @@ function isValid(){
  if(!$this->getId() || $this->session->getSessionId()!=session_id())
  return false;
 
- return $this->session->isvalidSession($_SESSION['_staff']['token'],$cfg->getStaffTimeout())?true:false;
+ return $this->session->isvalidSession($_SESSION['_staff']['token'],$cfg->getStaffTimeout(),$cfg->enableStaffIPBinding())?true:false;
  }
 
  function refreshSession(){

include/class.validator.php

@@ -6,14 +6,14 @@ class.validator.php
  
 
  Peter Rotich <[email protected]>
- Copyright (c) 2006,2007,2008,2009 osTicket
+ Copyright (c) 2006-2010 osTicket
  http:https://www.osticket.com
 
  Released under the GNU General Public License WITHOUT ANY WARRANTY.
  See LICENSE.TXT for details.
 
  vim: expandtab sw=4 ts=4 sts=4:
- $Id: class.validator.php,v 1.1.2.1 2009/08/17 18:38:50 carlos.delfino Exp $
+ $Id: $
 **********************************************************************/
 class Validator {
 
@@ -35,7 +35,7 @@ function setFields(&$fields){
  }
 
 
- function validate($source){
+ function validate($source,$userinput=true){
 
  $this->errors=array();
  //Check the input and make sure the fields are specified.
@@ -47,6 +47,11 @@ function validate($source){
  if($this->errors)
  return false;
 
+ //if magic quotes are enabled - then try cleaning up inputs before validation...
+ if($userinput && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
+ $source=Format::strip_slashes($source);
+
+
  $this->input=$source;
 
  //Do the do.
@@ -126,16 +131,14 @@ function errors(){
  return $this->errors;
  }
 
- /* Functione below can be called directly without class instance. Validator::func(var..); */
+ /* Functions below can be called directly without class instance. Validator::func(var..); */
  function is_email($email) {
- return (preg_match('/^([*+!.&#$|\'\\%\/0-9a-z^_`{}=?~:-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})$/i',trim($email)));
- /*
- //return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$",trim($email));
- */
+ return (preg_match('/^([*+!.&#$|\'\\%\/0-9a-z^_`{}=?~:-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})$/i',trim(stripslashes($email))));
  }
  function is_phone($phone) {
- $stripped=eregi_replace("(\(|\)|\-|\+)","",ereg_replace("([ ]+)","",$phone));
- return (!is_numeric($stripped) || ((strlen($stripped)<7) || (strlen($stripped)>13)))?false:true;
+ /* We're not really validating the phone number but just making sure it doesn't contain illegal chars and of acceptable len */
+ $stripped=preg_replace("(\(|\)|\-|\+|[ ]+)","",$phone);
+ return (!is_numeric($stripped) || ((strlen($stripped)<7) || (strlen($stripped)>16)))?false:true;
  }
 
  function is_url($url) { //Thanks to 4ice for the fix.
@@ -166,7 +169,7 @@ function is_ip($ip) {
  return false;
 
  $ip=trim($ip);
- if(ereg("^[0-9]{1,3}(.[0-9]{1,3}){3}$",$ip)) {
+ if(preg_match("/^[0-9]{1,3}(.[0-9]{1,3}){3}$/",$ip)) {
  foreach(explode(".", $ip) as $block)
  if($block<0 || $block>255 )
  return false;

include/client/footer.inc.php

@@ -1,16 +1,9 @@
  <div style="clear:both"></div> 
  </div>
- <div id="footer">Copyright &copy; Doede.net All rights reserved</div>
+ <div id="footer">Copyright &copy; osTicket.com. All rights reserved</div>
  <div align="center">
  <!--> As a show of support, we ask that you leave powered by osTicket link to help spread the word. Thank you! -->
- <a id="powered_by" href="http:https://osticket.com">
- <img src="./images/poweredby.jpg" width="126" height="23" alt="Powered by osTicket"></a></div>
- <hr/>
- <br>
- Translated Copyright &copy; Doede.net
- <br />
- <a id="powered_by" href="http:https://www.webreus.nl">Hosted By Webreus</a>
- </div>
+ <a id="powered_by" href="http:https://osticket.com"><img src="./images/poweredby.jpg" width="126" height="23" alt="Powered by osTicket"></a></div>
 </div>
 </body>
 </html>