$font ".SECURITY.""; } else { header("Cache-control: private"); head(); $login = $_COOKIE['PHPCookie']; $userdetail = explode("&", $login); $username = $userdetail[0]; $passdetail = explode("=", $login); $password = $passdetail[1]; if (!$username && !$password && empty($username)) { echo "
$font ".LOGIN_TITLE."
"; loginf(); } else { // start of getting user data $d->connect($db_host, $db_username, $db_password, $db); $sql_query="select * from $db_prefix"."users where username='$username' and password='$password'"; $sql_result = $d->query($sql_query); if($sql_result) { while ($r = $d->fetch_array($sql_result)) { $userid = $r["id"]; $name = $r["name"]; $email = $r["email"]; $groupid = $r["group_id"]; $adminis = $r["admin"]; $level = $r["level"]; } } $d->close(); // end of getting user information // start of header data // static html echo "
 
  "; echo "
$font $font "; $username=strtolower($username); $admin=strtolower($admin); if($username == "$admin" && !empty($admin)){ echo "$font ".C_USER." - ".MOD_USER." | ".MAN_GROUP." | ".OPTIONS." | ".REPORTS.""; } elseif($level == "0"){ echo "$font ".C_USER." - ".MOD_USER." | ".MAN_GROUP." | ".OPTIONS." | ".REPORTS.""; } echo "
$font $name ($username) UID: $userid | ".LOGOUT." | ".EDIT_A." | "; if($allowmsg == "1"){ echo "".MESS_C.""; $d->connect($db_host, $db_username, $db_password, $db); $select="select * from $db_prefix"."privatemessage where to_userid='$userid'"; $getpm1=$d->query($select); $getnum1=$d->numrows($getpm1); $d->close(); if($getnum1 == "0" || $getnum1 == ""){ echo " (0)"; } else { echo " ($getnum1)"; } } echo "
"; echo "
 
 
"; if(!empty($_GET['action']) || !empty($_POST['action'])){ echo " $font $back"; } //show back if the action is empty echo "$font
".C_NEW_T.""; if($level == "5"){ echo " | ".SHOWC."

"; } // end of header data // log useronline. $timeoutseconds = 500; $timestamp = time(); $timeout = $timestamp-$timeoutseconds; global $db_prefix, $REMOTE_ADDR; $d->connect($db_host, $db_username, $db_password, $db); $insert = $d->query("INSERT INTO $db_prefix"."useronline VALUES (NULL,'$timestamp','$REMOTE_ADDR','$userid')"); $delete = $d->query("DELETE FROM $db_prefix"."useronline WHERE timestamp<$timeout"); $result = $d->query("SELECT DISTINCT ip FROM $db_prefix"."useronline"); $usersonline = $d->numrows($result); // end of users online // being of actions // first action is view ticket list. if($_GET['action'] != ""){ $action = $_GET['action']; } if($_POST['action'] != ""){ $action= $_POST['action']; } if(empty($action)) { if (!ini_get('register_globals')) { $__am = array(&$_COOKIE, &$_POST, &$_GET); while (list(,$__m) = each($__am)) { if (is_array($__m)) { $GLOBALS += $__m; } } } if(empty($idorder)){ $idorder="desc"; } // start query to build main list if($level == "0"){ $d->connect($db_host, $db_username, $db_password, $db); $query="select * from $db_prefix"."list where ticket_status='Open' order by ticket_id $idorder"; $next="Open"; $result=$d->query($query); $num=$d->numrows($result); $d->close(); } elseif($level == "1"){ $d->connect($db_host, $db_username, $db_password, $db); $query="select * from $db_prefix"."list where ticket_status='Open' order by ticket_id $idorder"; $next="Open"; $result=$d->query($query); $num=$d->numrows($result); $d->close(); } elseif($level == "2"){ $d->connect($db_host, $db_username, $db_password, $db); $query="select * from $db_prefix"."list where ticket_status='Open' and groups='$groupid' order by ticket_id $idorder"; $next="Open"; $result=$d->query($query); $num=$d->numrows($result); $d->close(); } elseif($level == "5"){ $d->connect($db_host, $db_username, $db_password, $db); $query="select * from $db_prefix"."list where ticket_status='Open' and ticket_createdby_userid='$userid' order by ticket_id $idorder"; $next="Open"; $result=$d->query($query); $num=$d->numrows($result); $d->close(); } // end of queies to built main list. if($idorder == ""){ $idorder = "desc"; $image_order=""; } if($idorder == "desc"){ $whichorder="asc"; $nextorder="desc"; $image_order=""; } else { $whichorder="desc"; $nextorder="asc"; $image_order=""; } if($level == "0" || $level == "1"){ // Start of admin or staff sorts echo "
"; echo "$font    ".SHOW_TICKET." "; $d->connect($db_host, $db_username, $db_password, $db); $checkgroups="select * from $db_prefix"."groups"; $check_results=$d->query($checkgroups); $amount_groups=$d->numrows($check_results); if($amount_groups != "" || $amount_groups != "0"){ echo " in  "; } $getgroup_id="select * from $db_prefix"."groups where group_name='$groups'"; $returnis= $d->query($getgroup_id); while ($what = $d->fetch_array($returnis)) { $group_get_id = $what["id"]; } echo "$font    Or    ".SHOW_S." "; echo "$font   ".AND_i."   ".T_IS.": "; echo "
"; echo "
"; $d->close(); // end of admin or staff sorts } if($level == "1" || $level == "2" || $level == "0"){ if($showonly != "" && $stateis != ""){ $query="select * from $db_prefix"."list where ticket_severity='$showonly' and ticket_status='$stateis' order by ticket_id $idorder"; $d->connect($db_host, $db_username, $db_password, $db); $result=$d->query($query); $num=$d->numrows($result); $d->close(); } else { if($openorclosed == "" && $group_get_id == "" && $groups != "All" && $groups != "My Tickets"){ echo ""; } else { if($openorclosed == "" && $groups == "All"){ $query="select * from $db_prefix"."list order by ticket_id $idorder"; $next="All"; } elseif($openorclosed == "" && $groups == "My Tickets"){ $query="select * from $db_prefix"."list where ticket_owner_id='$userid' order by ticket_id $idorder"; $next="All"; } elseif($openorclosed == "Open" && $groups == "My Tickets"){ $query="select * from $db_prefix"."list where ticket_owner_id='$userid' and ticket_status='Open' order by ticket_id $idorder"; $next="Open"; } elseif($openorclosed == "Closed" && $groups == "My Tickets"){ $query="select * from $db_prefix"."list where ticket_owner_id='$userid' and ticket_status='Closed' order by ticket_id $idorder"; $next="Closed"; } elseif($openorclosed == "All" && $groups == "My Tickets"){ $query="select * from $db_prefix"."list where ticket_owner_id='$userid' order by ticket_id $idorder"; $next="All"; }elseif($openorclosed == "" && $group_get_id != ""){ $query="select * from $db_prefix"."list where ticket_status='Open' and groups='$group_get_id' order by ticket_id $idorder"; $next=""; } elseif($openorclosed == "All" && $group_get_id != "") { $query="select * from $db_prefix"."list where groups='$group_get_id' order by ticket_id $idorder"; $next="All"; } elseif($openorclosed == "Closed" && $group_get_id != ""){ $query="select * from $db_prefix"."list where ticket_status='Closed' and groups='$group_get_id' order by ticket_id $idorder"; $next="Closed"; } elseif($openorclosed == "Open" && $group_get_id != ""){ $query="select * from $db_prefix"."list where ticket_status='Open' and groups='$group_get_id' order by ticket_id $idorder"; $next="Open"; } elseif($openorclosed == "All" && $group_get_id == "") { $query="select * from $db_prefix"."list order by ticket_id $idorder"; $next="All"; } elseif($openorclosed == "Closed" && $group_get_id == ""){ $query="select * from $db_prefix"."list where ticket_status='Closed' order by ticket_id $idorder"; $next="Closed"; } elseif($openorclosed == "Open" && $group_get_id == ""){ $query="select * from $db_prefix"."list where ticket_status='Open' order by ticket_id $idorder"; $next="Open"; } $d->connect($db_host, $db_username, $db_password, $db); $result=$d->query($query); $num=$d->numrows($result); $d->close(); } } } // ticket status // total number of tickets open and closed. $d->connect($db_host, $db_username, $db_password, $db); $query_num_open2="select * from $db_prefix"."list"; $result_num_open2=$d->query($query_num_open2); $open_num2=$d->numrows($result_num_open2); // total number of open tickets. $query_num_open="select * from $db_prefix"."list where ticket_status='Open'"; $result_num_open=$d->query($query_num_open); $open_num=$d->numrows($result_num_open); // getnum of close $query_num_close="select * from $db_prefix"."list where ticket_status='Closed'"; $result_num_close=$d->query($query_num_close); $closed_num=$d->numrows($result_num_close); // if($level != "5"){ $query_num_id="select * from $db_prefix"."list where ticket_owner_id='$userid' and ticket_status='Open'"; $result_num_id=$d->query($query_num_id); $num_id=$d->numrows($result_num_id); } if($level == "5"){ $getgroup=$d->query("select * from $db_prefix"."list where ticket_createdby_userid='$userid' and ticket_status='Open'"); $grouptotal=$d->numrows($getgroup); } echo "
$font_table_top ".TT_T." $font_table_top ($open_num2) $font_table_top ".TT_O_T." $font_table_top ($open_num) $font_table_top ".TT_C_T." $font_table_top ($closed_num) $font_table_top"; if($level == "5"){ echo "$font
".YH." ($grouptotal) ".OG.""; } if($level != "5"){ echo "$font
".YH." ($num_id) "; if($num_id == "1"){ echo " ".OT.""; } else { echo " ".OTS.""; } } echo "
"; // end of ticket status if($num == "0"){ echo "$font
".ERROR67."
"; } else { $i = $l + $sortby; $j = $l + 1; $k = "$l" - $sortby; $t = $num - $i; if ($i > $num) { $i = $num; } // start of main listing of default list of tickets if ($i < $num) { echo "
".NEXT." $t "; } if ($i > "$sortby") { echo "".PREVIOUS." $sortby"; } echo "
"; echo "
"; while ($l < $i) { $ticket_id=$d->result($result,$l,"ticket_id"); $ticket_severity=$d->result($result,$l,"ticket_severity"); $ticket_added_date=$d->result($result,$l,"ticket_added_date"); $ticket_short_description=$d->result($result,$l,"ticket_short_description"); $ticket_short_description=stripslashes($ticket_short_description); $ticket_short_description=safeHTML($ticket_short_description); $ticket_status=$d->result($result,$l,"ticket_status"); $ticket_severity=$d->result($result,$l,"ticket_severity"); $ticket_createdby_userid=$d->result($result,$l,"ticket_createdby_userid"); $ticket_createdbyemail=$d->result($result,$l,"ticket_createdbyemail"); $ticket_createdbyemail= eregi_replace("'","",$ticket_createdbyemail); $ticket_createdbyemail=safeHTML($ticket_createdbyemail); $ticket_owner_id=$d->result($result,$l,"ticket_owner_id"); $ticket_group=$d->result($result,$l,"groups"); $get_group_name = "select * from $db_prefix"."groups where id='$ticket_group'"; $group_results=$d->query($get_group_name); $a_groups=$d->numrows($group_results); if($a_groups != "" || $a_groups != "0"){ $g=""; while ($g < $a_groups) { $group_what=$d->result($group_results,$g,"group_name"); ++$g; } } /* colors */ if (ereg (",", $color_rows)) { $rotate_color=explode(",", $color_rows); $color1=$rotate_color[0]; $color2=$rotate_color[1]; if(empty($color1)){ $color1="#C0C0C0"; } if(empty($color2)){ $color2="#999999"; } } else { $color1="#C0C0C0"; $color2="#999999"; } print ($l % 2) ? "" : ""; if($ticket_createdby_userid == "0" && $ticket_createdbyemail != ""){ $ticket_created_by = "$ticket_createdbyemail"; } else { $query_user="select * from $db_prefix"."users where id='$ticket_createdby_userid'"; $result_user=$d->query($query_user); if($result_user) { while ($r = $d->fetch_array($result_user)) { $ticket_created_by = $r["name"]; } } } if($ticket_owner_id != "0"){ $query_owner_id="select * from $db_prefix"."users where id='$ticket_owner_id'"; $result_owner_id=$d->query($query_owner_id); if($result_owner_id) { while ($o = $d->fetch_array($result_owner_id)) { $ticket_owner = $o["name"]; } } } else { $ticket_owner="None"; } $getC=$d->query("select ticket_comment_id from $db_prefix"."tickets_comment where ticket_id='$ticket_id' and ticket_comment_update='1'"); $c=$d->numrows($getC); $getU=$d->query("select ticket_comment_id from $db_prefix"."tickets_comment where ticket_id='$ticket_id' and ticket_comment_update='2'"); $u=$d->numrows($getU); echo ""; // get severity color $getColor=$d->query("select color from $db_prefix"."severity where level='$ticket_severity'"); $severity_color=$d->fetch_array($getColor); $severity_color=$severity_color['color']; echo ""; ++$l; } echo "
$font_table_top "; echo "$image_order ID:"; echo " $font_table_top ".OPEN_ON." $font_table_top ".STATUS." $font_table_top Stats $font_table_top ".TICKET." $font_table_top ".SEVERITY." $font_table_top ".OPEN_BY." $font_table_top ".TICKET_TYPE."
$font $ticket_id $font $ticket_added_date $font $ticket_status $font Updates: $u"; if($ticket_owner != "None" ){ echo "$font Owner: $ticket_owner"; } echo " $font $ticket_short_description"; global $db_prefix, $font; echo "$font $ticket_severity $font $ticket_created_by $font $group_what
"; echo "
"; echo "

"; if ($i < $num) { echo "".NEXT." $t "; } if ($i > "$sortby") { echo "".PREVIOUS." $sortby"; } // end of main list of tickets. } } elseif($_POST['action'] == "search"){ if(empty($_POST['search_field'])){ echo "

$font ".ERROR47.""; } else { $search_field=$_POST['search_field']; $d->connect($db_host, $db_username, $db_password, $db); if ($_POST['search_by'] == "Open"){ if($level == "2"){ $search_query="select * from $db_prefix"."list where ticket_status='Open' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%') and groups='$groupid'"; }elseif($level == "5"){ $search_query="select * from $db_prefix"."list where ticket_status = 'Open' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%') and ticket_createdby_userid='$userid'"; } else { $search_query="select * from $db_prefix"."list where ticket_status='Open' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%')"; } } elseif($_POST['search_by'] == "Closed"){ if($level == "2"){ $search_query="select * from $db_prefix"."list where ticket_status='Closed' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%') and groups='$groupid'"; }elseif($level == "5"){ $search_query="select * from $db_prefix"."list where ticket_status = 'Closed' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%') and ticket_createdby_userid='$userid'"; } else { $search_query="select * from $db_prefix"."list where ticket_status='Closed' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%')"; } } else { if($level == "2"){ $search_query="select * from $db_prefix"."list where groups='$groupid' and (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%')"; }elseif($level == "5"){ $search_query="select * from $db_prefix"."list where (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%') and ticket_createdby_userid='$userid'"; } else { $search_query="select * from $db_prefix"."list where (ticket_full_description like '%$search_field%' or ticket_short_description like '%$search_field%')"; } } $result_query=$d->query($search_query); $num_results=$d->numrows($result_query); if($num_results == "" || $num_results == "0"){ echo "

$font ".SEARCH_N."

"; } else { echo "

$font ".SEARCH_F." ($num_results).

"; // start of results. echo "
"; $l=0; while ($l < $num_results) { $ticket_id=$d->result($result_query,$l,"ticket_id"); $ticket_severity=$d->result($result_query,$l,"ticket_severity"); $ticket_added_date=$d->result($result_query,$l,"ticket_added_date"); $ticket_short_description=$d->result($result_query,$l,"ticket_short_description"); $ticket_short_description=safeHTML($ticket_short_description); $ticket_status=$d->result($result_query,$l,"ticket_status"); $ticket_severity=$d->result($result_query,$l,"ticket_severity"); $ticket_createdby_userid=$d->result($result_query,$l,"ticket_createdby_userid"); $ticket_createdbyemail=$d->result($result_query,$l,"ticket_createdbyemail"); $ticket_owner_id=$d->result($result_query,$l,"ticket_owner_id"); $ticket_group=$d->result($result_query,$l,"groups"); $get_group_name = "select * from $db_prefix"."groups where id='$ticket_group'"; $group_results=$d->query($get_group_name); $a_groups=$d->numrows($group_results); if($a_groups != "" || $a_groups != "0"){ $g=""; while ($g < $a_groups) { $group_what=$d->result($group_results,$g,"group_name"); ++$g; } } /* colors */ if (ereg (",", $color_rows)) { $rotate_color=explode(",", $color_rows); $color1=$rotate_color[0]; $color2=$rotate_color[1]; if(empty($color1)){ $color1="#C0C0C0"; } if(empty($color2)){ $color2="#999999"; } } else { $color1="#C0C0C0"; $color2="#999999"; } print ($l % 2) ? "" : ""; if($ticket_createdby_userid == "0" && $ticket_createdbyemail != ""){ $ticket_created_by = "$ticket_createdbyemail"; } else { $query_user="select * from $db_prefix"."users where id='$ticket_createdby_userid'"; $result_user=$d->query($query_user); if($result_user) { while ($r = $d->fetch_array($result_user)) { $ticket_created_by = $r["name"]; } } } if($ticket_owner_id != "0"){ $query_owner_id="select * from $db_prefix"."users where id='$ticket_owner_id'"; $result_owner_id=$d->query($query_owner_id); if($result_owner_id) { while ($o = $d->fetch_array($result_owner_id)) { $ticket_owner = $o["name"]; } } } else { $ticket_owner="None"; } echo ""; $getColor=$d->query("select color from $db_prefix"."severity where level='$ticket_severity'"); $severity_color=$d->fetch_array($getColor); $severity_color=$severity_color['color']; echo ""; ++$l; } echo "
$font_table_top ".T_ID." $font_table_top ".CREATED." $font_table_top ".STATUS." $font_table_top ".OWNER." $font_table_top ".TICKET." $font_table_top ".SEVERITY." $font_table_top ".OPEN_BY." $font_table_top ".TICKET_TYPE."
$font $ticket_id $font $ticket_added_date $font $ticket_status $font $ticket_owner $font $ticket_short_description"; echo "$font_table_top $ticket_severity $font $ticket_created_by $font $group_what
"; echo "

$font ".BACK.""; $d->close(); // end of results. } } } elseif($_GET['action'] == "view"){ if(empty($_GET['ticket_id'])){ echo "

$font ".ERROR39.""; } else { $ticket_id=$_GET['ticket_id']; $d->connect($db_host, $db_username, $db_password, $db); $query_checkid="select * from $db_prefix"."list where ticket_id='$ticket_id'"; $result_checkid=$d->query($query_checkid); $checkattach=$d->query("select * from $db_prefix"."attachment where ticket_id='$ticket_id'"); if($result_checkid){ while ($f = $d->fetch_array($result_checkid)) { $checkid = $f["ticket_id"]; $checkg = $f["groups"]; $ticket_createdby_userid = $f["ticket_createdby_userid"]; $ticket_owner_id = $f["ticket_owner_id"]; } } if(empty($checkid)){ echo "

$font ".ERROR63.""; } else { if($level == "5" && $ticket_createdby_userid != "$userid"){ echo "

$font ".ERROR73."
"; } elseif($level == "2" && $groupid != $checkg && !empty($groupid)) { echo "

$font ".ERROR45."
"; } else { // start of view ticket $query_todo="select * from $db_prefix"."list where ticket_id='$ticket_id'"; $result_todo=$d->query($query_todo); if($result_todo) { while ($r = $d->fetch_array($result_todo)) { $view_ticket_id = $r["ticket_id"]; $ticket_added_date = $r["ticket_added_date"]; $ticket_lastaction_date = $r["ticket_lastaction_date"]; $ticket_status = $r["ticket_status"]; $ticket_severity = $r["ticket_severity"]; $ticket_owner_id = $r["ticket_owner_id"]; $ticket_short_description = $r["ticket_short_description"]; $ticket_short_description=stripslashes($ticket_short_description); $ticket_short_description=safeHTML($ticket_short_description); $ticket_full_description = $r["ticket_full_description"]; $ticket_createdby_userid = $r["ticket_createdby_userid"]; $ticket_full_description=stripslashes($ticket_full_description); $ticket_createdbyemail = $r["ticket_createdbyemail"]; $ticket_lastupdate_userid = $r["ticket_lastupdate_userid"]; $ticket_group = $r["groups"]; } } $ticket_full_description = eregi_replace ("=20", "", $ticket_full_description); $ticket_full_description=safeHTML($ticket_full_description); $ticket_full_description = cleanup($ticket_full_description); $getthegroupname="select * from $db_prefix"."groups where id='$ticket_group'"; $result_groupname=$d->query($getthegroupname); if($result_groupname) { while ($tt = $d->fetch_array($result_groupname)) { $groupname = $tt["group_name"]; } } echo "
"; if($ticket_createdby_userid == "0" && $ticket_createdbyemail != ""){ $ticket_created_by = "$ticket_createdbyemail"; } else { $query_user="select * from $db_prefix"."users where id='$ticket_createdby_userid'"; $result_user=$d->query($query_user); if($result_user) { while ($r = $d->fetch_array($result_user)) { $ticket_created_by = $r["name"]; } } } $query_actionby="select * from $db_prefix"."users where id='$ticket_lastupdate_userid'"; $result_actionby=$d->query($query_actionby); if($result_actionby) { while ($s = $d->fetch_array($result_actionby)) { $ticket_action_user = $s["name"]; } } if($ticket_action_user != "0"){ $query_owner="select * from $db_prefix"."users where id='$ticket_owner_id'"; $result_owner=$d->query($query_owner); if($result_owner) { while ($q = $d->fetch_array($result_owner)) { $ticket_owner = $q["name"]; } } } $getColor=$d->query("select color from $db_prefix"."severity where level='$ticket_severity'"); $severity_color=$d->fetch_array($getColor); $severity_color=$severity_color['color']; // start of html echo "

$font ".T_I."
$font ".T_ID." $ticket_id $font ".T_SI." $ticket_severity
$font ".CREATED." $ticket_added_date $font ".T_STAT." $ticket_status
$font ".CREATED_BY." $ticket_created_by $font ".T_TYPE." $groupname
$font ".L_ACT." $ticket_lastaction_date $font ".T_OWNER2." "; if($ticket_owner == ""){ echo "$font No Owner"; } else { echo "$font $ticket_owner"; } echo "
$font ".T_LOG."
"; echo "
$font ".TICKET.": $font $ticket_short_description
$font $ticket_full_description

 "; while($attach=$d->fetch_array($checkattach)){ $getattachment=$d->query("select * from $db_prefix"."attachment where id='$attach[id]'"); $attachment=$d->fetch_array($getattachment); $typefile=$attachment[filename]; if(!empty($attachment[id])){ $type=$typefile_type; $data=$attachment[data]; // echo $data; } echo "$font ".ATTACH." $attach[filename]"; echo "

"; } echo "


"; //start of comments and updates. echo "
   $font ".UPD."

"; // todo comment update = 1 // todo update = 2 $query_update="select * from $db_prefix"."tickets_comment where ticket_id='$ticket_id' and ticket_comment_update ='2' order by ticket_comment_id desc"; $result_update=$d->query($query_update); $num_update=$d->numrows($result_update); if($num_update == "" || $num_update == "0"){ echo "$font ".ERROR40.""; } else { while ($l < $num_update) { $ticket_id=$d->result($result_update,$l,"ticket_id"); $update_full=$d->result($result_update,$l,"ticket_comment"); $ticket_comment_id=$d->result($result_update,$l,"ticket_comment_id"); $ticket_comment_type=$d->result($result_update,$l,"ticket_comment_type"); $update_full=stripslashes($update_full); $update_full= eregi_replace ("=20", "", $update_full); $update_date=$d->result($result_update,$l,"ticket_comment_date"); $update_userid=$d->result($result_update,$l,"ticket_comment_user"); $update_full=safeHTML($update_full); $update_full = cleanup($update_full); $query_name="select * from $db_prefix"."users where id='$update_userid'"; $result_name=$d->query($query_name); $isuser=$d->numrows($result_name); if($result_name) { while ($a = $d->fetch_array($result_name)) { $updateby = $a["name"]; } } $chris = ereg('@',$update_userid); if($chris == "1"){ $updateby="$update_userid"; } elseif($chris != "1" && $updateby == ""){ $updateby="$font ".ERROR41.""; } echo "
$font ".UDB." $font $update_date  by $updateby ($ticket_comment_type)
$font $update_full"; $getattach=$d->query("select * from $db_prefix"."r_attachment where ticket_id='$ticket_id' and reply_id='$ticket_comment_id'"); while($getdata=$d->fetch_array($getattach)){ echo "$font

".ATTACHMENT." $getdata[filename]"; } echo "

"; ++$l; } } echo "
"; echo "


  $font ".COM."

"; $query_comment="select * from $db_prefix"."tickets_comment where ticket_id='$ticket_id' and ticket_comment_update ='1' order by ticket_comment_id desc"; $result_comment=$d->query($query_comment); $num_comment=$d->numrows($result_comment); if($num_comment == "" || $num_comment == "0"){ echo "$font ".ERROR42.""; } else { while ($k < $num_comment) { $ticket_id=$d->result($result_comment,$k,"ticket_id"); $comment_full=$d->result($result_comment,$k,"ticket_comment"); $comment_full=stripslashes($comment_full); $comment_full=safeHTML($comment_full); $comment_date=$d->result($result_comment,$k,"ticket_comment_date"); $comment_userid=$d->result($result_comment,$k,"ticket_comment_user"); $comment_full = cleanup($comment_full); $query_name_comment="select * from $db_prefix"."users where id='$comment_userid'"; $result_name_comment=$d->query($query_name_comment); if($result_name_comment) { while ($b = $d->fetch_array($result_name_comment)) { $commentby = $b["name"]; } } if($commentby == ""){ $commentby="$font ".ERROR41.""; } echo "
$font ".COM_ADD." $font $comment_date   by $commentby
$font $comment_full

"; ++$k; } } echo "


"; if($ticket_status == "Open"){ if($ticket_owner == "$name"){ echo "
$font

".TYPE."

".UTI."($ticket_id):
$font Mail Creator

"; if($files != ""){ echo " $font ".ATTACHMENT." "; } echo "

"; if($files != ""){ echo "$font ".SUPPORT_FILES."
"; $gettypes=explode("," , $files); $array_count=count($gettypes); $countit=0; while($countit < $array_count){ echo "$gettypes[$countit], "; ++$countit; } echo "

"; } echo "

"; } else { echo "
$font

".COMTID."($ticket_id):

"; } } else { echo "$font ".ERROR43.""; } echo "

"; echo "

$font   Print this Ticket  Print this Ticket
"; echo "$font   List  List Actions

".ACT_LOG.""; $query_actionlog="select * from $db_prefix"."tickets_action where ticket_id='$ticket_id' order by ticket_action_id desc limit $action_amount"; $result_actionlog=$d->query($query_actionlog); $num_actionlog=$d->numrows($result_actionlog); if($num_actionlog == "" || $num_actionlog == "0"){ echo "$font ".ERROR44.""; } else { echo "

"; while ($j < $num_actionlog) { $ticket_action=$d->result($result_actionlog,$j,"ticket_action"); $ticket_action_date=$d->result($result_actionlog,$j,"ticket_action_date"); echo "$font $ticket_action_date : $ticket_action
"; ++$j; } } echo "
"; if($level != "5"){ echo "

"; echo "
$font Public Options"; if($level != "5"){ if($ticket_status == "Closed" && $level != "5"){ echo "$font
$font
".ROPEN.""; } if($ticket_owner_id == "$userid" && $ticket_owner_id != "" && $level != "5" && $ticket_status == "Open"){ echo "$font
".C_TICKET.""; } if($ticket_owner_id != "$userid" && $ticket_status == "Open"){ echo "$font
".T_OWNER.""; } if($allowgive == "1" && $ticket_owner_id == "$userid" && $ticket_status == "Open"){ echo "
$font ".G_OWNER.""; } if($ticket_status == "Open"){ echo "
$font ".S_S."
"; } } if($ticket_owner_id == "$userid" && $ticket_owner_id != "" && $level != "5" && $ticket_status == "Open"){ echo "
$font ".M_T."
"; } if($ticket_owner_id == "$userid" && $level != "5" && $ticket_status == "Open"){ $d->connect($db_host, $db_username, $db_password, $db); $query_newowner="select * from $db_prefix"."users where level !='5'"; $result_newowner=$d->query($query_newowner); $num_newowner=$d->numrows($result_newowner); if($num_newowner != "1"){ echo "
$font ".R_TO."
"; echo "
"; } } echo "
"; if($level == "0"){ echo "$font Admin Options"; if($allowdelete == "1" && $level == "0"){ echo "$font
".DEL_TICKET.""; $d->connect($db_host, $db_username, $db_password, $db); $query_newowner="select * from $db_prefix"."users where level !='5'"; $result_newowner=$d->query($query_newowner); $num_newowner=$d->numrows($result_newowner); if($num_newowner != "1"){ echo "
$font ".R_TO." "; echo "
"; } } echo "
$font ".M_T."
"; } echo "
"; } // end of view ticket } } } } elseif ($_POST['action'] == "comment" && $_POST['ticket_id'] != ""){ $ticket_id=$_POST['ticket_id']; $commentinfo=$_POST['commentinfo']; if($commentinfo == ""){ echo "

$font ".ERROR61." ".BACK."


"; } else { $actiondate=date("Y-m-d H:i:s"); $d->connect($db_host, $db_username, $db_password, $db); /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has added a comment to ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds ago."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_updateaction="update $db_prefix"."list set ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_updateaction=$d->query($query_updateaction); $commentinfo=addslashes($commentinfo); $query_insert_comment="insert into $db_prefix"."tickets_comment values(NULL,'$ticket_id','$commentinfo','$type','$actiondate','$userid','1')"; $result_comment=$d->query($query_insert_comment); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has added a comment for ticket id\($ticket_id\)','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); $d->close(); if($result_comment){ echo "
$font ".THANK." ($name) ".CM." ($ticket_id) ".H_ADD."
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; if($comment_notify == "1"){ # notify owner. # if owner doesnt exist notify creator. $d->connect($db_host, $db_username, $db_password, $db); $getOwner=$d->query("select ticket_owner_id,ticket_createdbyemail from $db_prefix"."list where ticket_id='$ticket_id'"); $getINFO=$d->fetch_array($getOwner); if($getINFO['ticket_owner_id'] == "0" && !empty($getINFO['ticket_createdbyemail'])){ // no owner $notify_owner_email=$getINFO['ticket_createdbyemail']; } if($getINFO['ticket_owner_id'] != "0"){ // there is a ticket owner $getEmail=$d->query("select email,id from $db_prefix"."users where id='".$getINFO['ticket_owner_id']."'"); $emailArray=$d->fetch_array($getEmail); $notify_owner_email=$emailArray['email']; } if(!empty($notify_owner_email)){ $commentinfo=stripslashes($commentinfo); $text="Comment has been made from $name on ticket ID: ($ticket_id)\n\n View this ticket: $url/index.php?action=view&ticket_id=$ticket_id\n\nComment Added: $actiondate\nAdded By: $name\nComment:\n$commentinfo"; $text=stripslashes($text); $emailm=$text; $headers = "From: $support_email\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; //mailer $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Medium mail("$notify_owner_email","Comment made on ticket #$ticket_id",$emailm,$headers); } } } else { echo "$font INPUT ERROR: $query_insert_comment"; } } } elseif ($_POST['action'] == "update" && $_POST['ticket_id'] != ""){ $ticket_id=$_POST['ticket_id']; $type=$_POST['type']; $mail_update=$_POST['mail_update']; $updateinfo=$_POST['updateinfo']; if($updateinfo == ""){ echo "
$font ".ERROR46." ".BACK."


"; } else { $actiondate=date("Y-m-d H:i:s"); $d->connect($db_host, $db_username, $db_password, $db); global $db_prefix, $files; $filetmp=$_FILES['ufile']['tmp_name']; $file=$_FILES['ufile']['name']; $file_size=$_FILES['ufile']['size']; if($files != ""){ $gettypes=explode("," , $files); $array_count=count($gettypes); $gettype_file=explode(".", $file); $filetype=strtolower($gettype_file[1]); $filetype="." . $filetype; $countit=0; while($countit < $array_count){ if($filetype == "$gettypes[$countit]"){ $countit=$array_count; $flag=1; } else { $flag=0; } ++$countit; } } if($files != "" && $file != ""){ if($flag == "0"){ echo "

$font ".ERROR23." ($filetype) is not allowed

"; } elseif($file_size > $filesize){ echo "

$font ".ERROR24." ($file_size) is to large.

"; } else { $data = base64_encode(fread(fopen($filetmp, "r"), filesize($filetmp))); /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has updated ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_updateaction="update $db_prefix"."list set ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_updateaction=$d->query($query_updateaction); $updateinfo=addslashes($updateinfo); $query_insert_comment="insert into $db_prefix"."tickets_comment values(NULL,'$ticket_id','$updateinfo','$type','$actiondate','$userid','2')"; $result_comment=$d->query($query_insert_comment); $rid=$d->insert_id(); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has added a update for ticket id\($ticket_id\)','$actiondate',' $userid',NULL)"; $result_action=$d->query($query_action); $result=MYSQL_DB_QUERY("$db","INSERT INTO $db_prefix"."r_attachment (description,data,filename,ticket_id,reply_id) "." VALUES ('$updateinfo','$data','$file','$ticket_id','$rid')"); } } else { /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has updated ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_updateaction="update $db_prefix"."list set ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_updateaction=$d->query($query_updateaction); $updateinfo=addslashes($updateinfo); $query_insert_comment="insert into $db_prefix"."tickets_comment values(NULL,'$ticket_id','$updateinfo','$type','$actiondate','$userid','2')"; $result_comment=$d->query($query_insert_comment); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has added a update for ticket id\($ticket_id\)','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); } $d->close(); if($mail_update == "ON"){ $updateinfo=stripslashes($updateinfo); $d->connect($db_host, $db_username, $db_password, $db); $query_mail="select * from $db_prefix"."list where ticket_id='$ticket_id'"; $result_mail=$d->query($query_mail); if($result_mail) { while ($r = $d->fetch_array($result_mail)) { $thesubject = $r["ticket_short_description"]; $thebody = $r["ticket_full_description"]; $theemail = $r["ticket_createdbyemail"]; $theid = $r["ticket_createdby_userid"]; } } if($theemail == " " && $theid != "") { $getemail = "select * from $db_prefix"."users where id='$theid'"; $gotit =$d->query($getemail); if($gotit) { while ($o = $d->fetch_array($gotit)) { $theemail = $o["email"]; } } } $GetOptions=$d->query("select * from $db_prefix"."options where id='1'"); $GetArray=$d->fetch_array($GetOptions); $text=$GetArray[update_ticket_text]; $updateinfo=stripslashes($updateinfo); $thebody=stripslashes($updateinfo); $text = ereg_replace(':\[thebody\]:', "$thebody", $text); $text = ereg_replace(':\[thesubject\]:', "$thesubject", $text); $text = ereg_replace(':\[ticket_id\]:', "$ticket_id", $text); $text = ereg_replace(':\[name\]:', "$name", $text); $text = ereg_replace(':\[update\]:', "$updateinfo", $text); $text = ereg_replace(':\[title\]:', "$title", $text); $text = ereg_replace(':\[url\]:', "$url", $text); $text=stripslashes($text); # update ticket text $emailm=$text; $headers = "From: <$support_email>\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; //mailer $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Medium mail("$theemail","Update from $title ticket #$ticket_id",$emailm,$headers); $d->close(); } if($result_comment){ echo "

$font ".THANK." ($name) Your update for ticket ID ($ticket_id) ".H_ADD."
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; } else { echo "$font INPUT ERROR: $query_insert_comment"; } } } elseif($_GET['action'] == "reopen" && $_GET['ticket_id'] != ""){ $ticket_id=$_GET['ticket_id']; $d->connect($db_host, $db_username, $db_password, $db); $actiondate=date("Y-m-d H:i:s"); /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has reopened ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since it was closed."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_open="update $db_prefix"."list set ticket_owner_id='$userid',ticket_status='Open',ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_open=$d->query($query_open); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has ReOpened ticket id\($ticket_id\)','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); $query_reopen="insert into $db_prefix"."tickets_comment values(NULL,'$ticket_id','This ticket has been reopened.','public','$actiondate','$userid','2')"; $result_reopen=$d->query($query_reopen); $d->close(); if($result_open){ echo "
$font ".THANK." ($name) ".ROPEN_T." ($ticket_id)
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; } else { echo "$font Error: $query_open"; } } elseif($_GET['action'] == "delete" && $_GET['ticket_id'] != "" && $level == "0" && $allowdelete == "1"){ $d->connect($db_host, $db_username, $db_password, $db); $ticket_id=$_GET['ticket_id']; $delticket="delete from $db_prefix"."list where ticket_id='$ticket_id'"; $rundel=$d->query($delticket); $delticketb="delete from $db_prefix"."tickets_action where ticket_id='$ticket_id'"; $rundelb=$d->query($delticketb); $delticketc="delete from $db_prefix"."tickets_comment where ticket_id='$ticket_id'"; $rundelc=$d->query($delticketc); if($rundel && $rundelb && $rundelc){ echo "
$font ".THANK." ($name) ".DEL." ($ticket_id)
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; } else { echo "$font Error: $delticket"; } } elseif($_POST['action'] == "change_severity" && $_POST['ticket_id'] != "" && $level != "5"){ $d->connect($db_host, $db_username, $db_password, $db); $ticket_id=$_POST['ticket_id']; $new_ticket_severity=$_POST['new_ticket_severity']; $actiondate=date("Y-m-d H:i:s"); /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has changed severity ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_newseverity="update $db_prefix"."list set ticket_severity='$new_ticket_severity',ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_newseverity=$d->query($query_newseverity); $query_newseverity_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has changed severity of ticket id\($ticket_id\) to $new_ticket_severity','$actiondate','$userid',NULL)"; $result_newseverity_action=$d->query($query_newseverity_action); $d->close(); if($result_newseverity && $result_newseverity_action){ echo "
$font ".COMPLETE."
"; echo ""; } else { echo "$font Error: $query_newseverity : $query_newseverity_action"; } } elseif($_GET['action'] == "take" && $_GET['ticket_id'] != ""){ $d->connect($db_host, $db_username, $db_password, $db); $ticket_id=$_GET['ticket_id']; $query_owner="select * from $db_prefix"."list where ticket_id='$ticket_id'"; $result_owner=$d->query($query_owner); if($result_owner) { while ($q = $d->fetch_array($result_owner)) { $ticket_owner_id = $q["ticket_owner_id"]; } } $query_owner_name="select * from $db_prefix"."users where id='$ticket_owner_id'"; $result_owner_name=$d->query($query_owner_name); if($result_owner_name) { while ($a = $d->fetch_array($result_owner_name)) { $old_ticket_owner = $a["name"]; } } $actiondate=date("Y-m-d H:i:s"); echo "

"; /* get last update time, were going to build a report */ $getL=$d->query("select * from $db_prefix"."responsetime where ticket_id = '$ticket_id' order by id limit 1"); $getData=$d->fetch_array($getL); if(!empty($getData['id'])){ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has taken ownership of ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); } else { $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate2=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate2" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has taken ownership of ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since ticket was created."; /* First Response */ $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); } echo "

"; $query_take_owner="update $db_prefix"."list set ticket_owner_id='$userid',ticket_lastupdate_userid='$userid',ticket_lastaction_date='$actiondate' where ticket_id='$ticket_id'"; $result_take_owner=$d->query($query_take_owner); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has taken ownership of ticket id\($ticket_id\)','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); $d->close(); if($result_take_owner){ echo "
$font ".THANK." ($name) ".T_OWNER." ($ticket_id)
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; } else { echo "$font Error: $query_take_owner"; } } elseif($_POST['action'] == "change_owner" && $_POST['the_new_owner'] != "" && $level != "5"){ $d->connect($db_host, $db_username, $db_password, $db); $the_new_owner=$_POST['the_new_owner']; $ticket_id=$_POST['ticket_id']; $query_owner="select * from $db_prefix"."users where id='$the_new_owner'"; $result_owner=$d->query($query_owner); if($result_owner) { while ($q = $d->fetch_array($result_owner)) { $new_ticket_owner_id = $q["id"]; $the_new_owner2 = $q["name"]; $emailto = $q["email"]; } } $actiondate=date("Y-m-d H:i:s"); /* get last update time, were going to build a report */ $getold=$d->query("select ticket_lastaction_date from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has changed owners of ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds to $the_new_owner2 since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_newowner="update $db_prefix"."list set ticket_owner_id='$new_ticket_owner_id',ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_newowner=$d->query($query_newowner); $query_newowner_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has given ownership of ticket id\($ticket_id\) to $the_new_owner2','$actiondate','$userid',NULL)"; $result_newowner_action=$d->query($query_newowner_action); $d->close(); if($result_newowner && $result_newowner_action){ echo "
$font ".COMPLETE."
"; # assign_ticket_text $d->connect($db_host, $db_username, $db_password, $db); $GetOptions=$d->query("select * from $db_prefix"."options where id='1'"); $GetArray=$d->fetch_array($GetOptions); $text=$GetArray[assign_ticket_text]; $text = ereg_replace(':\[name\]:', "$name", $text); $text = ereg_replace(':\[title\]:', "$title", $text); $text = ereg_replace(':\[ticket_id\]:', "$ticket_id", $text); $text = ereg_replace(':\[url\]:', "$url", $text); $text=stripslashes($text); $text=stripslashes($text); $emailmessage=$text; $headers = "From: <$support_email>\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; //mailer $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Medium mail("$emailto","You have just been Assigned a Ticket",$emailmessage,$headers); echo ""; } else { echo "$font Error: $query_newseverity : $query_newseverity_action"; } } elseif($_GET['action'] == "give" && $_GET['ticket_id'] != "" && $level != "5"){ $ticket_id=$_GET['ticket_id']; $d->connect($db_host, $db_username, $db_password, $db); $actiondate=date("Y-m-d H:i:s"); $getold=$d->query("select ticket_lastaction_date from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has given up ownership of ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds after it was open."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_updateaction="update $db_prefix"."list set ticket_owner_id='' where ticket_id='$ticket_id'"; $result_updateaction=$d->query($query_updateaction); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has gave up ownership of ticket id\($ticket_id\).','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); $d->close(); echo "
$font ".THANK." ($name) ".G_OWNER." ($ticket_id).
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; } elseif($_POST['action'] == "move_ticket" && $_POST['new_ticket_group'] != "" && $_POST['ticket_id'] != ""){ $d->connect($db_host, $db_username, $db_password, $db); $new_ticket_group=$_POST['new_ticket_group']; $ticket_id=$_POST['ticket_id']; $getthegroupid="select * from $db_prefix"."groups where group_name='$new_ticket_group'"; $result_groupid=$d->query($getthegroupid); if($result_groupid) { while ($ko = $d->fetch_array($result_groupid)) { $groupids = $ko["id"]; } } if($groupids == "$old_groupid" && $old_groupid != ""){ echo "

$font ".ERROR25." "; echo "

".BACK.""; } else { $updatenewgroup="update $db_prefix"."list set groups='$groupids' where ticket_id='$ticket_id'"; $runnow = $d->query($updatenewgroup); if($updatenewgroup){ $actiondate=date("Y-m-d H:i:s"); /* get last update time, were going to build a report */ $getold=$d->query("select ticket_lastaction_date from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has moved ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds to $new_ticket_group."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has moved ticket id\($ticket_id\) to $new_ticket_group','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); echo ""; echo "$font

Update Complete."; } else { echo "$font Update ERROR: $updatenewgroup"; } } $d->close(); } elseif ($_GET['action'] == "reports" && $level == "0") { echo "

$font View SOA Reports
"; $d->connect($db_host, $db_username, $db_password, $db); $query_num_open2="select * from $db_prefix"."list"; $result_num_open2=$d->query($query_num_open2); $open_num2=$d->numrows($result_num_open2); if($open_num2 == "0"){ echo "$font ".ERROR67.""; } else { // get num of open $query_num_open="select * from $db_prefix"."list where ticket_status='Open'"; $result_num_open=$d->query($query_num_open); $open_num=$d->numrows($result_num_open); // getnum of close $query_num_close="select * from $db_prefix"."list where ticket_status='Closed'"; $result_num_close=$d->query($query_num_close); $closed_num=$d->numrows($result_num_close); // times 400 for image sizes if($open_num != "0"){ $openpercent=(($open_num/$open_num2)*400); } if($closed_num != "0"){ $closedpercent=(($closed_num/$open_num2)*400); } // getnum low priority $query_num_low="select * from $db_prefix"."list where ticket_severity='Low'"; $result_num_low=$d->query($query_num_low); $low_num=$d->numrows($result_num_low); // getnum med priority $query_num_med="select * from $db_prefix"."list where ticket_severity='Medium'"; $result_num_med=$d->query($query_num_med); $med_num=$d->numrows($result_num_med); // getnum high priority $query_num_high="select * from $db_prefix"."list where ticket_severity='High'"; $result_num_high=$d->query($query_num_high); $high_num=$d->numrows($result_num_high); // times 400 for image sizes if($low_num != "0"){ $lowpercent=(($low_num/$open_num2)*400); } if($med_num != "0"){ $medpercent=(($med_num/$open_num2)*400); } if($high_num != "0"){ $highpercent=(($high_num/$open_num2)*400); } echo "


$font".STATUS_B."

$font_table_top ".TOTAL_T." $font ($open_num2)
$font_table_top ".TOTAL_O." $font ($open_num)
$font_table_top ".TOTAL_C." $font_table_top ($closed_num)



$font".SEV_B."

$font_table_top ".LOW." $font ($low_num)
$font_table_top ".MEDIUM." $font ($med_num)
$font_table_top ".HIGH." $font ($high_num)
"; // distrib by user $query_user_name="select * from $db_prefix"."users"; $result_user_name=$d->query($query_user_name); $user_name_num=$d->numrows($result_user_name); echo "



$font Ownership

"; if($user_name_num != "" || $user_name_num != "0") { $z=""; while ($z < $user_name_num) { $y=$d->result($result_user_name,$z,"id"); $query_num="select * from $db_prefix"."list where ticket_owner_id='$y'"; $result_num=$d->query($query_num); $num=$d->numrows($result_num); if($num != "0"){ $percent=(($num/$open_num2)*400); } $user_data=$d->result($result_user_name,$z,"name"); $user_name=$d->result($result_user_name,$z,"username"); if($num == "0"){ $percent="0"; } echo ""; $z++; } } echo "
$font ($user_name) $user_data: $font ($num)
"; } $d->close(); } elseif ($_GET['action'] == "create"){ create_ticket_form($userid,$ticket_short_description,$ticket_full_description,$ticket_severity); } elseif($_POST['action'] == "create_go"){ $f_ticket_short_description=$_POST['f_ticket_short_description']; $f_ticket_full_description=$_POST['f_ticket_full_description']; $f_ticket_severity=$_POST['f_ticket_severity']; $group_is=$_POST['group_is']; if($f_ticket_short_description == ""){ echo "

$font ".ERROR19."
"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } elseif($f_ticket_full_description == ""){ echo "

$font ".ERROR20."
"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } elseif (strlen($f_ticket_short_description) < 3 && $f_ticket_short_description != "") { echo "

$font ".ERROR21."
"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } elseif (strlen($f_ticket_full_description) < 3 && $f_ticket_full_description != "") { echo "

$font ".ERROR22."
"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } else { $d->connect($db_host, $db_username, $db_password, $db); global $db_prefix, $files; $filetmp=$_FILES['ufile']['tmp_name']; $file=$_FILES['ufile']['name']; $file_size=$_FILES['ufile']['size']; if($files != ""){ $gettypes=explode("," , $files); $array_count=count($gettypes); $gettype_file=explode(".", $file); $filetype=strtolower($gettype_file[1]); $filetype="." . $filetype; $countit=0; while($countit < $array_count){ if($filetype == "$gettypes[$countit]"){ $countit=$array_count; $flag=1; } else { $flag=0; } ++$countit; } } $getgroup_id="select * from $db_prefix"."groups where group_name='$group_is'"; $returnis= $d->query($getgroup_id); while ($what = $d->fetch_array($returnis)) { $groups = $what["id"]; } if($files != "" && $file != ""){ if($flag == "0"){ echo "
$font ".ERROR23."

"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } elseif($file_size > $filesize){ echo "
$font ".ERROR24."

"; create_ticket_form($userid,$f_ticket_short_description,$f_ticket_full_description,$ticket_severity); } else { $data = base64_encode(fread(fopen($filetmp, "r"), filesize($filetmp))); $addeddate=date("Y-m-d H:i:s"); $f_ticket_short_description=addslashes($f_ticket_short_description); $f_ticket_full_description=addslashes($f_ticket_full_description); $sql_query="insert into $db_prefix"."list values(NULL,'$addeddate','$addeddate',' ','Open','$f_ticket_severity',' ','$f_ticket_short_description','$f_ticket_full_description','$userid','$email','$userid',' ','$groups')"; $sql_result = $d->query($sql_query); $tid=$d->insert_id(); if($sql_result) { $result=MYSQL_DB_QUERY("$db","INSERT INTO $db_prefix"."attachment (description,data,filename,ticket_id) "." VALUES ('$f_ticket_short_description','$data','$file','$tid')"); $f_ticket_short_description=stripslashes($f_ticket_short_description); $f_ticket_short_description=cleanup($f_ticket_short_description); $f_ticket_full_description=stripslashes($f_ticket_full_description); $f_ticket_short_description=safeHTML($f_ticket_short_description); echo "
$font ".TICKET_OPEN." ($f_ticket_short_description) ".TICKET_OPEN2." $tid


"; $mt="$title ".N_T.""; $headers = "From: $support_email\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; $headers .= "X-Priority: 3\n"; if($notify_email != ""){ $f_ticket_short_description=stripslashes($f_ticket_short_description); $f_ticket_full_description=stripslashes($f_ticket_full_description); $emailmessage="$name has just opened a ticket\n\nServerity: $f_ticket_severity\nSubject: $f_ticket_short_description\nIssue: $f_ticket_full_description\nOpened on: $addeddate"; mail("$notify_email","$mt",$emailmessage,$headers); } $emailme="Thank you $name,\n Your ticket has been created.\n\nTicket ID: $tid\nServerity: $f_ticket_severity\nSubject: $f_ticket_short_description\nIssue: $f_ticket_full_description \nOpened on: $addeddate\n\n$url/index.php?action=view&ticket_id=$tid"; mail("$email","$mt",$emailme,$headers); echo ""; } else { echo "Input ERROR: $sql_query"; } } } else { $addeddate=date("Y-m-d H:i:s"); $f_ticket_short_description=addslashes($f_ticket_short_description); $f_ticket_full_description=addslashes($f_ticket_full_description); $sql_query="insert into $db_prefix"."list values(NULL,'$addeddate','$addeddate',' ','Open','$f_ticket_severity',' ','$f_ticket_short_description','$f_ticket_full_description','$userid','$email','$userid',' ','$groups')"; $sql_result = $d->query($sql_query); $tid=$d->insert_id(); if($sql_result) { $f_ticket_short_description=stripslashes($f_ticket_short_description); $f_ticket_short_description=cleanup($f_ticket_short_description); $f_ticket_full_description=stripslashes($f_ticket_full_description); $f_ticket_short_description=safeHTML($f_ticket_short_description); echo "

"; echo "
$font ".TICKET_OPEN." ($f_ticket_short_description) ".TICKET_OPEN2." $tid


"; $mt="$title ".N_T.""; $headers = "From: <$support_email>\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; //mailer $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Medium if($notify_email != ""){ $f_ticket_short_description=stripslashes($f_ticket_short_description); $f_ticket_full_description=stripslashes($f_ticket_full_description); $emailmessage="$name has just opened a ticket\n\nServerity: $f_ticket_severity\nSubject: $f_ticket_short_description\nIssue: $f_ticket_full_description\nOpened on: $addeddate"; mail("$notify_email","$mt",$emailmessage,$headers); } $emailme="Thank you $name,\n Your ticket has been created.\n\nTicket ID: $tid\nServerity: $f_ticket_severity\nSubject: $f_ticket_short_description\nIssue: $f_ticket_full_description \nOpened on: $addeddate\n\n$url/index.php?action=view&ticket_id=$tid"; mail("$email","$mt",$emailme,$headers); echo ""; } else { echo "Input ERROR: $sql_query"; } } } } elseif($_GET['action'] == "options" && $level == "0"){ $d->connect($db_host, $db_username, $db_password, $db); $GetOptions=$d->query("select * from $db_prefix"."options where id='1'"); $GetArray=$d->fetch_array($GetOptions); $isortby=$GetArray[sortby]; $iurl=$GetArray[url]; $ititle=$GetArray[title]; $inotify_email=$GetArray[notify_email]; $ishowonlyyourgroup=$GetArray[group_setting]; $iallowdelete=$GetArray[allow_delete]; $iaction_amount=$GetArray[action_ticket_list]; $isupport_email=$GetArray[reply_email]; $ifont_face=$GetArray[font_face]; $ifont_size=$GetArray[font_size]; $ifont_color=$GetArray[font_color]; $iassign_ticket_text=$GetArray[assign_ticket_text]; $iupdate_ticket_text=$GetArray[update_ticket_text]; $iclosed_ticket_text=$GetArray[closed_ticket_text]; $inew_account_text=$GetArray[new_account_text]; $inew_ticket_text=$GetArray[new_ticket_text]; $iemail_option=$GetArray[email_option]; $iopen_reg=$GetArray[open_reg]; $ifile_types=$GetArray[file_types]; $ifile_size=$GetArray[file_size]; $iallowgive=$GetArray[allowgive]; $iallowmsg=$GetArray[allow_msg]; $tag_title=$GetArray[ticket_tag]; $colorrows=$GetArray[color_rows]; if(empty($colorrows)){ $colorrows="#C0C0C0,#999999"; } if (!eregi("http://", $iurl)) { $iurl="http://$iurl"; } echo "
"; echo "
 
".SETTINGS."  
  Customize Severity Levels 
".TTLE."
".URL."
".LTB." ".AT."
".LAA." ".LAT."
".ADMIN_DEL." (1 on, 0 off)
".FONT_FACE."
".FONT_COLOR."
".FONT_SIZE."
".ROTATE."
(This is for the display list rotating colors. Setting must be in HTML format. Example: #C0C0C0,#999999)
".ALLOW_USER."
(If checked allow users to register)
   
".ALLOW_ATTACH." .jpg,.txt,.gif
(leave blank to disallow)
".MAX_FILE_SIZE."
".GIVE_UP."
".AMSG."
   
".EMAIL_O."  
   
".SUB_T."
(This is used to identify the ticket ID in the subject line)
".R_EMAIL." (support@yourdomain.com)
".N_EMAIL." ".NE."
".EMAIL_A."
".CTE."

   
".ATT."
".ATTE."
".UTT."
".UTTE."
".CTT."
".CTTE."
".NTT."
".NTTE."
".ANT."
".ANTE."
".RR." :[name]: is the name of the person who just took action.

:[ticket_id]: ticket ID that is currently in action.

:[title]: the title of this system you define.

:[thesubject]: the subject of the ticket currently being worked on

:[thebody]: the body of the ticket currently being worked on

:[closed_reason]: reason ticket was closed.

:[url]: url of your system. this is defined by you.

:[open_by]: the user of someone who just created a ticket.

 

"; } elseif($_POST['action'] == "setoptions" && $level == "0"){ $title=$HTTP_POST_VARS['title']; $url=$HTTP_POST_VARS['url']; $sortby=$HTTP_POST_VARS['sortby']; $action_amount=$HTTP_POST_VARS['action_amount']; $group_setting="0"; $delete=$HTTP_POST_VARS['delete']; $font_face=$HTTP_POST_VARS['font_face']; $font_color=$HTTP_POST_VARS['font_color']; $font_size=$HTTP_POST_VARS['font_size']; $reply_email=$HTTP_POST_VARS['reply_email']; $notify_email=$HTTP_POST_VARS['notify_email']; $assign_ticket_text=$HTTP_POST_VARS['assign_ticket_text']; $update_ticket_text=$HTTP_POST_VARS['update_ticket_text']; $closed_ticket_text=$HTTP_POST_VARS['closed_ticket_text']; $new_ticket_text=$HTTP_POST_VARS['new_ticket_text']; $new_account_text=$HTTP_POST_VARS['new_account_text']; $email_option=$HTTP_POST_VARS['email_option']; $open_reg=$HTTP_POST_VARS['open_reg']; $file_allowed=$HTTP_POST_VARS['file_allowed']; $file_size=$HTTP_POST_VARS['file_size']; $allowgive=$HTTP_POST_VARS['allowgive']; $allowmsg=$HTTP_POST_VARS['allowmsg']; $tagtitle=$HTTP_POST_VARS['tag_title']; $colors=$HTTP_POST_VARS['colors']; if($title == ""){ echo "$font

".ERROR30.""; echo "


Return ".BACK.""; } elseif($font_face == ""){ echo "$font

".ERROR31.""; echo "


Return ".BACK.""; }elseif($url == ""){ echo "$font

".ERROR32.""; echo "


Return ".BACK.""; } elseif($reply_email == ""){ echo "$font

".ERROR33.""; echo "


Return ".BACK.""; } elseif($assign_ticket_text == ""){ echo "$font

".ERROR34.""; echo "


Return ".BACK.""; } elseif($update_ticket_text == ""){ echo "$font

".ERROR35.""; echo "


Return ".BACK.""; } elseif($closed_ticket_text == ""){ echo "$font

".ERROR36.""; echo "


Return ".BACK.""; } elseif($new_ticket_text == ""){ echo "$font

".ERROR37.""; echo "


Return ".BACK.""; } elseif($tagtitle == ""){ echo "$font

".ERROR137.""; echo "


Return ".BACK.""; } elseif($new_account_text == ""){ echo "$font

".ERROR38.""; echo "


Return ".BACK.""; } else { $d->connect($db_host, $db_username, $db_password, $db); if(empty($colors)){ $colors="#C0C0C0,#999999"; } $updateset=$d->query("update $db_prefix"."options set ticket_tag='$tagtitle',title='$title',url='$url',sortby='$sortby',action_ticket_list='$action_amount',group_setting='$group_setting',allow_delete='$delete',font_face='$font_face',font_color='$font_color',font_size='$font_size',reply_email='$reply_email',notify_email='$notify_email',assign_ticket_text='$assign_ticket_text',update_ticket_text='$update_ticket_text',closed_ticket_text='$closed_ticket_text',new_ticket_text='$new_ticket_text',new_account_text='$new_account_text',email_option='$email_option',open_reg='$open_reg',file_types='$file_allowed',file_size='$file_size',allowgive='$allowgive',allow_msg='$allowmsg',color_rows='$colors' where id='1'"); if($updateset){ echo "$font

".OPTIONS_U." Return ".BACK.""; } else { $erroris=mysql_error(); echo "ERROR: $erroris

"; } } } elseif($_GET['action'] == "close" && $_GET['ticket_id'] != ""){ $ticket_id=$_GET['ticket_id']; echo "
$font ".T_ID." ($ticket_id) $font Mail Creator
$font ".CLOSE_REASON."



$font ".BACK.""; } elseif($_POST['action'] == "closenow" && $_POST['ticket_id'] != ""){ $mail_close=$_POST['mail_close']; $ticket_id=$_POST['ticket_id']; $close_reason=$_POST['close_reason']; $d->connect($db_host, $db_username, $db_password, $db); $getID=$d->query("select ticket_owner_id from $db_prefix"."list where ticket_id='$ticket_id' and ticket_owner_id='$userid'"); $d->close(); if(!$getID){ echo "

$font You can NOT close a ticket you dont own."; } else { if($close_reason == ""){ echo "
$font ".ERROR64."

".BACK."


"; } else { $d->connect($db_host, $db_username, $db_password, $db); $actiondate=date("Y-m-d H:i:s"); /* get last update time, were going to build a report */ $getold=$d->query("select * from $db_prefix"."list where ticket_id='$ticket_id'"); $lastdate=$d->fetch_array($getold); $lastdate=$lastdate['ticket_lastaction_date']; $diff=gentime( strtotime( "$actiondate" ), strtotime( "$lastdate" ) ); $days=$diff['days']; $days="".$days." days"; $hours=$diff['hours']; $hours="".$hours." hours"; $minutes=$diff['minutes']; $minutes="".$minutes." minutes"; $seconds=$diff['seconds']; $seconds="".$seconds." seconds"; $act="$name has closed ticket ID: ($ticket_id) $days , $hours, $minutes, $seconds since its last update."; $insert="insert into $db_prefix"."responsetime values(NULL,'$actiondate','$userid','$ticket_id','$act')"; $insert_it=$d->query($insert); $query_updateaction="update $db_prefix"."list set ticket_reason_closed='$close_reason',ticket_status='Closed',ticket_lastaction_date='$actiondate',ticket_lastupdate_userid='$userid' where ticket_id='$ticket_id'"; $result_updateaction=$d->query($query_updateaction); $query_action="insert into $db_prefix"."tickets_action values('$ticket_id','$name has CLOSED ticket id\($ticket_id\).','$actiondate','$userid',NULL)"; $result_action=$d->query($query_action); $query_insert_comment="insert into $db_prefix"."tickets_comment values(NULL,'$ticket_id','This ticket has been closed. Reason ticket has been closed: $close_reason','public','$actiondate','$userid','2')"; $result_comment=$d->query($query_insert_comment); echo "
$font ".THANK." ($name) ".CLOSED_T." ($ticket_id).
"; echo ""; echo "$font ".REDIR." ".CLICK."


"; $d->close(); if($mail_close == "ON"){ $d->connect($db_host, $db_username, $db_password, $db); $query_mail="select * from $db_prefix"."list where ticket_id='$ticket_id'"; $result_mail=$d->query($query_mail); if($result_mail) { while ($r = $d->fetch_array($result_mail)) { $thesubject = $r["ticket_short_description"]; $thesubject=stripslashes($thesubject); $thebody = $r["ticket_full_description"]; $thebody=stripslashes($thebody); $theemail = $r["ticket_createdbyemail"]; $theid = $r["ticket_createdby_userid"]; } } if($theemail == " " && $theid != "") { $getemail = "select * from $db_prefix"."users where id='$theid'"; $gotit =$d->query($getemail); if($gotit) { while ($o = $d->fetch_array($gotit)) { $theemail = $o["email"]; } } } $GetOptions=$d->query("select * from $db_prefix"."options where id='1'"); $GetArray=$d->fetch_array($GetOptions); $text=$GetArray[closed_ticket_text]; $text = ereg_replace(':\[ticket_id\]:', "$ticket_id", $text); $text = ereg_replace(':\[name\]:', "$name", $text); $text = ereg_replace(':\[thesubject\]:', "$thesubject", $text); $text = ereg_replace(':\[close_reason\]:', "$close_reason", $text); $text = ereg_replace(':\[title\]:', "$title", $text); $text = ereg_replace(':\[url\]:', "$url", $text); $text=stripslashes($text); $text=stripslashes($text); $emailm=$text; $headers = "From: <$support_email>\n"; $headers .= "Return-Path: <$support_email>\n"; $headers .= "X-Sender: <$support_email>\n"; $headers .= "X-Mailer: phpsupport\n"; //mailer $headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Medium mail("$theemail","Update from $title ticket #$ticket_id",$emailm,$headers); $d->close(); } } } } elseif ($_GET['action'] == "delete_go" && $_GET['users_id'] != "" && $level == "0"){ $users_id = $_GET['users_id']; if($users_id == "1"){ echo "$font ".ERROR101.""; } else { $d->connect($db_host, $db_username, $db_password, $db); $delete_user="delete from $db_prefix"."users where id='$users_id'"; $finish=$d->query($delete_user); if($finish){ echo "
$font ".U_DEL.""; echo ""; echo "$font
".REDIR." ".CLICK."

"; } else { echo "$font ERROR: Coulnt Delete user. Please check the ID"; } } } elseif($_POST['action'] == "edit_user_go" && $_POST['users_id'] != "" && $level == "0"){ $users_id=$_POST['users_id']; $user_name=$_POST['user_name']; $user_password=$_POST['user_password']; $admin_rights=$_POST['admin_rights']; $users_email=$_POST['users_email']; $users_username=$_POST['users_username']; $group_id=$_POST['group_id']; $levels=$_POST['levels']; $group_is=$_POST['group_is']; if($user_name == ""){ echo "$font ".ERROR54.""; edituser($users_id,$user_name,$users_email,$users_username,$admin_rights,$group_id); } elseif($users_email == ""){ echo "$font ".ERROR50.""; edituser($users_id,$user_name,$users_email,$users_username,$admin_rights,$group_id); } else { if($user_password != ""){ $user_password=md5($user_password); $d->connect($db_host, $db_username, $db_password, $db); $updatepassword="update $db_prefix"."users set password='$user_password'where id='$users_id'"; $donepassword=$d->query($updatepassword); } $d->connect($db_host, $db_username, $db_password, $db); if($userid != "$users_id" && $users_id != "" && $users_id != "1"){ if($admin_rights == "ON"){ $admin_rights="1"; } else { $admin_rights="0"; } if($levels == "ON"){ $updateprofile2=$d->query("update $db_prefix"."users set level='5' where id='$users_id'"); } if($levels != "ON" && $group_is != "0"){ $updateprofile2=$d->query("update $db_prefix"."users set group_id='$group_is',level='2' where id='$users_id'"); } if($levels != "ON" && $group_is == "0"){ $updateprofile2=$d->query("update $db_prefix"."users set group_id='$group_is',level='1' where id='$users_id'"); } if($admin_rights == "1"){ $updateprofile2=$d->query("update $db_prefix"."users set group_id='0',level='0' where id='$users_id'"); } } else { echo "
".ERROR55."


"; $admin_rights=$adminis; } $updateuser="update $db_prefix"."users set name='$user_name',admin='$admin_rights',email='$users_email' where id='$users_id'"; $doneupdate=$d->query($updateuser); if($updateuser){ echo "
$font ".ERROR56.""; echo ""; echo "$font
".REDIR." ".CLICK."

"; } else { echo "$font ERROR: Coulnt modify user. Please check the ID"; } } } elseif($_GET['action'] == "addgroup" && $level == "0"){ echo "

"; echo "

"; echo "
$font Group Name:

"; } elseif($_POST['action'] == "add_group_go" && $level == "0"){ $name_group = $_POST['name_group']; if($name_group == ""){ echo "

$font ".ERROR57.""; } else { $d->connect($db_host, $db_username, $db_password, $db); $checkgroup="select * from $db_prefix"."groups where group_name='$name_group'"; $results = $d->query($checkgroup); if($results) { while ($ok = $d->fetch_array($results)) { $isgroup = $ok["group_name"]; } } $check1 = strtolower ($name_group); $check2 = strtolower ($isgroup); if ($check1 == "$check2"){ echo "

$font ".ERROR58.""; } else { $addgroup="insert into $db_prefix"."groups values (NULL,'$name_group')"; $result_query=$d->query($addgroup); $d->close(); if($result_query){ echo "

$front Group ($name_group) added."; echo ""; } else { echo "$font Input Error: $addgroup"; } } } } elseif($_GET['action'] == "delete_group" && $level == "0"){ $g_id=$_GET['g_id']; if($g_id == "1"){ echo "

$font ".ERROR59.""; } else { if($g_id == ""){ echo "

$font ".ERROR60.""; } else { $d->connect($db_host, $db_username, $db_password, $db); $update_tickets="select * from $db_prefix"."list where groups='$g_id'"; $getthem = $d->query($update_tickets); $amount_upgrade=$d->numrows($getthem); if($amount_upgrade != "" || $amount_upgrade != "0"){ while ($a < $amount_upgrade) { $upgrade_id=$d->result($getthem,$a,"ticket_id"); echo "

".CHANGE_G." ($upgrade_id) ".DEF_G."
"; $update_now="update $db_prefix"."list set groups='1' where ticket_id='$upgrade_id'"; $update_result= $d->query($update_now); ++$a; } } $deletegroup="delete from $db_prefix"."groups where id='$g_id'"; $delete_result = $d->query($deletegroup); if($delete_result){ echo "

$front Group ($g_id) ".HAS_B_D.""; echo ""; } else { echo "$font Input Error: $deletegroup"; } } } } elseif($_GET['action'] == "edit_group" && $level == "0"){ $g_id=$_GET['g_id']; if($g_id == ""){ echo "

$font ".ERROR60.""; } else { $d->connect($db_host, $db_username, $db_password, $db); $q="select * from $db_prefix"."groups where id='$g_id'"; $r_get = $d->query($q); $d->close(); if($r_get) { while ($r = $d->fetch_array($r_get)) { $group_name = $r["group_name"]; } } if($group_name == ""){ echo "

$font ".ERROR62." $g_id"; } else { echo "
$font ".GROUP_NAME."

"; } } } elseif ($_GET['action'] == "createnew" && $level == "0"){ createuser($new_name,$new_email,$new_username,$new_password); } elseif($_POST['action'] == "create_user_go" && $level == "0"){ echo "

"; $new_name=$_POST['new_name']; $new_email=$_POST['new_email']; $new_username=$_POST['new_username']; $new_password=$_POST['new_password']; $group_is=$_POST['group_is']; $d->connect($db_host, $db_username, $db_password, $db); $sql_query="select * from $db_prefix"."users where username='$new_username'"; $sql_result = $d->query($sql_query); $d->close(); if($sql_result) { while ($r = $d->fetch_array($sql_result)) { $usersid = $r["id"]; } } if($usersid != ""){ echo "$font ".ERROR12.""; createuser($new_name,$new_email,$new_username,$new_password); } elseif($new_name == ""){ echo "$font ".ERROR49.""; createuser($new_name,$new_email,$new_username,$new_password); echo "

$back"; } elseif($new_email == ""){ echo "$font ".ERROR50.""; createuser($new_name,$new_email,$new_username,$new_password); echo "

$back"; } elseif($new_username == ""){ echo "$font ".ERROR51.""; createuser($new_name,$new_email,$new_username,$new_password); echo "

$back"; } elseif ($new_password == ""){ echo "$font ".ERROR52.""; createuser($new_name,$new_email,$new_username,$new_password); echo "

$back"; } else { $new_passwd = md5($new_password); $d->connect($db_host, $db_username, $db_password, $db); if($group_is == "0"){ $groupnow="1"; } else { $groupnow="2"; } $inserttime="insert into $db_prefix"."users values(NULL,'$new_name','$new_email','$new_username','$new_passwd','$group_is','0','$groupnow')"; $sql_result = $d->query($inserttime); $GetOptions=$d->query("select * from $db_prefix"."options where id='1'"); $GetArray=$d->fetch_array($GetOptions); $text=$GetArray[new_account_text]; $text = ereg_replace(':\[new_name\]:', "$new_name", $text); $text = ereg_replace(':\[new_username\]:', "$new_username", $text); $text = ereg_replace(':\[new_password\]:', "$new_password", $text); $text = ereg_replace(':\[title\]:', "$title", $text); $text = ereg_replace(':\[url\]:', "$url", $text); $text=stripslashes($text); $emailmessage=$text; mail("$new_email","Welcome to $title.",$emailmessage,"From: Support\nReply-To: $support_email\nX-Mailer: phpsupport"); echo "


$font ".THANK." ".CR_USER." back

"; } } elseif ($_POST['action'] == "edit_group_go" && $level == "0"){ $edit_name_group=$_POST['edit_name_group']; $g_id=$_POST['g_id']; if($g_id == ""){ echo "

$font ".ERROR60.""; } else { $d->connect($db_host, $db_username, $db_password, $db); $editnow = "update $db_prefix"."groups set group_name='$edit_name_group' where id='$g_id'"; $edit_result = $d->query($editnow); $d->close(); if($edit_result){ echo "

$front Group ($g_id) ".HAS_B_EDIT.""; echo ""; } else { echo "

$font Input Error: $editnow"; } } } elseif ($_GET['action'] == "groupm" && $level == "0"){ echo "

"; echo "".ADD_NEW_G.""; echo "

"; echo "

"; $d->connect($db_host, $db_username, $db_password, $db); $getgroups="select * from $db_prefix"."groups"; $result_query=$d->query($getgroups); $num_groups=$d->numrows($result_query); $d->close(); if($num_groups == "" || $num_groups == "0"){ echo "$font ".ERROR64."
"; } else { while ($gr < $num_groups) { $group_id=$d->result($result_query,$gr,"id"); $group_name=$d->result($result_query,$gr,"group_name"); echo "ID: $group_id ($group_name) | ".EDIT_O." | ".DEL_O."
"; ++$gr; } } } elseif($_GET['action'] == "changepw"){ newpassform(); echo "

$back"; } elseif($_GET['action'] == "delete_user" && $level == "0"){ echo "

"; $d->connect($db_host, $db_username, $db_password, $db); $search_users="select * from $db_prefix"."users order by id desc"; $result_users=$d->query($search_users); $results=$d->numrows($result_users); echo "
"; $k="0"; while ($k < $results) { $users_id=$d->result($result_users,$k,"id"); $user_name=$d->result($result_users,$k,"name"); $users_name=$d->result($result_users,$k,"username"); $users_email=$d->result($result_users,$k,"email"); echo ""; ++$k; } echo "
$font ".NAME." $font ".USER_NAME." $font ".EMAIL."  $font ".ACT."
$font $user_name $font $users_name ID: ($users_id) $font $users_email $font ".DEL_O." / ".EDIT_O."
"; } elseif($_GET['action'] == "edit_user" && $_GET['users_id'] != "" && $level == "0"){ $users_id=$_GET['users_id']; $d->connect($db_host, $db_username, $db_password, $db); $getuser="select * from $db_prefix"."users where id='$users_id'"; $gotit=$d->query($getuser); $useraccount=$d->numrows($gotit); if($useraccount == "" || $useraccount == "0"){ echo "$font ".ERROR53." ($users_id)"; } else { $k="0"; while ($k < $useraccount) { $users_id=$d->result($gotit,$k,"id"); $user_name=$d->result($gotit,$k,"name"); $users_username=$d->result($gotit,$k,"username"); $users_email=$d->result($gotit,$k,"email"); $admin_rights=$d->result($gotit,$k,"admin"); $group_id=$d->result($gotit,$k,"group_id"); $levels=$d->result($gotit,$k,"level"); edituser($users_id,$user_name,$users_email,$users_username,$admin_rights,$group_id,$levels); ++$k; } } } elseif($_POST['action'] == "changepw_go"){ $oldpw=$_POST['oldpw']; $oldpw = md5($oldpw); $newpass1=$_POST['newpass1']; $newpass2=$_POST['newpass2']; if($newpass1 != "$newpass2" ){ echo "

$font ".ERROR10."
"; newpassform(); echo "

$back"; } elseif(empty($newpass1)){ echo "

$font ".ERROR52."
"; newpassform(); echo "

$back"; } elseif(empty($newpass2)){ echo "

$font ".ERROR52."
"; newpassform(); echo "

$back"; } elseif($oldpw != "$password"){ echo "

$font ".ERROR48.""; newpassform(); echo "

$back"; } else { $newpass1 = md5($newpass1); $d->connect($db_host, $db_username, $db_password, $db); $updatepw="update $db_prefix"."users set password='$newpass1' where username='$username'"; $sql_result = $d->query($updatepw); echo ""; } } elseif($_GET['action'] == "profile"){ $d->connect($db_host, $db_username, $db_password, $db); $getuser=$d->query("select * from $db_prefix"."users where id='$userid'"); $userArray=$d->fetch_array($getuser); echo "
$font ".EDIT_P."
$font ".ACC_ID." $font $userArray[id]
$font ".USER_NAME." $font $userArray[username]
$font ".NAME."
$font ".EMAIL."
 
"; echo "

$font ".CHANGE_PW."

"; newpassform(); $d->close(); } elseif($_POST['action'] == "edit_profile"){ $aemail=$_POST['aemail']; $aname=$_POST['aname']; $d->connect($db_host, $db_username, $db_password, $db); $checkemail=$d->query("select email from $db_prefix"."users where email='$aemail' and username !='$username'"); $getAr=$d->fetch_array($checkemail); $checkemail2=$d->query("select email from $db_prefix"."users where email='$aemail' and username ='$username'"); $getAr2=$d->fetch_array($checkemail2); if($aname == ""){ echo "
$font ".ERROR9."

"; } elseif($aemail == ""){ echo "$font
$font ".ERROR8."
"; } elseif (MailVal($aemail, 2)) { echo "$font
".ERROR16."
"; } elseif (!empty($getAr[email]) && $getAr2[email] != "$aemail"){ echo "$font
".ERROR98." ".$getAr[email]." ".ERROR99."
"; } else { $updateprofile=$d->query("update $db_prefix"."users set name='$aname',email='$aemail' where id='$userid'"); if($updateprofile){ echo "
$font
".PROFILE_U.""; echo "$font ".REDIR." ".CLICK."

"; echo ""; //Added by Jeremi } else { $erroris=mysql_error(); echo "ERROR: $erroris
"; } } $d->close(); } elseif($_GET['action'] == "pmg" && $allowmsg == "1"){ echo "

$font ".M_TITLE."
"; $d->connect($db_host, $db_username, $db_password, $db); echo "
"; $getpm=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum=$d->numrows($getpm); $getsent=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal=$d->numrows($getsent); echo "
$font".COMPOSE."   $font".INBOX." ($getnum): $font".SENT." ($senttotal):

"; if($getnum == "" || $getnum == "0"){ echo "$font
".NNM."
"; } else { echo "
"; while($getpmg=$d->fetch_array($getpm)){ $titlepm=$getpmg[title]; $titlepm=safeHTML($titlepm); $pmid=$getpmg[id]; $sentdate=$getpmg[date_sent]; $getsent=$d->query("select username from $db_prefix"."users where id='$getpmg[from_userid]'"); $getsa=$d->fetch_array($getsent); $frompmg=$getsa[username]; $readis=$getpmg[date_read]; if($readis == "0"){ $statis="*new*"; } else { $statis=""; } echo " "; } echo "
$font ".FROM." $frompmg $font $statis $titlepm $font ".SENT_I."
$sentdate
"; } echo "
"; $d->close(); }elseif($_GET['action'] == "pmg_send" && $allowmsg == "1"){ $d->connect($db_host, $db_username, $db_password, $db); echo "

"; $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; sendpmg($subject,$message); echo "
"; $d->close(); }elseif($_POST['action'] == "send_pm_now" && $allowmsg == "1"){ echo "

"; $to=$_POST['to']; $subject=$_POST['subject']; $message=$_POST['message']; $d->connect($db_host, $db_username, $db_password, $db); $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; if($to == ""){ echo "$font

".ERROR28."

"; sendpmg($subject,$message); } elseif($subject == ""){ echo "$font

".ERROR27."

"; sendpmg($subject,$message); } elseif($message == ""){ echo "$font

".ERROR26."

"; sendpmg($subject,$message); } else { $insert1="insert into $db_prefix"."privatemessage values(NULL,'$to','$userid','$tdate','0','$subject','$message')"; $run1=$d->query($insert1); $sid=$d->insert_id(); $insert2="insert into $db_prefix"."sentprivatemessage values('$sid','$to','$userid','$tdate','0','$subject','$message',NULL)"; $run2=$d->query($insert2); if($run1 && $run2){ echo "$font

".MESSAGE_S."

"; echo ""; } else { $erroris=mysql_error(); echo "Error: $erroris"; } } echo "
"; $d->close(); }elseif($_GET['action'] == "pmg_sent" && $allowmsg == "1"){ echo "
$font
".M_TITLE."
"; echo "
"; $getpm=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum=$d->numrows($getpm); $getsent2=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal=$d->numrows($getsent2); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum): $font ".SENT." ($senttotal):

"; if($senttotal == "" || $senttotal == "0"){ echo "$font
".NO_SENT."
"; } else { echo "
"; while($getpmg=$d->fetch_array($getsent2)){ $titlepm=$getpmg[title]; $titlepm=safeHTML($titlepm); $pmid=$getpmg[id]; $sentdate=$getpmg[date_sent]; $getsent=$d->query("select username from $db_prefix"."users where id='$getpmg[to_userid]'"); $getsa=$d->fetch_array($getsent); $frompmg=$getsa[username]; $readis=$getpmg[date_read]; if($readis == "0"){ $statis=" ".N_SENT.""; } else { $statis=" ".RE." $readis"; } echo " "; } echo "
$font ".TO." $frompmg
$statis
$font$titlepm $font ".SENT."
$sentdate
"; } echo "
"; echo "



"; $d->close(); }elseif($_GET['action'] == "read_spmg" && $allowmsg == "1"){ $id=$_GET['id']; if($_GET['id'] == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."sentprivatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[from_userid] != "$userid" && $cgetpmg[from_userid] != ""){ echo "

$font ".ERROR29."

"; } else { $getpmg=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' and id='$id'"); $getpmg=$d->fetch_array($getpmg); $titlepm=$getpmg[title]; $titlepm=safeHTML($titlepm); $message=$getpmg[message]; $message=safeHTML($message); $message=cleanup($message); $pmid=$getpmg[id]; $sentdate=$getpmg[date_sent]; $getsent=$d->query("select username from $db_prefix"."users where id='$getpmg[to_userid]'"); $getsa=$d->fetch_array($getsent); $frompmg=$getsa[username]; $readis=$getpmg[date_read]; ; echo "

$font ".M_TITLE."


"; echo "
"; $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc "); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; echo "
$font ".TO." $frompmg
$font ".SENT_I." $sentdate
".SUBJECT." $titlepm

$message




 


$font
[".DEL_SENT."]
"; echo "
"; } } $d->close(); }elseif($_GET['action'] == "delete_spmg" && $allowmsg == "1"){ $id=$_GET['id']; if($_GET['id'] == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."sentprivatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[from_userid] != "$userid" && $cgetpmg[from_userid] != ""){ echo "$font

".ERROR29."

"; } else { echo "$font

".DEL_CONFIRM."

"; echo "$font
".YES_D."


"; echo "$font
".NO_D."


"; } } $d->close(); } elseif($_GET['action'] == "del_spmg_yes" && $allowmsg == "1"){ $id=$_GET['id']; if($_GET['id'] == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."sentprivatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[from_userid] != "$userid" && $cgetpmg[from_userid] != ""){ echo "$font

".ERROR29."

"; } else { $dodelete=$d->query("delete from $db_prefix"."sentprivatemessage where id='$id' and from_userid='$userid'"); if($dodelete){ echo "$font

".M_DEL.""; echo ""; } else { echo "Error."; } } } $d->close(); } elseif($_GET['action']== "reply_pmg" && $allowmsg == "1"){ $d->connect($db_host, $db_username, $db_password, $db); $id=$_GET['id']; if($id == ""){ echo "".ID_MIS.""; } else { $getpmg=$d->query("select * from $db_prefix"."privatemessage where id='$id'"); $getpmg=$d->fetch_array($getpmg); if($cgetpmg[to_userid] != "$userid" && $cgetpmg[to_userid] != ""){ echo "$font

".ERROR29."

"; } else { echo "

$font
".M_TITLE."


"; echo "
"; $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc "); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; $titlepm=$getpmg[title]; $titlepm=safeHTML($titlepm); $message=$getpmg[message]; $pmid=$getpmg[id]; $sentdate=$getpmg[date_sent]; $getsent=$d->query("select username from $db_prefix"."users where id='$getpmg[from_userid]'"); $getsa=$d->fetch_array($getsent); $frompmg=$getsa[username]; echo "
$font ".TO." $font $frompmg
$font ".SUBJECT." $font RE: $titlepm
$font ".MESSAGE."
 
 

"; } echo "
"; } $d->close(); }elseif($_GET['action'] == "delete_pmg" && $allowmsg == "1"){ $id=$_GET['id']; if($id == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."privatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[to_userid] != "$userid" && $cgetpmg != ""){ echo "$font

".ERROR29.".

"; } else { echo "

$font
".DEL_CONFIRM."

"; echo "
$font ".YES_D."


"; echo "
$font ".NO_D."


"; } } } elseif($_GET['action'] == "del_pmg_yes" && $allowmsg == "1"){ $id=$_GET['id']; if($id == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."privatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[to_userid] != "$userid" && $cgetpmg != ""){ echo "$font

".ERROR29."

"; } else { $dodelete=$d->query("delete from $db_prefix"."privatemessage where id='$id' and to_userid='$userid'"); if($dodelete){ echo "$font

".M_DEL.""; echo ""; } else { echo "Error."; } } } $d->close(); }elseif($_POST['action'] == "send_rpm_now" && $allowmsg == "1"){ $d->connect($db_host, $db_username, $db_password, $db); echo "
"; $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."   $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; $to=$_POST['to']; $subject=$_POST['subject']; $message=$_POST['message']; if($to == ""){ echo "

$font
".ERROR28."

"; } elseif($subject == ""){ echo "

$font ".ERROR27."

"; } elseif($message == ""){ echo "

$font ".ERROR26."

"; echo "
$font ".TO." $toem
$font ".SUBJECT." RE: $subject
$font ".MESSAGE."
 
 

"; } else { $subject="RE: $subject"; $insert1="insert into $db_prefix"."privatemessage values(NULL,'$to','$userid','$tdate','0','$subject','$message')"; $run1=$d->query($insert1); $sid=$d->insert_id(); $insert2="insert into $db_prefix"."sentprivatemessage values('$sid','$to','$userid','$tdate','0','$subject','$message',NULL)"; $run2=$d->query($insert2); if($run1 && $run2){ echo "

$font
".MESSAGE_S."

"; echo ""; } else { echo "Error"; } } echo "
"; $d->close(); } elseif($_GET['action'] == "read_pmg" && $allowmsg == "1"){ $id=$_GET['id']; if($id == ""){ echo "".ID_MIS.""; } else { $cgetpmg=$d->query("select * from $db_prefix"."privatemessage where id='$id'"); $cgetpmg=$d->fetch_array($cgetpmg); if($cgetpmg[to_userid] != "$userid" && $cgetpmg[to_userid] != ""){ echo "

".ERROR29."

"; } else { $getpmg=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' and id='$id'"); $getpmg=$d->fetch_array($getpmg); $titlepm=$getpmg[title]; $titlepm=safeHTML($titlepm); $message=$getpmg[message]; $message=safeHTML($message); $message=cleanup($message); $pmid=$getpmg[id]; $sentdate=$getpmg[date_sent]; $getsent=$d->query("select username from $db_prefix"."users where id='$getpmg[from_userid]'"); $getsa=$d->fetch_array($getsent); $frompmg=$getsa[username]; $readis=$getpmg[date_read]; $updatedate=$d->query("update $db_prefix"."privatemessage set date_read='$tdate' where to_userid='$userid' and id='$id'"); $updatedate2=$d->query("update $db_prefix"."sentprivatemessage set date_read='$tdate' where to_userid='$userid' and id='$id'") ; echo "

$font ".M_TITLE."


"; echo "
"; $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid' order by date_sent desc"); $getnum1=$d->numrows($getpm1); $getsent1=$d->query("select * from $db_prefix"."sentprivatemessage where from_userid='$userid' order by date_sent desc"); $senttotal1=$d->numrows($getsent1); echo "
$font ".COMPOSE."
  $font ".INBOX." ($getnum1): $font ".SENT." ($senttotal1):

"; echo "
$font ".FROM." $frompmg
$font ".SENT_I." $sentdate
$font ".SUBJECT." $titlepm

$font $message



 

$font
[".DEL_M."] [".R_M."]
"; echo "
"; } } $d->close(); }elseif($_GET['action'] == "showclosed" ){ if(empty($idorder)){ $idorder="desc"; } $d->connect($db_host, $db_username, $db_password, $db); $query="select * from $db_prefix"."list where ticket_status='Closed' and ticket_createdby_userid='$userid' order by ticket_id $idorder"; $next="Open"; $result=$d->query($query); $num=$d->numrows($result); if($idorder == ""){ $idorder = "desc"; $image_order=""; } if($idorder == "desc"){ $whichorder="asc"; $nextorder="desc"; $image_order=""; } else { $whichorder="desc"; $nextorder="asc"; $image_order=""; } $i = $l + $sortby; $j = $l + 1; $k = "$l" - $sortby; $t = $num - $i; if ($i > $num) { $i = $num; } if($num == "" || $num == "0"){ echo "

$font ".ERROR18."
"; } else { if ($i < $num) { echo "
".NEXT." $t "; } if ($i > "$sortby") { echo "".PREVIOUS." $sortby"; } echo "
"; echo "
"; while ($l < $i) { $ticket_id=$d->result($result,$l,"ticket_id"); $ticket_severity=$d->result($result,$l,"ticket_severity"); $ticket_added_date=$d->result($result,$l,"ticket_added_date"); $ticket_short_description=$d->result($result,$l,"ticket_short_description"); $ticket_short_description=stripslashes($ticket_short_description); $ticket_status=$d->result($result,$l,"ticket_status"); $ticket_severity=$d->result($result,$l,"ticket_severity"); $ticket_createdby_userid=$d->result($result,$l,"ticket_createdby_userid"); $ticket_createdbyemail=$d->result($result,$l,"ticket_createdbyemail"); $ticket_createdbyemail= eregi_replace("'","",$ticket_createdbyemail); $ticket_owner_id=$d->result($result,$l,"ticket_owner_id"); $ticket_group=$d->result($result,$l,"groups"); $get_group_name = "select * from $db_prefix"."groups where id='$ticket_group'"; $group_results=$d->query($get_group_name); $a_groups=$d->numrows($group_results); if($a_groups != "" || $a_groups != "0"){ $g=""; while ($g < $a_groups) { $group_what=$d->result($group_results,$g,"group_name"); ++$g; } } print ($l % 2) ? "" : ""; if($ticket_createdby_userid == "0" && $ticket_createdbyemail != ""){ $ticket_created_by = "$ticket_createdbyemail"; } else { $query_user="select * from $db_prefix"."users where id='$ticket_createdby_userid'"; $result_user=$d->query($query_user); if($result_user) { while ($r = $d->fetch_array($result_user)) { $ticket_created_by = $r["name"]; } } } if($ticket_owner_id != "0"){ $query_owner_id="select * from $db_prefix"."users where id='$ticket_owner_id'"; $result_owner_id=$d->query($query_owner_id); if($result_owner_id) { while ($o = $d->fetch_array($result_owner_id)) { $ticket_owner = $o["name"]; } } } else { $ticket_owner="None"; } echo ""; $getColor=$d->query("select color from $db_prefix"."severity where level='$ticket_severity'"); $severity_color=$d->fetch_array($getColor); $severity_color=$severity_color['color']; echo ""; ++$l; } echo "
$font_table_top "; echo "$image_order ID:"; echo " $font_table_top ".OPEN_ON." $font_table_top ".STATUS." $font_table_top ".OWNER." $font_table_top ".TICKET." $font_table_top ".SEVERITY." $font_table_top ".OPEN_BY." $font_table_top ".TICKET_TYPE."
$font $ticket_id $font $ticket_added_date $font $ticket_status $font $ticket_owner $font $ticket_short_description"; global $db_prefix, $font; echo "$font $ticket_severity $font $ticket_created_by $font $group_what
"; } echo "
"; if ($i < $num) { echo "
".NEXT." $t "; } if ($i > "$sortby") { echo "".PREVIOUS." $sortby"; } echo "

"; echo "$font

".C_NEW_T."

"; $d->close(); echo "

"; } // end of actions. // display search forum echo "

"; searchform(); // end of search forum // show users online. if(empty($_GET['action'])){ if($usersonline != ""){ echo "
".U_ONLINE." $usersonline
"; $d->connect($db_host, $db_username, $db_password, $db); $result_online = $d->query("SELECT DISTINCT user_id FROM $db_prefix"."useronline"); $num_who = $d->numrows($result_online); if($num_who == "1"){ echo "".ACTIVE_U." $who"; } else { echo "".ACTIVE_US.":
"; } $o=0; while ($o < $num_who) { $ids=$d->result($result_online,$o,"user_id"); $checkit = "SELECT * FROM $db_prefix"."users where id='$ids'"; $doit =$d->query($checkit); $howmany =$d->numrows($doit); $row = $d->fetch_array($doit); $who = $row["username"]; if($who != ""){ echo "$who, "; } ++$o; } $d->close(); echo "
"; } } // end of showing users online } // end of logged in user check } // end of admin file check foot(); ?>