Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-05-02 04:09:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improved the helpdesk code.

Browse Source
This commit is contained in:
Stefan Brannfjell 2014-09-06 16:10:00 +02:00
parent dac911e1d9
commit 048794a320
2 changed files with 291 additions and 326 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

193
admin_helpdesk.php
View File

@ -3,122 +3,107 @@ protect_page();
admin_only($user_data); admin_only($user_data);
// Declare as int // Declare as int
$view = (int)$_GET['view']; $view = (isset($_GET['view']) && (int)$_GET['view'] > 0) ? (int)$_GET['view'] : false;
if ($view){ if ($view !== false){
if (!empty($_POST['reply_text'])) { if (!empty($_POST['reply_text'])) {
sanitize($_POST['reply_text']); sanitize($_POST['reply_text']);
// Save ticket reply on database // Save ticket reply on database
$query = array( $query = array(
'tid' => $_GET['view'], 'tid' => $view,
'username'=> $_POST['username'], 'username'=> getValue($_POST['username']),
'message' => $_POST['reply_text'], 'message' => getValue($_POST['reply_text']),
'created' => time(), 'created' => time(),
); );
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
//Sanitize array mysql_insert("INSERT INTO `znote_tickets_replies` ($fields) VALUES ($data)");
array_walk($query, 'array_sanitize'); mysql_update("UPDATE `znote_tickets` SET `status`='Staff-Reply' WHERE `id`='$view' LIMIT 1;");
}
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
mysql_insert("INSERT INTO `znote_tickets_replies` ($fields) VALUES ($data)");
mysql_update("UPDATE `znote_tickets` SET `status`='Staff-Reply' WHERE `id`=". $_GET['view']);
}
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id=". addslashes((int)$_GET['view']));
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id='$view' LIMIT 1;");
?> ?>
<h1>View Ticket #<?php echo $ticketData['id']; ?></h1> <h1>View Ticket #<?php echo $ticketData['id']; ?></h1>
<table class="znoteTable ThreadTable table table-striped">
<table class="znoteTable ThreadTable table table-striped"> <tr class="yellow">
<tr class="yellow"> <th>
<th> <?php
<?php echo getClock($ticketData['creation'], true);
echo getClock($ticketData['creation'], true); ?>
?> - Created by:
- Created by: <?php
<?php echo $ticketData['username'];
echo $ticketData['username']; ?>
?> </th>
</th> </tr>
</tr> <tr>
<tr> <td>
<td> <p><?php echo nl2br($ticketData['message']); ?></p>
<p><?php echo nl2br($ticketData['message']); ?></p> </td>
</td> </tr>
</tr> </table>
</table> <?php
$replies = mysql_select_multi("SELECT * FROM znote_tickets_replies WHERE tid='$view' ORDER BY `created`;");
<?php if ($replies !== false) {
$replies = mysql_select_multi("SELECT * FROM znote_tickets_replies WHERE tid='". addslashes((int)$_GET['view']) ."' ORDER BY `created`;"); foreach($replies as $reply) {
if ($replies !== false) { ?>
foreach($replies as $reply) { <table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($reply['created'], true);
?> ?>
<table class="znoteTable ThreadTable table table-striped"> - Posted by:
<tr class="yellow"> <?php
<th> echo $reply['username'];
<?php ?>
echo getClock($reply['created'], true); </th>
?> </tr>
- Posted by: <tr>
<?php <td>
echo $reply['username']; <p><?php echo nl2br($reply['message']); ?></p>
?> </td>
</th> </tr>
</tr> </table>
<tr> <hr class="bighr">
<td>
<p><?php echo nl2br($reply['message']); ?></p>
</td>
</tr>
</table>
<hr class="bighr">
<?php
}
}
?>
<form action="" method="post">
<input type="hidden" name="username" value="ADMIN"><br>
<textarea class="forumReply" name="reply_text" style="width: 610px; height: 150px"></textarea><br>
<input name="" type="submit" value="Post Reply" class="btn btn-primary">
</form>
<?php
}else{
?>
<h1>Latest Tickets</h1>
<?php <?php
}
$tickets = mysql_select_multi("SELECT id,subject,creation,status FROM znote_tickets ORDER BY creation DESC"); }
if ($tickets !== false) { ?>
<form action="" method="post">
<input type="hidden" name="username" value="ADMIN"><br>
<textarea class="forumReply" name="reply_text" style="width: 610px; height: 150px"></textarea><br>
<input name="" type="submit" value="Post Reply" class="btn btn-primary">
</form>
<?php
} else {
?>
<h1>Latest Tickets</h1>
<?php
$tickets = mysql_select_multi("SELECT id,subject,creation,status FROM znote_tickets ORDER BY creation DESC");
if ($tickets !== false) {
?> ?>
<table>
<table> <tr class="yellow">
<tr class="yellow"> <td>ID:</td>
<td>ID:</td> <td>Subject:</td>
<td>Subject:</td> <td>Creation:</td>
<td>Creation:</td> <td>Status:</td>
<td>Status:</td> </tr>
</tr> <?php
foreach ($tickets as $ticket) {
echo '<tr class="special">';
echo '<td>'. $ticket['id'] .'</td>';
echo '<td><a href="admin_helpdesk.php?view='. $ticket['id'] .'">'. $ticket['subject'] .'</a></td>';
echo '<td>'. getClock($ticket['creation'], true) .'</td>';
echo '<td>'. $ticket['status'] .'</td>';
echo '</tr>';
}
?>
</table>
<?php <?php
foreach ($tickets as $ticket) { } else echo 'No helpdesk tickets has been submitted.';
echo '<tr class="special">';
echo '<td>'. $ticket['id'] .'</td>';
echo '<td><a href="admin_helpdesk.php?view='. $ticket['id'] .'">'. $ticket['subject'] .'</a></td>';
echo '<td>'. getClock($ticket['creation'], true) .'</td>';
echo '<td>'. $ticket['status'] .'</td>';
}}
?>
</table>
<?php
} }
include 'layout/overall/footer.php'; include 'layout/overall/footer.php';
?> ?>

424
helpdesk.php
View File

@ -1,243 +1,223 @@
<?php <?php
require_once 'engine/init.php'; require_once 'engine/init.php';
if (user_logged_in() === false) { if (user_logged_in() === false) {
header('Location: register.php'); header('Location: register.php');
} }
include 'layout/overall/header.php'; include 'layout/overall/header.php';
$view = (int)$_GET['view']; $view = (isset($_GET['view']) && (int)$_GET['view'] > 0) ? (int)$_GET['view'] : false;
if ($view) { if ($view !== false) {
if (!empty($_POST['reply_text'])) { if (!empty($_POST['reply_text'])) {
sanitize($_POST['reply_text']);
// Save ticket reply on database // Save ticket reply on database
$query = array( $query = array(
'tid' => $_GET['view'], 'tid' => $view,
'username'=> $_POST['username'], 'username'=> getValue($_POST['username']),
'message' => $_POST['reply_text'], 'message' => getValue($_POST['reply_text']),
'created' => time(), 'created' => time(),
); );
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
mysql_insert("INSERT INTO `znote_tickets_replies` ($fields) VALUES ($data)");
mysql_update("UPDATE `znote_tickets` SET `status`='Player-Reply' WHERE `id`='$view' LIMIT 1;");
}
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id='$view' LIMIT 1;");
//Sanitize array if($ticketData['owner'] != $session_user_id) {
array_walk($query, 'array_sanitize'); echo 'You can not view this ticket!';
include 'layout/overall/footer.php';
$fields = '`'. implode('`, `', array_keys($query)) .'`'; die;
$data = '\''. implode('\', \'', $query) .'\''; }
mysql_insert("INSERT INTO `znote_tickets_replies` ($fields) VALUES ($data)");
mysql_update("UPDATE `znote_tickets` SET `status`='Player-Reply' WHERE `id`=". $_GET['view']);
}
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id=". addslashes((int)$_GET['view']));
if($ticketData['owner'] != $session_user_id){
echo 'You can not view this ticket!';
die;
}
?> ?>
<h1>View Ticket #<?php echo $ticketData['id']; ?></h1> <h1>View Ticket #<?php echo $ticketData['id']; ?></h1>
<table class="znoteTable ThreadTable table table-striped">
<table class="znoteTable ThreadTable table table-striped"> <tr class="yellow">
<tr class="yellow"> <th>
<th>
<?php
echo getClock($ticketData['creation'], true);
?>
- Created by:
<?php
echo $ticketData['username'];
?>
</th>
</tr>
<tr>
<td>
<p><?php echo nl2br($ticketData['message']); ?></p>
</td>
</tr>
</table>
<?php <?php
$replies = mysql_select_multi("SELECT * FROM znote_tickets_replies WHERE tid='". (int)$_GET['view'] ."' ORDER BY `created`;"); echo getClock($ticketData['creation'], true);
if ($replies !== false) {
foreach($replies as $reply) {
?>
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($reply['created'], true);
?>
- Posted by:
<?php
echo $reply['username'];
?>
</th>
</tr>
<tr>
<td>
<p><?php echo nl2br($reply['message']); ?></p>
</td>
</tr>
</table>
<hr class="bighr">
<?php
}
}
?>
<form action="" method="post">
<input type="hidden" name="username" value="<?php echo $ticketData['username']; ?>"><br>
<textarea class="forumReply" name="reply_text" style="width: 610px; height: 150px"></textarea><br>
<input name="" type="submit" value="Post Reply" class="btn btn-primary">
</form>
<?php
}else{
$account = mysql_select_single("SELECT name,email FROM accounts WHERE id = $session_user_id");
if (empty($_POST) === false) {
// $_POST['']
$required_fields = array('username', 'email', 'subject', 'message');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'You need to fill in all fields.';
break 1;
}
}
// check errors (= user exist, pass long enough
if (empty($errors) === true) {
/* Token used for cross site scripting security */
if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.';
}
if ($config['use_captcha']) {
include_once 'captcha/securimage.php';
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
$errors[] = 'Captcha image verification was submitted wrong.';
}
}
if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {
$errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
}
}
}
?>
<h1>Latest Tickets</h1>
<?php
$tickets = mysql_select_multi("SELECT id,subject,creation,status FROM znote_tickets WHERE owner=$session_user_id ORDER BY creation DESC");
if ($tickets !== false) {
?>
<table>
<tr class="yellow">
<td>ID:</td>
<td>Subject:</td>
<td>Creation:</td>
<td>Status:</td>
</tr>
<?php
foreach ($tickets as $ticket) {
echo '<tr class="special">';
echo '<td>'. $ticket['id'] .'</td>';
echo '<td><a href="helpdesk.php?view='. $ticket['id'] .'">'. $ticket['subject'] .'</a></td>';
echo '<td>'. getClock($ticket['creation'], true) .'</td>';
echo '<td>'. $ticket['status'] .'</td>';
}}
?>
</table>
<h1>Helpdesk</h1>
<?php
if (isset($_GET['success']) && empty($_GET['success'])) {
echo 'Congratulations! Your ticket has been created. We will reply up to 24 hours.';
} else {
if (empty($_POST) === false && empty($errors) === true) {
if ($config['log_ip']) {
znote_visitor_insert_detailed_data(1);
}
//Save ticket on database
$query = array(
'owner' => $session_user_id,
'username'=> $_POST['username'],
'subject' => $_POST['subject'],
'message' => $_POST['message'],
'ip' => ip2long(getIP()),
'creation' => time(),
'status' => 'Open'
);
//Sanitize array
array_walk($query, 'array_sanitize');
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
mysql_insert("INSERT INTO `znote_tickets` ($fields) VALUES ($data)");
header('Location: helpdesk.php?success');
exit();
} else if (empty($errors) === false){
echo '<font color="red"><b>';
echo output_errors($errors);
echo '</b></font>';
}
?>
<form action="" method="post">
<ul>
<li>
Account Name:<br>
<input type="text" name="username" size="40" value="<?php echo $account['name']; ?>" disabled>
</li>
<li>
Email:<br>
<input type="text" name="email" size="40" value="<?php echo $account['email']; ?>" disabled>
</li>
<li>
Subject:<br>
<input type="text" name="subject" size="40">
</li>
<li>
Message:<br>
<textarea name="message" rows="7" cols="30"></textarea>
</li>
<?php
if ($config['use_captcha']) {
?> ?>
- Created by:
<?php
echo $ticketData['username'];
?>
</th>
</tr>
<tr>
<td>
<p><?php echo nl2br($ticketData['message']); ?></p>
</td>
</tr>
</table>
<?php
$replies = mysql_select_multi("SELECT * FROM znote_tickets_replies WHERE tid='$view' ORDER BY `created`;");
if ($replies !== false) {
foreach($replies as $reply) {
?>
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($reply['created'], true);
?>
- Posted by:
<?php
echo $reply['username'];
?>
</th>
</tr>
<tr>
<td>
<p><?php echo nl2br($reply['message']); ?></p>
</td>
</tr>
</table>
<hr class="bighr">
<?php
}
}
?>
<form action="" method="post">
<input type="hidden" name="username" value="<?php echo $ticketData['username']; ?>"><br>
<textarea class="forumReply" name="reply_text" style="width: 610px; height: 150px"></textarea><br>
<input name="" type="submit" value="Post Reply" class="btn btn-primary">
</form>
<?php
} else {
$account = mysql_select_single("SELECT name,email FROM accounts WHERE id = $session_user_id");
if (!empty($_POST)) {
$required_fields = array('username', 'email', 'subject', 'message');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'You need to fill in all fields.';
break 1;
}
}
// check errors (= user exist, pass long enough
if (empty($errors) === true) {
/* Token used for cross site scripting security */
if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.';
}
if ($config['use_captcha']) {
include_once 'captcha/securimage.php';
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
$errors[] = 'Captcha image verification was submitted wrong.';
}
}
// Reversed this if, so: first check if you need to validate, then validate.
if ($config['validate_IP'] === true && validate_ip(getIP()) === false) {
$errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
}
}
}
?>
<h1>Latest Tickets</h1>
<?php
$tickets = mysql_select_multi("SELECT id,subject,creation,status FROM znote_tickets WHERE owner=$session_user_id ORDER BY creation DESC");
if ($tickets !== false) {
?>
<table>
<tr class="yellow">
<td>ID:</td>
<td>Subject:</td>
<td>Creation:</td>
<td>Status:</td>
</tr>
<?php
foreach ($tickets as $ticket) {
echo '<tr class="special">';
echo '<td>'. $ticket['id'] .'</td>';
echo '<td><a href="helpdesk.php?view='. $ticket['id'] .'">'. $ticket['subject'] .'</a></td>';
echo '<td>'. getClock($ticket['creation'], true) .'</td>';
echo '<td>'. $ticket['status'] .'</td>';
echo '</tr>';
}
?>
</table>
<?php
}
?>
<h1>Helpdesk</h1>
<?php
if (isset($_GET['success']) && empty($_GET['success'])) {
echo 'Congratulations! Your ticket has been created. We will reply up to 24 hours.';
} else {
if (empty($_POST) === false && empty($errors) === true) {
if ($config['log_ip']) {
znote_visitor_insert_detailed_data(1);
}
//Save ticket on database
$query = array(
'owner' => $session_user_id,
'username'=> getValue($_POST['username']),
'subject' => getValue($_POST['subject']),
'message' => getValue($_POST['message']),
'ip' => ip2long(getIP()),
'creation' => time(),
'status' => 'Open'
);
$fields = '`'. implode('`, `', array_keys($query)) .'`';
$data = '\''. implode('\', \'', $query) .'\'';
mysql_insert("INSERT INTO `znote_tickets` ($fields) VALUES ($data)");
header('Location: helpdesk.php?success');
exit();
} else if (empty($errors) === false) {
echo '<font color="red"><b>';
echo output_errors($errors);
echo '</b></font>';
}
?>
<form action="" method="post">
<ul>
<li> <li>
<b>Write the image symbols in the text field to verify that you are a human:</b> Account Name:<br>
<img id="captcha" src="captcha/securimage_show.php" alt="CAPTCHA Image" /><br> <input type="text" name="username" size="40" value="<?php echo $account['name']; ?>" disabled>
<input type="text" name="captcha_code" size="10" maxlength="6" /> </li>
<a href="#" onclick="document.getElementById('captcha').src = 'captcha/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a><br><br> <li>
Email:<br>
<input type="text" name="email" size="40" value="<?php echo $account['email']; ?>" disabled>
</li>
<li>
Subject:<br>
<input type="text" name="subject" size="40">
</li>
<li>
Message:<br>
<textarea name="message" rows="7" cols="30"></textarea>
</li> </li>
<?php <?php
} if ($config['use_captcha']) {
?> ?>
<?php <li>
/* Form file */ <b>Write the image symbols in the text field to verify that you are a human:</b>
Token::create(); <img id="captcha" src="captcha/securimage_show.php" alt="CAPTCHA Image" /><br>
?> <input type="text" name="captcha_code" size="10" maxlength="6" />
<li> <a href="#" onclick="document.getElementById('captcha').src = 'captcha/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a><br><br>
<input type="hidden" name="username" value="<?php echo $account['name']; ?>"> </li>
<input type="submit" value="Submit ticket"> <?php
</li> }
</ul> ?>
</form> <?php
<?php /* Form file */
}} Token::create();
?>
<li>
<input type="hidden" name="username" value="<?php echo $account['name']; ?>">
<input type="submit" value="Submit ticket">
</li>
</ul>
</form>
<?php
}
}
include 'layout/overall/footer.php'; include 'layout/overall/footer.php';
?> ?>