Copyright (c) 2006,2007,2008 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: $Id: $ **********************************************************************/ require('staff.inc.php'); require_once(INCLUDE_DIR.'class.ticket.php'); require_once(INCLUDE_DIR.'class.dept.php'); $nav->setTabActive('approve'); $nav->addSubMenu(array()); $q = "SELECT approved FROM ".TICKET_RESPONSE_TABLE; if(!mysql_query($q)) { //if the necessary columns don't exist create them $j = 0; $q = "ALTER TABLE ".TICKET_RESPONSE_TABLE." ADD waiting BOOL"; if(mysql_query($q)) $msg = "Approval columns successfully added"; else $j++; $q = "ALTER TABLE ".TICKET_RESPONSE_TABLE." ADD approved BOOL"; if(mysql_query($q)) $msg = "Approval columns successfully added"; else $j++; $q = "ALTER TABLE ".TICKET_RESPONSE_TABLE." ADD signature VARCHAR(4)"; if(mysql_query($q)) $msg = "Approval columns successfully added"; else $j++; $q = "ALTER TABLE ".TICKET_RESPONSE_TABLE." ADD notify BOOL"; if(mysql_query($q)) $msg = "Approval columns successfully added"; else $j++; if($j>0) $errors['err'] = "Approval column addition failed ".mysql_error(); } else { //if the necessary columns do exist, do the normal if($_POST['a']=="approve") { $response_id = substr(strip_tags($_POST['response_id']),0,10); $response = trim(strip_tags($_POST['response'])); $submit = substr(strip_tags($_POST['submit']),0,7); $id = substr(strip_tags($_POST['id']),0,10); if(!$response_id) $errors['err'] = "Response ID lost..."; if(!response) $errors['response'] = "Response required"; if(!$errors) { if($submit == "Approve") { $q = "UPDATE ".TICKET_RESPONSE_TABLE." SET response='".mysql_real_escape_string($response)."', waiting=0, approved=1 WHERE response_id=".mysql_real_escape_string($response_id); if(mysql_query($q)) $msg = "Response Approval Successful"; else $errors['err'] = "Response Approval Failed"; } if($submit == "Deny") { $q = "UPDATE ".TICKET_RESPONSE_TABLE." SET response='".mysql_real_escape_string($response)."', waiting=0, approved=0 WHERE response_id=".mysql_real_escape_string($response_id); if(mysql_query($q)) $msg = "Response Denial Successful"; else $errors['err'] = "Response Denial Failed"; if(!$errors) { $q = "UPDATE ".TICKET_TABLE." SET status='open' WHERE ticket_id=".mysql_real_escape_string($id); echo $q; if(mysql_query($q)) $msg = "Response Denial Successful"; else $errors['err'] = "Response Denial Failed"; } } } if(!$errors) { //sends an email response to customer $sql='SELECT ticket_reply_subj,ticket_reply_body FROM '.EMAIL_TEMPLATE_TABLE. ' WHERE cfg_id='.db_input($cfg->getId()).' AND tpl_id='.db_input($cfg->getDefaultTemplateId()); $resp=db_query($sql); if(db_num_rows($resp) && list($subj,$body)=db_fetch_row($resp)){ $q = "SELECT ticket.ticketID, ticket.name, ticket.email, ticket.subject, ticket.status, response.response, response.signature, dept.dept_name, dept.dept_signature, message.message FROM ".TICKET_RESPONSE_TABLE." response". " LEFT JOIN ".TICKET_TABLE." ticket ON response.ticket_id=ticket.ticket_id". " LEFT JOIN ".TICKET_MESSAGE_TABLE." message ON message.ticket_id=ticket.ticket_id". " LEFT JOIN ".DEPT_TABLE." dept ON dept.dept_id=ticket.dept_id". " LEFT JOIN ".EMAIL_TABLE." email ON email.email_id=dept.email_id". " WHERE response.response_id=".mysql_real_escape_string($response_id); $query = mysql_query($q); $row = mysql_fetch_assoc($query); if(strtolower($row['status'])=="closed") { $subj = "Support Ticket #%ticket Closed"; $ticket_status = "Resolved"; } else { $ticket_status = "Open"; } $subj = str_replace("%ticket", $row['ticketID'],$subj); $subj = str_replace("%name", $row['name'],$subj); $subj = str_replace("%email", $row['email'],$subj); $subj = str_replace("%subject", $row['subject'],$subj); $subj = str_replace("%dept", $row['dept_name'],$subj); $subj = str_replace("%status", $ticket_status, $subj); $seperate_names = explode(" ",$row['name'],2); $subj = str_replace("%firstname", $seperate_names[0], $subj); $body = str_replace("%firstname", $seperate_names[0], $body); $subj = str_replace("%lastname", $seperate_names[1], $subj); $body = str_replace("%lastname", $seperate_names[1], $body); $body = str_replace("%ticket", $row['ticketID'],$body); $body = str_replace("%name", $row['name'],$body); $body = str_replace("%email", $row['email'],$body); $body = str_replace("%subject", $row['subject'],$body); $body = str_replace("%dept", $row['dept_name'],$body); $body = str_replace("%status", $ticket_status, $body); $body = str_replace("%message",$row['response'],$body); $body = str_replace("%baseurl", $cfg->getBaseUrl(), $body); $url = ''; $body = str_replace("%url", $url, $body); $body = str_replace("%/url", "", $body); $original_message = $row['message']; if($original_message == "Ticket created by staff") { $services= mysql_query("SELECT response FROM ".TICKET_RESPONSE_TABLE." WHERE ticket_id=".mysql_real_escape_string($id)." ORDER BY response_id ASC"); list($original[]) = db_fetch_row($services); $original_message = $original[0]; } $body = str_replace("%quote", $original_message,$body); //Figure out the signature to use...if any. if($row['signature']>0) { $q = "SELECT signature FROM ".STAFF_TABLE." WHERE staff_id=".$row['signature']; $query = mysql_query($q); $sign = mysql_fetch_assoc($query); $signature = $sign['signature']; } if($row['signature']==0) { $signature = ""; } if($row['signature']<0) { $signature = $row['dept_signature']; } $body = str_replace("%signature",$signature,$body); //Email attachment when attached AND if emailed. if(($attachment && is_file($attachment['tmp_name'])) && $cfg->emailAttachments()) { $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; $headers="MIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; $body = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/html; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n". $body . "\n\n"; $body.= "--{$mime_boundary}\n" . "Content-Type: " . $attachment['type'] . ";\n" . " name=\"" . $attachment['name'] . "\"\n" . "Content-Disposition: attachment;\n" . " filename=\"" . $attachment['name'] . "\"\n" . "Content-Transfer-Encoding: base64\n\n" . chunk_split(base64_encode(file_get_contents($attachment['tmp_name']))). "\n\n" . "--{$mime_boundary}--\n"; } else { $headers = "MIME-Version: 1.0\n"."Content-type: text/html; charset=iso-8859-1"; } $email=$from=$fromNamenull; if(($email=$row['email.email'])) { //Dept email if set! $from=$email->getEmail(); $fromName=$email->getName(); //Reply separator tag. if($cfg->stripQuotedReply() && ($tag=$cfg->getReplySeparator())) $body ="\n$tag\n\n".$body; }else{//No emails means it is a noreply... $from=$cfg->getNoReplyEmail(); } Misc::sendmail($row['email'],$subj,$body,$from,$fromName,$headers); ?>

0 && !$_REQUEST['id'] || (!$errors && $_POST)) {?>
Responses for Approval
Ticket Created Response Subject Priority From Assigned To
class="Icon Ticket" title=" Ticket" href="approve.php?id=&response_id=">   ":''?>  
Responses for Approval
Ticket Created Response Subject Priority From Assigned To
No Responses Requiring Approval