403 Forbidden - You must use the link from your osTicket profile to access this feed."; exit(); } $sql = "SELECT staff_id FROM ost_staff WHERE MD5(CONCAT(username,passwd)) = '".$feedKey."';"; $query = mysql_query($sql); $row = mysql_fetch_assoc($query); $staffId = $row['staff_id']; if(!$staffId){ header("403 Forbidden"); echo "

403 Forbidden - You must use the link from your osTicket profile to access this feed.

"; exit(); } ### requestTypes: (a)ll, (o)pen, (u)nassigned & open, (m)ine & open if(preg_match("/a/", $requestType)){ $whereClauses[] = "1"; } if(preg_match("/o/", $requestType)){ $whereClauses[] = "status = 'open'"; } if(preg_match("/u/", $requestType)){ $whereClauses[] = "(staff_id = 0 AND status = 'open')"; } if(preg_match("/m/", $requestType)){ $whereClauses[] = "(staff_id = '".$staffId."' AND status = 'open')"; } $sql = "SELECT * FROM ost_ticket WHERE "; foreach($whereClauses as $where){ $sql .= $where." OR "; } $sql = preg_replace("/ OR $/", "", $sql).";"; $query = mysql_query($sql); $rss = ' Helpdesk Tickets 3 '.$osTicket.'/scp '; while($row = mysql_fetch_assoc($query)){ $sql = "SELECT * FROM ost_ticket_message WHERE ticket_id = ".$row['ticket_id'].";"; $msgQuery = mysql_query($sql); unset($messages); while($msgRow = mysql_fetch_assoc($msgQuery)){ $date = date_create($msgRow['created']); $ts = date_format($date, "U"); $messages[$ts] = "

".$msgRow['created']."

".htmlentities($msgRow['message'])."

"; } $sql = "SELECT * FROM ost_ticket_note WHERE ticket_id = ".$row['ticket_id'].";"; $msgQuery = mysql_query($sql); while($msgRow = mysql_fetch_assoc($msgQuery)){ $date = date_create($msgRow['created']); $ts = date_format($date, "U"); $messages[$ts] = "

".$msgRow['created']." added by ".htmlentities($msgRow['source'])." - [Internal] ".htmlentities($msgRow['title'])."

".htmlentities($msgRow['note'])."

"; } $sql = "SELECT * FROM ost_ticket_response WHERE ticket_id = ".$row['ticket_id'].";"; $msgQuery = mysql_query($sql); while($msgRow = mysql_fetch_assoc($msgQuery)){ $date = date_create($msgRow['created']); $ts = date_format($date, "U"); $messages[$ts] = "

".$msgRow['created']." added by ".htmlentities($msgRow['staff_name'])." - [Response]

".htmlentities($msgRow['response'])."

"; } ksort($messages); $html = ""; foreach($messages as $msg){ $html .= $msg; } $flags = ""; if($row['staff_id'] == $staffId){ $flags = "[*]"; } if($row['staff_id'] == "0"){ $flags = "[!]"; } $rss .= ' '.$flags.' ['.htmlentities($row['name']).'] '.$row['ticketID'].': '.htmlentities($row['subject']).' '.$osTicket.'/scp/tickets.php?id='.$row['ticket_id'].' '; } $rss .= ' '; header("Content-Type: application/xml; charset=ISO-8859-1"); echo $rss;