Hi all,
I'm a web developer at the Embedded Software Laboratory at RWTH Aachen University.
We've been using osTicket for quite a while and decided to share our modifications with you.
I've attached a zip file including patches for the following modifications (explanations below):
- Make it possible to blacklist file extensions for tickets (deny_extension.patch)
- Give everyone the ability to set the "due date" (due_date.patch)
- Very small patch to enable basic ldap authentication (ldap_login.patch)
- Improved HTML-Mail formatting (hi @ Outlook....) (mail_formatting.patch)
- Workaround for getting older versions of libimap to work with Microsoft Exchange Server 2010 and higher (mail_pear.patch)
- Ability for Staffers to reply to tickets via E-Mail (mail_reply.patch)
So what does it do?
----
Extension Blacklisting
(deny_extension.patch)
The extension blacklisting patch gives administrators to ... well ... blacklist file extensions for tickets.
This is especially useful if you want to allow basically any extension but a few.
In our case we wanted to just disallow the SMIME signature files (.p7s) because they pollute the database...
To install this mod you just need to apply the patch.
Afterwards you can disallow extensions by putting an exclamation mark before the extensions you want to deny in the form field for accepted file types.
Please note that disallowing extensions has priority over allowing extensions.
I'll give you an example on how to use it.
So we wanted to allow any extension but SMIME signature files so our "accepted file type" list is:
.*, !.p7s
We first allow any extension and then disallow the p7s extension.
Simple, isn't it?
This patch also fixes a bug, where only extensions with 3 or 4 characters are recognized, making it impossible to allow .z or .7z files.
You can now also allow/disallow files with no extensions: Simply use a dot.
Example:
Allowing any file as long as it has an extension:
.*, !.
----
Due Dates by everyone
(due_date.patch)
Since we (the techies) are everyones slaves (or at least the others think we are ) I've been asked to give everyone the ability to set the "due date".
Please note again that this patch enables everyone to set the due date. Only use this patch if you somewhat trust your users to not abuse this feature.
To install this mod again just apply the patch.
The "due date" can now be set by just having "Due Date: " in your ticket message.
Example Ticket for Due Date 21 12.12.2042:
Hiho,
get this done soon please.
Due Date: 21 12.12.2042
Note that the time is optional.
The accepted formats for the date are:
DD.MM.YY
DD.MM.YYYY
MM/DD/YY
MM/DD/YYYY
YY-MM-DD
YYYY-MM-DD
----
Basic LDAP login
(ldap_login.php)
We're using a Windows Domain with ActiveDirectory for close to anything that provides a user login.
Now it'd be great if we could use our AD for osTicket logins as well, so here we go.
To install this mod just apply the patch.
Directly after patching your osTicket installation will still behave as before. You can still log in the same way until you tell osTicket how to communicate to your AD.
To do so you must add the following lines to your ost-config.php:
define('LDAPHOST','ldap.win.example.com');
define('LDAPDOMAIN','win.example.com');
Where "ldap.win.example.com" is the actual host name of your AD (most likely the domain controller) and "win.example.com" is your login domain (ask your domain administrator if you don't know).
Now everything is ready. Your staff can now login using the AD credentials. Please not that from now on you only can log on if your osTicket username is exactly the same as your ad username.
If you want your staff to also use the native osTicket login if the AD login fails, you can do so by adding the following line to your ost-config.php:
define('LDAPFALLBACK', 1);
If you're looking for more features you might want to take a look at this mod here: http://osticket.com/forums/showthread.php?t=13731(http://osticket.com/forums/showthread.php?t=13731)
----
Improved HTML-Mail formatting
(mail_formatting.patch)
Thanks to Outlooks incredible ugly usage of HTML just stripping the tags often makes the text very hard to read. Additionally just stripping tags might destroy "mailto:"-links.
This patch tries to make HTML-Mails look as nice as Text-Mails.
Just apply the patch and you're done.
This patch also fixes a bug where tags created by "Format:()" do not get converted back to "mailto:"-html links by "Format:()".
----
libimap workaround
(mail_pear.patch)
After upgrading our Software at some point, almost all Tickets created from mails fetched from our Microsoft Exchange Server 2010 got corrupted.
To be more precise the Ticket messages either got cut in the middle or were completely empty.
It turns out that Debian (which is what our web server runs) uses a - let’s call it VERY VERY stable - version of libimap that causes problems with Microsoft Exchange Server 2010 and newer.
If you're suffering from such a problem and have thus refrained from either upgrading or using some other sort of relay to get the mails to osTicket,
this patch will help you.
Just apply it and there you go.
Just note that this patch is very hacky and was originally written for osTicket 1.6 and then later ported to 1.7 (quite a bit changed here).
While fetching messages definitely works I didn't look too deep into the attachments part after porting it to osTicket 1.7.
If you want to do some extensive testing feel free to do so and give feedback please.
----
Staff reply by E-Mail
(mail_reply.patch)
So yeah - logging into the system just to reply a ticket is very annoying so replying via mail would be great, right?
Here we go.
After applying this patch your staff will be able to reply to tickets just by replying to the notification mail.
I'm aware that there is similar mod (http://osticket.com/forums/showthread.php?t=14164(http://osticket.com/forums/showthread.php?t=14164)), however this mod is somewhat superior since it does access checks and honors the ban list (just to make it feature complete).
It also tries to match the Subject to any kind of templates defined to assure that an email is indeed a response to a certain ticket.
If a staff member tries to reply to a ticket which he/she does not have access to, a syslog message will be generated.
Most of the code is using an own function so if you want to know how it works you can do so quite easily.
However please note that using E-Mail replies is unsafe (no authentication is done) if you don't honor the following points:
Make sure all your staff is using a mail server controlled by you or your admins
Make sure your mail servers only accept mails from their own domain if they've been sent from within the domain.
This probably applies to any E-Mail reply mod you use.
----
All the patches have been tested with osTicket 1.7.0 and 1.7.1 (see the 1.7/1.7.1 folders).
We will provide updates as soon as a new stable version has been released.
Also let me point out something quite important for all Debian users:
As of version 1.7 osTicket uses a custom session handler. A custom session handler implies custom garbage collection for sessions.
Now there is a problem with Debian here:
Debian has disabled PHPs automatic garbage collector and uses a cron job to remove old sessions for security reason.
This works very well as long as you're not using (you might've guessed it) custom session handling.
Now since PHPs automatic garbage collection is disabled (globally) your session table in your database gets polluted REALLY quickly.
The best way to work around this (assuming you're using apache) is by adding
php_admin_value session.gc_probability 1
to your vhost configuration or (if you can't do so) to your .htaccess file.
Since I've not found anything of the likes in the osTicket wiki, I'll file a report to have it included there later on.
That's it folks.
I hope some of these modifications help you :)
Your feedback is very welcome.
-XyFreak
[osticket_i11_mod_collection.zip](https://forum.osticket.com/assets/files/migrated/d/cc70ea096da7be18e66b6cc79070be7.zip)
