osTicket - Client login for restricted ticket posting?

rocketman

Being extremely new to osTicket, can osTicket be setup to allow only members with an id and password OR an email address and password on file, first have to login to post a new ticket?

4ice

No, at the moment this is not supported.

Making a login system with users is on the wish list though.

rocketman

I was thinking it would eliminate wasted ticket number issues, spammers and the loss of time servicing unnecessary support requests.

Thanks for the quick response

Telethra

I have a suggestion for those already using a site with authentication (Joomla, Mambo, etc etc). I haven't tried this yet, or even looked at the code to see how easy it would be, but my idea is to add a simple check to see if the user is authenticated. If not, redirect to your login/registration page. If so, continue loading the page. It would at least be a temporary fix anyway for those who wish to restrict access to the ticketing system.

I actually plan on perhaps adding this for our Joomla! CMS site. Any input from the devs would be appreciated, thanks.

~Brian

centeno

integration with joomla

any news about integration with joomla? :(

thanks.

Centeno

Clipper

Whoops double post.

Maybe a moderator can delete this one.

Clipper

Clipper

Hi all,

I'm a new osTicket user but am quite experienced in php.

I too wanted to restrict ticket posting and adopted a quick fix approach as follows:

Hard coded acceptable email domains (not specific addresses)

Look up where necessary

For the record, these are the changes:

// osTicket version 1.6RC4

// Backup file: include/class.client.php

// Open file: include/class.client.php

// Find

// if($email){ //don't validate...using whatever is entered.

// $sql.=' AND email='.db_input($email);

// }

// Replace with

if( !$this->knownEmailDomain($email) ){ //validate by email domain

return NULL;

}

$sql.=' AND email='.db_input($email);

// Find

// function getId(){

// Add before

function knownEmailDomain($email){

$domains = array(

'xxxxxx.com',

'yyyyyyy.net',

'zzzz.org'

);

$a = explode('@', $email);

return in_array($a, $domains);

}

// Close file

// Backup file: open.php

// Open file: open.php

// Find

// if($_POST):

// Add after

if(!Client:($_POST)){

$errors = 'Unable to create a ticket. Please correct errors below and try again!';

$errors = 'Only pre-validated email addresses are allowed.';

}

// Close file

Only lightly tested so please treat with caution.

Of course, you can only add/remove via FTP - there's no friendly control panel.

The osTicket code is VERY well organised so changes like this are pretty easy once you've learned the patterns and conventions.

Hopefully mods like this will be a thing of the past soon, when proper user

Meanwhile I hope this helps.

Clipper

scubes13

Thanks!

Thanks for that Clipper! You just saved me a lot of headache and sorrow!

Great work!

scubes13

Well, I suppose I spoke too soon.

When I enter a valid email domain, I get the "Email mismatch" error.

Any ideas? I am on 1.6.RC5

scubes13

bit of a change, see any problem?

I made a bit of a change to the code Clipper posted. I was getting errors about an "Email Mismatch". It may have been about my browser's cache rather than a coding problem. At any rate, I made the following change and things work for me.

if( $this->knownEmailDomain($email) ){ //validate by email domain

$sql.=' AND email='.db_input($email);

}

Basically, rather than testing that the domain ISN'T in the domain list, I am testing that the domain IS in the domain list.

Anyone see any problems with this code?

Thanks!