>

id="add-title"> id="edit-title">

'; hesk_handle_messages(); echo '
'; } $errors = hesk_SESSION(array('canned', 'errors')); $errors = is_array($errors) ? $errors : array(); ?>
>
$v) { if ($v['use']) { echo ''.$v['name'].''; } } ?>
' . $hesklang['selcan'] . ''; $errors[] = 'saved_replies'; } $savename = hesk_input( hesk_POST('name') ); if (!$savename) { $hesk_error_buffer .= '
  • ' . $hesklang['ent_saved_title'] . '
    • '; $errors[] = 'name'; } $msg = hesk_input( hesk_POST('msg') ); if (!$msg) { $hesk_error_buffer .= '
  • ' . $hesklang['ent_saved_msg'] . '
    • '; $errors[] = 'msg'; } // Avoid problems with utf-8 newline chars in Javascript code, detect and remove them $msg = preg_replace('/\R/u', "\r\n", $msg); $_SESSION['canned']['what'] = 'EDIT'; $_SESSION['canned']['id'] = $id; $_SESSION['canned']['name'] = $savename; $_SESSION['canned']['msg'] = $msg; $_SESSION['canned']['errors'] = $errors; /* Any errors? */ if (strlen($hesk_error_buffer)) { $hesk_error_buffer = $hesklang['rfm'].'

    '; hesk_process_messages($hesk_error_buffer,'manage_canned.php?saved_replies='.$id); } if ($hesk_settings['staff_ticket_formatting'] == 2) { // Decode the message we encoded earlier $msg_html = hesk_html_entity_decode($msg); // Clean the HTML code and set the plaintext version require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); require(HESK_PATH . 'inc/html2text/html2text.php'); $purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']); $msg_html = $purifier->heskPurify($msg_html); $msg = convert_html_to_text($msg_html); $msg = fix_newlines($msg); // Replace regular newlines with \r\n to match regular plaintext storage... but then get rid of any accidental \r\r\n outputs $msg = str_replace("\n", "\r\n", $msg); $msg = str_replace("\r\r\n", "\r\n", $msg); // Re-encode the message $msg = hesk_htmlspecialchars($msg); } else { $msg_html = hesk_makeURL($msg); $msg_html = nl2br($msg_html); } $result = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` SET `title`='".hesk_dbEscape($savename)."',`message`='".hesk_dbEscape($msg)."', `message_html`='".hesk_dbEscape($msg_html)."' WHERE `id`='".intval($id)."'"); $_SESSION['canned']['selcat2'] = $id; unset($_SESSION['canned']['what']); unset($_SESSION['canned']['id']); unset($_SESSION['canned']['name']); unset($_SESSION['canned']['msg']); unset($_SESSION['canned']['errors']); hesk_process_messages($hesklang['your_saved'],'manage_canned.php?saved_replies='.$id,'SUCCESS'); } // End edit_saved() function new_saved() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check('POST'); $hesk_error_buffer = ''; $errors = array(); $savename = hesk_input( hesk_POST('name') ); if (!$savename) { $hesk_error_buffer .= '
  • ' . $hesklang['ent_saved_title'] . '
    • '; $errors[] = 'name'; } $msg = hesk_input( hesk_POST('msg') ); if (!$msg) { $hesk_error_buffer .= '
  • ' . $hesklang['ent_saved_msg'] . '
    • '; $errors[] = 'msg'; } // Avoid problems with utf-8 newline chars in Javascript code, detect and remove them $msg = preg_replace('/\R/u', "\r\n", $msg); $_SESSION['canned']['what'] = 'NEW'; $_SESSION['canned']['name'] = $savename; $_SESSION['canned']['msg'] = $msg; $_SESSION['canned']['errors'] = $errors; /* Any errors? */ if (strlen($hesk_error_buffer)) { $hesk_error_buffer = $hesklang['rfm'].'

    '; hesk_process_messages($hesk_error_buffer,'manage_canned.php'); } if ($hesk_settings['staff_ticket_formatting'] == 2) { // Decode the message we encoded earlier $msg_html = hesk_html_entity_decode($msg); // Clean the HTML code and set the plaintext version require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php'); require(HESK_PATH . 'inc/html2text/html2text.php'); $purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']); $msg_html = $purifier->heskPurify($msg_html); $msg = convert_html_to_text($msg_html); $msg = fix_newlines($msg); // Replace regular newlines with \r\n to match regular plaintext storage... but then get rid of any accidental \r\r\n outputs $msg = str_replace("\n", "\r\n", $msg); $msg = str_replace("\r\r\n", "\r\n", $msg); // Re-encode the message $msg = hesk_htmlspecialchars($msg); } else { $msg_html = hesk_makeURL($msg); $msg_html = nl2br($msg_html); } /* Get the latest reply_order */ $result = hesk_dbQuery('SELECT `reply_order` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'std_replies` ORDER BY `reply_order` DESC LIMIT 1'); $row = hesk_dbFetchRow($result); $my_order = isset($row[0]) ? intval($row[0]) + 10 : 10; hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` (`title`,`message`,`message_html`,`reply_order`) VALUES ('".hesk_dbEscape($savename)."','".hesk_dbEscape($msg)."','".hesk_dbEscape($msg_html)."','".intval($my_order)."')"); $_SESSION['canned']['selcat2'] = hesk_dbInsertID(); unset($_SESSION['canned']['what']); unset($_SESSION['canned']['name']); unset($_SESSION['canned']['msg']); unset($_SESSION['canned']['errors']); hesk_process_messages($hesklang['your_saved'],'manage_canned.php','SUCCESS'); } // End new_saved() function remove() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $mysaved = intval( hesk_GET('id') ) or hesk_error($hesklang['id_not_valid']); hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` WHERE `id`='".intval($mysaved)."'"); if (hesk_dbAffectedRows() != 1) { hesk_error("$hesklang[int_error]: $hesklang[reply_not_found]."); } hesk_process_messages($hesklang['saved_rem_full'],'manage_canned.php','SUCCESS'); } // End remove() function order_saved() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $replyid = intval( hesk_GET('replyid') ) or hesk_error($hesklang['reply_move_id']); $_SESSION['canned']['selcat2'] = $replyid; $reply_move = intval( hesk_GET('move') ); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` SET `reply_order`=`reply_order`+".intval($reply_move)." WHERE `id`='".intval($replyid)."'"); if (hesk_dbAffectedRows() != 1) {hesk_error("$hesklang[int_error]: $hesklang[reply_not_found].");} /* Update all category fields with new order */ $result = hesk_dbQuery('SELECT `id` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'std_replies` ORDER BY `reply_order` ASC'); $i = 10; while ($myreply=hesk_dbFetchAssoc($result)) { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."std_replies` SET `reply_order`=".intval($i)." WHERE `id`='".intval($myreply['id'])."'"); $i += 10; } header('Location: manage_canned.php'); exit(); } // End order_saved() ?>