1);
// What should we do?
if ( $action = hesk_REQUEST('a') )
{
if ($action == 'edit_sm') {edit_sm();}
elseif ( defined('HESK_DEMO') ) {hesk_process_messages($hesklang['ddemo'], 'service_messages.php', 'NOTICE');}
elseif ($action == 'new_sm') {new_sm();}
elseif ($action == 'save_sm') {save_sm();}
elseif ($action == 'order_sm') {order_sm();}
elseif ($action == 'remove_sm') {remove_sm();}
}
/* Print header */
require_once(HESK_PATH . 'inc/header.inc.php');
/* Print main manage users page */
require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
/* This will handle error, success and notice messages */
if (!hesk_SESSION(array('new_sm', 'errors'))) {
hesk_handle_messages();
}
// Get service messages from database
$res = hesk_dbQuery('SELECT * FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'service_messages` ORDER BY `order` ASC');
$num = hesk_dbNumRows($res);
?>
4 || $style < 0)
{
$style = 0;
}
$type = empty($_POST['type']) ? 0 : 1;
$language = hesk_input( hesk_POST('language') );
if ( ! isset($hesk_settings['languages'][$language]))
{
$language = '';
}
$title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
$message = $hesk_settings['kb_wysiwyg'] ? hesk_getHTML( hesk_POST('message') ) : nl2br( hesk_input( hesk_POST('message') ) );
// Clean the HTML code
require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
$message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer))
{
$_SESSION['edit_sm'] = true;
$_SESSION['new_sm'] = array(
'id' => $id,
'style' => $style,
'type' => $type,
'language' => $language,
'title' => $title,
'message' => hesk_input( hesk_POST('message') ),
'errors' => array('title')
);
$tmp = '';
foreach ($hesk_error_buffer as $error)
{
$tmp .= "$error\n";
}
$hesk_error_buffer = $tmp;
$hesk_error_buffer = $hesklang['rfm'].'
';
hesk_process_messages($hesk_error_buffer,'service_messages.php');
}
// Just preview the message?
if ( isset($_POST['sm_preview']) )
{
$_SESSION['preview_sm'] = true;
$_SESSION['edit_sm'] = true;
$_SESSION['new_sm'] = array(
'id' => $id,
'style' => $style,
'type' => $type,
'language' => $language,
'title' => $title,
'message' => hesk_input( hesk_POST('message') ),
'message_preview' => $message
);
header('Location: service_messages.php');
exit;
}
// Update the service message in the database
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET
`author` = '".intval($_SESSION['id'])."',
`title` = '".hesk_dbEscape($title)."',
`message` = '".hesk_dbEscape($message)."',
`language` = ".(strlen($language) ? "'".hesk_dbEscape($language)."'" : 'NULL').",
`style` = '{$style}',
`type` = '{$type}'
WHERE `id`={$id}");
$_SESSION['smord'] = $id;
hesk_process_messages($hesklang['sm_mdf'],'service_messages.php','SUCCESS');
} // End save_sm()
function edit_sm()
{
global $hesk_settings, $hesklang;
// Get service messageID
$id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
// Get details from the database
$res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id} LIMIT 1");
if ( hesk_dbNumRows($res) != 1 )
{
hesk_error($hesklang['sm_not_found']);
}
$sm = hesk_dbFetchAssoc($res);
// If we're in plain text mode, convert any HTML message safely to text
if ( ! $hesk_settings['kb_wysiwyg'])
{
// Clean the HTML code and set the plaintext version
require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
require(HESK_PATH . 'inc/html2text/html2text.php');
$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
$sm['message'] = $purifier->heskPurify($sm['message']);
$sm['message'] = convert_html_to_text($sm['message']);
$sm['message'] = fix_newlines($sm['message']);
}
$sm['message'] = hesk_htmlspecialchars($sm['message']);
$_SESSION['smord'] = $id;
$_SESSION['new_sm'] = $sm;
$_SESSION['edit_sm'] = true;
} // End edit_sm()
function order_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID and move parameters
$id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
$move = intval( hesk_GET('move') );
$_SESSION['smord'] = $id;
// Update article details
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=`order`+".intval($move)." WHERE `id`={$id}");
// Update order of all service messages
update_sm_order();
$_SESSION['smord'] = $id;
// Finish
header('Location: service_messages.php');
exit();
} // End order_sm()
function update_sm_order()
{
global $hesk_settings, $hesklang;
// Get list of current service messages
$res = hesk_dbQuery("SELECT `id` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` ASC");
// Update database
$i = 10;
while ( $sm = hesk_dbFetchAssoc($res) )
{
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` SET `order`=".intval($i)." WHERE `id`='".intval($sm['id'])."'");
$i += 10;
}
return true;
} // END update_sm_order()
function remove_sm()
{
global $hesk_settings, $hesklang;
// A security check
hesk_token_check();
// Get ID
$id = intval( hesk_GET('id') ) or hesk_error($hesklang['sm_e_id']);
// Delete the service message
hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` WHERE `id`={$id}");
// Were we successful?
if ( hesk_dbAffectedRows() == 1 )
{
hesk_process_messages($hesklang['sm_deleted'],'./service_messages.php','SUCCESS');
}
else
{
hesk_process_messages($hesklang['sm_not_found'],'./service_messages.php');
}
} // End remove_sm()
function new_sm()
{
global $hesk_settings, $hesklang, $listBox;
global $hesk_error_buffer;
// A security check
# hesk_token_check('POST');
$hesk_error_buffer = array();
$style = intval( hesk_POST('style', 0) );
if ($style > 4 || $style < 0)
{
$style = 0;
}
$type = empty($_POST['type']) ? 0 : 1;
$language = hesk_input( hesk_POST('language') );
if ( ! isset($hesk_settings['languages'][$language]))
{
$language = '';
}
$title = hesk_input( hesk_POST('title') ) or $hesk_error_buffer[] = $hesklang['sm_e_title'];
$message = $hesk_settings['kb_wysiwyg'] ? hesk_getHTML( hesk_POST('message') ) : nl2br( hesk_input( hesk_POST('message') ) );
// Clean the HTML code
require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
$purifier = new HeskHTMLPurifier($hesk_settings['cache_dir']);
$message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer))
{
$_SESSION['new_sm'] = array(
'style' => $style,
'type' => $type,
'language' => $language,
'title' => $title,
'message' => hesk_input( hesk_POST('message') ),
'errors' => array('title')
);
$tmp = '';
foreach ($hesk_error_buffer as $error)
{
$tmp .= "$error\n";
}
$hesk_error_buffer = $tmp;
$hesk_error_buffer = $hesklang['rfm'].'
';
hesk_process_messages($hesk_error_buffer,'service_messages.php');
}
// Just preview the message?
if ( isset($_POST['sm_preview']) )
{
$_SESSION['preview_sm'] = true;
$_SESSION['new_sm'] = array(
'style' => $style,
'type' => $type,
'language' => $language,
'title' => $title,
'message' => hesk_input( hesk_POST('message') ),
'message_preview' => $message
);
header('Location: service_messages.php');
exit;
}
// Get the latest service message order
$res = hesk_dbQuery("SELECT `order` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` ORDER BY `order` DESC LIMIT 1");
$row = hesk_dbFetchRow($res);
$my_order = isset($row[0]) ? intval($row[0]) + 10 : 10;
// Insert service message into database
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."service_messages` (`author`,`title`,`message`,`language`,`style`,`type`,`order`) VALUES (
'".intval($_SESSION['id'])."',
'".hesk_dbEscape($title)."',
'".hesk_dbEscape($message)."',
".(strlen($language) ? "'".hesk_dbEscape($language)."'" : 'NULL').",
'{$style}',
'{$type}',
'{$my_order}'
)");
$_SESSION['smord'] = hesk_dbInsertID();
hesk_process_messages($hesklang['sm_added'],'service_messages.php','SUCCESS');
} // End new_sm()
?>