diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php
index c22a801e..e40b6afd 100644
--- a/cron_ticket_email_parser.php
+++ b/cron_ticket_email_parser.php
@@ -77,7 +77,270 @@ require_once "plugins/php-mime-mail-parser/Parser.php";
// Allowed attachment extensions
$allowed_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'csv', 'xls', 'xlsx', 'xlsm', 'zip', 'tar', 'gz');
-// ... [Your existing functions: addTicket(), addReply(), createMailboxFolder() remain unchanged] ...
+// Function to raise a new ticket for a given contact and email them confirmation (if configured)
+function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date, $subject, $message, $attachments, $original_message_file) {
+ global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_ticket_client_general_notifications, $config_ticket_new_ticket_notification_email, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $allowed_extensions;
+
+ $ticket_number_sql = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_ticket_next_number FROM settings WHERE company_id = 1"));
+ $ticket_number = intval($ticket_number_sql['config_ticket_next_number']);
+ $new_config_ticket_next_number = $ticket_number + 1;
+ mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
+
+ // Clean up the message
+ $message = trim($message); // Remove leading/trailing whitespace
+ $message = preg_replace('/\s+/', ' ', $message); // Replace multiple spaces with a single space
+ $message = nl2br($message); // Convert newlines to
+
+ // Wrap the message in a div with controlled line height
+ $message = "Email from: $contact_name <$contact_email> at $date:-
$message
";
+
+ $ticket_prefix_esc = mysqli_real_escape_string($mysqli, $config_ticket_prefix);
+ $message_esc = mysqli_real_escape_string($mysqli, $message);
+ $contact_email_esc = mysqli_real_escape_string($mysqli, $contact_email);
+ $client_id_esc = intval($client_id);
+
+ //Generate a unique URL key for clients to access
+ $url_key = randomString(156);
+
+ mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$ticket_prefix_esc', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message_esc', ticket_priority = 'Low', ticket_status = 1, ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_url_key = '$url_key', ticket_client_id = $client_id_esc");
+ $id = mysqli_insert_id($mysqli);
+
+ mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'Email parser: Client contact $contact_email_esc created ticket $ticket_prefix_esc$ticket_number ($subject_esc) ($id)', log_client_id = $client_id_esc");
+
+ mkdirMissing('uploads/tickets/');
+ $att_dir = "uploads/tickets/" . $id . "/";
+ mkdirMissing($att_dir);
+
+ rename("uploads/tmp/{$original_message_file}", "{$att_dir}/{$original_message_file}");
+ $original_message_file_esc = mysqli_real_escape_string($mysqli, $original_message_file);
+ mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = 'Original-parsed-email.eml', ticket_attachment_reference_name = '$original_message_file_esc', ticket_attachment_ticket_id = $id");
+
+ foreach ($attachments as $attachment) {
+ $att_name = $attachment->getFilename();
+ $att_extarr = explode('.', $att_name);
+ $att_extension = strtolower(end($att_extarr));
+
+ if (in_array($att_extension, $allowed_extensions)) {
+ $att_saved_filename = md5(uniqid(rand(), true)) . '.' . $att_extension;
+ $att_saved_path = $att_dir . $att_saved_filename;
+ file_put_contents($att_saved_path, $attachment->getContent());
+
+ $ticket_attachment_name = sanitizeInput($att_name);
+ $ticket_attachment_reference_name = sanitizeInput($att_saved_filename);
+
+ $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_name);
+ $ticket_attachment_reference_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_reference_name);
+ mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = '$ticket_attachment_name_esc', ticket_attachment_reference_name = '$ticket_attachment_reference_name_esc', ticket_attachment_ticket_id = $id");
+ } else {
+ $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $att_name);
+ mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Update', log_description = 'Email parser: Blocked attachment $ticket_attachment_name_esc from Client contact $contact_email_esc for ticket $ticket_prefix_esc$ticket_number', log_client_id = $client_id_esc");
+ }
+ }
+
+ $data = [];
+ if ($config_ticket_client_general_notifications == 1) {
+ $subject_email = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject";
+ $body = "##- Please type your reply above this line -##
Hello $contact_name,
Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.
Ticket: $config_ticket_prefix$ticket_number
Subject: $subject
Status: New
https://$config_base_url/portal/ticket.php?id=$id
--
$company_name - Support
$config_ticket_from_email
$company_phone";
+ $data[] = [
+ 'from' => $config_ticket_from_email,
+ 'from_name' => $config_ticket_from_name,
+ 'recipient' => $contact_email,
+ 'recipient_name' => $contact_name,
+ 'subject' => $subject_email,
+ 'body' => mysqli_real_escape_string($mysqli, $body)
+ ];
+ }
+
+ if ($config_ticket_new_ticket_notification_email) {
+ if ($client_id == 0){
+ $client_name = "Guest";
+ } else {
+ $client_sql = mysqli_query($mysqli, "SELECT client_name FROM clients WHERE client_id = $client_id");
+ $client_row = mysqli_fetch_array($client_sql);
+ $client_name = sanitizeInput($client_row['client_name']);
+ }
+ $email_subject = "$config_app_name - New Ticket - $client_name: $subject";
+ $email_body = "Hello,
This is a notification that a new ticket has been raised in ITFlow.
Client: $client_name
Priority: Low (email parsed)
Link: https://$config_base_url/ticket.php?ticket_id=$id
--------------------------------
$subject
$message";
+
+ $data[] = [
+ 'from' => $config_ticket_from_email,
+ 'from_name' => $config_ticket_from_name,
+ 'recipient' => $config_ticket_new_ticket_notification_email,
+ 'recipient_name' => $config_ticket_from_name,
+ 'subject' => $email_subject,
+ 'body' => mysqli_real_escape_string($mysqli, $email_body)
+ ];
+ }
+
+ addToMailQueue($mysqli, $data);
+
+ // Custom action/notif handler
+ customAction('ticket_create', $id);
+
+ return true;
+}
+
+// Add Reply Function
+function addReply($from_email, $date, $subject, $ticket_number, $message, $attachments) {
+ global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $allowed_extensions;
+
+ $ticket_reply_type = 'Client';
+ // Clean up the message
+ $message_parts = explode("##- Please type your reply above this line -##", $message);
+ $message_body = $message_parts[0];
+ $message_body = trim($message_body); // Remove leading/trailing whitespace
+ $message_body = preg_replace('/\r\n|\r|\n/', ' ', $message_body); // Replace newlines with a space
+ $message_body = nl2br($message_body); // Convert remaining newlines to
+
+ // Wrap the message in a div with controlled line height
+ $message = "Email from: $from_email at $date:-
$message_body
";
+
+ $ticket_number_esc = intval($ticket_number);
+ $message_esc = mysqli_real_escape_string($mysqli, $message);
+ $from_email_esc = mysqli_real_escape_string($mysqli, $from_email);
+
+ $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT ticket_id, ticket_subject, ticket_status, ticket_contact_id, ticket_client_id, contact_email, client_name
+ FROM tickets
+ LEFT JOIN contacts on tickets.ticket_contact_id = contacts.contact_id
+ LEFT JOIN clients on tickets.ticket_client_id = clients.client_id
+ WHERE ticket_number = $ticket_number_esc LIMIT 1"));
+
+ if ($row) {
+ $ticket_id = intval($row['ticket_id']);
+ $ticket_subject = sanitizeInput($row['ticket_subject']);
+ $ticket_status = sanitizeInput($row['ticket_status']);
+ $ticket_reply_contact = intval($row['ticket_contact_id']);
+ $ticket_contact_email = sanitizeInput($row['contact_email']);
+ $client_id = intval($row['ticket_client_id']);
+ $client_name = sanitizeInput($row['client_name']);
+
+ if ($ticket_status == 5) {
+ $config_ticket_prefix_esc = mysqli_real_escape_string($mysqli, $config_ticket_prefix);
+ $ticket_number_esc = mysqli_real_escape_string($mysqli, $ticket_number);
+ $ticket_id_esc = intval($ticket_id);
+ $client_id_esc = intval($client_id);
+
+ mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Ticket', notification = 'Email parser: $from_email attempted to re-open ticket $config_ticket_prefix_esc$ticket_number_esc (ID $ticket_id_esc) - check inbox manually to see email', notification_action = 'ticket.php?ticket_id=$ticket_id_esc', notification_client_id = $client_id_esc");
+
+ $email_subject = "Action required: This ticket is already closed";
+ $email_body = "Hi there,
You've tried to reply to a ticket that is closed - we won't see your response.
Please raise a new ticket by sending a new e-mail to our support address below.
--
$company_name - Support
$config_ticket_from_email
$company_phone";
+
+ $data = [
+ [
+ 'from' => $config_ticket_from_email,
+ 'from_name' => $config_ticket_from_name,
+ 'recipient' => $from_email,
+ 'recipient_name' => $from_email,
+ 'subject' => $email_subject,
+ 'body' => mysqli_real_escape_string($mysqli, $email_body)
+ ]
+ ];
+
+ addToMailQueue($mysqli, $data);
+
+ return true;
+ }
+
+ if (empty($ticket_contact_email) || $ticket_contact_email !== $from_email) {
+ $from_email_esc = mysqli_real_escape_string($mysqli, $from_email);
+ $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT contact_id FROM contacts WHERE contact_email = '$from_email_esc' AND contact_client_id = $client_id LIMIT 1"));
+ if ($row) {
+ $ticket_reply_contact = intval($row['contact_id']);
+ } else {
+ $ticket_reply_type = 'Internal';
+ $ticket_reply_contact = '0';
+ $message = "WARNING: Contact email mismatch
$message";
+ $message_esc = mysqli_real_escape_string($mysqli, $message);
+ }
+ }
+
+ mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = '$message_esc', ticket_reply_type = '$ticket_reply_type', ticket_reply_time_worked = '00:00:00', ticket_reply_by = $ticket_reply_contact, ticket_reply_ticket_id = $ticket_id");
+ $reply_id = mysqli_insert_id($mysqli);
+
+ mkdirMissing('uploads/tickets/');
+ foreach ($attachments as $attachment) {
+ $att_name = $attachment->getFilename();
+ $att_extarr = explode('.', $att_name);
+ $att_extension = strtolower(end($att_extarr));
+
+ if (in_array($att_extension, $allowed_extensions)) {
+ $att_saved_filename = md5(uniqid(rand(), true)) . '.' . $att_extension;
+ $att_saved_path = "uploads/tickets/" . $ticket_id . "/" . $att_saved_filename;
+ file_put_contents($att_saved_path, $attachment->getContent());
+
+ $ticket_attachment_name = sanitizeInput($att_name);
+ $ticket_attachment_reference_name = sanitizeInput($att_saved_filename);
+
+ $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_name);
+ $ticket_attachment_reference_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_reference_name);
+ mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = '$ticket_attachment_name_esc', ticket_attachment_reference_name = '$ticket_attachment_reference_name_esc', ticket_attachment_reply_id = $reply_id, ticket_attachment_ticket_id = $ticket_id");
+ } else {
+ $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $att_name);
+ mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Update', log_description = 'Email parser: Blocked attachment $ticket_attachment_name_esc from Client contact $from_email_esc for ticket $config_ticket_prefix$ticket_number_esc', log_client_id = $client_id");
+ }
+ }
+
+ $ticket_assigned_to_sql = mysqli_query($mysqli, "SELECT ticket_assigned_to FROM tickets WHERE ticket_id = $ticket_id LIMIT 1");
+
+ if ($ticket_assigned_to_sql) {
+ $row = mysqli_fetch_array($ticket_assigned_to_sql);
+ $ticket_assigned_to = intval($row['ticket_assigned_to']);
+
+ if ($ticket_assigned_to) {
+ $tech_sql = mysqli_query($mysqli, "SELECT user_email, user_name FROM users WHERE user_id = $ticket_assigned_to LIMIT 1");
+ $tech_row = mysqli_fetch_array($tech_sql);
+ $tech_email = sanitizeInput($tech_row['user_email']);
+ $tech_name = sanitizeInput($tech_row['user_name']);
+
+ $email_subject = "$config_app_name - Ticket updated - [$config_ticket_prefix$ticket_number] $ticket_subject";
+ $email_body = "Hello $tech_name,
A new reply has been added to the below ticket, check ITFlow for full details.
Client: $client_name
Ticket: $config_ticket_prefix$ticket_number
Subject: $ticket_subject
https://$config_base_url/ticket.php?ticket_id=$ticket_id";
+
+ $data = [
+ [
+ 'from' => $config_ticket_from_email,
+ 'from_name' => $config_ticket_from_name,
+ 'recipient' => $tech_email,
+ 'recipient_name' => $tech_name,
+ 'subject' => mysqli_real_escape_string($mysqli, $email_subject),
+ 'body' => mysqli_real_escape_string($mysqli, $email_body)
+ ]
+ ];
+
+ addToMailQueue($mysqli, $data);
+ }
+ }
+
+ mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 2, ticket_resolved_at = NULL WHERE ticket_id = $ticket_id AND ticket_client_id = $client_id LIMIT 1");
+
+ mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Update', log_description = 'Email parser: Client contact $from_email_esc updated ticket $config_ticket_prefix$ticket_number_esc ($subject)', log_client_id = $client_id");
+
+ customAction('ticket_reply_client', $ticket_id);
+
+ return true;
+
+ } else {
+ return false;
+ }
+}
+
+// Function to create a folder in the mailbox if it doesn't exist
+function createMailboxFolder($imap, $mailbox, $folderName) {
+ $folders = imap_list($imap, $mailbox, '*');
+ $folderExists = false;
+ if ($folders !== false) {
+ foreach ($folders as $folder) {
+ $folder = str_replace($mailbox, '', $folder);
+ if ($folder == $folderName) {
+ $folderExists = true;
+ break;
+ }
+ }
+ }
+ if (!$folderExists) {
+ imap_createmailbox($imap, $mailbox . imap_utf7_encode($folderName));
+ imap_subscribe($imap, $mailbox . $folderName);
+ }
+}
// Initialize IMAP connection
$validate_cert = true; // or false based on your configuration