AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add ticket redaction feature

This commit is contained in:
wrongecho 2025-03-18 09:40:39 +00:00
parent ad9e4b4fb4
commit 6a8d2cf1d4
6 changed files with 560 additions and 251 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
js/app.js
View File

@ -277,6 +277,23 @@ tinymce.init({
}
});
// Initialize TinyMCE editor with only a redact button
tinymce.init({
selector: '.tinymceTicketRedact',
browser_spellcheck: false,
contextmenu: false,
resize: true,
min_height: 300,
max_height: 500,
promotion: false,
branding: false,
menubar: false,
statusbar: false,
license_key: 'gpl',
readonly: true,
toolbar: '',
});
// DateTime
$('.datetimepicker').datetimepicker({
});

15
js/ticket_redact.js Normal file
View File

@ -0,0 +1,15 @@
// Redact the selected text in TinyMCE
function redactSelectedText() {
const editor = tinymce.get('tinymceTicketRedact'); // Get TinyMCE editor instance
const selectedText = editor.selection.getContent(); // Get selected content
if (selectedText) {
// Wrap the selected text with a redacted span
const redactedNode = `<strong><span style="color: #e03e2d;">[REDACTED]</span></strong>`;
// Replace the selected text with the redacted span
editor.selection.setContent(redactedNode);
} else {
alert('Please select some text to redact.');
}
}

23
post/user/ticket.php
View File

@ -1572,6 +1572,29 @@ if (isset($_GET['archive_ticket_reply'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['redact_ticket_reply'])) {
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
validateCSRFToken($_POST['csrf_token']);
$ticket_id = intval($_POST['ticket_id']);
$ticket_reply_id = intval($_POST['ticket_reply_id']);
$ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']);
$client_id = intval($_POST['client_id']);
mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_ticket_id = $ticket_id");
// Logging
logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id);
$_SESSION['alert_message'] = "Ticket reply redacted";
header("Location: ticket_redact.php?ticket_id=" . $ticket_id);
}
if (isset($_POST['merge_ticket'])) {
enforceUserPermission('module_support', 2);

507
ticket.php
View File

@ -338,19 +338,19 @@ if (isset($_GET['ticket_id'])) {
<!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none">
<?php if (isset($_GET['client_id'])) { ?>
<li class="breadcrumb-item">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li>
<li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>">Tickets</a>
</li>
<li class="breadcrumb-item">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li>
<li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>">Tickets</a>
</li>
<?php } else { ?>
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li>
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li>
<?php } ?>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol>
@ -371,90 +371,96 @@ if (isset($_GET['ticket_id'])) {
<?php if (lookupUserPermission("module_support") >= 2) { ?>
<div class="card-tools d-print-none">
<div class="btn-toolbar">
<div class="btn-toolbar">
<?php if ($config_ai_enable == 1) { ?>
<button class="btn btn-info btn-sm ml-3" data-toggle="modal" data-target="#summaryModal">
<i class="fas fa-fw fa-lightbulb mr-2"></i>Summary
</button>
<?php } ?>
<?php if ($config_module_enable_accounting && $ticket_billable == 1 && empty($invoice_id) && lookupUserPermission("module_sales") >= 2) { ?>
<a href="#" class="btn btn-light btn-sm ml-3" href="#" data-toggle="modal" data-target="#addInvoiceFromTicketModal">
<i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice
</a>
<?php }
if (empty($ticket_closed_at)) { ?>
<?php if (!empty($ticket_resolved_at)) { ?>
<a href="post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-light btn-sm ml-3">
<i class="fas fa-fw fa-redo mr-2"></i>Reopen
</a>
<?php } ?>
<?php if (empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?resolve_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-check mr-2"></i>Resolve
</a>
<?php } ?>
<?php if (!empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?close_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-gavel mr-2"></i>Close
</a>
<?php } ?>
<div class="dropdown dropleft text-center ml-3">
<button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
<?php if ($config_ai_enable == 1) { ?>
<button class="btn btn-info btn-sm ml-3" data-toggle="modal" data-target="#summaryModal">
<i class="fas fa-fw fa-lightbulb mr-2"></i>Summary
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_edit.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
<?php } ?>
<?php if ($config_module_enable_accounting && $ticket_billable == 1 && empty($invoice_id) && lookupUserPermission("module_sales") >= 2) { ?>
<a href="#" class="btn btn-light btn-sm ml-3" href="#" data-toggle="modal" data-target="#addInvoiceFromTicketModal">
<i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice
</a>
<?php }
if (!empty($ticket_closed_at) && isset($session_is_admin) && $session_is_admin) { ?>
<a href="ticket_redact.php?ticket_id=<?php echo $ticket_id; ?>" class="btn btn-danger btn-sm ml-3">
<i class="fas fa-fw fa-marker mr-2"></i>Redact
</a>
<?php }
if (empty($ticket_closed_at)) { ?>
<?php if (empty($ticket_closed_at) && !empty($ticket_resolved_at)) { ?>
<a href="post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-light btn-sm ml-3">
<i class="fas fa-fw fa-redo mr-2"></i>Reopen
</a>
<?php } ?>
<?php if (empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?resolve_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-check mr-2"></i>Resolve
</a>
<?php } ?>
<?php if (!empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?close_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-gavel mr-2"></i>Close
</a>
<?php } ?>
<div class="dropdown dropleft text-center ml-3">
<button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_edit.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#mergeTicketModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-clone mr-2"></i>Merge
</a>
<?php if (empty($ticket_closed_at)) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#mergeTicketModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-clone mr-2"></i>Merge
</a>
<?php if (empty($ticket_closed_at)) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
>
<i class="fa fa-fw fa-user mr-2"></i>Add Contact
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketAssetModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-desktop mr-2"></i>Add Asset
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketVendorModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-building mr-2"></i>Add Vendor
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addTicketWatcherModal">
<i class="fas fa-fw fa-users mr-2"></i>Add Watcher
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="#" data-toggle="modal" id="clientChangeTicketModalLoad" data-target="#clientChangeTicketModal">
<i class="fas fa-fw fa-people-carry mr-2"></i>Change Client
</a>
<?php if (lookupUserPermission("module_support") == 3) { ?>
<i class="fa fa-fw fa-user mr-2"></i>Add Contact
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketAssetModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-desktop mr-2"></i>Add Asset
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketVendorModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-building mr-2"></i>Add Vendor
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addTicketWatcherModal">
<i class="fas fa-fw fa-users mr-2"></i>Add Watcher
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
<a class="dropdown-item" href="#" data-toggle="modal" id="clientChangeTicketModalLoad" data-target="#clientChangeTicketModal">
<i class="fas fa-fw fa-people-carry mr-2"></i>Change Client
</a>
<?php } ?>
<?php if (lookupUserPermission("module_support") == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
</div>
<?php } ?>
<?php } ?>
</div>
</div>
</div>
<?php } ?>
</div> <!-- Card Header -->
@ -476,7 +482,7 @@ if (isset($_GET['ticket_id'])) {
$ticket_closed_by_display = 'User';
if (!empty($ticket_closed_by)) {
$sql_closed_by = mysqli_query($mysqli, "SELECT * FROM tickets, users WHERE ticket_closed_by = user_id");
$sql_closed_by = mysqli_query($mysqli, "SELECT user_name FROM users WHERE user_id = $ticket_closed_by");
$row = mysqli_fetch_array($sql_closed_by);
$ticket_closed_by_display = nullable_htmlentities($row['user_name']);
}
@ -498,9 +504,9 @@ if (isset($_GET['ticket_id'])) {
<?php } else { ?>
<div class="mt-1">
<a href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_assign.php"
data-ajax-id = "<?php echo $ticket_id; ?>">
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_assign.php"
data-ajax-id = "<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-user mr-2 text-secondary"></i><?php echo $ticket_assigned_to_display; ?>
</a>
</div>
@ -513,11 +519,11 @@ if (isset($_GET['ticket_id'])) {
<i class="fa fa-fw fa-thermometer-half text-secondary mr-2"></i>
<a href="#"
<?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?>
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_priority.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_priority.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
<?php } ?>
>
>
<?php echo $ticket_priority_display; ?>
</a>
</div>
@ -539,10 +545,10 @@ if (isset($_GET['ticket_id'])) {
<div class="mt-1">
<i class="fa fa-fw fa-dollar-sign text-secondary mr-2"></i>Ticket is
<a href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_billable.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
>
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_billable.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
>
<?php
if ($ticket_billable == 1) {
echo "<span class='text-bold text-dark'>Billable</span>";
@ -789,11 +795,11 @@ if (isset($_GET['ticket_id'])) {
</button>
<div class="dropdown-menu">
<a class="dropdown-item"
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_reply_edit.php"
data-ajax-id = "<?php echo $ticket_reply_id; ?>"
>
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_reply_edit.php"
data-ajax-id = "<?php echo $ticket_reply_id; ?>"
>
<i class="fas fa-fw fa-edit text-secondary mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
@ -846,9 +852,9 @@ if (isset($_GET['ticket_id'])) {
<h5 class="text-secondary">Contact</h5>
<div>
<i class="fa fa-fw fa-user text-secondary mr-2"></i><a href="#" data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_contact_details.php"
data-ajax-id="<?php echo $contact_id; ?>"><strong><?php echo $contact_name; ?></strong>
data-modal-size="lg"
data-ajax-url="ajax/ajax_contact_details.php"
data-ajax-id="<?php echo $contact_id; ?>"><strong><?php echo $contact_name; ?></strong>
</a>
</div>
@ -880,21 +886,21 @@ if (isset($_GET['ticket_id'])) {
</div>
<?php } else { ?>
<div class="card card-body mb-3">
<h5 class="text-secondary">Contact</h5>
<div>
<i class="fa fa-fw fa-user text-secondary mr-2"></i>
<div class="card card-body mb-3">
<h5 class="text-secondary">Contact</h5>
<div>
<i class="fa fa-fw fa-user text-secondary mr-2"></i>
<a href="#"
<?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?>
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
<?php } ?>
>
<i>No One</i>
</a>
<i>No One</i>
</a>
</div>
</div>
</div>
<?php } ?>
<!-- End contact card -->
@ -903,82 +909,82 @@ if (isset($_GET['ticket_id'])) {
<?php if (empty($ticket_resolved_at) || (!empty($ticket_resolved_at) && $task_count > 0)) { ?>
<div class="card card-body">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>">
<div class="form-group">
<div class="input-group input-group-sm">
<input type="text" class="form-control" name="name" placeholder="Create Task">
<div class="input-group-append">
<button type="submit" name="add_task" class="btn btn-secondary">
<i class="fas fa-check"></i>
</button>
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>">
<div class="form-group">
<div class="input-group input-group-sm">
<input type="text" class="form-control" name="name" placeholder="Create Task">
<div class="input-group-append">
<button type="submit" name="add_task" class="btn btn-secondary">
<i class="fas fa-check"></i>
</button>
</div>
</div>
</div>
</div>
</form>
<?php } ?>
</form>
<?php } ?>
<table class="table table-sm">
<?php
while($row = mysqli_fetch_array($sql_tasks)){
$task_id = intval($row['task_id']);
$task_name = nullable_htmlentities($row['task_name']);
//$task_description = nullable_htmlentities($row['task_description']); // not in db yet
$task_completion_estimate = intval($row['task_completion_estimate']);
$task_completed_at = nullable_htmlentities($row['task_completed_at']);
?>
<tr data-task-id="<?php echo $task_id; ?>">
<td>
<?php if ($task_completed_at) { ?>
<i class="far fa-fw fa-check-square text-primary"></i>
<?php } elseif (lookupUserPermission("module_support") >= 2) { ?>
<a href="post.php?complete_task=<?php echo $task_id; ?>">
<i class="far fa-fw fa-square text-secondary"></i>
</a>
<?php } ?>
</td>
<td>
<a href="#" class="grab-cursor">
<span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
<span class="text-dark"> - <?php echo $task_name; ?></span>
</a>
</td>
<td>
<div class="float-right">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_task_edit.php"
data-ajax-id = "<?php echo $task_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($task_completed_at) { ?>
<a class="dropdown-item" href="post.php?undo_complete_task=<?php echo $task_id; ?>">
<i class="fas fa-fw fa-arrow-circle-left mr-2"></i>Mark incomplete
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
<table class="table table-sm">
<?php
while($row = mysqli_fetch_array($sql_tasks)){
$task_id = intval($row['task_id']);
$task_name = nullable_htmlentities($row['task_name']);
//$task_description = nullable_htmlentities($row['task_description']); // not in db yet
$task_completion_estimate = intval($row['task_completion_estimate']);
$task_completed_at = nullable_htmlentities($row['task_completed_at']);
?>
<tr data-task-id="<?php echo $task_id; ?>">
<td>
<?php if ($task_completed_at) { ?>
<i class="far fa-fw fa-check-square text-primary"></i>
<?php } elseif (lookupUserPermission("module_support") >= 2) { ?>
<a href="post.php?complete_task=<?php echo $task_id; ?>">
<i class="far fa-fw fa-square text-secondary"></i>
</a>
<?php } ?>
</div>
</td>
</tr>
<?php
}
?>
</table>
</div>
</td>
<td>
<a href="#" class="grab-cursor">
<span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
<span class="text-dark"> - <?php echo $task_name; ?></span>
</a>
</td>
<td>
<div class="float-right">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_task_edit.php"
data-ajax-id = "<?php echo $task_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($task_completed_at) { ?>
<a class="dropdown-item" href="post.php?undo_complete_task=<?php echo $task_id; ?>">
<i class="fas fa-fw fa-arrow-circle-left mr-2"></i>Mark incomplete
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
<?php } ?>
</div>
</td>
</tr>
<?php
}
?>
</table>
</div>
<?php } ?>
<!-- End Tasks Card -->
@ -1015,10 +1021,10 @@ if (isset($_GET['ticket_id'])) {
<h5 class="text-secondary">Asset</h5>
<div>
<a href="#"
data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_asset_details.php?<?php echo $client_url; ?>"
data-ajax-id="<?php echo $asset_id; ?>">
data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_asset_details.php?<?php echo $client_url; ?>"
data-ajax-id="<?php echo $asset_id; ?>">
<i class="fa fa-fw fa-desktop text-secondary mr-2"></i><strong><?php echo $asset_name; ?></strong>
</a>
</div>
@ -1115,21 +1121,21 @@ require_once "includes/footer.php";
<!-- Summary Modal -->
<div class="modal fade" id="summaryModal" tabindex="-1">
<div class="modal-dialog modal-lg" role="document">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title" id="summaryModalTitle">Ticket Summary</h5>
<button type="button" class="close text-white" data-dismiss="modal" aria-label="Close">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div id="summaryContent" class="text-center">
<i class="fas fa-spinner fa-spin"></i> Generating summary...
<div class="modal-dialog modal-lg" role="document">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title" id="summaryModalTitle">Ticket Summary</h5>
<button type="button" class="close text-white" data-dismiss="modal" aria-label="Close">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div id="summaryContent" class="text-center">
<i class="fas fa-spinner fa-spin"></i> Generating summary...
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script src="js/show_modals.js"></script>
@ -1145,58 +1151,57 @@ require_once "includes/footer.php";
<script src="js/pretty_content.js"></script>
<script>
$('#summaryModal').on('shown.bs.modal', function (e) {
// Perform AJAX request to get the summary
$.ajax({
url: 'post.php?ai_ticket_summary',
method: 'POST',
data: { ticket_id: <?php echo $ticket_id; ?> },
success: function(response) {
$('#summaryContent').html(response);
},
error: function() {
$('#summaryContent').html('Error generating summary.');
}
$('#summaryModal').on('shown.bs.modal', function (e) {
// Perform AJAX request to get the summary
$.ajax({
url: 'post.php?ai_ticket_summary',
method: 'POST',
data: { ticket_id: <?php echo $ticket_id; ?> },
success: function(response) {
$('#summaryContent').html(response);
},
error: function() {
$('#summaryContent').html('Error generating summary.');
}
});
});
});
</script>
<script src="plugins/dragula/dragula.min.js"></script>
<script>
$(document).ready(function() {
var container = $('.table tbody')[0];
$(document).ready(function() {
var container = $('.table tbody')[0];
dragula([container])
.on('drop', function (el, target, source, sibling) {
// Handle the drop event to update the order in the database
var rows = $(container).children();
var positions = rows.map(function(index, row) {
return {
id: $(row).data('taskId'),
order: index
};
}).get();
dragula([container])
.on('drop', function (el, target, source, sibling) {
// Handle the drop event to update the order in the database
var rows = $(container).children();
var positions = rows.map(function(index, row) {
return {
id: $(row).data('taskId'),
order: index
};
}).get();
//console.log('New positions:', positions);
//console.log('New positions:', positions);
// Send the new order to the server (example using fetch)
$.ajax({
url: 'ajax.php',
method: 'POST',
data: {
update_ticket_tasks_order: true,
ticket_id: <?php echo $ticket_id; ?>,
positions: positions
},
success: function(data) {
//console.log('Order updated:', data);
},
error: function(error) {
console.error('Error updating order:', error);
}
// Send the new order to the server (example using fetch)
$.ajax({
url: 'ajax.php',
method: 'POST',
data: {
update_ticket_tasks_order: true,
ticket_id: <?php echo $ticket_id; ?>,
positions: positions
},
success: function(data) {
//console.log('Order updated:', data);
},
error: function(error) {
console.error('Error updating order:', error);
}
});
});
});
});
});
</script>

127
ticket_redact.php Normal file
View File

@ -0,0 +1,127 @@
<?php
require_once "includes/inc_all.php";
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_id'])) {
$ticket_id = intval($_GET['ticket_id']);
$ticket_sql = mysqli_query(
$mysqli,
"SELECT ticket_prefix, ticket_number, ticket_subject, ticket_details FROM tickets
WHERE ticket_id = $ticket_id AND ticket_closed_at IS NOT NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$ticket_row = mysqli_fetch_array($ticket_sql);
$ticket_prefix = nullable_htmlentities($ticket_row['ticket_prefix']);
$ticket_number = intval($ticket_row['ticket_number']);
$ticket_subject = nullable_htmlentities($ticket_row['ticket_subject']);
$ticket_details = $purifier->purify($ticket_row['ticket_details']);
// Get ticket replies
$sql_ticket_replies = mysqli_query(
$mysqli,
"SELECT * FROM ticket_replies
LEFT JOIN users ON ticket_reply_by = user_id
LEFT JOIN contacts ON ticket_reply_by = contact_id
WHERE ticket_reply_ticket_id = $ticket_id
AND ticket_reply_archived_at IS NULL
ORDER BY ticket_reply_id DESC"
);
?>
<!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol>
<div class="card">
<div class="card-header">
<div class="card-title">
<i class="fa fa-2x fa-fw fa fa-life-ring text-secondary mr-2"></i>
<span class="h3"><?php echo "$ticket_prefix$ticket_number - $ticket_subject"; ?></span>
</div>
</div>
</div>
<!-- Ticket details -->
<div class="card">
<div class="card-header">
<div class="card-title">
Ticket Details
</div>
</div>
<div class="card-body prettyContent">
<?php echo $ticket_details ?>
</div>
</div>
<!-- End Ticket details -->
<hr>
<?php
// Cycle though all ticket replies
while ($row = mysqli_fetch_array($sql_ticket_replies)) {
$ticket_reply_id = intval($row['ticket_reply_id']);
$ticket_reply = $purifier->purify($row['ticket_reply']);
$ticket_reply_type = nullable_htmlentities($row['ticket_reply_type']);
if ($ticket_reply_type == "Client") {
$ticket_reply_by_display = nullable_htmlentities($row['contact_name']);
} else {
$ticket_reply_by_display = nullable_htmlentities($row['user_name']);
} ?>
<div class="card">
<div class="card-header">
<div class="card-title">
<?php echo ucfirst($ticket_reply_type) ?> ticket reply by <?php echo $ticket_reply_by_display ?>
</div>
<div class="float-right">
<a href="ticket_redact_details.php?ticket_id=<?php echo $ticket_id; ?>&ticket_reply_id=<?php echo $ticket_reply_id?>" class="btn btn-danger btn-sm ml-3">
<i class="fas fa-fw fa-marker mr-2"></i>Redact
</a>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $ticket_reply ?>
</div>
</div>
<?php }
// End ticket replies
} // End ticket row SQL
} else {
echo "No ticket ID specified";
}
require_once "includes/footer.php";
?>

122
ticket_redact_details.php Normal file
View File

@ -0,0 +1,122 @@
<?php
require_once "includes/inc_all.php";
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_id']) && isset($_GET['ticket_reply_id'])) {
$ticket_id = intval($_GET['ticket_id']);
$ticket_reply_id = intval($_GET['ticket_reply_id']);
$ticket_sql = mysqli_query(
$mysqli,
"SELECT ticket_prefix, ticket_number, ticket_subject, ticket_client_id FROM tickets
WHERE ticket_id = $ticket_id AND ticket_closed_at IS NOT NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$ticket_row = mysqli_fetch_array($ticket_sql);
$ticket_prefix = nullable_htmlentities($ticket_row['ticket_prefix']);
$ticket_number = intval($ticket_row['ticket_number']);
$ticket_subject = nullable_htmlentities($ticket_row['ticket_subject']);
$client_id = intval($ticket_row['ticket_client_id']);
// Get ticket reply
$sql_ticket_reply = mysqli_query(
$mysqli,
"SELECT * FROM ticket_replies
LEFT JOIN users ON ticket_reply_by = user_id
LEFT JOIN contacts ON ticket_reply_by = contact_id
WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_ticket_id = $ticket_id
AND ticket_reply_archived_at IS NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$reply_row = mysqli_fetch_array($sql_ticket_reply);
$ticket_reply = $purifier->purify($reply_row['ticket_reply']);
$ticket_reply_type = nullable_htmlentities($reply_row['ticket_reply_type']);
if ($ticket_reply_type == "Client") {
$ticket_reply_by_display = nullable_htmlentities($reply_row['contact_name']);
} else {
$ticket_reply_by_display = nullable_htmlentities($reply_row['user_name']);
} ?>
<!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol>
<div class="card">
<div class="card-header">
<div class="card-title">
<i class="fa fa-2x fa-fw fa fa-life-ring text-secondary mr-2"></i>
<span class="h3"><?php echo "$ticket_prefix$ticket_number - $ticket_subject: " . ucfirst($ticket_reply_type) . " ticket reply by $ticket_reply_by_display" ?></span>
</div>
</div>
</div>
<div class="card card-body d-print-none pb-0">
<form action="post.php" enctype="multipart/form-data" method="post">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id ?>">
<input type="hidden" name="ticket_reply_id" value="<?php echo $ticket_reply_id ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id ?>">
<div class="form-group">
<textarea id="tinymceTicketRedact" name="ticket_reply" class="form-control tinymceTicketRedact"><?php echo $ticket_reply?></textarea>
</div>
<div class="form-group">
<button onclick="redactSelectedText()" class="btn btn-secondary" type="button">Redact Selected Text</button>
</div>
<div class="form-group float-right">
<button type="submit" id="redact_ticket_reply" name="redact_ticket_reply" class="btn btn-success ml-3"><i class="fas fa-check mr-2"></i>Save</button>
</div>
</form>
</div>
<!-- Javascript for the redaction text editor -->
<script src="js/ticket_redact.js"></script>
<?php }
// End ticket replies
} // End ticket row SQL
} else {
echo "No ticket ID specified";
}
require_once "includes/footer.php";