diff --git a/js/app.js b/js/app.js index c751288c..af414a97 100644 --- a/js/app.js +++ b/js/app.js @@ -277,6 +277,23 @@ tinymce.init({ } }); +// Initialize TinyMCE editor with only a redact button +tinymce.init({ + selector: '.tinymceTicketRedact', + browser_spellcheck: false, + contextmenu: false, + resize: true, + min_height: 300, + max_height: 500, + promotion: false, + branding: false, + menubar: false, + statusbar: false, + license_key: 'gpl', + readonly: true, + toolbar: '', +}); + // DateTime $('.datetimepicker').datetimepicker({ }); diff --git a/js/ticket_redact.js b/js/ticket_redact.js new file mode 100644 index 00000000..78e71a74 --- /dev/null +++ b/js/ticket_redact.js @@ -0,0 +1,15 @@ +// Redact the selected text in TinyMCE +function redactSelectedText() { + const editor = tinymce.get('tinymceTicketRedact'); // Get TinyMCE editor instance + const selectedText = editor.selection.getContent(); // Get selected content + + if (selectedText) { + // Wrap the selected text with a redacted span + const redactedNode = `[REDACTED]`; + + // Replace the selected text with the redacted span + editor.selection.setContent(redactedNode); + } else { + alert('Please select some text to redact.'); + } +} diff --git a/post/user/ticket.php b/post/user/ticket.php index f66db5f0..aabb6701 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -1572,6 +1572,29 @@ if (isset($_GET['archive_ticket_reply'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } +if (isset($_POST['redact_ticket_reply'])) { + + // Perms - Admins only + if (!isset($session_is_admin) || !$session_is_admin) { + exit(WORDING_ROLECHECK_FAILED . "
Tell your admin: Your role does not have admin access."); + } + validateCSRFToken($_POST['csrf_token']); + + $ticket_id = intval($_POST['ticket_id']); + $ticket_reply_id = intval($_POST['ticket_reply_id']); + $ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']); + $client_id = intval($_POST['client_id']); + + mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_ticket_id = $ticket_id"); + + // Logging + logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id); + + $_SESSION['alert_message'] = "Ticket reply redacted"; + + header("Location: ticket_redact.php?ticket_id=" . $ticket_id); +} + if (isset($_POST['merge_ticket'])) { enforceUserPermission('module_support', 2); diff --git a/ticket.php b/ticket.php index 3053ebf6..ad38af55 100644 --- a/ticket.php +++ b/ticket.php @@ -338,19 +338,19 @@ if (isset($_GET['ticket_id'])) {
    -
  1. - -
    2. -
  2. - Tickets -
    3. +
  3. + +
    4. +
  4. + Tickets +
    5. -
  5. - Tickets -
    6. -
  6. - -
    7. +
  7. + Tickets +
    8. +
  8. + +
@@ -371,90 +371,96 @@ if (isset($_GET['ticket_id'])) { = 2) { ?>
-
+
- - - - - = 2) { ?> - - Invoice - - - - - - Reopen - - - - - - Resolve - - - - - - Close - - - -
- -
- + + = 2) { ?> + + Invoice + + + + Redact + + + + + + Reopen + + + + + + Resolve + + + + + + Close + + + +
+ +
+ - Edit - - - Merge - - -
- Edit + + + Merge + + +
+ - Add Contact - - - Add Asset - - - Add Vendor - - - Add Watcher - - -
- - Change Client - - + Add Contact + + + Add Asset + + + Add Vendor + + + Add Watcher + +
- - Delete + + Change Client - + +
+ + Delete + + +
-
- + +
-
@@ -476,7 +482,7 @@ if (isset($_GET['ticket_id'])) { $ticket_closed_by_display = 'User'; if (!empty($ticket_closed_by)) { - $sql_closed_by = mysqli_query($mysqli, "SELECT * FROM tickets, users WHERE ticket_closed_by = user_id"); + $sql_closed_by = mysqli_query($mysqli, "SELECT user_name FROM users WHERE user_id = $ticket_closed_by"); $row = mysqli_fetch_array($sql_closed_by); $ticket_closed_by_display = nullable_htmlentities($row['user_name']); } @@ -498,9 +504,9 @@ if (isset($_GET['ticket_id'])) {
+ data-toggle = "ajax-modal" + data-ajax-url = "ajax/ajax_ticket_assign.php" + data-ajax-id = "">
@@ -513,11 +519,11 @@ if (isset($_GET['ticket_id'])) { = 2 && empty($ticket_closed_at)) { ?> - data-toggle = "ajax-modal" - data-ajax-url = "ajax/ajax_ticket_priority.php" - data-ajax-id = "" + data-toggle = "ajax-modal" + data-ajax-url = "ajax/ajax_ticket_priority.php" + data-ajax-id = "" - > + > @@ -539,10 +545,10 @@ if (isset($_GET['ticket_id'])) {
Ticket is + data-toggle = "ajax-modal" + data-ajax-url = "ajax/ajax_ticket_billable.php" + data-ajax-id = "" + > Billable"; @@ -789,11 +795,11 @@ if (isset($_GET['ticket_id'])) {
+ data-toggle = "ajax-modal" + data-modal-size = "lg" + data-ajax-url = "ajax/ajax_ticket_reply_edit.php" + data-ajax-id = "" + > Edit
@@ -846,9 +852,9 @@ if (isset($_GET['ticket_id'])) {
Contact
+ data-modal-size="lg" + data-ajax-url="ajax/ajax_contact_details.php" + data-ajax-id="">
@@ -880,21 +886,21 @@ if (isset($_GET['ticket_id'])) {
-
-
Contact
-
- +
+
Contact
+
+ = 2 && empty($ticket_closed_at)) { ?> - data-toggle = "ajax-modal" - data-ajax-url = "ajax/ajax_ticket_contact.php" - data-ajax-id = "" + data-toggle = "ajax-modal" + data-ajax-url = "ajax/ajax_ticket_contact.php" + data-ajax-id = "" > - No One - + No One + +
-
@@ -903,82 +909,82 @@ if (isset($_GET['ticket_id'])) { 0)) { ?>
- = 2) { ?> -
- -
-
- -
- + = 2) { ?> + + +
+
+ +
+ +
-
- - + + - - - - - - + + + + +
- - - = 2) { ?> - - - - - - - m - - - - -
- = 2) { ?> -
- -
- - Edit - - - - Mark incomplete - - -
- - Delete - -
-
+ + + + - - -
+ + + = 2) { ?> + + + - -
-
+ 		+ + m + - + + +
+ = 2) { ?> +
+ +
+ + Edit + + + + Mark incomplete + + +
+ + Delete + +
+
+ +
+
+
@@ -1015,10 +1021,10 @@ if (isset($_GET['ticket_id'])) {
Asset
@@ -1115,21 +1121,21 @@ require_once "includes/footer.php";