AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-04 21:04:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ticket redaction feature

Browse Source
This commit is contained in:
wrongecho
2025-03-18 09:40:39 +00:00
parent ad9e4b4fb4
commit 6a8d2cf1d4
6 changed files with 560 additions and 251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
js/app.js
View File

@@ -277,6 +277,23 @@ tinymce.init({
} }
}); });
// Initialize TinyMCE editor with only a redact button
tinymce.init({
selector: '.tinymceTicketRedact',
browser_spellcheck: false,
contextmenu: false,
resize: true,
min_height: 300,
max_height: 500,
promotion: false,
branding: false,
menubar: false,
statusbar: false,
license_key: 'gpl',
readonly: true,
toolbar: '',
});
// DateTime // DateTime
$('.datetimepicker').datetimepicker({ $('.datetimepicker').datetimepicker({
}); });

15
js/ticket_redact.js Normal file
View File

@@ -0,0 +1,15 @@
// Redact the selected text in TinyMCE
function redactSelectedText() {
const editor = tinymce.get('tinymceTicketRedact'); // Get TinyMCE editor instance
const selectedText = editor.selection.getContent(); // Get selected content
if (selectedText) {
// Wrap the selected text with a redacted span
const redactedNode = `<strong><span style="color: #e03e2d;">[REDACTED]</span></strong>`;
// Replace the selected text with the redacted span
editor.selection.setContent(redactedNode);
} else {
alert('Please select some text to redact.');
}
}

23
post/user/ticket.php
View File

@@ -1572,6 +1572,29 @@ if (isset($_GET['archive_ticket_reply'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
} }
if (isset($_POST['redact_ticket_reply'])) {
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
validateCSRFToken($_POST['csrf_token']);
$ticket_id = intval($_POST['ticket_id']);
$ticket_reply_id = intval($_POST['ticket_reply_id']);
$ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']);
$client_id = intval($_POST['client_id']);
mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_ticket_id = $ticket_id");
// Logging
logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id);
$_SESSION['alert_message'] = "Ticket reply redacted";
header("Location: ticket_redact.php?ticket_id=" . $ticket_id);
}
if (isset($_POST['merge_ticket'])) { if (isset($_POST['merge_ticket'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);

507
ticket.php
View File

@@ -338,19 +338,19 @@ if (isset($_GET['ticket_id'])) {
<!-- Breadcrumbs--> <!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none"> <ol class="breadcrumb d-print-none">
<?php if (isset($_GET['client_id'])) { ?> <?php if (isset($_GET['client_id'])) { ?>
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a> <a href="client_overview.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li> </li>
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>">Tickets</a> <a href="tickets.php?client_id=<?php echo $client_id; ?>">Tickets</a>
</li> </li>
<?php } else { ?> <?php } else { ?>
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="tickets.php">Tickets</a> <a href="tickets.php">Tickets</a>
</li> </li>
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="tickets.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a> <a href="tickets.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
</li> </li>
<?php } ?> <?php } ?>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li> <li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol> </ol>
@@ -371,90 +371,96 @@ if (isset($_GET['ticket_id'])) {
<?php if (lookupUserPermission("module_support") >= 2) { ?> <?php if (lookupUserPermission("module_support") >= 2) { ?>
<div class="card-tools d-print-none"> <div class="card-tools d-print-none">
<div class="btn-toolbar"> <div class="btn-toolbar">
<?php if ($config_ai_enable == 1) { ?> <?php if ($config_ai_enable == 1) { ?>
<button class="btn btn-info btn-sm ml-3" data-toggle="modal" data-target="#summaryModal"> <button class="btn btn-info btn-sm ml-3" data-toggle="modal" data-target="#summaryModal">
<i class="fas fa-fw fa-lightbulb mr-2"></i>Summary <i class="fas fa-fw fa-lightbulb mr-2"></i>Summary
</button>
<?php } ?>
<?php if ($config_module_enable_accounting && $ticket_billable == 1 && empty($invoice_id) && lookupUserPermission("module_sales") >= 2) { ?>
<a href="#" class="btn btn-light btn-sm ml-3" href="#" data-toggle="modal" data-target="#addInvoiceFromTicketModal">
<i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice
</a>
<?php }
if (empty($ticket_closed_at)) { ?>
<?php if (!empty($ticket_resolved_at)) { ?>
<a href="post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-light btn-sm ml-3">
<i class="fas fa-fw fa-redo mr-2"></i>Reopen
</a>
<?php } ?>
<?php if (empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?resolve_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-check mr-2"></i>Resolve
</a>
<?php } ?>
<?php if (!empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?close_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-gavel mr-2"></i>Close
</a>
<?php } ?>
<div class="dropdown dropleft text-center ml-3">
<button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button> </button>
<div class="dropdown-menu"> <?php } ?>
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal" <?php if ($config_module_enable_accounting && $ticket_billable == 1 && empty($invoice_id) && lookupUserPermission("module_sales") >= 2) { ?>
data-modal-size = "lg" <a href="#" class="btn btn-light btn-sm ml-3" href="#" data-toggle="modal" data-target="#addInvoiceFromTicketModal">
data-ajax-url = "ajax/ajax_ticket_edit.php" <i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice
data-ajax-id = "<?php echo $ticket_id; ?>" </a>
<?php }
if (!empty($ticket_closed_at) && isset($session_is_admin) && $session_is_admin) { ?>
<a href="ticket_redact.php?ticket_id=<?php echo $ticket_id; ?>" class="btn btn-danger btn-sm ml-3">
<i class="fas fa-fw fa-marker mr-2"></i>Redact
</a>
<?php }
if (empty($ticket_closed_at)) { ?>
<?php if (empty($ticket_closed_at) && !empty($ticket_resolved_at)) { ?>
<a href="post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-light btn-sm ml-3">
<i class="fas fa-fw fa-redo mr-2"></i>Reopen
</a>
<?php } ?>
<?php if (empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?resolve_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-check mr-2"></i>Resolve
</a>
<?php } ?>
<?php if (!empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="post.php?close_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-dark btn-sm confirm-link ml-3" id="ticket_close">
<i class="fas fa-fw fa-gavel mr-2"></i>Close
</a>
<?php } ?>
<div class="dropdown dropleft text-center ml-3">
<button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_edit.php"
data-ajax-id = "<?php echo $ticket_id; ?>"
> >
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#mergeTicketModal<?php echo $ticket_id; ?>"> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#mergeTicketModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-clone mr-2"></i>Merge <i class="fas fa-fw fa-clone mr-2"></i>Merge
</a> </a>
<?php if (empty($ticket_closed_at)) { ?> <?php if (empty($ticket_closed_at)) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item" <a class="dropdown-item"
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php" data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>" data-ajax-id = "<?php echo $ticket_id; ?>"
> >
<i class="fa fa-fw fa-user mr-2"></i>Add Contact <i class="fa fa-fw fa-user mr-2"></i>Add Contact
</a> </a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketAssetModal<?php echo $ticket_id; ?>"> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketAssetModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-desktop mr-2"></i>Add Asset <i class="fas fa-fw fa-desktop mr-2"></i>Add Asset
</a> </a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketVendorModal<?php echo $ticket_id; ?>"> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketVendorModal<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-building mr-2"></i>Add Vendor <i class="fas fa-fw fa-building mr-2"></i>Add Vendor
</a> </a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addTicketWatcherModal"> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addTicketWatcherModal">
<i class="fas fa-fw fa-users mr-2"></i>Add Watcher <i class="fas fa-fw fa-users mr-2"></i>Add Watcher
</a> </a>
<?php } ?> <?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="#" data-toggle="modal" id="clientChangeTicketModalLoad" data-target="#clientChangeTicketModal">
<i class="fas fa-fw fa-people-carry mr-2"></i>Change Client
</a>
<?php if (lookupUserPermission("module_support") == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"> <a class="dropdown-item" href="#" data-toggle="modal" id="clientChangeTicketModalLoad" data-target="#clientChangeTicketModal">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-people-carry mr-2"></i>Change Client
</a> </a>
<?php } ?> <?php if (lookupUserPermission("module_support") == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div> </div>
</div> <?php } ?>
<?php } ?> </div>
</div> </div>
</div>
<?php } ?> <?php } ?>
</div> <!-- Card Header --> </div> <!-- Card Header -->
@@ -476,7 +482,7 @@ if (isset($_GET['ticket_id'])) {
$ticket_closed_by_display = 'User'; $ticket_closed_by_display = 'User';
if (!empty($ticket_closed_by)) { if (!empty($ticket_closed_by)) {
$sql_closed_by = mysqli_query($mysqli, "SELECT * FROM tickets, users WHERE ticket_closed_by = user_id"); $sql_closed_by = mysqli_query($mysqli, "SELECT user_name FROM users WHERE user_id = $ticket_closed_by");
$row = mysqli_fetch_array($sql_closed_by); $row = mysqli_fetch_array($sql_closed_by);
$ticket_closed_by_display = nullable_htmlentities($row['user_name']); $ticket_closed_by_display = nullable_htmlentities($row['user_name']);
} }
@@ -498,9 +504,9 @@ if (isset($_GET['ticket_id'])) {
<?php } else { ?> <?php } else { ?>
<div class="mt-1"> <div class="mt-1">
<a href="#" <a href="#"
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_assign.php" data-ajax-url = "ajax/ajax_ticket_assign.php"
data-ajax-id = "<?php echo $ticket_id; ?>"> data-ajax-id = "<?php echo $ticket_id; ?>">
<i class="fas fa-fw fa-user mr-2 text-secondary"></i><?php echo $ticket_assigned_to_display; ?> <i class="fas fa-fw fa-user mr-2 text-secondary"></i><?php echo $ticket_assigned_to_display; ?>
</a> </a>
</div> </div>
@@ -513,11 +519,11 @@ if (isset($_GET['ticket_id'])) {
<i class="fa fa-fw fa-thermometer-half text-secondary mr-2"></i> <i class="fa fa-fw fa-thermometer-half text-secondary mr-2"></i>
<a href="#" <a href="#"
<?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?> <?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?>
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_priority.php" data-ajax-url = "ajax/ajax_ticket_priority.php"
data-ajax-id = "<?php echo $ticket_id; ?>" data-ajax-id = "<?php echo $ticket_id; ?>"
<?php } ?> <?php } ?>
> >
<?php echo $ticket_priority_display; ?> <?php echo $ticket_priority_display; ?>
</a> </a>
</div> </div>
@@ -539,10 +545,10 @@ if (isset($_GET['ticket_id'])) {
<div class="mt-1"> <div class="mt-1">
<i class="fa fa-fw fa-dollar-sign text-secondary mr-2"></i>Ticket is <i class="fa fa-fw fa-dollar-sign text-secondary mr-2"></i>Ticket is
<a href="#" <a href="#"
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_billable.php" data-ajax-url = "ajax/ajax_ticket_billable.php"
data-ajax-id = "<?php echo $ticket_id; ?>" data-ajax-id = "<?php echo $ticket_id; ?>"
> >
<?php <?php
if ($ticket_billable == 1) { if ($ticket_billable == 1) {
echo "<span class='text-bold text-dark'>Billable</span>"; echo "<span class='text-bold text-dark'>Billable</span>";
@@ -789,11 +795,11 @@ if (isset($_GET['ticket_id'])) {
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item" <a class="dropdown-item"
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-modal-size = "lg" data-modal-size = "lg"
data-ajax-url = "ajax/ajax_ticket_reply_edit.php" data-ajax-url = "ajax/ajax_ticket_reply_edit.php"
data-ajax-id = "<?php echo $ticket_reply_id; ?>" data-ajax-id = "<?php echo $ticket_reply_id; ?>"
> >
<i class="fas fa-fw fa-edit text-secondary mr-2"></i>Edit <i class="fas fa-fw fa-edit text-secondary mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
@@ -846,9 +852,9 @@ if (isset($_GET['ticket_id'])) {
<h5 class="text-secondary">Contact</h5> <h5 class="text-secondary">Contact</h5>
<div> <div>
<i class="fa fa-fw fa-user text-secondary mr-2"></i><a href="#" data-toggle="ajax-modal" <i class="fa fa-fw fa-user text-secondary mr-2"></i><a href="#" data-toggle="ajax-modal"
data-modal-size="lg" data-modal-size="lg"
data-ajax-url="ajax/ajax_contact_details.php" data-ajax-url="ajax/ajax_contact_details.php"
data-ajax-id="<?php echo $contact_id; ?>"><strong><?php echo $contact_name; ?></strong> data-ajax-id="<?php echo $contact_id; ?>"><strong><?php echo $contact_name; ?></strong>
</a> </a>
</div> </div>
@@ -880,21 +886,21 @@ if (isset($_GET['ticket_id'])) {
</div> </div>
<?php } else { ?> <?php } else { ?>
<div class="card card-body mb-3"> <div class="card card-body mb-3">
<h5 class="text-secondary">Contact</h5> <h5 class="text-secondary">Contact</h5>
<div> <div>
<i class="fa fa-fw fa-user text-secondary mr-2"></i> <i class="fa fa-fw fa-user text-secondary mr-2"></i>
<a href="#" <a href="#"
<?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?> <?php if (lookupUserPermission("module_support") >= 2 && empty($ticket_closed_at)) { ?>
data-toggle = "ajax-modal" data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_contact.php" data-ajax-url = "ajax/ajax_ticket_contact.php"
data-ajax-id = "<?php echo $ticket_id; ?>" data-ajax-id = "<?php echo $ticket_id; ?>"
<?php } ?> <?php } ?>
> >
<i>No One</i> <i>No One</i>
</a> </a>
</div>
</div> </div>
</div>
<?php } ?> <?php } ?>
<!-- End contact card --> <!-- End contact card -->
@@ -903,82 +909,82 @@ if (isset($_GET['ticket_id'])) {
<?php if (empty($ticket_resolved_at) || (!empty($ticket_resolved_at) && $task_count > 0)) { ?> <?php if (empty($ticket_resolved_at) || (!empty($ticket_resolved_at) && $task_count > 0)) { ?>
<div class="card card-body"> <div class="card card-body">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?> <?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>"> <input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>">
<div class="form-group"> <div class="form-group">
<div class="input-group input-group-sm"> <div class="input-group input-group-sm">
<input type="text" class="form-control" name="name" placeholder="Create Task"> <input type="text" class="form-control" name="name" placeholder="Create Task">
<div class="input-group-append"> <div class="input-group-append">
<button type="submit" name="add_task" class="btn btn-secondary"> <button type="submit" name="add_task" class="btn btn-secondary">
<i class="fas fa-check"></i> <i class="fas fa-check"></i>
</button> </button>
</div>
</div> </div>
</div> </div>
</div> </form>
</form> <?php } ?>
<?php } ?>
<table class="table table-sm"> <table class="table table-sm">
<?php <?php
while($row = mysqli_fetch_array($sql_tasks)){ while($row = mysqli_fetch_array($sql_tasks)){
$task_id = intval($row['task_id']); $task_id = intval($row['task_id']);
$task_name = nullable_htmlentities($row['task_name']); $task_name = nullable_htmlentities($row['task_name']);
//$task_description = nullable_htmlentities($row['task_description']); // not in db yet //$task_description = nullable_htmlentities($row['task_description']); // not in db yet
$task_completion_estimate = intval($row['task_completion_estimate']); $task_completion_estimate = intval($row['task_completion_estimate']);
$task_completed_at = nullable_htmlentities($row['task_completed_at']); $task_completed_at = nullable_htmlentities($row['task_completed_at']);
?> ?>
<tr data-task-id="<?php echo $task_id; ?>"> <tr data-task-id="<?php echo $task_id; ?>">
<td> <td>
<?php if ($task_completed_at) { ?> <?php if ($task_completed_at) { ?>
<i class="far fa-fw fa-check-square text-primary"></i> <i class="far fa-fw fa-check-square text-primary"></i>
<?php } elseif (lookupUserPermission("module_support") >= 2) { ?> <?php } elseif (lookupUserPermission("module_support") >= 2) { ?>
<a href="post.php?complete_task=<?php echo $task_id; ?>"> <a href="post.php?complete_task=<?php echo $task_id; ?>">
<i class="far fa-fw fa-square text-secondary"></i> <i class="far fa-fw fa-square text-secondary"></i>
</a> </a>
<?php } ?>
</td>
<td>
<a href="#" class="grab-cursor">
<span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
<span class="text-dark"> - <?php echo $task_name; ?></span>
</a>
</td>
<td>
<div class="float-right">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_task_edit.php"
data-ajax-id = "<?php echo $task_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($task_completed_at) { ?>
<a class="dropdown-item" href="post.php?undo_complete_task=<?php echo $task_id; ?>">
<i class="fas fa-fw fa-arrow-circle-left mr-2"></i>Mark incomplete
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
<?php } ?> <?php } ?>
</div> </td>
</td> <td>
</tr> <a href="#" class="grab-cursor">
<?php <span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
} <span class="text-dark"> - <?php echo $task_name; ?></span>
?> </a>
</table> </td>
</div> <td>
<div class="float-right">
<?php if (empty($ticket_resolved_at) && lookupUserPermission("module_support") >= 2) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_task_edit.php"
data-ajax-id = "<?php echo $task_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($task_completed_at) { ?>
<a class="dropdown-item" href="post.php?undo_complete_task=<?php echo $task_id; ?>">
<i class="fas fa-fw fa-arrow-circle-left mr-2"></i>Mark incomplete
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
<?php } ?>
</div>
</td>
</tr>
<?php
}
?>
</table>
</div>
<?php } ?> <?php } ?>
<!-- End Tasks Card --> <!-- End Tasks Card -->
@@ -1015,10 +1021,10 @@ if (isset($_GET['ticket_id'])) {
<h5 class="text-secondary">Asset</h5> <h5 class="text-secondary">Asset</h5>
<div> <div>
<a href="#" <a href="#"
data-toggle="ajax-modal" data-toggle="ajax-modal"
data-modal-size="lg" data-modal-size="lg"
data-ajax-url="ajax/ajax_asset_details.php?<?php echo $client_url; ?>" data-ajax-url="ajax/ajax_asset_details.php?<?php echo $client_url; ?>"
data-ajax-id="<?php echo $asset_id; ?>"> data-ajax-id="<?php echo $asset_id; ?>">
<i class="fa fa-fw fa-desktop text-secondary mr-2"></i><strong><?php echo $asset_name; ?></strong> <i class="fa fa-fw fa-desktop text-secondary mr-2"></i><strong><?php echo $asset_name; ?></strong>
</a> </a>
</div> </div>
@@ -1115,21 +1121,21 @@ require_once "includes/footer.php";
<!-- Summary Modal --> <!-- Summary Modal -->
<div class="modal fade" id="summaryModal" tabindex="-1"> <div class="modal fade" id="summaryModal" tabindex="-1">
<div class="modal-dialog modal-lg" role="document"> <div class="modal-dialog modal-lg" role="document">
<div class="modal-content bg-dark"> <div class="modal-content bg-dark">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title" id="summaryModalTitle">Ticket Summary</h5> <h5 class="modal-title" id="summaryModalTitle">Ticket Summary</h5>
<button type="button" class="close text-white" data-dismiss="modal" aria-label="Close"> <button type="button" class="close text-white" data-dismiss="modal" aria-label="Close">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<div id="summaryContent" class="text-center"> <div id="summaryContent" class="text-center">
<i class="fas fa-spinner fa-spin"></i> Generating summary... <i class="fas fa-spinner fa-spin"></i> Generating summary...
</div>
</div>
</div> </div>
</div>
</div> </div>
</div>
</div> </div>
<script src="js/show_modals.js"></script> <script src="js/show_modals.js"></script>
@@ -1145,58 +1151,57 @@ require_once "includes/footer.php";
<script src="js/pretty_content.js"></script> <script src="js/pretty_content.js"></script>
<script> <script>
$('#summaryModal').on('shown.bs.modal', function (e) { $('#summaryModal').on('shown.bs.modal', function (e) {
// Perform AJAX request to get the summary // Perform AJAX request to get the summary
$.ajax({ $.ajax({
url: 'post.php?ai_ticket_summary', url: 'post.php?ai_ticket_summary',
method: 'POST', method: 'POST',
data: { ticket_id: <?php echo $ticket_id; ?> }, data: { ticket_id: <?php echo $ticket_id; ?> },
success: function(response) { success: function(response) {
$('#summaryContent').html(response); $('#summaryContent').html(response);
}, },
error: function() { error: function() {
$('#summaryContent').html('Error generating summary.'); $('#summaryContent').html('Error generating summary.');
} }
});
}); });
});
</script> </script>
<script src="plugins/dragula/dragula.min.js"></script> <script src="plugins/dragula/dragula.min.js"></script>
<script> <script>
$(document).ready(function() { $(document).ready(function() {
var container = $('.table tbody')[0]; var container = $('.table tbody')[0];
dragula([container]) dragula([container])
.on('drop', function (el, target, source, sibling) { .on('drop', function (el, target, source, sibling) {
// Handle the drop event to update the order in the database // Handle the drop event to update the order in the database
var rows = $(container).children(); var rows = $(container).children();
var positions = rows.map(function(index, row) { var positions = rows.map(function(index, row) {
return { return {
id: $(row).data('taskId'), id: $(row).data('taskId'),
order: index order: index
}; };
}).get(); }).get();
//console.log('New positions:', positions); //console.log('New positions:', positions);
// Send the new order to the server (example using fetch) // Send the new order to the server (example using fetch)
$.ajax({ $.ajax({
url: 'ajax.php', url: 'ajax.php',
method: 'POST', method: 'POST',
data: { data: {
update_ticket_tasks_order: true, update_ticket_tasks_order: true,
ticket_id: <?php echo $ticket_id; ?>, ticket_id: <?php echo $ticket_id; ?>,
positions: positions positions: positions
}, },
success: function(data) { success: function(data) {
//console.log('Order updated:', data); //console.log('Order updated:', data);
}, },
error: function(error) { error: function(error) {
console.error('Error updating order:', error); console.error('Error updating order:', error);
} }
});
}); });
}); });
});
</script> </script>

127
ticket_redact.php Normal file
View File

@@ -0,0 +1,127 @@
<?php
require_once "includes/inc_all.php";
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_id'])) {
$ticket_id = intval($_GET['ticket_id']);
$ticket_sql = mysqli_query(
$mysqli,
"SELECT ticket_prefix, ticket_number, ticket_subject, ticket_details FROM tickets
WHERE ticket_id = $ticket_id AND ticket_closed_at IS NOT NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$ticket_row = mysqli_fetch_array($ticket_sql);
$ticket_prefix = nullable_htmlentities($ticket_row['ticket_prefix']);
$ticket_number = intval($ticket_row['ticket_number']);
$ticket_subject = nullable_htmlentities($ticket_row['ticket_subject']);
$ticket_details = $purifier->purify($ticket_row['ticket_details']);
// Get ticket replies
$sql_ticket_replies = mysqli_query(
$mysqli,
"SELECT * FROM ticket_replies
LEFT JOIN users ON ticket_reply_by = user_id
LEFT JOIN contacts ON ticket_reply_by = contact_id
WHERE ticket_reply_ticket_id = $ticket_id
AND ticket_reply_archived_at IS NULL
ORDER BY ticket_reply_id DESC"
);
?>
<!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol>
<div class="card">
<div class="card-header">
<div class="card-title">
<i class="fa fa-2x fa-fw fa fa-life-ring text-secondary mr-2"></i>
<span class="h3"><?php echo "$ticket_prefix$ticket_number - $ticket_subject"; ?></span>
</div>
</div>
</div>
<!-- Ticket details -->
<div class="card">
<div class="card-header">
<div class="card-title">
Ticket Details
</div>
</div>
<div class="card-body prettyContent">
<?php echo $ticket_details ?>
</div>
</div>
<!-- End Ticket details -->
<hr>
<?php
// Cycle though all ticket replies
while ($row = mysqli_fetch_array($sql_ticket_replies)) {
$ticket_reply_id = intval($row['ticket_reply_id']);
$ticket_reply = $purifier->purify($row['ticket_reply']);
$ticket_reply_type = nullable_htmlentities($row['ticket_reply_type']);
if ($ticket_reply_type == "Client") {
$ticket_reply_by_display = nullable_htmlentities($row['contact_name']);
} else {
$ticket_reply_by_display = nullable_htmlentities($row['user_name']);
} ?>
<div class="card">
<div class="card-header">
<div class="card-title">
<?php echo ucfirst($ticket_reply_type) ?> ticket reply by <?php echo $ticket_reply_by_display ?>
</div>
<div class="float-right">
<a href="ticket_redact_details.php?ticket_id=<?php echo $ticket_id; ?>&ticket_reply_id=<?php echo $ticket_reply_id?>" class="btn btn-danger btn-sm ml-3">
<i class="fas fa-fw fa-marker mr-2"></i>Redact
</a>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $ticket_reply ?>
</div>
</div>
<?php }
// End ticket replies
} // End ticket row SQL
} else {
echo "No ticket ID specified";
}
require_once "includes/footer.php";
?>

122
ticket_redact_details.php Normal file
View File

@@ -0,0 +1,122 @@
<?php
require_once "includes/inc_all.php";
// Perms - Admins only
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_id']) && isset($_GET['ticket_reply_id'])) {
$ticket_id = intval($_GET['ticket_id']);
$ticket_reply_id = intval($_GET['ticket_reply_id']);
$ticket_sql = mysqli_query(
$mysqli,
"SELECT ticket_prefix, ticket_number, ticket_subject, ticket_client_id FROM tickets
WHERE ticket_id = $ticket_id AND ticket_closed_at IS NOT NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$ticket_row = mysqli_fetch_array($ticket_sql);
$ticket_prefix = nullable_htmlentities($ticket_row['ticket_prefix']);
$ticket_number = intval($ticket_row['ticket_number']);
$ticket_subject = nullable_htmlentities($ticket_row['ticket_subject']);
$client_id = intval($ticket_row['ticket_client_id']);
// Get ticket reply
$sql_ticket_reply = mysqli_query(
$mysqli,
"SELECT * FROM ticket_replies
LEFT JOIN users ON ticket_reply_by = user_id
LEFT JOIN contacts ON ticket_reply_by = contact_id
WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_ticket_id = $ticket_id
AND ticket_reply_archived_at IS NULL
LIMIT 1"
);
if (mysqli_num_rows($ticket_sql) == 0) {
echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1><a class='btn btn-lg btn-secondary mt-3' href='tickets.php'><i class='fa fa-fw fa-arrow-left'></i> Go Back</a></center>";
} else {
$reply_row = mysqli_fetch_array($sql_ticket_reply);
$ticket_reply = $purifier->purify($reply_row['ticket_reply']);
$ticket_reply_type = nullable_htmlentities($reply_row['ticket_reply_type']);
if ($ticket_reply_type == "Client") {
$ticket_reply_by_display = nullable_htmlentities($reply_row['contact_name']);
} else {
$ticket_reply_by_display = nullable_htmlentities($reply_row['user_name']);
} ?>
<!-- Breadcrumbs-->
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="tickets.php">Tickets</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-1"></i><?php echo "$ticket_prefix$ticket_number";?></li>
</ol>
<div class="card">
<div class="card-header">
<div class="card-title">
<i class="fa fa-2x fa-fw fa fa-life-ring text-secondary mr-2"></i>
<span class="h3"><?php echo "$ticket_prefix$ticket_number - $ticket_subject: " . ucfirst($ticket_reply_type) . " ticket reply by $ticket_reply_by_display" ?></span>
</div>
</div>
</div>
<div class="card card-body d-print-none pb-0">
<form action="post.php" enctype="multipart/form-data" method="post">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id ?>">
<input type="hidden" name="ticket_reply_id" value="<?php echo $ticket_reply_id ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id ?>">
<div class="form-group">
<textarea id="tinymceTicketRedact" name="ticket_reply" class="form-control tinymceTicketRedact"><?php echo $ticket_reply?></textarea>
</div>
<div class="form-group">
<button onclick="redactSelectedText()" class="btn btn-secondary" type="button">Redact Selected Text</button>
</div>
<div class="form-group float-right">
<button type="submit" id="redact_ticket_reply" name="redact_ticket_reply" class="btn btn-success ml-3"><i class="fas fa-check mr-2"></i>Save</button>
</div>
</form>
</div>
<!-- Javascript for the redaction text editor -->
<script src="js/ticket_redact.js"></script>
<?php }
// End ticket replies
} // End ticket row SQL
} else {
echo "No ticket ID specified";
}
require_once "includes/footer.php";