diff --git a/client_domains.php b/client_domains.php index d46103751..4d9f4a0cd 100644 --- a/client_domains.php +++ b/client_domains.php @@ -72,6 +72,7 @@ $domain_webhost = intval($row['domain_webhost']); $domain_expire = nullable_htmlentities($row['domain_expire']); $domain_registrar_name = nullable_htmlentities($row['vendor_name']); + $domain_created_at = nullable_htmlentities($row['domain_created_at']); if (empty($domain_registrar_name)) { $domain_registrar_name = "-"; } @@ -82,7 +83,6 @@ if ($row) { $domain_webhost_name = nullable_htmlentities($row['vendor_name']); } - $domain_created_at = nullable_htmlentities($row['domain_created_at']); ?> diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php index c686c23f0..993d91b74 100644 --- a/cron_ticket_email_parser.php +++ b/cron_ticket_email_parser.php @@ -94,9 +94,9 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date // Prep ticket details $message = nl2br($message); - $message = mysqli_real_escape_string($mysqli, "Email from: $contact_email at $date:-

$message"); + $message_escaped = mysqli_real_escape_string($mysqli, "Email from: $contact_email at $date:-

$message"); - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message', ticket_priority = 'Low', ticket_status = 'Pending-Assignment', ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_client_id = $client_id"); + mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message_escaped', ticket_priority = 'Low', ticket_status = 'Pending-Assignment', ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_client_id = $client_id"); $id = mysqli_insert_id($mysqli); // Logging @@ -141,27 +141,16 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date // E-mail client notification that ticket has been created if ($config_ticket_client_general_notifications == 1) { - $email_subject = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"; - $email_body = "##- Please type your reply above this line -##

Hello, $contact_name

Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

Ticket: $config_ticket_prefix$ticket_number
Subject: $subject
Status: Open
https://$config_base_url/portal/ticket.php?id=$id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"; - - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_ticket_from_email, - $config_ticket_from_name, - $contact_email, - $contact_name, - $email_subject, - $email_body - ); - - if ($mail !== true) { - mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email'"); - mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail'"); - } + // Insert email into queue (first, escape vars) + $contact_email_escaped = sanitizeInput($contact_email); + $contact_name_escaped = sanitizeInput($contact_name); + $config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email); + $config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name); + + $subject_escaped = mysqli_escape_string($mysqli, "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"); + $body_escaped = mysqli_escape_string($mysqli, "##- Please type your reply above this line -##

Hello, $contact_name

Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

Ticket: $config_ticket_prefix$ticket_number
Subject: $subject
Status: Open
https://$config_base_url/portal/ticket.php?id=$id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"); + + mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); } @@ -173,8 +162,10 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date $client_row = mysqli_fetch_array($client_sql); $client_name = sanitizeInput($client_row['client_name']); - $details = removeEmoji($message); - $email_subject = "ITFlow - New Ticket - $client_name: $subject"; + // TODO: Fix Emojis and HTML opening tags sometimes breaking this "forwarding" + $details = removeEmoji($message_escaped); + + $email_subject = mysqli_escape_string($mysqli, "ITFlow - New Ticket - $client_name: $subject"); $email_body = "Hello,

This is a notification that a new ticket has been raised in ITFlow.
Client: $client_name
Priority: Low (email parsed)
Link: https://$config_base_url/ticket.php?ticket_id=$id

--------------------------------

$subject
$details"; mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$config_ticket_new_ticket_notification_email', email_recipient_name = 'ITFlow Agents', email_from = '$config_ticket_from_email', email_from_name = '$config_ticket_from_name', email_subject = '$email_subject', email_content = '$email_body'"); @@ -366,9 +357,17 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac $date = trim(mysqli_real_escape_string($mysqli, nullable_htmlentities(strip_tags($parser->getHeader('date'))))); $attachments = $parser->getAttachments(); + // Get the message content + // (first try HTML parsing, but switch to plain text if the email is empty/plain-text only) +// $message = $parser->getMessageBody('htmlEmbedded'); +// if (empty($message)) { +// echo "DEBUG: Switching to plain text parsing for this message ($subject)"; +// $message = $parser->getMessageBody('text'); +// } + + // TODO: Default to getting HTML and fallback to plaintext, but HTML emails seem to break the forward/agent notifications + $message = $parser->getMessageBody('text'); - // If below is enabled and up above is enabled text based emails get cut out - //$message = $parser->getMessageBody('htmlEmbedded'); // Check if we can identify a ticket number (in square brackets) if (preg_match("/\[$config_ticket_prefix\d+\]/", $subject, $ticket_number)) { @@ -407,14 +406,14 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac // Couldn't match this email to an existing ticket or an existing client contact // Checking to see if the sender domain matches a client website - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM clients WHERE client_website = '$from_domain' LIMIT 1")); + $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$from_domain' LIMIT 1")); - if ($row && $from_domain == $row['client_website']) { + if ($row && $from_domain == $row['domain_name']) { // We found a match - create a contact under this client and raise a ticket for them // Client details - $client_id = intval($row['client_id']); + $client_id = intval($row['domain_client_id']); // Contact details $password = password_hash(randomString(), PASSWORD_DEFAULT); diff --git a/functions.php b/functions.php index 112760061..5a047108a 100644 --- a/functions.php +++ b/functions.php @@ -516,7 +516,7 @@ function sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_ $smtp_auth = true; } - try{ + try { // Mail Server Settings $mail->CharSet = "UTF-8"; // Specify UTF-8 charset to ensure symbols ($/£) load correctly $mail->SMTPDebug = 0; // No Debugging @@ -712,13 +712,13 @@ function shortenClient($client) { // Break into words. $words = explode(' ', trim($cleaned)); - + $shortened = ''; // If there's only one word. if (count($words) == 1) { $word = $words[0]; - + if (strlen($word) <= 3) { return strtoupper($word); } @@ -753,22 +753,22 @@ function roundToNearest15($time) { // Extract hours, minutes, and seconds from the matched time string list(, $hours, $minutes, $seconds) = $matches; - + // Convert everything to seconds for easier calculation $totalSeconds = ($hours * 3600) + ($minutes * 60) + $seconds; - + // Calculate the remainder when divided by 900 seconds (15 minutes) $remainder = $totalSeconds % 900; - + if ($remainder > 450) { // If remainder is more than 7.5 minutes (450 seconds), round up $totalSeconds += (900 - $remainder); } else { // Else round down $totalSeconds -= $remainder; } - + // Convert total seconds to decimal hours $decimalHours = $totalSeconds / 3600; - + // Return the decimal hours return number_format($decimalHours, 2); -} \ No newline at end of file +} diff --git a/ticket.php b/ticket.php index 8228e9fdc..1ec5165d6 100644 --- a/ticket.php +++ b/ticket.php @@ -327,15 +327,15 @@ - -
-
-
- - + +
+
+
+ + +
-
@@ -483,13 +483,13 @@

Contact

- +
- + -
+
-
- $ticket_id ORDER BY ticket_id DESC LIMIT 1"; - $row = mysqli_fetch_assoc(mysqli_query($mysqli, $sql_prev_ticket)); + $prev_ticket_row = mysqli_fetch_assoc(mysqli_query($mysqli, $sql_prev_ticket)); - $prev_ticket_id = intval($row['ticket_id']); - $prev_ticket_subject = nullable_htmlentities($row['ticket_subject']); - $prev_ticket_status = nullable_htmlentities($row['ticket_status']); - ?> + if ($prev_ticket_row) { + $prev_ticket_id = intval($prev_ticket_row['ticket_id']); + $prev_ticket_subject = nullable_htmlentities($prev_ticket_row['ticket_subject']); + $prev_ticket_status = nullable_htmlentities($prev_ticket_row['ticket_status']); + ?> -
- Previous ticket: - -
-
- - Status: - - +
+
+ Previous ticket: + +
+
Status: - - -
- + + + + + +
+ + +
Add a Contact @@ -565,12 +569,12 @@ $sql_ticket_watchers = mysqli_query($mysqli, "SELECT * FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id ORDER BY watcher_email DESC"); while ($ticket_watcher_row = mysqli_fetch_array($sql_ticket_watchers)) { $ticket_watcher_email = nullable_htmlentities($ticket_watcher_row['watcher_email']); - ?> + ?>
- +
@@ -586,14 +590,14 @@
Updated:
- + - + $ticket_closed_by_display = nullable_htmlentities($row['user_name']); + ?> +
Closed by:
@@ -601,7 +605,7 @@ Feedback:
- +
Total time worked: @@ -613,13 +617,13 @@

Asset

- + - +
Add an Asset
- +
@@ -686,7 +690,7 @@ Ticket: $service_ticket_subject ($service_ticket_status)"; ?>

-
@@ -699,13 +703,13 @@
- +
- +

Vendor

@@ -784,14 +788,14 @@ Invoice Ticket Close Ticket
- +