1<?php 2/* Copyright (C) 2013-2016 Jean-François FERRY <hello@librethic.io> 3 * Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 3 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <https://www.gnu.org/licenses/>. 17 */ 18 19/** 20 * \file htdocs/public/ticket/view.php 21 * \ingroup ticket 22 * \brief Public file to show one ticket 23 */ 24 25if (!defined('NOCSRFCHECK')) { 26 define('NOCSRFCHECK', '1'); 27} 28// Do not check anti CSRF attack test 29if (!defined('NOREQUIREMENU')) { 30 define('NOREQUIREMENU', '1'); 31} 32// If there is no need to load and show top and left menu 33if (!defined("NOLOGIN")) { 34 define("NOLOGIN", '1'); 35} 36if (!defined('NOIPCHECK')) { 37 define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip 38} 39if (!defined('NOBROWSERNOTIF')) { 40 define('NOBROWSERNOTIF', '1'); 41} 42// If this page is public (can be called outside logged session) 43 44require '../../main.inc.php'; 45require_once DOL_DOCUMENT_ROOT.'/ticket/class/actions_ticket.class.php'; 46require_once DOL_DOCUMENT_ROOT.'/core/class/html.formticket.class.php'; 47require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; 48require_once DOL_DOCUMENT_ROOT.'/core/lib/ticket.lib.php'; 49require_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php'; 50require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; 51require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php'; 52 53// Load translation files required by the page 54$langs->loadLangs(array("companies", "other", "ticket")); 55 56// Get parameters 57$track_id = GETPOST('track_id', 'alpha'); 58$cancel = GETPOST('cancel', 'alpha'); 59$action = GETPOST('action', 'aZ09'); 60$email = GETPOST('email', 'email'); 61 62if (GETPOST('btn_view_ticket')) { 63 unset($_SESSION['email_customer']); 64} 65if (isset($_SESSION['email_customer'])) { 66 $email = $_SESSION['email_customer']; 67} 68 69$object = new ActionsTicket($db); 70 71 72/* 73 * Actions 74 */ 75 76if ($cancel) { 77 if (!empty($backtopage)) { 78 header("Location: ".$backtopage); 79 exit; 80 } 81 $action = 'view_ticket'; 82} 83 84if ($action == "view_ticket" || $action == "presend" || $action == "close" || $action == "confirm_public_close" || $action == "add_message") { 85 $error = 0; 86 $display_ticket = false; 87 if (!strlen($track_id)) { 88 $error++; 89 array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("TicketTrackId"))); 90 $action = ''; 91 } 92 if (!strlen($email)) { 93 $error++; 94 array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Email"))); 95 $action = ''; 96 } else { 97 if (!isValidEmail($email)) { 98 $error++; 99 array_push($object->errors, $langs->trans("ErrorEmailInvalid")); 100 $action = ''; 101 } 102 } 103 104 if (!$error) { 105 $ret = $object->fetch('', '', $track_id); 106 if ($ret && $object->dao->id > 0) { 107 // Check if emails provided is the one of author 108 $emailofticket = CMailFile::getValidAddress($object->dao->origin_email, 2); 109 if (strtolower($emailofticket) == strtolower($email)) { 110 $display_ticket = true; 111 $_SESSION['email_customer'] = $email; 112 } else { 113 // Check if emails provided is inside list of contacts 114 $contacts = $object->dao->liste_contact(-1, 'external'); 115 foreach ($contacts as $contact) { 116 if (strtolower($contact['email']) == strtolower($email)) { 117 $display_ticket = true; 118 $_SESSION['email_customer'] = $email; 119 break; 120 } else { 121 $display_ticket = false; 122 } 123 } 124 } 125 // Check email of thirdparty of ticket 126 if ($object->dao->fk_soc > 0 || $object->dao->socid > 0) { 127 $object->dao->fetch_thirdparty(); 128 if ($email == $object->dao->thirdparty->email) { 129 $display_ticket = true; 130 $_SESSION['email_customer'] = $email; 131 } 132 } 133 // Check if email is email of creator 134 if ($object->dao->fk_user_create > 0) { 135 $tmpuser = new User($db); 136 $tmpuser->fetch($object->dao->fk_user_create); 137 if (strtolower($email) == strtolower($tmpuser->email)) { 138 $display_ticket = true; 139 $_SESSION['email_customer'] = $email; 140 } 141 } 142 // Check if email is email of creator 143 if ($object->dao->fk_user_assign > 0 && $object->dao->fk_user_assign != $object->dao->fk_user_create) { 144 $tmpuser = new User($db); 145 $tmpuser->fetch($object->dao->fk_user_assign); 146 if (strtolower($email) == strtolower($tmpuser->email)) { 147 $display_ticket = true; 148 $_SESSION['email_customer'] = $email; 149 } 150 } 151 } else { 152 $error++; 153 array_push($object->errors, $langs->trans("ErrorTicketNotFound", $track_id)); 154 $action = ''; 155 } 156 } 157 158 if (!$error && $action == 'confirm_public_close' && $display_ticket) { 159 if ($object->dao->close($user)) { 160 setEventMessages($langs->trans('TicketMarkedAsClosed'), null, 'mesgs'); 161 162 $url = 'view.php?action=view_ticket&track_id='.GETPOST('track_id', 'alpha'); 163 header("Location: ".$url); 164 exit; 165 } else { 166 $action = ''; 167 setEventMessages($object->error, $object->errors, 'errors'); 168 } 169 } 170 171 if (!$error && $action == "add_message" && $display_ticket && GETPOSTISSET('btn_add_message')) { 172 // TODO Add message... 173 $ret = $object->dao->newMessage($user, $action, 0, 1); 174 175 176 177 178 if (!$error) { 179 $action = 'view_ticket'; 180 } 181 } 182 183 if ($error || $errors) { 184 setEventMessages($object->error, $object->errors, 'errors'); 185 if ($action == "add_message") { 186 $action = 'presend'; 187 } else { 188 $action = ''; 189 } 190 } 191} 192//var_dump($action); 193//$object->doActions($action); 194 195// Actions to send emails (for ticket, we need to manage the addfile and removefile only) 196$triggersendname = 'TICKET_SENTBYMAIL'; 197$paramname = 'id'; 198$autocopy = 'MAIN_MAIL_AUTOCOPY_TICKET_TO'; // used to know the automatic BCC to add 199$trackid = 'tic'.$object->id; 200include DOL_DOCUMENT_ROOT.'/core/actions_sendmails.inc.php'; 201 202 203 204/* 205 * View 206 */ 207 208$form = new Form($db); 209$formticket = new FormTicket($db); 210 211if (!$conf->global->TICKET_ENABLE_PUBLIC_INTERFACE) { 212 print '<div class="error">'.$langs->trans('TicketPublicInterfaceForbidden').'</div>'; 213 $db->close(); 214 exit(); 215} 216 217$arrayofjs = array(); 218$arrayofcss = array('/ticket/css/styles.css.php'); 219 220llxHeaderTicket($langs->trans("Tickets"), "", 0, 0, $arrayofjs, $arrayofcss); 221 222print '<div class="ticketpublicarea">'; 223 224if ($action == "view_ticket" || $action == "presend" || $action == "close" || $action == "confirm_public_close") { 225 if ($display_ticket) { 226 // Confirmation close 227 if ($action == 'close') { 228 print $form->formconfirm($_SERVER["PHP_SELF"]."?track_id=".$track_id, $langs->trans("CloseATicket"), $langs->trans("ConfirmCloseAticket"), "confirm_public_close", '', '', 1); 229 } 230 231 print '<div id="form_view_ticket" class="margintoponly">'; 232 233 print '<table class="ticketpublictable centpercent tableforfield">'; 234 235 // Ref 236 print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'; 237 print img_picto('', 'ticket', 'class="pictofixedwidth"'); 238 print dol_escape_htmltag($object->dao->ref); 239 print '</td></tr>'; 240 241 // Tracking ID 242 print '<tr><td>'.$langs->trans("TicketTrackId").'</td><td>'; 243 print dol_escape_htmltag($object->dao->track_id); 244 print '</td></tr>'; 245 246 // Subject 247 print '<tr><td>'.$langs->trans("Subject").'</td><td>'; 248 print '<span class="bold">'; 249 print dol_escape_htmltag($object->dao->subject); 250 print '</span>'; 251 print '</td></tr>'; 252 253 // Statut 254 print '<tr><td>'.$langs->trans("Status").'</td><td>'; 255 print $object->dao->getLibStatut(2); 256 print '</td></tr>'; 257 258 // Type 259 print '<tr><td>'.$langs->trans("Type").'</td><td>'; 260 print dol_escape_htmltag($object->dao->type_label); 261 print '</td></tr>'; 262 263 // Category 264 print '<tr><td>'.$langs->trans("Category").'</td><td>'; 265 if ($object->dao->category_label) { 266 print img_picto('', 'category', 'class="pictofixedwidth"'); 267 print dol_escape_htmltag($object->dao->category_label); 268 } 269 print '</td></tr>'; 270 271 // Severity 272 print '<tr><td>'.$langs->trans("Severity").'</td><td>'; 273 print dol_escape_htmltag($object->dao->severity_label); 274 print '</td></tr>'; 275 276 // Creation date 277 print '<tr><td>'.$langs->trans("DateCreation").'</td><td>'; 278 print dol_print_date($object->dao->datec, 'dayhour'); 279 print '</td></tr>'; 280 281 // Author 282 print '<tr><td>'.$langs->trans("Author").'</td><td>'; 283 if ($object->dao->fk_user_create > 0) { 284 $langs->load("users"); 285 $fuser = new User($db); 286 $fuser->fetch($object->dao->fk_user_create); 287 print img_picto('', 'user', 'class="pictofixedwidth"'); 288 print $fuser->getFullName($langs); 289 } else { 290 print img_picto('', 'email', 'class="pictofixedwidth"'); 291 print dol_escape_htmltag($object->dao->origin_email); 292 } 293 294 print '</td></tr>'; 295 296 // Read date 297 if (!empty($object->dao->date_read)) { 298 print '<tr><td>'.$langs->trans("TicketReadOn").'</td><td>'; 299 print dol_print_date($object->dao->date_read, 'dayhour'); 300 print '</td></tr>'; 301 } 302 303 // Close date 304 if (!empty($object->dao->date_close)) { 305 print '<tr><td>'.$langs->trans("TicketCloseOn").'</td><td>'; 306 print dol_print_date($object->dao->date_close, 'dayhour'); 307 print '</td></tr>'; 308 } 309 310 // User assigned 311 print '<tr><td>'.$langs->trans("AssignedTo").'</td><td>'; 312 if ($object->dao->fk_user_assign > 0) { 313 $fuser = new User($db); 314 $fuser->fetch($object->dao->fk_user_assign); 315 print img_picto('', 'user', 'class="pictofixedwidth"'); 316 print $fuser->getFullName($langs, 1); 317 } 318 print '</td></tr>'; 319 320 // Progression 321 print '<tr><td>'.$langs->trans("Progression").'</td><td>'; 322 print ($object->dao->progress > 0 ? dol_escape_htmltag($object->dao->progress) : '0').'%'; 323 print '</td></tr>'; 324 325 print '</table>'; 326 327 print '</div>'; 328 329 print '<div style="clear: both; margin-top: 1.5em;"></div>'; 330 331 if ($action == 'presend') { 332 print load_fiche_titre($langs->trans('TicketAddMessage'), '', 'conversation'); 333 334 $formticket = new FormTicket($db); 335 336 $formticket->action = "add_message"; 337 $formticket->track_id = $object->dao->track_id; 338 $formticket->id = $object->dao->id; 339 340 $formticket->param = array('track_id' => $object->dao->track_id, 'fk_user_create' => '-1', 'returnurl' => DOL_URL_ROOT.'/public/ticket/view.php'); 341 342 $formticket->withfile = 2; 343 $formticket->withcancel = 1; 344 345 $formticket->showMessageForm('100%'); 346 } 347 348 if ($action != 'presend') { 349 print '<form method="post" id="form_view_ticket_list" name="form_view_ticket_list" enctype="multipart/form-data" action="'.DOL_URL_ROOT.'/public/ticket/list.php">'; 350 print '<input type="hidden" name="token" value="'.newToken().'">'; 351 print '<input type="hidden" name="action" value="view_ticketlist">'; 352 print '<input type="hidden" name="track_id" value="'.$object->dao->track_id.'">'; 353 print '<input type="hidden" name="email" value="'.$_SESSION['email_customer'].'">'; 354 //print '<input type="hidden" name="search_fk_status" value="non_closed">'; 355 print "</form>\n"; 356 357 print '<div class="tabsAction">'; 358 359 // List ticket 360 print '<div class="inline-block divButAction"><a class="left" style="padding-right: 50px" href="javascript:$(\'#form_view_ticket_list\').submit();">'.$langs->trans('ViewMyTicketList').'</a></div>'; 361 362 if ($object->dao->fk_statut < Ticket::STATUS_CLOSED) { 363 // New message 364 print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=presend&mode=init&track_id='.$object->dao->track_id.'">'.$langs->trans('AddMessage').'</a></div>'; 365 366 // Close ticket 367 if ($object->dao->fk_statut >= Ticket::STATUS_NOT_READ && $object->dao->fk_statut < Ticket::STATUS_CLOSED) { 368 print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=close&track_id='.$object->dao->track_id.'">'.$langs->trans('CloseTicket').'</a></div>'; 369 } 370 } 371 372 print '</div>'; 373 } 374 375 // Message list 376 print load_fiche_titre($langs->trans('TicketMessagesList'), '', 'conversation'); 377 $object->viewTicketMessages(false, true, $object->dao); 378 } else { 379 print '<div class="error">Not Allowed<br><a href="'.$_SERVER['PHP_SELF'].'?track_id='.$object->dao->track_id.'" rel="nofollow noopener">'.$langs->trans('Back').'</a></div>'; 380 } 381} else { 382 print '<div class="center opacitymedium margintoponly marginbottomonly">'.$langs->trans("TicketPublicMsgViewLogIn").'</div>'; 383 384 print '<div id="form_view_ticket">'; 385 print '<form method="post" name="form_view_ticket" enctype="multipart/form-data" action="'.$_SERVER['PHP_SELF'].'">'; 386 print '<input type="hidden" name="token" value="'.newToken().'">'; 387 print '<input type="hidden" name="action" value="view_ticket">'; 388 389 print '<p><label for="track_id" style="display: inline-block; width: 30%; "><span class="fieldrequired">'.$langs->trans("TicketTrackId").'</span></label>'; 390 print '<input size="30" id="track_id" name="track_id" value="'.(GETPOST('track_id', 'alpha') ? GETPOST('track_id', 'alpha') : '').'" />'; 391 print '</p>'; 392 393 print '<p><label for="email" style="display: inline-block; width: 30%; "><span class="fieldrequired">'.$langs->trans('Email').'</span></label>'; 394 print '<input size="30" id="email" name="email" value="'.(GETPOST('email', 'alpha') ? GETPOST('email', 'alpha') : $_SESSION['customer_email']).'" />'; 395 print '</p>'; 396 397 print '<p style="text-align: center; margin-top: 1.5em;">'; 398 print '<input class="button" type="submit" name="btn_view_ticket" value="'.$langs->trans('ViewTicket').'" />'; 399 print "</p>\n"; 400 401 print "</form>\n"; 402 print "</div>\n"; 403} 404 405print "</div>"; 406 407// End of page 408htmlPrintOnlinePaymentFooter($mysoc, $langs, 0, $suffix, $object); 409 410llxFooter('', 'public'); 411 412$db->close(); 413