From 4c1d710ef9317d0f85a89234b37e6144aff84c90 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Thu, 7 Jan 2016 16:59:36 +0000
Subject: [PATCH] files: Whitelist canned reply files

---
 include/class.ticket.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/class.ticket.php b/include/class.ticket.php
index fa5e7abe9..9cc637f55 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -2388,8 +2388,10 @@ implements RestrictedAccess, Threadable {
             return false;
         }
         $files = array();
-        foreach ($canned->attachments->getAll() as $file)
+        foreach ($canned->attachments->getAll() as $file) {
             $files[] = $file->file_id;
+            $_SESSION[':cannedFiles'][$file->file_id] = 1;
+        }
 
         if ($cfg->isRichTextEnabled())
             $response = new HtmlThreadEntryBody(
-- 
GitLab