Merge branch 'feature/client-interface' into develop

assets/default/css/theme.css

@@ -495,7 +495,7 @@ body {
 #ticketForm div.error label, #clientLogin div.error label {
   color: #a00;
 }
-#ticketForm p, #clientLogin p {
+#clientLogin p {
   clear: both;
   text-align: center;
 }
@@ -646,7 +646,7 @@ a.refresh {
 #ticketThread table th {
   text-align: left;
   border-bottom: 1px solid #aaa;
-  font-size: 11pt;
+  font-size: 12px;
   padding: 5px;
 }
 #ticketThread table td {
@@ -659,7 +659,7 @@ a.refresh {
   background: #ddd;
 }
 #ticketThread .info {
-  padding: 5px;
+  padding: 2px;
   background: #f9f9f9;
   border-top: 1px solid #ddd;
   height: 16px;
@@ -667,16 +667,13 @@ a.refresh {
 }
 #ticketThread .info a {
   display: inline-block;
-  margin: 5px 20px 5px 0;
+  margin: 5px 10px 5px 0;
   padding-left: 24px;
   height: 16px;
   line-height: 16px;
   background-position: 0 50%;
   background-repeat: no-repeat;
 }
-#ticketThread .info .pdf {
-  background-image: url('../images/filetypes/pdf.png?1319636863');
-}
 
 #reply {
   margin-top: 20px;

attachment.php

+<?php
+/*********************************************************************
+    attachment.php
+
+    Attachments interface for clients.
+    Clients should never see the dir paths.
+    
+    Peter Rotich <peter@osticket.com>
+    Copyright (c)  2006-2012 osTicket
+    http://www.osticket.com
+
+    Released under the GNU General Public License WITHOUT ANY WARRANTY.
+    See LICENSE.TXT for details.
+
+    vim: expandtab sw=4 ts=4 sts=4:
+**********************************************************************/
+require('secure.inc.php');
+require_once(INCLUDE_DIR.'class.attachment.php');
+//Basic checks
+if(!$thisclient 
+        || !$_GET['id'] 
+        || !$_GET['h']
+        || !($attachment=Attachment::lookup($_GET['id']))
+        || !($file=$attachment->getFile()))
+    die('Unknown attachment!');
+
+//Validate session access hash - we want to make sure the link is FRESH! and the user has access to the parent ticket!!
+$vhash=md5($attachment->getFileId().session_id().$file->getHash());
+if(strcasecmp(trim($_GET['h']),$vhash) 
+        || !($ticket=$attachment->getTicket()) 
+        || !$ticket->checkClientAccess($thisclient)) 
+    die('Unknown or invalid attachment');
+//Download the file..
+$file->download();
+
+?>

captcha.php

+<?php
+/*********************************************************************
+    captcha.php
+
+    Simply returns captcha image.
+    
+    Peter Rotich <peter@osticket.com>
+    Copyright (c)  2006-2012 osTicket
+    http://www.osticket.com
+
+    Released under the GNU General Public License WITHOUT ANY WARRANTY.
+    See LICENSE.TXT for details.
+
+    vim: expandtab sw=4 ts=4 sts=4:
+**********************************************************************/
+require_once('main.inc.php');
+require(INCLUDE_DIR.'class.captcha.php');
+$captcha = new Captcha(5,12,ROOT_DIR.'images/captcha/');
+echo $captcha->getImage();
+?>

client.inc.php

@@ -51,7 +51,7 @@ require_once(INCLUDE_DIR.'class.dept.php');
 //clear some vars
 $errors=array();
 $msg='';
-$thisclient=null;
+$thisclient=$nav=null;
 //Make sure the user is valid..before doing anything else.
 if($_SESSION['_client']['userID'] && $_SESSION['_client']['key'])
     $thisclient = new ClientSession($_SESSION['_client']['userID'],$_SESSION['_client']['key']);
@@ -60,6 +60,8 @@ if($_SESSION['_client']['userID'] && $_SESSION['_client']['key'])
 if($thisclient && $thisclient->getId() && $thisclient->isValid()){
      $thisclient->refreshSession();
 }
+/* Client specific defaults */
+define('PAGE_LIMIT',DEFAULT_PAGE_LIMIT);
 
 $nav = new UserNav($thisclient, 'home');
 ?>