diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index be1d0b57e3bdd0e11d37ef6bfb3cfae14772e87b..c3de4f715e43fe2a6a0c87bbefb3af63063a3ca1 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -1456,7 +1456,7 @@ function refer($tid, $target=null) {
&& ($f=$iform->getField('duedate'))) {
$f->configure('max', Misc::db2gmtime($ticket->getEstDueDate()));
}
- $vars = array_merge($_SESSION[':form-data'] ? : array(), $vars);
+ $vars = array_merge($_SESSION[':form-data'] ?: array(), $vars);
if ($_POST) {
Draft::deleteForNamespace(
diff --git a/include/class.config.php b/include/class.config.php
index c13e2617cc360f9877a448dfe77946117cc2625e..c6cbe77256aebd3a608b9772161f57e418a9547d 100644
--- a/include/class.config.php
+++ b/include/class.config.php
@@ -961,7 +961,7 @@ class OsticketConfig extends Config {
}
function getDefaultTicketQueueId() {
- return $this->get('default_ticket_queue');
+ return $this->get('default_ticket_queue', 1);
}
function hideStaffName() {
diff --git a/include/class.mailfetch.php b/include/class.mailfetch.php
index c5867217b81c2caca450e337dc7c3f8ea3cbdd0c..38ec03f9b44b9305ac94453280c3aae21e6b45d8 100644
--- a/include/class.mailfetch.php
+++ b/include/class.mailfetch.php
@@ -359,7 +359,9 @@ class MailFetcher {
}
}
}
- $header['thread_entry_recipients']['to'] = array_unique($header['thread_entry_recipients']['to']);
+
+ if (isset($header['thread_entry_recipients']['to']))
+ $header['thread_entry_recipients']['to'] = array_unique($header['thread_entry_recipients']['to']);
//See if any of the recipients is a delivered to address
if ($tolist['delivered-to']) {
diff --git a/include/class.osticket.php b/include/class.osticket.php
index b53e849f4574eb257870b0003a595314484c6ca7..fbaaace07f2513ea8798fe533b9576e5fad668c3 100644
--- a/include/class.osticket.php
+++ b/include/class.osticket.php
@@ -123,7 +123,7 @@ class osTicket {
return true;
$msg=sprintf(__('Invalid CSRF token [%1$s] on %2$s'),
- ($_POST[$name].''.$_SERVER['HTTP_X_CSRFTOKEN']), THISPAGE);
+ (Format::htmlchars($_POST[$name]).''.$_SERVER['HTTP_X_CSRFTOKEN']), THISPAGE);
$this->logWarning(__('Invalid CSRF Token').' '.$name, $msg, false);
return false;
diff --git a/include/staff/ticket-view.inc.php b/include/staff/ticket-view.inc.php
index 4f0c78ac09bdadbbbb29f5bbc2d9317dcde0a81a..b71877bf99d22b64cdf549f2c34ff7f2629ea7a6 100644
--- a/include/staff/ticket-view.inc.php
+++ b/include/staff/ticket-view.inc.php
@@ -269,7 +269,8 @@ if($ticket->isOverdue())
<div class="clear tixTitle has_bottom_border">
<h3>
<?php $subject_field = TicketForm::getInstance()->getField('subject');
- echo $subject_field->display($ticket->getSubject()); ?>
+ echo $subject_field ? $subject_field->display($ticket->getSubject())
+ : Format::htmlchars($ticket->getSubject()); ?>
</h3>
</div>
<table class="ticket_info" cellspacing="0" cellpadding="0" width="940" border="0">
@@ -746,9 +747,11 @@ if ($errors['err'] && isset($_POST['a'])) {
<select id="from_email_id" name="from_email_id">
<?php
// Department email (default).
- echo sprintf('<option value="%s" selected="selected">%s</option>',
- $dept->getEmail()->getId(),
- Format::htmlchars($dept->getEmail()->getAddress()));
+ if (($e=$dept->getEmail())) {
+ echo sprintf('<option value="%s" selected="selected">%s</option>',
+ $e->getId(),
+ Format::htmlchars($e->getAddress()));
+ }
// Optional SMTP addreses user can send email via
if (($emails = Email::getAddresses(array('smtp' =>
true), false)) && count($emails)) {