diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index 626f51af081721166e0d728e88cd615adc05423c..6325950742f9dc68fb55aeb7d87142eb15c5f487 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -211,11 +211,11 @@ class TicketsAjaxAPI extends AjaxController {
foreach (TicketForm::getInstance()->getFields() as $f) {
if (isset($req[$f->getFormName()])
&& ($val = $req[$f->getFormName()])) {
- $name = $f->get('name') ? db_real_escape($f->get('name'))
+ $name = $f->get('name') ? $f->get('name')
: 'field_'.$f->get('id');
- $cwhere = "cdata.\"$name\" LIKE '%".db_real_escape($val)."%'";
+ $cwhere = "cdata.`$name` LIKE '%".db_real_escape($val)."%'";
if ($f->getImpl()->hasIdValue() && is_numeric($val))
- $cwhere .= " OR cdata.\"{$name}_id\" = ".db_input($val);
+ $cwhere .= " OR cdata.`{$name}_id` = ".db_input($val);
$where .= ' AND ('.$cwhere.')';
$cdata_search = true;
}
diff --git a/include/class.cron.php b/include/class.cron.php
index 999bf437dd60b281d00d8c9e2c6c55e1ef220dd4..2dcfc1b4ba544dbedbca90ce76895e70f288828b 100644
--- a/include/class.cron.php
+++ b/include/class.cron.php
@@ -34,7 +34,9 @@ class Cron {
function PurgeLogs() {
global $ost;
- if($ost) $ost->purgeLogs();
+ // Once a day on a 5-minute cron
+ if (rand(1,300) == 42)
+ if($ost) $ost->purgeLogs();
}
function PurgeDrafts() {
@@ -47,6 +49,47 @@ class Cron {
AttachmentFile::deleteOrphans();
}
+ function MaybeOptimizeTables() {
+ // Once a week on a 5-minute cron
+ $chance = rand(1,2000);
+ switch ($chance) {
+ case 42:
+ @db_query('OPTIMIZE TABLE '.TICKET_LOCK_TABLE);
+ break;
+ case 242:
+ @db_query('OPTIMIZE TABLE '.SYSLOG_TABLE);
+ break;
+ case 442:
+ @db_query('OPTIMIZE TABLE '.DRAFT_TABLE);
+ break;
+
+ // Start optimizing core ticket tables when we have an archiving
+ // system available
+ case 142:
+ #@db_query('OPTIMIZE TABLE '.TICKET_TABLE);
+ break;
+ case 542:
+ #@db_query('OPTIMIZE TABLE '.FORM_ENTRY_TABLE);
+ break;
+ case 642:
+ #@db_query('OPTIMIZE TABLE '.FORM_ANSWER_TABLE);
+ break;
+ case 342:
+ #@db_query('OPTIMIZE TABLE '.FILE_TABLE);
+ # XXX: Please do not add an OPTIMIZE for the file_chunk table!
+ break;
+
+ // Start optimizing user tables when we have a user directory
+ // sporting deletes
+ case 742:
+ #@db_query('OPTIMIZE TABLE '.USER_TABLE);
+ break;
+ case 842:
+ #@db_query('OPTIMIZE TABLE '.USER_EMAIL_TABLE);
+ break;
+ }
+ }
+
function run(){ //called by outside cron NOT autocron
global $ost;
if (!$ost || $ost->isUpgradePending())
@@ -57,6 +100,7 @@ class Cron {
self::PurgeLogs();
self::CleanOrphanedFiles();
self::PurgeDrafts();
+ self::MaybeOptimizeTables();
Signal::send('cron');
}
diff --git a/include/class.dynamic_forms.php b/include/class.dynamic_forms.php
index 2ffbe145e3156d36fc7e903003ea92bcc53997d7..118805882148d03fb084b753e0e18aaf55c67a09 100644
--- a/include/class.dynamic_forms.php
+++ b/include/class.dynamic_forms.php
@@ -245,7 +245,7 @@ class TicketForm extends DynamicForm {
static function updateDynamicDataView($answer, $data) {
// TODO: Detect $data['dirty'] for value and value_id
// We're chiefly concerned with Ticket form answers
- if (!($e = $answer->getEntry()) || $e->get('object_type') != 'T')
+ if (!($e = $answer->getEntry()) || $e->getForm()->get('type') != 'T')
return;
// $record = array();
@@ -303,7 +303,8 @@ Signal::connect('model.updated',
array('TicketForm', 'dropDynamicDataView'),
'DynamicFormField',
// TODO: Lookup the dynamic form to verify {type == 'T'}
- function($o, $d) { return isset($d['dirty']) && isset($d['dirty']['name']); });
+ function($o, $d) { return isset($d['dirty'])
+ && (isset($d['dirty']['name']) || isset($d['dirty']['type'])); });
require_once(INCLUDE_DIR . "class.json.php");
diff --git a/include/class.lock.php b/include/class.lock.php
index bbf53b5498451c8ab6e3660282898fa3f4318eb4..d6bcbad9dc66105803fbb49a267252d068423242 100644
--- a/include/class.lock.php
+++ b/include/class.lock.php
@@ -147,11 +147,10 @@ class TicketLock {
return db_query($sql);
}
- //Called via cron
+ //Called via cron
function cleanup() {
//Cleanup any expired locks.
db_query('DELETE FROM '.TICKET_LOCK_TABLE.' WHERE expire<NOW()');
- @db_query('OPTIMIZE TABLE '.TICKET_LOCK_TABLE);
}
}
?>
diff --git a/include/class.osticket.php b/include/class.osticket.php
index e1c7a9075b656bef894a2cdf774f3947ca9754b3..4108d7f1739cd394720c21de22afadb188556def 100644
--- a/include/class.osticket.php
+++ b/include/class.osticket.php
@@ -228,12 +228,11 @@ class osTicket {
function alertAdmin($subject, $message, $log=false) {
//Set admin's email address
- if(!($to=$this->getConfig()->getAdminEmail()))
- $to=ADMIN_EMAIL;
-
+ if (!($to = $this->getConfig()->getAdminEmail()))
+ $to = ADMIN_EMAIL;
//append URL to the message
- $message.="\n\n".THISPAGE;
+ $message.="\n\n".$this->getConfig()->getBaseUrl();
//Try getting the alert email.
$email=null;
diff --git a/include/class.ostsession.php b/include/class.ostsession.php
index 78b118299f2ceac11acc85206ab212740cb8079a..d27debae7a795859e7b37a0596e19516ee4aa1bc 100644
--- a/include/class.ostsession.php
+++ b/include/class.ostsession.php
@@ -18,6 +18,7 @@ class osTicketSession {
var $ttl = SESSION_TTL;
var $data = '';
+ var $data_hash = '';
var $id = '';
function osTicketSession($ttl=0){
@@ -87,12 +88,16 @@ class osTicketSession {
list($this->data)=db_fetch_row($res);
$this->id = $id;
}
+ $this->data_hash = md5($this->data);
return $this->data;
}
function write($id, $data){
global $thisstaff;
+ if (md5($data) == $this->data_hash)
+ return;
+
$ttl = ($this && get_class($this) == 'osTicketSession')
? $this->getTTL() : SESSION_TTL;
diff --git a/include/class.ticket.php b/include/class.ticket.php
index f4c8755e0e52b05e43865b7c2ee5886acfa881d2..29ccc502e00545b1a4c856931dc5e53db2a36045 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -102,9 +102,6 @@ class Ticket {
$this->thread = null;
$this->collaborators = null;
- //REQUIRED: Preload thread obj - checked on lookup!
- $this->getThread();
-
return true;
}
@@ -1897,8 +1894,7 @@ class Ticket {
return ($id
&& is_numeric($id)
&& ($ticket= new Ticket($id))
- && $ticket->getId()==$id
- && $ticket->getThread())
+ && $ticket->getId()==$id)
?$ticket:null;
}
diff --git a/include/class.usersession.php b/include/class.usersession.php
index c24bb76ab85188829654cd6ba8b86fdd37d36d7d..e77f65fac77f63853cb3c6a4dea99d93e51ea491 100644
--- a/include/class.usersession.php
+++ b/include/class.usersession.php
@@ -66,6 +66,14 @@ class UserSession {
return($token);
}
+ function getLastUpdate($htoken) {
+ if (!$htoken)
+ return 0;
+
+ @list($hash,$expire,$ip)=explode(":",$htoken);
+ return $expire;
+ }
+
function isvalidSession($htoken,$maxidletime=0,$checkip=false){
global $cfg;
@@ -122,7 +130,10 @@ class ClientSession extends Client {
}
function refreshSession(){
- global $_SESSION;
+ $time = $this->session->getLastUpdate($_SESSION['_client']['token']);
+ // Deadband session token updates to once / 30-seconds
+ if (time() - $time < 30)
+ return;
$_SESSION['_client']['token']=$this->getSessionToken();
//TODO: separate expire time from hash??
}
@@ -160,7 +171,11 @@ class StaffSession extends Staff {
}
function refreshSession(){
- global $_SESSION;
+ $time = $this->session->getLastUpdate($_SESSION['_staff']['token']);
+ // Deadband session token updates to once / 30-seconds
+ if (time() - $time < 30)
+ return;
+
$_SESSION['_staff']['token']=$this->getSessionToken();
}
diff --git a/scp/ajax.php b/scp/ajax.php
index 8c321ead8182568084e21ccd91091e51fb431c46..766e173e3550e00af002baffe47f4d9c445f4168 100644
--- a/scp/ajax.php
+++ b/scp/ajax.php
@@ -21,6 +21,7 @@ function staffLoginPage($msg='Unauthorized') {
exit;
}
+define('AJAX_REQUEST', 1);
require('staff.inc.php');
//Clean house...don't let the world see your crap.
diff --git a/scp/autocron.php b/scp/autocron.php
index ec7cb4c744b6b170da3d5186d09b59fc0e424342..1e2460786f13405b24139bb7e4ca6bddc363c579 100644
--- a/scp/autocron.php
+++ b/scp/autocron.php
@@ -14,6 +14,7 @@
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
+define('AJAX_REQUEST', 1);
require('staff.inc.php');
ignore_user_abort(1);//Leave me a lone bro!
@set_time_limit(0); //useless when safe_mode is on
diff --git a/scp/staff.inc.php b/scp/staff.inc.php
index 359663a4c6fccd04dc466126c759d71a89acb5a4..73fe46d3804b449966f0dc58cbda68308a8145fc 100644
--- a/scp/staff.inc.php
+++ b/scp/staff.inc.php
@@ -123,7 +123,9 @@ if($ost->isUpgradePending() && !$exempt) {
$sysnotice.=' <a href="settings.php">Enable</a>.';
}
-$nav = new StaffNav($thisstaff);
+if (!defined('AJAX_REQUEST'))
+ $nav = new StaffNav($thisstaff);
+
//Check for forced password change.
if($thisstaff->forcePasswdChange() && !$exempt) {
# XXX: Call staffLoginPage() for AJAX and API requests _not_ to honor