* Add trashcan icon for newly-added actions
  * Categorize filter actions
  * Use imperative phrases for action descriptions
  * Drop check boxes from simple actions (like reject ticket)
  * Hide empty forms on new ticket pages
  * Do not store config for nondata fields for actions
  * Implement a multi-use feature for actions, which will allow using a
    action more than once (for instance, multiple email sends)
  * Filter actions are sortable
  * Send email has from address configurable
  * %{user} token is valid as a recipient

This patch rebases filters into a row-based layout and redesigns the filter
apply method to be more extensible. It also redesigns the UI to be more
dynamic and to allow for actions to be added without database modification
and actions can also have complex configurations.

And properly escape and display form title and instructions

Help topics can now specify one or more additional forms to be included on
the help topic and can also specify the sort order of those forms.
Furthermore, individual fields can be disabled per help topic, so that
unnecessary fields can be omitted when necessary, per help topic.

The disabled flag is recorded along side the field data so that the field
will not be accidentally added to the form later automatically. There is no
interface in this commit to enable a field which was disabled by the help
topic when ticket was created.

Don't add to endTime if not already set

  * Fix missing attachments join for Category (fixes #1654)
  * Fix crash on user account registration
  * Fix save button on user account (fixes #1655) — regression from bebc2d79

  * Fix fatal errors adding a new FAQ (fixes #1648)
  * Fix removal of attachments when deleting a thread (fixes #1650)
  * Fix crash discovering department members for alerts (fixes #1652)

  * Fix translation of pages
  * Localize client thank-you page on new ticket
  * Fix adding new category
  * Fix crash on staff login when upgrading from < 1.9
  * Don't show self locks on ticket queue pages

Show the form title on edit instead of "Custom Form" - which can be
misleading since the user might be editing a built-in form.

If a new ticket is assigned to both an individual agent and a team, do not
send the email alert to the team lead or the team members.

This patch changes the ticket filter system so that it can be recursively
looped to allow for banning and matching on the reply-to address and name.

This script adds a single download script, 'file.php', which provides access
to files of all types to all users. It uses a HMAC signature system with an
expires time, which allows signed URLs to be sent to external users.

This also fixes an issue with the Http::cacheable() method, where the
last-modified and Etag headers were not properly compared, which resulted in
permanent cache misses by the client.

Key permissions definition array
Move canned and faq permissions to their respective classes.

Use http::build_query instead of inline urlencode

  * Fix incorrect mapping to user email address
  * Fix early rejecting of tickets — even if a filter earlier in the
    matching filter list had "stop on match" set
  * Fix ::stopOnMatch referring to incorrect db field

The new logic abandons the early rejection logic in ticket create. Instead,
the normal validation is completed as usual. Thereafter, the filter is
initialized and applied to the ticket. Upon rejection, a RejectedException
is thrown by the ::apply() method of the TicketFilter. The Ticket::create()
method will handle the exception and reject the ticket.

Stop trampolining links via l.php. It was necessary before in order to avoid
the potential of leaking ticket number & email. The authentication mechanism
in place now redirects on successful login.

This is necessary so we can sanitize/encode inputs.

This patch changes the default formatting for text bodies used in emails,
ticket thread, and canned response quoting so that white-space in text
bodies is properly preserved. Previously, the text was treated as raw HTML
and was not properly escaped, nor was the original whitespace preserved.

This patch adds a ::getAlertEmail() method to the Department class, which
allows administrators to use the department email address (normally for
replies) as the alert email address. If not specified, the system alert
email address is retrieved instead, automatically.

This allows agents to view the raw email headers parsed with the email when
the ticket or thread entry was created.

This affects new ticket by staff as well as honoring the influence of ticket
filters on new ticket, where the status may be set to something other than
the system default. Even the system default may be influenced if it were set
to a closed state derivative.

So the concept is simple: the new status should be set using the standard
logic so that the closed_by staff member, date, events, and other
information is set as normally is when a ticket is closed.

Allow for permissions to be registered dynamically. This will
allow for the ability for models and plugins to register permissions.

This resolves #1570