Map each of the inputs from $_POST['ids'] into a separate, sanitized
database input (via the db_input() function), then implode() the array with
commas and build the SQL statement.

Protect againts cross-site request forgery attacks by requiring a special
form-field or header to be sent with requests that modify ticket system
data.

This meant a slight change to the AJAX ticket locking mechanism. It was
defined to lock with a GET request; however, GET requests are defined as
safe methods and should not modify backend data (such as a lock
acquisition). Therefore, the the lock acquire AJAX method was changed to
require a POST method.

Also remove old, no-longer-used staff panel include files

Issue/stop dashboard freezes

Looks good.

Reviewed By: Peter 06/18/12

Looks good, thanks.

Looks good, thanks. Wonder where this broke?

Minor cleanups pending - parked for DPR5/RC1

Reviewed By: Peter 06/18/12

Looks good.

Reviewed By: Peter 06/18/12

MySQL Strict mode overwrite - looks good.

Reviewed By: Peter 06/18/12

Looks good

Reviewed By: Peter 06/18/12

Looks good.

Reviewed By: Peter 06/18/12

Rather than defaulting to either showing answered tickets or closed tickets
if there are no open tickets.

Reviewed By: Peter 06/18/12 

Reviewed By: Peter 06/18/12

Reviewed By Jared

Reviewed By: Jared 06/18/12
Reviewed By: Peter 06/18/12

Allow staff members the ability to select a default paper size which will be
used in printing tickets via PDF. In the future, this may be overridden per
ticket by a dialog box at print time.

And fix various lint issues, include adding the yet-undefined-but-referenced
deleteAttachment() function for canned-responses and faq entries

Actually, Safari was probably just being really nice to me