This pull request adds a cleanup util for bogus and invalid charsets, mostly
added by a nameless company out of Redmond, WA.

Fix SLA link in help tips

Reviewed-By: Peter Rotich <peter@osticket.com>

Fixes https://github.com/osTicket/osTicket-1.8/issues/1673

Tested with 1.9.4 - found no other / related / new issues due to this change of the z-index.

Fixes: https://github.com/osTicket/osTicket-1.8/issues/980
Fixes: https://github.com/osTicket/osTicket-1.8/issues/1411

This fixes a slight issue where the team members would never be included on
the new message alert. Now, the system will send to either the assigned
staff member, if any, or the members of the assigned team, again, if any.

Files upgraded from versions of osTicket prior to 1.9.1 did not have a
`signature` field in the database. For caching purposes in generating the
Etag HTTP header, the getSignature function cascades through the getKey
method. This may be inconsistent in the signed URL creation.

This patch adds a cascade flag to the getSignature method so the cascading
will not happen unless specifically requested.

Don't add to endTime if not already set

forms: Use form's name as the heading.

Reviewed-By: Jared Hancock <jared@osticket.com>

filter: Implement ban on reply-to email address

Reviewed-By: Peter Rotich <peter@osticket.com>

Show the form title on edit instead of "Custom Form" - which can be
misleading since the user might be editing a built-in form.

If a new ticket is assigned to both an individual agent and a team, do not
send the email alert to the team lead or the team members.

email: Send staff alerts from the department email

Reviewed-By: Peter Rotich <peter@osticket.com>

Properly escape text bodies for canned responses

Reviewed-By: Peter Rotich <peter@osticket.com>

files: Provide unified download script

Reviewed-By: Peter Rotich <peter@osticket.com>

This patch changes the ticket filter system so that it can be recursively
looped to allow for banning and matching on the reply-to address and name.

This script adds a single download script, 'file.php', which provides access
to files of all types to all users. It uses a HMAC signature system with an
expires time, which allows signed URLs to be sent to external users.

This also fixes an issue with the Http::cacheable() method, where the
last-modified and Etag headers were not properly compared, which resulted in
permanent cache misses by the client.

Sanitize query strings

Reviewed-By: Jared Hancock <jared@osticket.com>

Use http::build_query instead of inline urlencode

Retire l.php

Reviewed-By: Jared Hancock <jared@osticket.com>

filters: Fix several small, major issues

Reviewed-By: Peter Rotich <peter@osticket.com>

  * Fix incorrect mapping to user email address
  * Fix early rejecting of tickets — even if a filter earlier in the
    matching filter list had "stop on match" set
  * Fix ::stopOnMatch referring to incorrect db field

The new logic abandons the early rejection logic in ticket create. Instead,
the normal validation is completed as usual. Thereafter, the filter is
initialized and applied to the ticket. Upon rejection, a RejectedException
is thrown by the ::apply() method of the TicketFilter. The Ticket::create()
method will handle the exception and reject the ticket.

Stop trampolining links via l.php. It was necessary before in order to avoid
the potential of leaking ticket number & email. The authentication mechanism
in place now redirects on successful login.