Conflicts:
	include/class.misc.php

Fix cookie domain for localhost

Reviewed-By: Peter Rotich <peter@osticket.com>

Fetch attachments in mail fetch
Reviewed-By: Peter Rotich <peter@osticket.com>

Provide a fallback ROOT_PATH

Reviewed-By: Peter Rotich <peter@osticket.com>

Web browsers don't appreciate a cookie domain without any dots. This patch
detects the originally-requested domain for the request. If the domain does
not contain dots (such as 'localhost' or the name of a local server on your
network defined in your hosts file), no cookie domain is sent.

The greatest symptom of this issue what the illustrious 'Invalid CSRF token'
seen repeatedly on the scp login page. The reason is that the browser was
rejecting the cookie from the server.

Fixes #677, #672, #653

This code was lost when the message-id tracking feature was implemented

Web browsers don't appreciate a cookie domain without any dots. This patch
detects the originally-requested domain for the request. If the domain does
not contain dots (such as 'localhost' or the name of a local server on your
network defined in your hosts file), no cookie domain is sent.

The greatest symptom of this issue what the illustrious 'Invalid CSRF token'
seen repeatedly on the scp login page. The reason is that the browser was
rejecting the cookie from the server.

Fixes #677, #672, #653

If unable to detect the root path, provide a fallback ROOT_PATH setting to
'./'. This is likely to happen if run from the commandline (like for crons)
or if DOCUMENT_ROOT and the folder of main.inc.php seem to have nothing in
common

Fixes #704

Fixup for the message-id tracking feature

Reviewed-By: Peter Rotich <peter@osticket.com>

Define ROOT_PATH in chrooted environments too

Reviewed-By: Peter Rotich <peter@osticket.com>

Previously, filenames saved in the database had the spaces changed for
underbars; however, other characters (such as commas and non-ascii
characters) presented issues with user agents downloading the attachments.

This patch handles the filename encoding for two special cases -- internet
explorer and safari, and provides the semi-standard RFC5987 method of
encoding the filename for the remaining browsers.

Attachments are no longer forced to be downloaded. It is up to the browser
to decide if the attachment should be shown in the browser or downloaded.

This patch also fixes a slight bug in the caching mechanism for downloads
concerning the last-modified time. The date sent to the browser was not
properly converted to GMT time, although the server claimed that it was.

Include setup/tips.html in download package

Reviewed-By: Peter Rotich <peter@osticket.com>

Handle attachment filenames better

Reviewed-By: Peter Rotich <peter@osticket.com>

Historically, ROOT_PATH and ROOT_DIR contained the same value; however,
ROOT_PATH now points to the URL path where osTicket is installed, whereas
ROOT_DIR points to the file system location where osTicket is installed.

When an admin logs in to upgrade to 1.7.1 and further from a version
pervious to 1.7.1, the system will attempt to clear password reset tokens
from the config table, which hasn't been upgraded yet to the namespaced
version from 1.7.1

Some security inspection appliances and load balancers don't appreciate
something in the HTTP headers that is not a valid HTTP header. Furthermore,
the browser needs the Content-Type header to identify that the image is not
the PHP default of text/html

Previously, filenames saved in the database had the spaces changed for
underbars; however, other characters (such as commas and non-ascii
characters) presented issues with user agents downloading the attachments.

This patch handles the filename encoding for two special cases -- internet
explorer and safari, and provides the semi-standard RFC5987 method of
encoding the filename for the remaining browsers.

Attachments are no longer forced to be downloaded. It is up to the browser
to decide if the attachment should be shown in the browser or downloaded.

This patch also fixes a slight bug in the caching mechanism for downloads
concerning the last-modified time. The date sent to the browser was not
properly converted to GMT time, although the server claimed that it was.

Make phone ext optional for XML API

Reviewed-By: Peter Rotich <peter@osticket.com>

Use the correct Content-Type header for CAPTCHA

Reviewed-By: Peter Rotich <peter@osticket.com>

ROOT_DIR should be used to identify filesystem paths

Reviewed-By: Peter Rotich <peter@osticket.com>

Don't send emails for non-existent table

Reviewed-By: Peter Rotich <peter@osticket.com>

Some security inspection appliances and load balancers don't appreciate
something in the HTTP headers that is not a valid HTTP header. Furthermore,
the browser needs the Content-Type header to identify that the image is not
the PHP default of text/html

Historically, ROOT_PATH and ROOT_DIR contained the same value; however,
ROOT_PATH now points to the URL path where osTicket is installed, whereas
ROOT_DIR points to the file system location where osTicket is installed.

When an admin logs in to upgrade to 1.7.1 and further from a version
pervious to 1.7.1, the system will attempt to clear password reset tokens
from the config table, which hasn't been upgraded yet to the namespaced
version from 1.7.1

The mainly comes in when a MIME header which might contain a list of email
addresses (like Reply-To) is to be parsed, but is empty. The Mail_RFC822
class would return an empty mailbox @ localhost (where 'localhost' is the
default default_domain for mail address list parsing).