Protect againts cross-site request forgery attacks by requiring a special
form-field or header to be sent with requests that modify ticket system
data.

This meant a slight change to the AJAX ticket locking mechanism. It was
defined to lock with a GET request; however, GET requests are defined as
safe methods and should not modify backend data (such as a lock
acquisition). Therefore, the the lock acquire AJAX method was changed to
require a POST method.

Also remove old, no-longer-used staff panel include files

Issue/stop dashboard freezes

Looks good.

Reviewed By: Peter 06/18/12

Looks good, thanks.

Looks good, thanks. Wonder where this broke?

Minor cleanups pending - parked for DPR5/RC1

Reviewed By: Peter 06/18/12

Looks good.

Reviewed By: Peter 06/18/12

MySQL Strict mode overwrite - looks good.

Reviewed By: Peter 06/18/12

Looks good

Reviewed By: Peter 06/18/12

Looks good.

Reviewed By: Peter 06/18/12

Rather than defaulting to either showing answered tickets or closed tickets
if there are no open tickets.

Reviewed By: Peter 06/18/12 

Reviewed By: Peter 06/18/12

Reviewed By Jared

Reviewed By: Jared 06/18/12
Reviewed By: Peter 06/18/12

Allow staff members the ability to select a default paper size which will be
used in printing tickets via PDF. In the future, this may be overridden per
ticket by a dialog box at print time.

And fix various lint issues, include adding the yet-undefined-but-referenced
deleteAttachment() function for canned-responses and faq entries

Actually, Safari was probably just being really nice to me

Most things work, still outstanding
  - the table needs to support filtering like the graphs,
  - the bootstrap.css file needs to be culled of what isn't used for now,
  - g.raphael needs to be re-minned after a issue is filed with g.raphael
    for the snapEnds() function not picking reasonable graph axes.
  - split dashboard.php into several smaller js, css, etc., respective files