This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

Encode html chars on helpdesk title

This allows messages to be stashed in the session and displayed on a
following request. This will be pivotal in implementing the PRG
(post-redirect-get).

Chosen has a problem being rendered in a dialog box with overflow:scroll,
because the content of the dropdown widget is truncated with the scrollable
content of the dialog. Select2 addresses the issue by placing the dropdown
box in the <body> and absolutely positioning it into place.

This patch adds Content-Language and <link rel="alternate"> information to
the client interface for better integration with search engines. It also
adds @lang attribute to the <html> element and various input, textarea, and
richtext boxes for better spell check integration and accuracy.

to indicate the primary language expected for translatable content

Multilanguage Support via gettext

- added gettext encapsulations to all texts i thought necessary
- added fallback function for the case that the gettext extension isn't loaded
- added browser language detection
- added gettext to the list of optional extensions in setup
- rewritten some of the texts to use sprintf instead of appending strings
- added german translation file
- removed mark_overdue-confirm from cannedresponses.inc.php

extend multi language support and a fex fixes

- Better detection of translation files
- Added functionality to redirect language codes (see redirecting
language codes)
- Ticket Status can be translated
- The Datepicker can be translated
- Extended functionality of 'testlang.php' to show what language code is
used to translate

Forgotten to apply a patch from RC5 to RC6

- Forgotten to change $var to $vars in line 380 of class.mailfetch.php
- Removed unneeded comment

Added php_gettext as primary translation engine

- Added php_gettext support (thanks to Danilo Segan and Steven
Armstrong)
- php_gettext is now the primary translation engine
- Extended language detection functionality

Add error/misconfiguration checks and fix undefined variables

As suggested by: https://github.com/osTicket/osTicket-1.8/issues/755

This will simplify where PJAX needs to be disabled by simply including the
navigation as part of the PJAX response.