This commit addresses an issue where the validation error for trying to save a Ticket without a Help Topic was not being shown as a result of the error message that was added to ensure that the Help Topic selected is Active.

This commit adds an Admin setting that requires a Ticket to have a Help Topic before it can be closed. It can be set by going to:

Admin Panel | Settings | Tickets | Require Help Topic to Close

If enabled, Tickets will have a warning banner across the bottom of the page, a warning banner when trying to change the Ticket status to Closed, and a warning flag beside the field when editing the Ticket.

By default, this setting is NOT enabled.

This addresses an issue on the forums where clicking to view the ticket as
an Agent in IE 11 throws a white screen of death. This is due to the
shorthand javascript arrow functions in `include/staff/ticket-view.inc.php`.

This feature gives Agents the capability deciding whether or not Users should be able to see Tickets to which they are Collaborators for in their Ticket queues.

By default, Users are able to see all Tickets they take part in whether they are the User for the Ticket or a Collaborator.

If the Agent would like to disable Users seeing their Collaborator Tickets, they can configure the setting here:
Admin Panel | Tickets | Settings | Collaborator Tickets Visibility

- Clean up/correct notifyCollaborators function
- Make sure function calls are passing in all needed variables
- getContact function added to EmailRecipient class to properly set up email notifications
- Corrections on encoding recipients for thread entries

This commit fixes an issue where the font for the word 'Collaborators' was being overwritten by the font associated with the icon-caret-right class.

This addresses an issue where osTicket did not ensure associated items exist
before saving to the database. This also addresses an issue where the Parent
Topic error was not displayed on page.

It may be possible to steal or manipulate customer session and cookies,
which might be used to impersonate a legitimate user, allowing the hacker to
view or alter user records, and to perform transactions as that user.
Sanitation of hazardous characters was not performed correctly on user
input.

osTicket did not properly sanitize array values in `Format::htmlchars()`.
Some values in the Admin Interface were not properly sanitized and returned
to the response.

This addresses issue 4325 where the Language Pack Locales are mismatched.
The Locale for the first language is displayed on the second language,
etc. This updates the `$manifest` variable to be set before we display
data so the correct `MANIFEST` file is included and all language data is
displayed correctly.

- Ticket View UI changes
- Mailer logic improvements
- Ticket Open consolidated for mailer changes

UI changes to make it more user friendly

This addresses an issue where osTicket did not ensure associated items exist
before saving to the database. This also addresses an issue where the Parent
Topic error was not displayed on page.

It may be possible to steal or manipulate customer session and cookies,
which might be used to impersonate a legitimate user, allowing the hacker to
view or alter user records, and to perform transactions as that user.
Sanitation of hazardous characters was not performed correctly on user
input.

osTicket did not properly sanitize array values in `Format::htmlchars()`.
Some values in the Admin Interface were not properly sanitized and returned
to the response.

For new tickets, hide the Ticket Notice dropdown if the 'New Ticket by Agent' autoresponse is disabled since no response will be sent

This feature adds a new Role permission called Release. This permission
(if Enabled) allows an Agent to release ticket assignment. This permission
is configurable for each and every Role in the helpdesk. This also keeps
current functionality where Department Managers do not need the Role
Permission in order to release tickets. In addition to the permission,
this feature adds a new Release modal giving the option to choose who to
release assignment from (Agent/Team/Both). This also adds a comment box to
the release modal to optionally enter a reason for releasing assignment.
Lastly, this adds a Release Thread Event so an event is logged showing who
released who’s assignment.

This feature adds a new Role permission called Manage Referrals. This
permission allows Agents to Manage Ticket Referrals. This permission
is configurable for each and every Role in the helpdesk.

This addresses an issue where the Queue Export does not remember your
column sorting. This was due to the `getExportableFields()` function
called in the Export Template that gets a predefined list of fields plus
some `cdata` fields with a predefined sort order (not your saved sort
order). This updates the export template to merge the `$fields` array that
contains the exportable fields in the saved sorting order and the
`getExportableFields()` result (array) that contains the same fields plus
`cdata` fields. This will return the fields in the saved sorting order
whilst still displaying possible `cdata` fields.

This addresses issue 4325 where the Language Pack Locales are mismatched.
The Locale for the first language is displayed on the second language,
etc. This updates the `$manifest` variable to be set before we display
data so the correct `MANIFEST` file is included and all language data is
displayed correctly.

This commit avoids camel casing the select values for Archiving Help Topic and Department options. It also fixes an issue where the selected value was being translated and it should not have been.

This means Agents can no longer choose to add a BCC User while creating or responding to a Ticket.

This also means that if a User emails in a Ticket where someone is BCC'd, the Ticket will be created without the BCC'd User(s).

If an email is sent where the Department email is BCC'd, a Ticket is created for that Department and other Users in the email are added as Collaborators.

This also changes the response options for Agents. They now have the options to:
- Reply All (User + Collaborators)
- Reply to User (only the User)
- Do not Email Reply

(Previously the options were Reply All, Reply to User, Reply to CC + User, Reply to BCC, Do not Email Reply)

New Ticket UI:
- Clean up recipient section (adding user and collaborators)
- Give agents the option of who to send the new ticket alert to:
	- Alert to All
	- Alert to User
	- Alert to CC + User
	- Alert to BCC
	- Do not send an Alert
- Added option of adding new Users for cc/bcc section using the 'Add New' button

Post Reply UI:
- Instead of having to type to get the option of adding a new user in the cc/bcc boxes, put an Add New button
- Clean up Add New routine
	- Now when adding a new collaborator using the Add New button, the User's name will appear in the cc or bcc box as specified and the Agent can go ahead and write their reply rather than pulling up the manage collaborators popup and forcing the agent to have to save the collaborator changes before being able to type a reply
- Change the option "Reply to Collaborators" to "Reply to CC + User" to avoid confusion

- Change To dropdown to have different reply types
	- Reply to All
	- Reply to User
	- Reply to Collaborators
	- Reply to BCC
- Add a help tip for the new reply types
- Set the reply type selected based on the last user respondent
	- Reply to Collaborator by default or if the last message is from the ticket user or a CC collaborator
	- Reply to BCC if the last message is from a BCC user
- Put User, CC, and Bcc fields below and indented as appropriate (User field is readonly)
- Add a new flag to Agent responses to show which reply type they selected. Put the flag on Agent thread entries

- unset the sessions form data only in necessary places
- refer to a tasks number instead of id in internal notes
- use indexOf instead of includes in js for IE compatibility

- say created from thread entry instead of created from thread
- make sure that links to thread entry do not open in new window
- make sure if default help topic is selected, message data carries over
  - make sure if issue details are not included for a help topic form, we
    make sure there is a message before trying to get attachments for one
- do not pass in an object to session array. use id and do lookup after instead

When a Task or Ticket is created from a Thread, this code
adds the functionality to create an Internal Note in the
new Ticket or Task as well as the original Ticker or
Task to show the activity that happened.

Don't display the Close Task option if the current user can't close it...

This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

This addresses an issue on the forums where the query to determine the
size of the `file_chunk` table is making the page load really slow for
people with large tables. This updates the query to improve the
performance of the page load time.

This addresses an issue where the User’s account status is always 'Active'
in the Organization list no matter what their actual status is. This adds the
account status to the user query which adds the correct status to the Users’
account.

This addresses an issue on the forums where the query to determine the
size of the `file_chunk` table is making the page load really slow for
people with large tables. This updates the query to improve the
performance of the page load time.

- In class.forms.php, $this->field->getClean() was null so $new was not populated and attachments were not being carried over, so we must get the fileIds directly from the form-data array
- We need to unset the form-data for attachment fields (on tasks and tickets) so that the array is empty each time we try to create a task or ticket from a thread
- We need to add files attached to threads where we are creating a task or ticket to the list of allowed files otherwise they will not carry over to new tasks/tickets (only files uploaded by this user in this session were allowed previously)

This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

- On ticket edit, only display inactive help topic warning if the ticket has a help topic
- Inline edit file save fix
- Remove future search/filter criteria for datetime fields that can't be in the future
- Fix calculations for 'next 7 days' and 'next 30 days'. They were selecting dates between now and n days AGO instead of between now and n days in the future

- On ticket edit, only display inactive help topic warning if the ticket has a help topic

- Fix to make sure tickets can be created from a User's message (not just Agents or Internal Notes)