Skip to content
Snippets Groups Projects
  1. Oct 30, 2019
    • JediKev's avatar
      issue: Delete Org Session Failure · bbd0c255
      JediKev authored
      This addresses an issue on the Forum where deleting an Organization causes
      the session to fail. This is due to the Organization QuerySet being stored
      in the session and not being cleared out when deleted from the system. This
      causes the system to try to refetch the object from the database which it's
      not there as it's been deleted and therefore causes the session to crash.
      bbd0c255
  2. Oct 25, 2019
  3. Oct 23, 2019
    • JediKev's avatar
      i18n: KnowledgeBase JS · bce8296e
      JediKev authored
      In 5120, the reporting party also mentioned that they receive an error of
      `script '/xxx/osTicket/kb/ajax.php' not found or unable to stat`.  This is
      due to the AJAX call being inside the KB directory, and `/kb/ajax.php` truly
      does not exist. This adds `ROOT_PATH` to the beginning of the AJAX call so
      that no matter where it is, it will point to the correct location.
      bce8296e
    • JediKev's avatar
      i18n: KnowledgeBase Category · 5646e7c7
      JediKev authored
      This addresses 5120 where main (or Parent) FAQ Category Titles are not
      translated even though the child Category titles are translated correctly.
      This is due to to the system pulling the Full Name instead of the Local
      (translated) Name.
      5646e7c7
  4. Oct 09, 2019
    • JediKev's avatar
      i18n: OpenSSL Error · af6f0e92
      JediKev authored
      This addresses issue 5095 where installing a Language Pack and visiting the
      Dashboard > Information page without OpenSSL installed/configured will throw
      a fatal error of `Call to undefined function openssl_pkey_get_public()`.
      This is due to no check for the `openssl` extension before the dependant
      method is called. This adds a check so that if OpenSSL is not available we
      can return a useful error code of `VERIFY_EXT_MISSING` (which is error code
      `2`) and continue without disrupting the content.
      af6f0e92
    • Peter Rotich's avatar
      Message Variable - %{message} · 315c4e7c
      Peter Rotich authored
      Make message variable optional for new tickets opened by agents. This is
      necessary for help topics with issue details disabled.
      315c4e7c
  5. Oct 07, 2019
  6. Oct 04, 2019
    • JediKev's avatar
      issue: ACL Oopsie · 4d774bc4
      JediKev authored
      This addresses an issue where initially saving the ACL will fail. This is
      due to the incorrect variable being used to lookup the IP in the ACL. This
      updates the variable from `$acl` to the correct variable `$vars['acl']`.
      4d774bc4
  7. Oct 02, 2019
    • JediKev's avatar
      issue: Revert fefed147 · c9be2e00
      JediKev authored
      This addresses issue 5084 by partially reverting commit `fefed147`. In said
      commit, we updated `THIS_VERSION` to utilize `MAJOR_VERSION` which is fine.
      However, we also updated the deploy module to copy the same format. This
      interferes with the osTicket Version check by not including the entire
      subversion and not starting with a `v` (ie. `v1.12.3`). This reverts the
      copied format section of the commit so that `THIS_VERSION` will be the full,
      non-git version when deployed/packaged.
      c9be2e00
    • JediKev's avatar
      issue: Mbstring Extension Requirement · 5a96884d
      JediKev authored
      This addresses an issue reported on the forum where printing a ticket in
      v1.12 and above requires `mbstring`. This updates the print call to check
      for the `mbstring` extension and if not loaded will fail with a detailed
      error `mbstring extension required to print ticket to PDF`.
      5a96884d
  8. Oct 01, 2019
    • Peter Rotich's avatar
      Instantiate StaffDeptAccess · 390ec3e0
      Peter Rotich authored
      390ec3e0
    • Peter Rotich's avatar
      Datetime Formats · 47098242
      Peter Rotich authored
      This commit addresses two issues related to date / time format.
      
      * 24 hrs format, when selected, is now used system-wide even on thread items
      * PHP-to-JS date / time format translation is now down in the backend
      47098242
  9. Sep 23, 2019
    • JediKev's avatar
      issue: Complete Thread Var Padding (Outlook) · d96285f7
      JediKev authored
      This addresses issue 5007 where when using the complete thread variable
      there is no padding between thread messages in Outlook desktop app and makes
      the thread hard to follow. Outlook does not respect some CSS rules that are
      accepted in most (if not all) modern email clients. Since we can’t use
      normal CSS the workaround is to add a blank table row (with a single space)
      so that it forces "padding" between the end of a message and the start of
      another.
      
      Before
      (image)
      
      After
      (image)
      d96285f7
  10. Sep 20, 2019
    • JediKev's avatar
      issue: Revert 453e8152 · ddde34b0
      JediKev authored
      This addresses an issue where upgrading from v1.6 to a release on or after
      v1.12 will hang on login and eventually timeout. This is due to the system
      not being able to fetch the config which logs a db error which calls the
      config and continues the loop. For now, we need the config in the
      constructor so that the loop doesn't occur and we can continue to upgrade as
      normal.
      
      TODO:
      - For a permanent fix, we need to figure out why the loop occurs when not in
      the constructor and vice versa.
      ddde34b0
  11. Sep 18, 2019
    • aydreeihn's avatar
      Issue: Empty Due Date · 30f3b553
      aydreeihn authored
      This commit fixes an issue that allowed Agents to clear the Duedate on a ticket using inline edit. We were saving the value 0000-00-00 00:00:00 to the database which the ticket would then display as 12/1/02 06:09 pm.
      
      Instead, if an Agent clears the Duedate field, we should save the duedate as null and the ticket should continue using the est_duedate.
      30f3b553
  12. Sep 17, 2019
    • JediKev's avatar
      issue: PHP 7.3 New Agent Set Password · 1bcd0e2f
      JediKev authored
      This addresses an issue reported on the Forum where creating a new Agent and
      setting a password hangs when using PHP 7.3. This is due to too few
      arguments passed to `PasswordPolicy::checkPassword()`. This updates the call
      to include a second argument of `null` so the method is satisfied and we can
      continue with checking the password.
      1bcd0e2f
  13. Sep 13, 2019
  14. Sep 06, 2019
    • JediKev's avatar
      issue: CSV Patch Adv. Search Error · 6ea7526d
      JediKev authored
      This addresses an issue where the previous CSV security patch causes an
      error when creating an Advanced Search with criteria like `User / Email
      Address => contains => @domain.tld`. The system tries to validate the field
      and since `is_formula` is the default validation for TextboxFields the
      system sees `@domain.tld` criteria as a formula and throws the `Content
      cannot start with the following characters: = - + @` error. Advanced
      Searches do not need the `is_forumal` validation as the fields are not
      exportable. This adds a check to see if the field's form is
      `AdvancedSearchForm` and if there is no `validator` set it gets set to `adv`
      which bypasses the validation.
      6ea7526d
    • aydreeihn's avatar
      Issue: Annul Closed Events · 8029b1b0
      aydreeihn authored
      This commit fixes an issue where if you were to change a Ticket to the Resolved status and then to Closed, the dashboard statistics would show that you had closed 2 Tickets even though both events were done on the same Ticket.
      
      We should only count one closed event per Ticket.
      
      This was reported in Issue #5018.
      8029b1b0
  15. Sep 05, 2019
    • JediKev's avatar
      issue: Department Referral Email · 26d2990a
      JediKev authored
      This addresses an issue where a User sending an email message with a
      different Department as CC to the system will not refer the CC'ed Department
      until the email is fetched a second time. The old thinking was that since
      the User CC'ed the other Department the other Department should receive a
      copy of the email in their mailbox. When the system fetches the User's
      message from the original Department email it gets added to the thread but
      doesn't refer just yet. When the system fetches the copy of the message from
      the User in the other Department's email it will then refer the other
      Department. This is a problem especially when you are not fetching or
      forwarding from the other Department's email address. This updates
      `Thread::postEmail()` to include the check for `$mailinfo['system_emails']`
      and if set we refer the Department immediately.
      26d2990a
    • Peter Rotich's avatar
      Date Rnage Period Timezone · 0f06f85b
      Peter Rotich authored
      This commit fixes an issue where date range boundaries didn't consider
      user's timezone resulting in UTC times being used.
      0f06f85b
  16. Sep 04, 2019
    • JediKev's avatar
      i18n: Register Include · 9b18dd65
      JediKev authored
      This addresses issue 4965 where the register.inc.php file for clients was
      missing translations for the action buttons.
      9b18dd65
    • Peter Rotich's avatar
      Lint Fix · 68f11e1f
      Peter Rotich authored
      68f11e1f
  17. Aug 28, 2019
  18. Aug 21, 2019
    • JediKev's avatar
      issue: Support Exchange Shared Mailbox Auth · ac9ea5b9
      JediKev authored
      This addresses an issue where the system cannot successfully authenticate to
      an Exchange server using shared mailbox auth credentials (eg. Username:
      `main-user@domain.com\shared-mailbox@domain.com`). The system passes the
      entire Username value as the `username` parameter for `imap_open()` and
      Exchange fails to authenticate. This adds two new variables called
      `authuser` and `username` to class MailFetcher. This also updates the
      `MailFetcher::__construct()` method to explode the Username value at the
      backslash giving us two parts: the Authentication Username and the Mailbox
      Username. If there are in fact two parts we will assign the first part to
      the new `authuser` variable and assign the second part to the new `username`
      variable. If we detect an `authuser` we will add it to the `imap_open()`
      flag called `authuser` and append it to the `srvstr`. In addition this
      updates the `MailFetcher::getUsername()` method to return the new `username`
      variable instead of the hash table data.
      ac9ea5b9
    • aydreeihn's avatar
      Issue: Inline Ticket Assignment · b757ec49
      aydreeihn authored
      Within a Ticket, if you click the Assign dropdown and choose Agent or Team, the possible assignees are filtered based on who can be assigned to the Department, however, the inline Assigned To option did not filter the possible assignees. This commit ensures that we do filter possible assignees when assigning via inline edit.
      b757ec49
  19. Aug 19, 2019
    • JediKev's avatar
      issue: Dashboard No Help Error · ab0cdc63
      JediKev authored
      This addresses an issue reported on the Forum where visiting the Agent
      Dashboard with no Help Topics in the system completely breaks the Dashboard
      view and throws a database error `You have an error in your SQL syntax;
      check the manual that corresponds to your MySQL server version for the right
      syntax to use near ') GROUP BY A1.topic_id' at line 1`. This is due to the
      statistics code assuming we will always have `$topics` but this is not
      always the case, as some people rock their helpdesk without a single Help
      Topic. This adds a check to see if `$topics` is empty and if so, we return
      the appropriate headers with an empty array as the plot data. This will
      avoid the database error and show the appropriate Dashboard view with no
      statistics listed under "Topics" tab.
      ab0cdc63
  20. Aug 15, 2019
    • Peter Rotich's avatar
      Organization Update · 15883448
      Peter Rotich authored
      This commit addresses an issue where updating (editing) organization from
      User's page resulted in ALL settings getting cleared. The change makes sure
      the update is routed to the proper routine.
      15883448
    • Kevin Thorne's avatar
      issue: Advanced Search Default Sorting · dda483eb
      Kevin Thorne authored
      This addresses an issue where conducting an Advanced Search will show the
      results in ASC order (from oldest to most recent) by default. If there are
      no keywords the search is supposed to show the results in DESC order (from
      most recent to oldest) by default. If there are keywords the search is
      supposed to show the results sorted by `relevance`. This adds additional
      `select` options to the search criteria for keyword searches so that we can
      use `relevance` in the outer query. This also adds an `order_by` to the
      tickets to order them by the `relevance` in `DESC` order. In addition this
      adds a new `order_by` to sort the results by `created` in DESC if there are
      no keywords.
      dda483eb
    • JediKev's avatar
      issue: Update Installer PHP Requirements · 15d678be
      JediKev authored
      This updates the Installer PHP Requirements from `5.4` to `5.6`. This
      updates the `$prereq` variable to be protected and updates depending methods
      so they can use the static variable.
      15d678be
  21. Aug 14, 2019
    • JediKev's avatar
      issue: Update Outdated Links · 25bf88f4
      JediKev authored
      This updates all the old, outdated osTicket links in the software. This
      includes things like the forum URL, the support URL, the Installation Guide
      URL, etc.
      25bf88f4
  22. Aug 13, 2019
    • JediKev's avatar
      issue: Image Attachment View · eb1a4eaf
      JediKev authored
      This enhances security patch (33ed10) to allow image attachments to be
      opened in a new tab if the setting is enabled. This adds a new setting to
      the Agent Profile labeled "Image Attachment View" that determines how image
      attachments are handled. The two options are "Download" and "Inline" with
      "Download" being the default. If the option is set to "Download" all image
      attachments will be forced to download. If the option is set to "Inline" all
      image attachments will open in a new tab when you right click + open in new
      tab.
      eb1a4eaf
    • JediKev's avatar
      issue: Reset Role Permissions · 0c2cecb6
      JediKev authored
      This addresses an issue reported on the Forum where clicking the "Reset
      Permissions" action in the Agent Directory shows a blank popup. Inspecting
      the console shows 500 error and checking the error logs shows `Too few
      arguments to function` error. This is due to the
      `RolePermission::__construct()` method expecting 1 parameter but in
      `ajax.staff.php` we are not passing anything to it. This updates
      `resetPermissions()` to pass `null` to `RolePermission::__construct()` so
      that it doesn't complain and error out.
      0c2cecb6
  23. Aug 07, 2019
    • JediKev's avatar
      issue: Error On QueueSort Config · 1b1e7428
      JediKev authored
      This addresses an issue where clicking on Config next to a Queue Sort will
      show a blank popup. Upon viewing the error logs you receive the error `Call
      to a member function asTable() on null`. This is due to defining
      `$data_form` inside of the `if ($_POST)` block instead of defining it
      outside the block. This updates `SearchAjaxAPI::editSort()` to define
      `$data_form` outside of the `if ($_POST)` block so that `$data_form` is
      always set.
      1b1e7428
  24. Jul 31, 2019
    • aydreeihn's avatar
      Required Short Answer Field = '0' · c58916b0
      aydreeihn authored
      This commit fixes an issue where trying to save the value '0' to a required short answer field would not save because it did not register that the field contained a value.
      c58916b0
    • aydreeihn's avatar
      Fix Admin Alert · 5f6bd42f
      aydreeihn authored
      This commit fixes an issue where alerts are not sent out to the Admin Email if a Department does not have any primary or extended members.
      
      Now, if the Admin Email is checked for the New Ticket Alert and a Department does not have any members at all, an Alert will still go out to the Admin unless the Department recipients field is set to 'No one (diable Alerts and Notices)'
      
      To make things more clear, an option has been added to have the 'Admin Only' as the recipient, so the Alert will go out ONLY to the Admin if  selected and the New Ticket Alert is enabled for the Admin Email.
      
      If 'No one (diable Alerts and Notices)' is selected, no alert will go out at all, regardless of what is checked in Settings | Tickets | Alerts and Notices
      5f6bd42f
  25. Jul 29, 2019
    • JediKev's avatar
      issue: Set Staff Password On Creation · d9108b11
      JediKev authored
      This addresses an issue reported on the Forum where setting a password for
      an Agent upon creation doesn't save the password in the backend. This means
      if you set a password, click Create, and then try to login as the agent you
      will be denied access (as there is no password saved). We store the
      PasswordResetForm data in the session for later use but we do not actually
      use the form data anywhere in the `Staff::update()` method. This updates the
      `Staff::update()` method to include a check for the form data and if exists
      sets the password and saves it in the backend. This maintains current
      functionality where if `Send the agent a password reset email` is enabled
      then we do not set the password, instead we send the Agent a registration
      email.
      
      In addition, this updates the `StaffAjaxAPI::setPassword()` to include
      password validation so if a password is not valid we do not save it.
      Instead, we will keep the modal open and throw validation errors until a
      valid password is given. This means the form data will not be stored in the
      session until we have a valid password.
      d9108b11
  26. Jul 26, 2019
    • JediKev's avatar
      issue: THIS_VERSION Utilize MAJOR_VERSION · 5b4c5124
      JediKev authored
      This addresses an issue where using osTicket from git would show the
      incorrect git version in `Admin Panel > Dashboard > Information`. This is
      due to a hardcoded git version of `1.8-git`. This updates `THIS_VERSION` to
      utilize `MAJOR_VERSION` so that it sets the correct git version. This also
      updates the `deploy` CLI module to match the same format (example:
      `1.12-git`).
      5b4c5124
    • JediKev's avatar
      issue: DatetimeField Remove Unused Vars / Use parseDateTime() · d9aa91b1
      JediKev authored
      This addresses an issue where creating a ticket with a Due Date set fails
      with an error of `Select a time from the list`. This is due to unused
      variables in the `Ticket::create()` function. This also improves the
      datetime conversion to GMT by using `Format::parseDateTime()` instead of
      trying to create a DateTime object directly which also provides a fallback
      if an incorrect time. This can correctly determine the timezone (if present)
      and return a proper DateTime object.
      d9aa91b1
  27. Jul 24, 2019
    • JediKev's avatar
      security: HTML File Browser Execution (Windows: Firefox/IE) · 33ed106b
      JediKev authored
      This addresses an issue reported by Aishwarya Iyer where attached HTML files
      are executed in the browser instead of forcing download in Firefox and IE
      for Windows specifically. This is caused by an incorrect
      `Content-Disposition` set in the `AttachmentFile::download` function.
      Instead of attachments having a disposition of `attachment` (which forces
      download) they have a disposition of `inline` (which displays the file
      contents in the browser). This updates the download function to use whatever
      disposition is passed (for S3 plugin), if none it defaults to `attachment`.
      In addition, this overwrites the disposition and sets it to `attachment`
      after the `$bk->sendRedirectURL()` so that S3 attachments still work and the
      issue of an attacker passing their own disposition is mitigated.
      33ed106b
Loading