- Oct 30, 2019
-
-
JediKev authored
This addresses an issue on the Forum where deleting an Organization causes the session to fail. This is due to the Organization QuerySet being stored in the session and not being cleared out when deleted from the system. This causes the system to try to refetch the object from the database which it's not there as it's been deleted and therefore causes the session to crash.
-
- Oct 25, 2019
-
-
Patrik Lermon authored
-
- Oct 23, 2019
-
-
JediKev authored
In 5120, the reporting party also mentioned that they receive an error of `script '/xxx/osTicket/kb/ajax.php' not found or unable to stat`. This is due to the AJAX call being inside the KB directory, and `/kb/ajax.php` truly does not exist. This adds `ROOT_PATH` to the beginning of the AJAX call so that no matter where it is, it will point to the correct location.
-
JediKev authored
This addresses 5120 where main (or Parent) FAQ Category Titles are not translated even though the child Category titles are translated correctly. This is due to to the system pulling the Full Name instead of the Local (translated) Name.
-
- Oct 09, 2019
-
-
JediKev authored
This addresses issue 5095 where installing a Language Pack and visiting the Dashboard > Information page without OpenSSL installed/configured will throw a fatal error of `Call to undefined function openssl_pkey_get_public()`. This is due to no check for the `openssl` extension before the dependant method is called. This adds a check so that if OpenSSL is not available we can return a useful error code of `VERIFY_EXT_MISSING` (which is error code `2`) and continue without disrupting the content.
-
Peter Rotich authored
Make message variable optional for new tickets opened by agents. This is necessary for help topics with issue details disabled.
-
- Oct 07, 2019
-
-
Peter Rotich authored
This commit addresses an issue where time format in 24 hrs resulted in double hours.
-
- Oct 04, 2019
-
-
JediKev authored
This addresses an issue where initially saving the ACL will fail. This is due to the incorrect variable being used to lookup the IP in the ACL. This updates the variable from `$acl` to the correct variable `$vars['acl']`.
-
- Oct 02, 2019
-
-
JediKev authored
This addresses issue 5084 by partially reverting commit `fefed147`. In said commit, we updated `THIS_VERSION` to utilize `MAJOR_VERSION` which is fine. However, we also updated the deploy module to copy the same format. This interferes with the osTicket Version check by not including the entire subversion and not starting with a `v` (ie. `v1.12.3`). This reverts the copied format section of the commit so that `THIS_VERSION` will be the full, non-git version when deployed/packaged.
-
JediKev authored
This addresses an issue reported on the forum where printing a ticket in v1.12 and above requires `mbstring`. This updates the print call to check for the `mbstring` extension and if not loaded will fail with a detailed error `mbstring extension required to print ticket to PDF`.
-
- Oct 01, 2019
-
-
Peter Rotich authored
-
Peter Rotich authored
This commit addresses two issues related to date / time format. * 24 hrs format, when selected, is now used system-wide even on thread items * PHP-to-JS date / time format translation is now down in the backend
-
- Sep 23, 2019
-
-
JediKev authored
This addresses issue 5007 where when using the complete thread variable there is no padding between thread messages in Outlook desktop app and makes the thread hard to follow. Outlook does not respect some CSS rules that are accepted in most (if not all) modern email clients. Since we can’t use normal CSS the workaround is to add a blank table row (with a single space) so that it forces "padding" between the end of a message and the start of another. Before (image) After (image)
-
- Sep 20, 2019
-
-
JediKev authored
This addresses an issue where upgrading from v1.6 to a release on or after v1.12 will hang on login and eventually timeout. This is due to the system not being able to fetch the config which logs a db error which calls the config and continues the loop. For now, we need the config in the constructor so that the loop doesn't occur and we can continue to upgrade as normal. TODO: - For a permanent fix, we need to figure out why the loop occurs when not in the constructor and vice versa.
-
- Sep 18, 2019
-
-
aydreeihn authored
This commit fixes an issue that allowed Agents to clear the Duedate on a ticket using inline edit. We were saving the value 0000-00-00 00:00:00 to the database which the ticket would then display as 12/1/02 06:09 pm. Instead, if an Agent clears the Duedate field, we should save the duedate as null and the ticket should continue using the est_duedate.
-
- Sep 17, 2019
-
-
JediKev authored
This addresses an issue reported on the Forum where creating a new Agent and setting a password hangs when using PHP 7.3. This is due to too few arguments passed to `PasswordPolicy::checkPassword()`. This updates the call to include a second argument of `null` so the method is satisfied and we can continue with checking the password.
-
- Sep 13, 2019
-
-
Peter Rotich authored
This partially reverts commit dda483eb. Forcing created by sort resulted in queue columns based sorting getting overridden.
-
- Sep 06, 2019
-
-
JediKev authored
This addresses an issue where the previous CSV security patch causes an error when creating an Advanced Search with criteria like `User / Email Address => contains => @domain.tld`. The system tries to validate the field and since `is_formula` is the default validation for TextboxFields the system sees `@domain.tld` criteria as a formula and throws the `Content cannot start with the following characters: = - + @` error. Advanced Searches do not need the `is_forumal` validation as the fields are not exportable. This adds a check to see if the field's form is `AdvancedSearchForm` and if there is no `validator` set it gets set to `adv` which bypasses the validation.
-
aydreeihn authored
This commit fixes an issue where if you were to change a Ticket to the Resolved status and then to Closed, the dashboard statistics would show that you had closed 2 Tickets even though both events were done on the same Ticket. We should only count one closed event per Ticket. This was reported in Issue #5018.
-
- Sep 05, 2019
-
-
JediKev authored
This addresses an issue where a User sending an email message with a different Department as CC to the system will not refer the CC'ed Department until the email is fetched a second time. The old thinking was that since the User CC'ed the other Department the other Department should receive a copy of the email in their mailbox. When the system fetches the User's message from the original Department email it gets added to the thread but doesn't refer just yet. When the system fetches the copy of the message from the User in the other Department's email it will then refer the other Department. This is a problem especially when you are not fetching or forwarding from the other Department's email address. This updates `Thread::postEmail()` to include the check for `$mailinfo['system_emails']` and if set we refer the Department immediately.
-
Peter Rotich authored
This commit fixes an issue where date range boundaries didn't consider user's timezone resulting in UTC times being used.
-
- Sep 04, 2019
-
-
JediKev authored
This addresses issue 4965 where the register.inc.php file for clients was missing translations for the action buttons.
-
Peter Rotich authored
-
- Aug 28, 2019
-
-
aydreeihn authored
For the is_a function, the class name should be in quotation marks to avoid the warning in PHP 7.3
-
- Aug 21, 2019
-
-
JediKev authored
This addresses an issue where the system cannot successfully authenticate to an Exchange server using shared mailbox auth credentials (eg. Username: `main-user@domain.com\shared-mailbox@domain.com`). The system passes the entire Username value as the `username` parameter for `imap_open()` and Exchange fails to authenticate. This adds two new variables called `authuser` and `username` to class MailFetcher. This also updates the `MailFetcher::__construct()` method to explode the Username value at the backslash giving us two parts: the Authentication Username and the Mailbox Username. If there are in fact two parts we will assign the first part to the new `authuser` variable and assign the second part to the new `username` variable. If we detect an `authuser` we will add it to the `imap_open()` flag called `authuser` and append it to the `srvstr`. In addition this updates the `MailFetcher::getUsername()` method to return the new `username` variable instead of the hash table data.
-
aydreeihn authored
Within a Ticket, if you click the Assign dropdown and choose Agent or Team, the possible assignees are filtered based on who can be assigned to the Department, however, the inline Assigned To option did not filter the possible assignees. This commit ensures that we do filter possible assignees when assigning via inline edit.
-
- Aug 19, 2019
-
-
JediKev authored
This addresses an issue reported on the Forum where visiting the Agent Dashboard with no Help Topics in the system completely breaks the Dashboard view and throws a database error `You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') GROUP BY A1.topic_id' at line 1`. This is due to the statistics code assuming we will always have `$topics` but this is not always the case, as some people rock their helpdesk without a single Help Topic. This adds a check to see if `$topics` is empty and if so, we return the appropriate headers with an empty array as the plot data. This will avoid the database error and show the appropriate Dashboard view with no statistics listed under "Topics" tab.
-
- Aug 15, 2019
-
-
Peter Rotich authored
This commit addresses an issue where updating (editing) organization from User's page resulted in ALL settings getting cleared. The change makes sure the update is routed to the proper routine.
-
Kevin Thorne authored
This addresses an issue where conducting an Advanced Search will show the results in ASC order (from oldest to most recent) by default. If there are no keywords the search is supposed to show the results in DESC order (from most recent to oldest) by default. If there are keywords the search is supposed to show the results sorted by `relevance`. This adds additional `select` options to the search criteria for keyword searches so that we can use `relevance` in the outer query. This also adds an `order_by` to the tickets to order them by the `relevance` in `DESC` order. In addition this adds a new `order_by` to sort the results by `created` in DESC if there are no keywords.
-
JediKev authored
This updates the Installer PHP Requirements from `5.4` to `5.6`. This updates the `$prereq` variable to be protected and updates depending methods so they can use the static variable.
-
- Aug 14, 2019
-
-
JediKev authored
This updates all the old, outdated osTicket links in the software. This includes things like the forum URL, the support URL, the Installation Guide URL, etc.
-
- Aug 13, 2019
-
-
JediKev authored
This enhances security patch (33ed10) to allow image attachments to be opened in a new tab if the setting is enabled. This adds a new setting to the Agent Profile labeled "Image Attachment View" that determines how image attachments are handled. The two options are "Download" and "Inline" with "Download" being the default. If the option is set to "Download" all image attachments will be forced to download. If the option is set to "Inline" all image attachments will open in a new tab when you right click + open in new tab.
-
JediKev authored
This addresses an issue reported on the Forum where clicking the "Reset Permissions" action in the Agent Directory shows a blank popup. Inspecting the console shows 500 error and checking the error logs shows `Too few arguments to function` error. This is due to the `RolePermission::__construct()` method expecting 1 parameter but in `ajax.staff.php` we are not passing anything to it. This updates `resetPermissions()` to pass `null` to `RolePermission::__construct()` so that it doesn't complain and error out.
-
- Aug 07, 2019
-
-
JediKev authored
This addresses an issue where clicking on Config next to a Queue Sort will show a blank popup. Upon viewing the error logs you receive the error `Call to a member function asTable() on null`. This is due to defining `$data_form` inside of the `if ($_POST)` block instead of defining it outside the block. This updates `SearchAjaxAPI::editSort()` to define `$data_form` outside of the `if ($_POST)` block so that `$data_form` is always set.
-
- Jul 31, 2019
-
-
aydreeihn authored
This commit fixes an issue where trying to save the value '0' to a required short answer field would not save because it did not register that the field contained a value.
-
aydreeihn authored
This commit fixes an issue where alerts are not sent out to the Admin Email if a Department does not have any primary or extended members. Now, if the Admin Email is checked for the New Ticket Alert and a Department does not have any members at all, an Alert will still go out to the Admin unless the Department recipients field is set to 'No one (diable Alerts and Notices)' To make things more clear, an option has been added to have the 'Admin Only' as the recipient, so the Alert will go out ONLY to the Admin if selected and the New Ticket Alert is enabled for the Admin Email. If 'No one (diable Alerts and Notices)' is selected, no alert will go out at all, regardless of what is checked in Settings | Tickets | Alerts and Notices
-
- Jul 29, 2019
-
-
JediKev authored
This addresses an issue reported on the Forum where setting a password for an Agent upon creation doesn't save the password in the backend. This means if you set a password, click Create, and then try to login as the agent you will be denied access (as there is no password saved). We store the PasswordResetForm data in the session for later use but we do not actually use the form data anywhere in the `Staff::update()` method. This updates the `Staff::update()` method to include a check for the form data and if exists sets the password and saves it in the backend. This maintains current functionality where if `Send the agent a password reset email` is enabled then we do not set the password, instead we send the Agent a registration email. In addition, this updates the `StaffAjaxAPI::setPassword()` to include password validation so if a password is not valid we do not save it. Instead, we will keep the modal open and throw validation errors until a valid password is given. This means the form data will not be stored in the session until we have a valid password.
-
- Jul 26, 2019
-
-
JediKev authored
This addresses an issue where using osTicket from git would show the incorrect git version in `Admin Panel > Dashboard > Information`. This is due to a hardcoded git version of `1.8-git`. This updates `THIS_VERSION` to utilize `MAJOR_VERSION` so that it sets the correct git version. This also updates the `deploy` CLI module to match the same format (example: `1.12-git`).
-
JediKev authored
This addresses an issue where creating a ticket with a Due Date set fails with an error of `Select a time from the list`. This is due to unused variables in the `Ticket::create()` function. This also improves the datetime conversion to GMT by using `Format::parseDateTime()` instead of trying to create a DateTime object directly which also provides a fallback if an incorrect time. This can correctly determine the timezone (if present) and return a proper DateTime object.
-
- Jul 24, 2019
-
-
JediKev authored
This addresses an issue reported by Aishwarya Iyer where attached HTML files are executed in the browser instead of forcing download in Firefox and IE for Windows specifically. This is caused by an incorrect `Content-Disposition` set in the `AttachmentFile::download` function. Instead of attachments having a disposition of `attachment` (which forces download) they have a disposition of `inline` (which displays the file contents in the browser). This updates the download function to use whatever disposition is passed (for S3 plugin), if none it defaults to `attachment`. In addition, this overwrites the disposition and sets it to `attachment` after the `$bk->sendRedirectURL()` so that S3 attachments still work and the issue of an attacker passing their own disposition is mitigated.
-