This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

Chosen has a problem being rendered in a dialog box with overflow:scroll,
because the content of the dropdown widget is truncated with the scrollable
content of the dialog. Select2 addresses the issue by placing the dropdown
box in the <body> and absolutely positioning it into place.

This patch adds Content-Language and <link rel="alternate"> information to
the client interface for better integration with search engines. It also
adds @lang attribute to the <html> element and various input, textarea, and
richtext boxes for better spell check integration and accuracy.

Multilanguage Support via gettext

- added gettext encapsulations to all texts i thought necessary
- added fallback function for the case that the gettext extension isn't loaded
- added browser language detection
- added gettext to the list of optional extensions in setup
- rewritten some of the texts to use sprintf instead of appending strings
- added german translation file
- removed mark_overdue-confirm from cannedresponses.inc.php

extend multi language support and a fex fixes

- Better detection of translation files
- Added functionality to redirect language codes (see redirecting
language codes)
- Ticket Status can be translated
- The Datepicker can be translated
- Extended functionality of 'testlang.php' to show what language code is
used to translate

Forgotten to apply a patch from RC5 to RC6

- Forgotten to change $var to $vars in line 380 of class.mailfetch.php
- Removed unneeded comment

Added php_gettext as primary translation engine

- Added php_gettext support (thanks to Danilo Segan and Steven
Armstrong)
- php_gettext is now the primary translation engine
- Extended language detection functionality

Add error/misconfiguration checks and fix undefined variables

Otherwise, a user's session cannot be voluntarily destroyed

Regardless of the configuration of the help desk registration, allow users
to receive ticket links via email. This patch enables the display and
operation of the ticket access link unless a user login is requested by the
user or specifically required by the system.

Client accounts now that the user is verified either via staff or the
client's email mailbox, there's a much lower risk to showing a verified user
other tickets and virtually no reason that an administrator should have to
turn the feature on.

For client account / profile updates

Displaying field values on various pages and dialogs could result in cross
site scripting exploits.

Fixes osTicket/osTicket-1.8#296

*This is a major redesign / rework of the osTicket base*

This patch drops the concept of static ticket metadata and allows for an
admin-configurable arbitrary data that is attachable to tickets

The system is architected such that the base osTicket install now comes with
a "default" form that has fields for subject, name, email, and phone number.
This form is editable to allow for the addition of arbitrary other fields;
however, the basic fields must remain in order to be associated with a
help-topic and attached to a ticket.

This concept can be expanded to allow for arbitrary data associated with
registered clients or ticket thread items.

Forms are comprised of sections. Sections have a title and instructions
properties and a list of fields. Fields have various implementations to
represent different data such as text, long answer, phone number, datetime,
yes/no, and selections, and are configurable to define the look and feel and
interpretation of the respective form field.

Dropdown lists are represented as "Dynamic Lists", which are
admin-configurable lists of items. Dropdowns can be optionally represented
as Bootstrap typeahead fields.

This also adds the start of a simple ORM which will hopefully be expanded in
the future to support multiple database platforms. Currently, only MySQL is
implemented.

Process inline attachments in thread entry and support inline images in
piped emails

Support inline images across the system, with draft support

Migrate to a single attachment table
    That way we don't need a new table for everything we need to attach an
    inline image to (like a signature, for instance)

Add richtext support for internal notes

Implement images on site pages

* Image paste in Redactor
* Make non-local images optional
* Placeholder for non-local images
* Fix local image download hover
* Don't re-attach inline images