This patch includes a slight database migration, and adjusts the
functionality of a few core components.

  * Move collaborators from the ticket to the thread.
    This concept allows collaborators on any object which has a thread,
    including tasks.

  * Add flags to the thread entry
    This will allow flagging thread entries for different purposes.
    Initially this can be used to flag the original message of a thread in
    case a ticket / thread is created without an initial message.

  * Lock becomes more of a utility
    The lock is now disconnected from the ticket and is a separate utility.
    Separately, the ticket and task objects can have a reference to a lock
    object. Furthermore, when submitting some activities to tickets, the
    lock is verified to be owned by the respective agent, and the lock code
    must match a current lock code. The code is rotated on each acquire()
    call to guard against double submissions.

  * Collaborator is an ORM model
    The TicketUser class is broken up now so that the collaborator instance
    can exist apart from a ticket. Email message ids are now generated for
    collaborators without respect for a ticket so that collaborators can be
    properly supported on any thread.

This would be required for new ticket auto-responses to tickets created
without an initial message.

Since tickets can be created without a message now, the emailing system
should also identify the thread the message is associated with, so that a
returning email can be associated with the ticket or task's thread in the
event that it was created without an initial message.

References:
https://bugs.php.net/bug.php?id=43200
http://stackoverflow.com/a/22521203

Also try harder to send a relevant In-Reply-To and References header back
to the client with the email message.

This patch suggests a change to the message-id creation process that
includes stamping the receiving user-id (staff or client) along with the
thread-id of the originating notice. This allows detection of threading if
the clinically brain-dead mail client drops all the other header detection
mechanisms, including the tag placed in the email body, on response.

This patch works for both client and agent communication.

This patch converts the central file and threading classes over to use the
ORM.

References:
https://bugs.php.net/bug.php?id=43200
http://stackoverflow.com/a/22521203

Also try harder to send a relevant In-Reply-To and References header back
to the client with the email message.

This pull request adds a cleanup util for bogus and invalid charsets, mostly
added by a nameless company out of Redmond, WA.

Fixes #1660

Refactor filter.yaml and related code base
Move isBanned routine to banlist class and make it banlist specific
Refactor how canned responses get list of filters

This is necessary because group table gets renamed as part of the upgrade.

Don't crash when login-banner page doesn't exist yet.

This patch sends updated session cookies to the browser when the session is
refreshed on the server. This allows the session cookie to expire on the
browser at the same time the session timeout occurs at the server. In the
event the session timeout is configured in osTicket not to expire, the
cookie will expire after seven days on the client browser, and will expire
in PHP when it is garbage collected sometime after 86400 seconds after the
time last refresh time.

Using this method, the session will never expire if the session timeout in
osTicket is configured to 0, and the session is refreshed at least daily.

Make the upgrader play nice when loading latest yaml files.

Fixes https://github.com/osTicket/osTicket-1.8/issues/1673

  * Add trashcan icon for newly-added actions
  * Categorize filter actions
  * Use imperative phrases for action descriptions
  * Drop check boxes from simple actions (like reject ticket)
  * Hide empty forms on new ticket pages
  * Do not store config for nondata fields for actions
  * Implement a multi-use feature for actions, which will allow using a
    action more than once (for instance, multiple email sends)
  * Filter actions are sortable
  * Send email has from address configurable
  * %{user} token is valid as a recipient

Misc::randCode does not generate significantly random data for Windows
platforms with a local database. This stems from the random seed using the
milliseconds from the current time of day and the database connection time,
in microseconds. Because Windows has especially poor sub-second time
resolution via the microtime() function, the seed does not have many
variations.

This patch addresses the issue by using the included Crypto::random()
function as a source of random data rather than the mt_rand() function, as
it uses native cryptographic random data generators if possible to generate
the data, and uses microtime() as a fallback if no other source of random
data is available on the platform.