Don't show fields disabled by help topic
Pass create mode for pre-selected help topic forms

This commit addresses inconsistencies on how field edit rights and
visibility are are handled.

- Create a new database patch to add a new Event table, use event_id instead of state for thread_events, and remote the 'state' column in thread_events
- Create the Event class
- Use event_id instead of state for Thread Events

This addresses issue 4473 where users creating a ticket with the Help Topic
preselected shows a validation error for the Issue Summary field. This is
due to the new `getFormName()` function that creates new field form names
based on the user’s/agent’s session. When the Help Topic is preselected,
`_form` is not set for each field so the hashed name of the fields before
ticket submit is different than after ticket submit.

This addresses an issue where the client portal shows Featured FAQs on the
sidebar even thought the Knowledgebase is Disabled.

This addresses an issue where the client side thread entries are all grouped
within the same div. This pushes all grouped entries to one side of the page
making them illegible.

- Add space between column headers and sort arrow
- Fix sorting by 'Subject' column
- Fix redactor issues with 'Reset' button
	- Make sure text within redactor is cleared correctly
	- Make sure we don't keep attachments if Reset
- Make sure redactor is reinitialized where needed

This addresses an issue where client side column sorting does not work at
all. This is due to the if/else statement that checks for a REQUEST sort
order and if the REQUEST sort order matches an `$orderWays` array value. The
if statement returns TRUE for DESC and sets the sort order to DESC as it
equals '-' (a dash) but ASC equals '' (an empty string) so it returns FALSE
which fails-over to the else statement setting the sort order to DESC. In
addition, this adds sorting icons the the column headers to make it more
obvious they are sortable.

This addresses an issue where client side column sorting does not work at
all. This is due to the if/else statement that checks for a REQUEST sort
order and if the REQUEST sort order matches an `$orderWays` array value. The
if statement returns TRUE for DESC and sets the sort order to DESC as it
equals '-' (a dash) but ASC equals '' (an empty string) so it returns FALSE
which fails-over to the else statement setting the sort order to DESC. In
addition, this adds sorting icons the the column headers to make it more
obvious they are sortable.

This feature gives Agents the capability deciding whether or not Users should be able to see Tickets to which they are Collaborators for in their Ticket queues.

By default, Users are able to see all Tickets they take part in whether they are the User for the Ticket or a Collaborator.

If the Agent would like to disable Users seeing their Collaborator Tickets, they can configure the setting here:
Admin Panel | Tickets | Settings | Collaborator Tickets Visibility

This means Agents can no longer choose to add a BCC User while creating or responding to a Ticket.

This also means that if a User emails in a Ticket where someone is BCC'd, the Ticket will be created without the BCC'd User(s).

If an email is sent where the Department email is BCC'd, a Ticket is created for that Department and other Users in the email are added as Collaborators.

This also changes the response options for Agents. They now have the options to:
- Reply All (User + Collaborators)
- Reply to User (only the User)
- Do not Email Reply

(Previously the options were Reply All, Reply to User, Reply to CC + User, Reply to BCC, Do not Email Reply)

- Change To dropdown to have different reply types
	- Reply to All
	- Reply to User
	- Reply to Collaborators
	- Reply to BCC
- Add a help tip for the new reply types
- Set the reply type selected based on the last user respondent
	- Reply to Collaborator by default or if the last message is from the ticket user or a CC collaborator
	- Reply to BCC if the last message is from a BCC user
- Put User, CC, and Bcc fields below and indented as appropriate (User field is readonly)
- Add a new flag to Agent responses to show which reply type they selected. Put the flag on Agent thread entries

This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

This addresses a vulnerability where there was no `X-Frame-Options` header
which could potentially allow click jacking. This adds the
`X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click
jacking. According to Mozilla Developer Docs:
```
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page
itself.
```

Commit c4579277 introduced an extra administrative security feature to
restrict files access to signed in users only, even  if a user has a valid
& signed download URL. The feature, however, did not take into account
public images & files associated with FAQs and pages such as
landing/thank-you pages.

This commit addresses the shortcoming by adding a reference ID (attachment ID)
to the download/access URL, that can be used to deduce the model/object type
that the file request is associated with. The technique will allow us in the
future to enforce ACL at the file level depending on privacy settings and
the security clearance of the user (agent).

This addresses issue 4112 where osTicket does not have a default favicon.
This adds favicon images and references to them in the Agent and
Client headers so they appear correctly.

This addresses and issue on the forums where upon searching for an FAQ,
Private FAQ Categories will appear in the sidebar. This updates the search
sidebar to exclude the Private FAQ Categories.

This pull request addresses issues 2955 & 3524 where an Agent's name is
visible to User even when Agent Identity Masking is enabled. This adds a
check for `hide_staff_name` in the config table and if enabled the system
will show Staff on all thread responses and events.

This addresses issue 3952 where the Serbian language did not have a flag
icon. This icon has to be seen in order for the users to change the
language. The reason the flag wasn’t shown was due to the incorrect class
name for the language link. This updates the class naming section to add
the correct part of the language name to the class.

Fixes the cancel button from doing nothing to making it delete the draft
of the fields and redirect agents to ticket queue or clients to main page.

This addresses issue #3860 where if you add a translation to the Login
Page and view the page in the translated language, the translation does
not show. This adds the correct method to get the translated page.

* Show faq count of subcategories on the parent category
* Only show count of public FAQs on the client portal
* Show distinct Help Topics when viewing category on client portal

Introduce ability to create sub-categories to knowledge base categories

This addresses issue where Client side FAQ Last Updated time was showing incorrect Category Last Updated time.

Refactor PR #3410 to drop extra commits.
All credit to @jdelhome3578

Remove extra ` ` which throw off the spacing

This fixes sorting and total ticket count.

Adding possibility to use translations for some texts on homepage and main knowledgebase page.

Within this commit, several files got updated to split up strings like "Disable for this team" / "Disable for this department" into "Disable for" and "this team"/"this department".
So a) a little bit less translations and b) all strings of "this (ticket|task|API|canned|FAQ|depart|email|group|site|SLA|agent|team|template|help|ban|category|custom|end user|role)" can match already existing "this ..." translations now.
PS: Didn't remove all that whitespaces in include/staff/tpl.inc.php - seems like my php editor app has done that automatically :/

This partially reverts a change in the ORM changing the QuerySet::all()
method to return an Iterator rather than an array. I spent a while proposing
a patch to replace usage of all() with iterations; however, I cannot propose
a valid reason to abandon the previous methodology.

This reintroduces the previous behavior: calling all() will yield an array
of results from the QuerySet's iteration system.