Previously, filenames saved in the database had the spaces changed for
underbars; however, other characters (such as commas and non-ascii
characters) presented issues with user agents downloading the attachments.

This patch handles the filename encoding for two special cases -- internet
explorer and safari, and provides the semi-standard RFC5987 method of
encoding the filename for the remaining browsers.

Attachments are no longer forced to be downloaded. It is up to the browser
to decide if the attachment should be shown in the browser or downloaded.

This patch also fixes a slight bug in the caching mechanism for downloads
concerning the last-modified time. The date sent to the browser was not
properly converted to GMT time, although the server claimed that it was.

Historically, ROOT_PATH and ROOT_DIR contained the same value; however,
ROOT_PATH now points to the URL path where osTicket is installed, whereas
ROOT_DIR points to the file system location where osTicket is installed.

When an admin logs in to upgrade to 1.7.1 and further from a version
pervious to 1.7.1, the system will attempt to clear password reset tokens
from the config table, which hasn't been upgraded yet to the namespaced
version from 1.7.1

Some security inspection appliances and load balancers don't appreciate
something in the HTTP headers that is not a valid HTTP header. Furthermore,
the browser needs the Content-Type header to identify that the image is not
the PHP default of text/html

Fixes #683

Search results on the client interface for knowledgebase articles would
previous show hits for the internal (private) knowledgebase articles. The
subjects were shown but the articles were not viewable.

This addresses the SQL logic issue causing the private hits to be shown.

Also raise awareness of the hosted platform for osTicket

Also include
  * username validation -- no spaces or weird chars
  * no longer base64 encoded sha1-hex hash for CSRF token
  * refresh login page every two hours to keep session active

The email filtering feature supports a 'Use Reply-To' feature, but seems to
never have been implemented. This patch officially supports using the
Reply-To email header as the From header for emails matching the filter.

If an attachment is submitted via the API and the filetype is rejected, the
file would be attached anyway. However, if the file was encoded base64, the
content would not be decoded.

And ensure that the email address is trimmed to help matching against email
registered for previous tickets.

Anything that would happen after the last patch was applied would never be
logged, because the system would immediately indicate that no upgrade was
pending.

Fixes #575

Fixes #588

Introduced with the multi-stream upgrader

Drop old mcrypt class

Which will help against clobbering session cookies against other PHP
applications shared on a parent domain of the domain hosting osTicket or in
a parent folder or virtual folder.

* Move migration scripted tasks to the stream folder naming them .task.php.
* Add a MigrationTask abstract class to server as the base of migration
  tasks.
* Move the migration tasks from class.upgrader to the new task files