Mods & Suggestions

[alcazar]

/* removed
already possible in Hesk 2.6.0
*/

Also one question Master Klemen. Do you plan (in any version) to include a ticket list for customers (similar to the one on the admin mainpage)? Normally if you login into ITS you see all tickets created so far and can view/reply to them. Since hesk doesnt have frontend users, this would still be nice feature to have. Could be done by generating a password or super-ticket-id on first submit and when costumer enters it he will see all his tickets (linking could show them like "View existing Ticket" yet). What you think about it?

[Klemen]

Thanks for sharing.

As you already figured out the main problem for this is Hesk doesn't have end customer logins. I don't think a master password for the first ticket is a viable solution, because from experience customers will never remember (or save) it.

I do have some ideas to improve this so you can indeed expect some changes in the future. At some point probably also an option to register accounts (which will be optional by default).

[alcazar]

You maybe right.
Even if you had customer login there would be complaints about forgotten passwords and such

Alternative idea: If a customer "views existing ticket" the could be links or drop-down-box with his other tickets. So no need to use password or super-id.
Should have some authentication though, since you only need 1 ticket id and (optional) email to view all tickets from a customer.

[Klemen]

I'm afraid it's not that simple. You could for example create a ticket with someone else's email address and be able to see his old tickets.

For example if you wanted to see tickets John submitted, you would simply submit a ticket and enter his email address (john@domain.com). Even if you don't have access to his email account, you will know the last ticket ID (it shows after submission) and would be able to see a list of all tickets submitted with john@domain.com address if they were listed like that.

[alcazar]

Note: Updated the "Maintenance Mode" Mod. Should now work in frontend and acp.

[alcazar]

Evening Folks, another small mod, maybe someone can use it too
If a ticket is unassigned (has no owner) users can do what they want (and according to their permissions).
If it has an owner only he (or an administrator) may change the status including closing/reopen it.
We dont see a point why staff who has nothing to do with the tickets in question should be able to close or change it.

It works as intended, but someone could achieve it by using urls directly (and just changing the tracking_id).
So we need some help to make it work in full. Some code changes in "admin/change_status.php" are needed as well.
But we dont know where to edit (need a query if the ticket has an owner and if yes its the owner or an administrator?)
and if more about the ticket is known in this file besided the tracking_id.
Maybe Master Klemen can help - if its within the scope of his support here?

Thanks.

Code: Select all

##############################################################
## MOD Title: Ticket-Changes
## MOD Author: Alcazar < alcazardg@t-online.de >
## MOD Description: Only Owner of Ticket and Administrators can change status (incl close/reopen)
##
## Hesk Version: 2.5.3
##
## Files To Edit: 1
##		  admin/admin_ticket.php
##
## Included Files:  n/a
##############################################################
## Before Adding This MOD To Your Hesk, You Should Back Up All Files Related To This MOD !
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
admin/admin_ticket.php

#
#-----[ FIND ]------------------------------------------
#
<!-- START TICKET HEAD -->

#
#-----[ FIND ]------------------------------------------
#
        $status_options = array(
    	0 => '<option value="0">'.$hesklang['open'].'</option>',
      	1 => '<option value="1">'.$hesklang['wait_reply'].'</option>',
        2 => '<option value="2">'.$hesklang['replied'].'</option>',
        4 => '<option value="4">'.$hesklang['in_progress'].'</option>',
        5 => '<option value="5">'.$hesklang['on_hold'].'</option>',
        3 => '<option value="3">'.$hesklang['closed'].'</option>',
        );

#
#-----[ AFTER, ADD ]------------------------------------------
#
$slink='';
if ($ticket['owner'])
{
	if ($ticket['owner'] == $_SESSION['id'] || $_SESSION['isadmin'])
	{
		if($ticket['status'] == 3)
		{
			$slink=' [<a href="change_status.php?track='.$trackingID.'&s=1&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['open_action'].'</a>]';
		}
		else
		{
			$slink=' [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		}
	}
}
else
{
	if($ticket['status'] == 3)
	{
		$slink=' [<a href="change_status.php?track='.$trackingID.'&s=1&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['open_action'].'</a>]';
	}
	else
	{
		$slink=' [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
	}
}

#
#-----[ FIND ]------------------------------------------
#
switch ($ticket['status'])
{
	case 0:
		echo '<font class="open">'.$hesklang['open'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		unset($status_options[0]);
		break;
	case 1:
		echo '<font class="waitingreply">'.$hesklang['wait_reply'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		unset($status_options[1]);
		break;
	case 2:
		echo '<font class="replied">'.$hesklang['replied'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		unset($status_options[2]);
		break;
	case 4:
		echo '<font class="inprogress">'.$hesklang['in_progress'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		unset($status_options[4]);
		break;
	case 5:
		echo '<font class="onhold">'.$hesklang['on_hold'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=3&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['close_action'].'</a>]';
		unset($status_options[5]);
		break;
	default:
		echo '<font class="resolved">'.$hesklang['closed'].'</font> [<a href="change_status.php?track='.$trackingID.'&s=1&Refresh='.$random.'&token='.hesk_token_echo(0).'">'.$hesklang['open_action'].'</a>]';
		unset($status_options[3]);
}

#
#-----[ REPLACE WITH ]------------------------------------------
#
switch ($ticket['status'])
{
	case 0:
		echo '<font class="open">'.$hesklang['open'].'</font>'.$slink;
		unset($status_options[0]);
		break;
	case 1:
		echo '<font class="waitingreply">'.$hesklang['wait_reply'].'</font>'.$slink;
		unset($status_options[1]);
		break;
	case 2:
		echo '<font class="replied">'.$hesklang['replied'].'</font>'.$slink;
		unset($status_options[2]);
		break;
	case 4:
		echo '<font class="inprogress">'.$hesklang['in_progress'].'</font>'.$slink;
		unset($status_options[4]);
		break;
	case 5:
		echo '<font class="onhold">'.$hesklang['on_hold'].'</font>'.$slink;
		unset($status_options[5]);
		break;
	default:
		echo '<font class="resolved">'.$hesklang['closed'].'</font>'.$slink;
		unset($status_options[3]);
}

#
#-----[ FIND ]------------------------------------------
#
echo '
	</td>
	<td style="text-align:right">
	<form style="margin-bottom:0;" action="change_status.php" method="post">
	<i>'.$hesklang['chngstatus'].'</i>

	<span style="white-space:nowrap;">
	<select name="s">
		<option value="-1" selected="selected">'.$hesklang['select'].'</option>
		' . implode('', $status_options) . '
	</select>

	<input type="submit" value="'.$hesklang['go'].'" class="orangebutton" onmouseover="hesk_btn(this,\'orangebuttonover\');" onmouseout="hesk_btn(this,\'orangebutton\');" /><input type="hidden" name="track" value="'.$trackingID.'" />
	<input type="hidden" name="token" value="'.hesk_token_echo(0).'" />
	</span>

	</form>
	</td>
	</tr>

#
#-----[ REPLACE WITH ]------------------------------------------
#
echo '
	</td>';

	if ($ticket['owner'])
	{
		if ($ticket['owner'] == $_SESSION['id'] || $_SESSION['isadmin'])
		{
			echo '<td style="text-align:right">
			<form style="margin-bottom:0;" action="change_status.php" method="post">
			<i>'.$hesklang['chngstatus'].'</i>

			<span style="white-space:nowrap;">
			<select name="s">
			<option value="-1" selected="selected">'.$hesklang['select'].'</option>
			' . implode('', $status_options) . '
			</select>

			<input type="submit" value="'.$hesklang['go'].'" class="orangebutton" onmouseover="hesk_btn(this,\'orangebuttonover\');" onmouseout="hesk_btn(this,\'orangebutton\');" /><input type="hidden" name="track" value="'.$trackingID.'" />
			<input type="hidden" name="token" value="'.hesk_token_echo(0).'" />
			</span>

			</form>
			</td>';
		}
	}
	else
	{
		echo '<td style="text-align:right">
		<form style="margin-bottom:0;" action="change_status.php" method="post">
		<i>'.$hesklang['chngstatus'].'</i>

		<span style="white-space:nowrap;">
		<select name="s">
		<option value="-1" selected="selected">'.$hesklang['select'].'</option>
		' . implode('', $status_options) . '
		</select>

		<input type="submit" value="'.$hesklang['go'].'" class="orangebutton" onmouseover="hesk_btn(this,\'orangebuttonover\');" onmouseout="hesk_btn(this,\'orangebutton\');" /><input type="hidden" name="track" value="'.$trackingID.'" />
		<input type="hidden" name="token" value="'.hesk_token_echo(0).'" />
		</span>

		</form>
		</td>';
	}

	echo '</tr>

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[alcazar]

Another small mod, maybe Master Klemen has something similar already planned for future versions
Its sort of better version of the "vacation" mod, since it didnt work as intended.
This mod allows to enable and disable user accounts (staff and admin).
Disabled users cannot login and cannot be auto-assigned.

Code: Select all

##############################################################
## MOD Title: Disable/Enable user accounts
## MOD Author: Alcazar < alcazardg@t-online.de >
## MOD Description: Enabled/Disable user accounts. Disabled users cannot login and be auto-assigned.
##
## Used Hesk Version: 2.6.0
##
## Files To Edit: 6
##		  admin/admin_ticket.php
##		  admin/index.php
##		  admin/manage_users.php
##		  admin/new_ticket.php
##		  inc/profile_functions.inc.php
##		  language/en/text.php
##
## Included Files:  n/a
##############################################################
## Before Adding This MOD To Your Hesk, You Should Back Up All Files Related To This MOD !
##############################################################
#
#-----[ SQL ]------------------------------------------
#
# Remember to change the db_prefix used on your install.
ALTER TABLE `hesk_users` ADD `isactive` ENUM('0','1') NOT NULL DEFAULT '1' AFTER default_list;

#
#-----[ OPEN ]------------------------------------------
#
admin/admin_ticket.php

#
#-----[ FIND ]------------------------------------------
#
/* List of users */
$admins = array();
$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `id` ASC");

#
#-----[ REPLACE WITH ]------------------------------------------
#
/* List of users */
$admins = array();
$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `isactive`='1' ORDER BY `id` ASC");

#
#-----[ OPEN ]------------------------------------------
#
admin/index.php

#
#-----[ FIND ]------------------------------------------
#
/* Login successful, clean brute force attempts */
hesk_cleanBfAttempts();

#
#-----[ AFTER, ADD ]------------------------------------------
#
if (!$_SESSION['isactive'])
{
	hesk_session_stop();
	$_SESSION['a_iserror'] = array('isactive');
	hesk_process_messages($hesklang['user_disabled'],'NOREDIRECT');
	print_login();
	exit();
}

#
#-----[ OPEN ]------------------------------------------
#
admin/manage_users.php

#
#-----[ FIND ]------------------------------------------
#
/* Set default values */
$default_userdata = array(

#
#-----[ FIND ]------------------------------------------
#
'isadmin' => 1,

#
#-----[ AFTER, ADD ]------------------------------------------
#
'isactive' => 1,

#
#-----[ FIND ]------------------------------------------
#
/* Is auto assign enabled? */
if ($hesk_settings['autoassign'])
{
	if ($myuser['autoassign'])
	{
		$autoassign_code = '<a href="manage_users.php?a=autoassign&s=0&id='.$myuser['id'].'&token='.hesk_token_echo(0).'"><img src="../img/autoassign_on.png" width="16" height="16" alt="'.$hesklang['aaon'].'" title="'.$hesklang['aaon'].'" '.$style.' /></a>';
	}
	else
	{
		$autoassign_code = '<a href="manage_users.php?a=autoassign&s=1&id='.$myuser['id'].'&token='.hesk_token_echo(0).'"><img src="../img/autoassign_off.png" width="16" height="16" alt="'.$hesklang['aaoff'].'" title="'.$hesklang['aaoff'].'" '.$style.' /></a>';
	}
}
else
{
	$autoassign_code = '';
}

#
#-----[ AFTER, ADD ]------------------------------------------
#
/* Show disabled users with lock_icon */
if (!$myuser['isactive'])
{
	$myuser['user'] = $myuser['user'].' <img src="../img/lock.png" />';
}

#
#-----[ FIND ]------------------------------------------
#
function new_user()

#
#-----[ FIND ]------------------------------------------
#
    /* Admins will have access to all features and categories */
    if ($myuser['isadmin'])
    {
		$myuser['categories'] = '';
		$myuser['features'] = '';
    }

#
#-----[ AFTER, ADD ]------------------------------------------
#
    if (!$myuser['isactive'])
    {
		$myuser['autoassign'] = 0;
    }

#
#-----[ FIND ]------------------------------------------
#
	hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."users` (
	`user`,
	`pass`,
	`isadmin`,
	`name`,
	`email`,
	`signature`,
	`categories`,
	`autoassign`,

#
#-----[ AFTER, ADD ]------------------------------------------
#
	`isactive`,

#
#-----[ FIND ]------------------------------------------
#
'".intval($myuser['autoassign'])."',

#
#-----[ AFTER, ADD ]------------------------------------------
#
'".intval($myuser['isactive'])."',

#
#-----[ FIND ]------------------------------------------
#
function update_user()

#
#-----[ FIND ]------------------------------------------
#
    	/* Unassign tickets from categories that the user had access before but doesn't anymore */
        hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser['id'])."' AND `category` NOT IN (".$myuser['categories'].")");
    }

#
#-----[ AFTER, ADD ]------------------------------------------
#
	if (!$myuser['isactive'])
	{
		$myuser['autoassign'] = 0;
	}

#
#-----[ FIND ]------------------------------------------
#
    hesk_dbQuery(
    "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET
    `user`='".hesk_dbEscape($myuser['user'])."',
    `name`='".hesk_dbEscape($myuser['name'])."',
    `email`='".hesk_dbEscape($myuser['email'])."',
    `signature`='".hesk_dbEscape($myuser['signature'])."'," . ( isset($myuser['pass']) ? "`pass`='".hesk_dbEscape($myuser['pass'])."'," : '' ) . "
    `categories`='".hesk_dbEscape($myuser['categories'])."',
    `isadmin`='".intval($myuser['isadmin'])."',

#
#-----[ AFTER, ADD ]------------------------------------------
#
    `isactive`='".intval($myuser['isactive'])."',

#
#-----[ FIND ]------------------------------------------
#
function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_users.php')

#
#-----[ FIND ]------------------------------------------
#
$myuser['signature']  = hesk_input( hesk_POST('signature') );

#
#-----[ AFTER, ADD ]------------------------------------------
#
$myuser['isactive'] = empty($_POST['isactive']) ? 0 : 1;

#
#-----[ OPEN ]------------------------------------------
#
admin/new_ticket.php

#
#-----[ FIND ]------------------------------------------
#
/* List of users */
$admins = array();
$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ORDER BY `id` ASC");

#
#-----[ REPLACE WITH ]------------------------------------------
#
/* List of users */
$admins = array();
$result = hesk_dbQuery("SELECT `id`,`name`,`isadmin`,`categories`,`heskprivileges` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `isactive`='1' ORDER BY `id` ASC");

#
#-----[ OPEN ]------------------------------------------
#
inc/profile_functions.inc.php

#
#-----[ FIND ]------------------------------------------
#
function hesk_profile_tab($session_array='new',$is_profile_page=true)

#
#-----[ FIND ]------------------------------------------
#
if ( ! $is_profile_page && $hesk_settings['autoassign'])

#
#-----[ BEFORE, ADD ]------------------------------------------
#
	if ( ! $is_profile_page )
	{
		?>
	<tr>
	<td width="200" style="text-align:right"><?php echo $hesklang['user_active']; ?>: <font class="important">*</font></td>
	<td><label><input type="radio" name="isactive" value="1" <?php if ($_SESSION['userdata']['isactive']) echo 'checked="checked"'; ?> /> <?php echo $hesklang['yes']; ?></label><br />
	<label><input type="radio" name="isactive" value="0" <?php if (!$_SESSION['userdata']['isactive']) echo 'checked="checked"'; ?> /> <?php echo $hesklang['no']; ?></label>
	</td>
	</tr>
	<?php
	}
		?>
	<?php

#
#-----[ OPEN ]------------------------------------------
#
language/en/text.php

#
#-----[ FIND ]------------------------------------------
#
$hesklang['attempt']='Invalid attempt!';

#
#-----[ BEFORE, ADD ]------------------------------------------
#
$hesklang['user_disabled']='This account has been disabled. Contact an administrator.';

#
#-----[ FIND ]------------------------------------------
#
$hesklang['staff_can']='(you can limit features and categories)';

#
#-----[ AFTER, ADD ]------------------------------------------
#
$hesklang['user_active']='Enable user';

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM

[Klemen]

Thanks for sharing your modifications. It is indeed a good idea to be able to enable/disable staff accounts.

My goal for 2014 is to get HESK 3.x ready with a new user interface, then new functionality

[alcazar]

For the layout you can refer to mkochs -> New UI

A code change, that me thinks should be added anyway in updates is mentioned in post # 7 (first page).
Its ok that the default admin (UID 1) cannot be deleted, but he can be edited, even demoted by other admins.
Unless this was intended (whats the point of having an undeletable user who can do nothing in worst case), use the code shown to disable editing user 1.

Have a nice weekend.

/* edit
Little update to the disable mod.
Reason: Disabled users should not get any notify and should not be available for manual assign too.
*/

[alcazar]

Ok, the per-category-perms are removed, to much work, granted.
But this should be something "simple" for one of the best free helpdesk scripts.
Its about group permissions, than single user permissions.
Why using groups is better than individual permissions (in general) should be known already.
And yes, it would require some code changes, but any modification or new style would required it though, so it could be something for Hesk 3.
So what do you think about it (and not only the boss)?