Final Security Code Fox - Code Located HERE.
Posted: Mon Jul 07, 2008 7:17 am
This is not a trouble ticket, but rather a recommendation and shared information for other users as well as incorporation into further development.
I, Robert Starkey, user of Hesk at http://support.outsidethebox.biz decided to finally fix the Security Code Image Not showing issue once and for all. When I typed some information into the message box of my support page and I refreshed the page, I found that a new sec image was generated however everything filled in remained in-place... I thought --- GREAT! So I generated this code to share.
This includes the following changes:
1) Security image background switched to black and text switched to white to combat against spammers OCR programs. This recommendation made in another forum post by program author.
2) I changed the output image type of the file from JPG to PNG in an attempt to ensure that the image would always load. This helped, but still - every once in a blue moon the image would not load.
3) I took it upon myself to create a "reload" button right next to the security image.
4) I relocated the sec-image text entry box to the left right below the image and spaced the "mysecnum" box on line 240 to "13" which makes the box spacing match the spacing of the security image (better visual).
5) I relocated the text that was formally to the left, over to the right along side of an arrow which points to the box.
Before you over-write your existing index.php file, please BACKUP!
[hr]
index.php
I, Robert Starkey, user of Hesk at http://support.outsidethebox.biz decided to finally fix the Security Code Image Not showing issue once and for all. When I typed some information into the message box of my support page and I refreshed the page, I found that a new sec image was generated however everything filled in remained in-place... I thought --- GREAT! So I generated this code to share.
This includes the following changes:
1) Security image background switched to black and text switched to white to combat against spammers OCR programs. This recommendation made in another forum post by program author.
2) I changed the output image type of the file from JPG to PNG in an attempt to ensure that the image would always load. This helped, but still - every once in a blue moon the image would not load.
3) I took it upon myself to create a "reload" button right next to the security image.
4) I relocated the sec-image text entry box to the left right below the image and spaced the "mysecnum" box on line 240 to "13" which makes the box spacing match the spacing of the security image (better visual).
5) I relocated the text that was formally to the left, over to the right along side of an arrow which points to the box.
Before you over-write your existing index.php file, please BACKUP!
[hr]
index.php
Code: Select all
<?php
/*******************************************************************************
* Title: Helpdesk software Hesk
* Version: 0.94.1 @ October 25, 2007
* Author: Klemen Stirn
* Website: http://www.phpjunkyard.com
********************************************************************************
* COPYRIGHT NOTICE
* Copyright 2005-2007 Klemen Stirn. All Rights Reserved.
*
* This script may be used and modified free of charge by anyone
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
* By using this code you agree to indemnify Klemen Stirn from any
* liability that might arise from it's use.
*
* Selling the code for this program, in part or full, without prior
* written consent is expressly forbidden.
*
* Obtain permission before redistributing this software over the Internet
* or in any other medium. In all cases copyright and header must remain
* intact. This Copyright is in full effect in any country that has
* International Trade Agreements with the United States of America or
* with the European Union.
*
* Removing any of the copyright notices without purchasing a license
* is illegal! To remove PHPJunkyard copyright notice you must purchase a
* license for this script. For more information on how to obtain a license
* please visit the site below:
* http://www.phpjunkyard.com/copyright-removal.php
*******************************************************************************/
define('IN_SCRIPT',1);
/* Get all the required files and functions */
require_once('hesk_settings.inc.php');
require_once('language/'.$hesk_settings['language'].'.inc.php');
require_once('inc/common.inc.php');
/* Will we use the anti-SPAM image? */
if ($hesk_settings['secimg_use'] && $_REQUEST['a']=='add') {
hesk_session_start();
$_SESSION['secnum']=rand(10000,99999);
$_SESSION['checksum']=crypt($_SESSION['secnum'],$hesk_settings['secimg_sum']);
}
/* Print header */
require_once('inc/header.inc.php');
/* What should we do? */
$action=hesk_input($_REQUEST['a']) or $action='start';
if ($action == 'start') {print_start();}
elseif ($action == 'add') {print_add_ticket();}
elseif ($action == 'forgot_tid') {forgot_tid();}
else {hesk_error($hesklang['invalid_action']);}
/* Print footer */
require_once('inc/footer.inc.php');
exit();
/*** START FUNCTIONS ***/
function print_add_ticket() {
global $hesk_settings, $hesklang;
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<a href="index.php?a=start" class="smaller"><?php echo $hesk_settings['hesk_title']; ?></a>
> <?php echo $hesklang['submit_ticket']; ?><br> </p>
</td>
</tr>
<tr>
<td>
<h3><?php echo $hesklang['submit_ticket']; ?></h3>
<p><?php echo $hesklang['use_form_below']; ?>
<font class="important"> *</font></p>
<form method="POST" action="submit_ticket.php" name="form1" enctype="multipart/form-data">
<table border="0" cellspacing="0" cellpadding="5" size="750">
<tr>
<td>
<!-- Contact info -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hesklang['name']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="name" size="25" maxlength="30" value="<?php echo stripslashes(hesk_input($_SESSION['c_name']));?>"></td>
</tr>
<tr>
<td align="right" width="150"><?php echo $hesklang['email']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="email" size="30" maxlength="50" value="<?php echo stripslashes(hesk_input($_SESSION['c_email']));?>"></td>
</tr>
</table>
<hr>
<!-- Department and priority -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hesklang['category']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><select name="category">
<?php
require_once('inc/database.inc.php');
hesk_dbConnect() or hesk_error("$hesklang[cant_connect_db] $hesklang[contact_webmsater] $hesk_settings[webmaster_mail]!");
$sql = "SELECT * FROM `hesk_categories` ORDER BY `cat_order` ASC";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
while ($row=hesk_dbFetchAssoc($result))
{
if ($_SESSION['c_category'] == $row['id']) {$selected = ' selected';}
else {$selected = '';}
echo '<option value="'.$row['id'].'"'.$selected.'>'.$row['name'].'</option>';
}
?>
</select></td>
</tr>
<tr>
<td align="right" width="150"><?php echo $hesklang['priority']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><select name="priority">
<option value="3" <?php if($_SESSION['c_priority']==3) {echo 'selected';} ?>><?php echo $hesklang['low']; ?></option>
<option value="2" <?php if($_SESSION['c_priority']==2) {echo 'selected';} ?>><?php echo $hesklang['medium']; ?></option>
<option value="1" <?php if($_SESSION['c_priority']==1) {echo 'selected';} ?>><?php echo $hesklang['high']; ?></option>
</select></td>
</tr>
</table>
<hr>
<!-- START CUSTOM BEFORE -->
<?php
/* custom fields BEFORE comments */
if ($hesk_settings['use_custom'] && $hesk_settings['custom_place']==1) {
echo '<table border="0">';
foreach ($hesk_settings['custom_fields'] as $k=>$v) {
if ($v['use']) {
if ($v['req']) {$v['req']='<font class="important">*</font>';}
else {$v['req']='';}
$k_value = stripslashes(hesk_input($_SESSION["c_$k"]));
echo <<<EOC
<tr>
<td align="right" width="150">$v[name]: $v[req]</td>
<td align="left" width="600"><input type="text" name="$k" size="40" maxlength="$v[maxlen]" value="$k_value"></td>
</tr>
EOC;
}
}
echo '</table> <hr>';
}
?>
<!-- END CUSTOM BEFORE -->
<!-- ticket info -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hesklang['subject']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="subject" size="40" maxlength="40" value="<?php echo stripslashes(hesk_input($_SESSION['c_subject']));?>"></td>
</tr>
<tr>
<td align="right" valign="top" width="150"><?php echo $hesklang['message']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><textarea name="message" rows="12" cols="60"><?php echo stripslashes(hesk_input($_SESSION['c_message']));?></textarea></td>
</tr>
</table>
<hr>
<!-- START CUSTOM AFTER -->
<?php
/* custom fields AFTER comments */
if ($hesk_settings['use_custom'] && $hesk_settings['custom_place']==0) {
echo '<table border="0">';
foreach ($hesk_settings['custom_fields'] as $k=>$v) {
if ($v['use']) {
if ($v['req']) {$v['req']='<font class="important">*</font>';}
else {$v['req']='';}
$k_value = stripslashes(hesk_input($_SESSION["c_$k"]));
echo <<<EOC
<tr>
<td align="right" width="150">$v[name]: $v[req]</td>
<td align="left" width="600"><input type="text" name="$k" size="40" maxlength="$v[maxlen]" value="$k_value"></td>
</tr>
EOC;
}
}
echo '</table> <hr>';
}
?>
<!-- END CUSTOM AFTER -->
<?php
/* attachments */
if ($hesk_settings['attachments']['use']) {
?>
<table border="0">
<tr>
<td align="right" width="150" valign="top"><?php echo $hesklang['attachments']; ?>:</td>
<td align="left" width="600">
<p>
<?php
for ($i=1;$i<=$hesk_settings['attachments']['max_number'];$i++) {
echo '<input type="file" name="attachment['.$i.']" size="50"><br>';
}
?>
<?php echo$hesklang['accepted_types']; ?>: <?php echo '*'.implode(', *', $hesk_settings['attachments']['allowed_types']); ?><br>
<?php echo $hesklang['max_file_size']; ?>: <?php echo $hesk_settings['attachments']['max_size']; ?> Kb
(<?php echo sprintf("%01.2f",($hesk_settings['attachments']['max_size']/1024)); ?> Mb)</p>
</td>
</tr>
</table>
<hr>
<?php
}
?>
<!-- Submit -->
<div align="center">
<center>
<table border="0">
<tr>
<td>
<?php
if ($hesk_settings['secimg_use']) {
echo '<p> <br><img src="print_sec_img.php?'.rand(10000,99999).'" width="100" height="20" alt="'.$hesklang['sec_img'].'" border="1">      <input type=button value="Refresh Security Code" align="middle" onClick="window.location.reload()"><br>'.
'<input type="text" name="mysecnum" size="13" maxlength="5"> <font size="5"><STRONG>&larr<STRONG></FONT>    Enter the number displayed above. <BR>
<BR><BR></p>
<p>';
} else {
echo '<p> <br>';
}
?>
<b><?php echo $hesklang['before_submit']; ?></b>
<li><?php echo $hesklang['all_info_in']; ?>.</li>
<li><?php echo $hesklang['all_error_free']; ?>.</li>
</p>
<p><b><?php echo $hesklang['we_have']; ?>:</b>
<li><?php echo $_SERVER['REMOTE_ADDR'].' '.$hesklang['recorded_ip']; ?></li>
<li><?php echo $hesklang['recorded_time']; ?></li>
</p>
<p align="center"><input type="submit" value="<?php echo $hesklang['sub_ticket']; ?>" class="button"></p>
</form>
</td>
</tr>
</table>
</center>
</div>
</td>
</tr>
</table>
</center>
</div>
<?php
} // End print_add_ticket()
function print_start() {
global $hesk_settings, $hesklang;
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<?php echo $hesk_settings['hesk_title']; ?><br> </p>
</td>
</tr>
<tr>
<td>
<h3 align="center"><?php echo $hesk_settings['hesk_title']; ?></h3>
<p><b><?php echo $hesklang['open_ticket']; ?></b></p>
<p><a href="index.php?a=add"><?php echo $hesklang['sub_support']; ?></a> </p>
<hr>
<p><b><?php echo $hesklang['view_existing']; ?></b></p>
<p><form action="ticket.php" method="GET">
<?php echo $hesklang['trackID']; ?>: <input type="text" name="track">
<input type="hidden" name="Refresh" value="<?php echo rand(10000,99999); ?>">
<input type="submit" value="<?php echo $hesklang['view_ticket']; ?>" class="button">
</form></p>
<p><a href="Javascript:void(0)" onClick="Javascript:hesk_toggleLayerDisplay('forgot')"><?php echo $hesklang['forgot_tid'];?></a></p>
<div id="forgot" style="display: none;">
<script language="javascript" type="text/javascript"><!--
function hesk_checkEmail() {
d=document.form1;
if (d.email.value=='' || d.email.value.indexOf(".") == -1 || d.email.value.indexOf("@") == -1)
{alert('<?php echo $hesklang['enter_valid_email']; ?>'); return false;}
return true;
}
//-->
</script>
<form action="index.php" method="POST" name="form1" onSubmit="return hesk_checkEmail()">
<p><?php echo $hesklang['tid_mail']; ?>:<br>
<input type="text" name="email" size="30" maxlength="50">
<input type="hidden" name="a" value="forgot_tid">
<input type="submit" value="<?php echo $hesklang['tid_send']; ?>" class="button"></p>
</div>
<hr>
<p> </p>
<?php
} // End print_start()
function forgot_tid() {
global $hesk_settings, $hesklang;
$email=hesk_validateEmail($_POST['email'],$hesklang['enter_valid_email']);
/* Prepare ticket statuses */
$my_status = array(
0 => $hesklang['open'],
1 => $hesklang['wait_staff_reply'],
2 => $hesklang['wait_cust_reply'],
3 => $hesklang['closed']
);
/* Get ticket(s) from database */
require_once('inc/database.inc.php');
hesk_dbConnect() or hesk_error("$hesklang[cant_connect_db] $hesklang[contact_webmsater] $hesk_settings[webmaster_mail]!");
$sql = "SELECT * FROM `hesk_tickets` WHERE `email` LIKE '$email'";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
$num=hesk_dbNumRows($result);
if ($num < 1) {
hesk_error($hesklang['tid_not_found']);
}
$tid_list='';
$name='';
while ($my_ticket=hesk_dbFetchAssoc($result))
{
$name = $name ? $name : $my_ticket['name'];
$tid_list .= "
$hesklang[trackID]: $my_ticket[trackid]
$hesklang[subject]: $my_ticket[subject]
$hesklang[status]: ".$my_status[$my_ticket['status']]."
$hesk_settings[hesk_url]/ticket.php?track=$my_ticket[trackid]
";
}
/* Get e-mail message for customer */
$fp=fopen('emails/forgot_ticket_id.txt','r');
$message=fread($fp,filesize('emails/forgot_ticket_id.txt'));
fclose($fp);
$message=str_replace('%%NAME%%',$name,$message);
$message=str_replace('%%NUM%%',$num,$message);
$message=str_replace('%%LIST_TICKETS%%',$tid_list,$message);
$message=str_replace('%%SITE_TITLE%%',$hesk_settings['site_title'] ,$message);
$message=str_replace('%%SITE_URL%%',$hesk_settings['site_url'] ,$message);
/* Send e-mail */
$headers="From: $hesk_settings[noreply_mail]\n";
$headers.="Reply-to: $hesk_settings[noreply_mail]\n";
@mail($email,$hesklang['tid_email_subject'],$message,$headers);
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<a href="index.php?a=start" class="smaller"><?php echo $hesk_settings['hesk_title']; ?></a>
> <?php echo $hesklang['tid_sent']; ?><br> </p>
</td>
</tr>
<tr>
<td>
<p> </p>
<h3 align="center"><?php echo $hesklang['tid_sent']; ?></h3>
<p> </p>
<p align="center"><?php echo $hesklang['tid_sent2']; ?></p>
<p align="center"><b><?php echo $hesklang['check_spambox']; ?></b></p>
<p> </p>
<p align="center"><a href="index.php?a=start"><?php echo $hesk_settings['hesk_title']; ?></a></p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<?php
} // End forgot_tid()
?>