#!/usr/bin/php -q
<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: tech.php,v $
// | $Date: 2004/02/11 01:28:14 $
// | $Revision: 1.60 $
// +-------------------------------------------------------------+
// | File Details:
// | - process() provider for technician-mailed e-mails.
// +-------------------------------------------------------------+

error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING);

//////////////////// PART 1 INCLUDES ////////////////////

define('TECHPOP', 1);
define('TECHZONE', 1);
include("mail_config.php");
include(INCLUDE_PATH . 'functions/admin-tech_functions.php');
include("mail.php");

###################### FUNCTION PROCESS() #######################

/*	Deals with incoming tech email for reply creation

		$message:	the email after it has been decoded (array of elements)
		$source :	the source of the email
		$gateway:	gateway info [optional]
*/

function process(&$message, &$source, $gateway = NULL) {
	global $db, $settings, $template_cache, $output, $sourceid, $user;

	// rename a few variables for ease of access
	$email['from'] = trim($message->fromEmail);
	$headers = $message->headers;
	$subject = $headers['subject'];

	//////////////////////////////////////////////////////////////
	/* 1. STANDARD PROCESSING									*/
	//////////////////////////////////////////////////////////////

	// insert the full email
	$sourceid = store_mail($headers, $source);

	// we don't want to autorespond to another DeskPRO
	if (in_string('DeskPRO', $headers['X-Mailer'])) {
		log_error('sent_by_deskpro', $message);
	}

	// no valid return email (decoding functions look at various mail headers)
	if (!$email['from']) {
		log_error('no_email', $message);
		return true;
	}

	if (!(validate_email($email['from']))) {
		log_error('invalid_email', $message);
		return true;
	}

	// Handle e-mail bans. First, if this sender is banned, reject it.
	if (banned_email(strtolower($email['from']), $banned_emails)) {
		log_error('banned_email', $message);
		return true;
	}

	// Next, if the sender is ourselves, ignore the message (because that's
	// a common spam trick and we'll never be mailing ourselves anyway)
	if (strtolower($settings[email_from]) == strtolower($email['from'])) {
		log_error('self_email', $message);
		return true;
	}

	// check the email is not a gateway email, if so we will get autoresponder loops.
	$db->query("SELECT id FROM gateway_accounts WHERE email = '" . mysql_escape_string(strtolower($email['from'])) . "'");
	if ($db->num_rows() > 0) {
		log_error('gateway_email', $message);
		return true;
	}

	// check for text
	if ($message->text) {
		$body = $message->text;
	} elseif ($message->html) {
		$body = strip_tags($message->html);
		$strip_tags = 1;
	} else {
		log_error('no_message', $message);
		return true;
	}

	if (trim($body) == '') {
		log_error('no_message', $message);
		return true;
	}

	/*
		Lets find the ref
			i) subject line							[AAAA-0000-AAAA]
			ii) code at the bottom of the email		<=== AAAA-0000-AAAA ===>
			iii) XML options						<TICKET>$ticket[ref]</TICKET>
					
	*/

	// subject check
	if (ereg("\[([0-9]{4}-[A-Za-z]{4}-[0-9]{4})\]", $subject, $arr)) {
		$ticketref = $arr[1];
	// xml check
	} elseif (ereg("<TICKET>([0-9]{4}-[A-Za-z]{4}-[0-9]{4})<\/TICKET>", $body, $arr)) {
		$ticketref = $arr[1];
	// footer check
	} elseif (ereg("<=== ([0-9]{4}-[A-Za-z]{4}-[0-9]{4}) ===>", $body, $arr)) {
		$ticketref = $arr[1];
	}

	if (!$ticketref) {
		log_error('no_ticketref', $message);
		return true;
	}

	/*
		Lets find the authcode
			i) subject line							(AAAA-0000-AAAA)
			ii) code at the bottom of the email		<=== $ticket[authcode] ===>
			iii) XML options						<AUTHCODE>$ticket[authcode]</AUTHCODE>		
	*/

	// subject check
	if (ereg("\[([a-zA-Z0-9]{8})\]", $subject, $arr)) {
		$ticketauth = $arr[1];
	// xml check
	} elseif (ereg("<AUTHCODE>([a-zA-Z0-9]{8})<\/AUTHCODE>", $body, $arr)) {
		$ticketauth = $arr[1];
	// footer check
	} elseif (ereg("<=== ([a-zA-Z0-9]{8}) ===>", $body, $arr)) {
		$ticketauth = $arr[1];
	}

	/*
		Lets find the tech
			i) XML options						<AUTHCODE>$ticket[authcode]</AUTHCODE>
			ii) From the sender address
	*/

	if (eregi("<TECH>(.*)<\/TECH>", $body, $arr)) {
		$tech_username = $arr[1];
		$user = $db->query_return("SELECT * FROM tech WHERE username = '" . addslashes($arr[1]) . "'");
	}
	if (!$db->num_rows()) {
		$user = $db->query_return("SELECT * FROM tech WHERE email LIKE '%$email[from]%'");
	}

	// we don't know who this tech is. 
	if (!is_array($user)) {
		log_error('no_tech', $message);
		return true;
	}

	// Get ticket information and check if it is valid
	$ticket = $db->query_return("
	SELECT 
		ticket.*, ticket_pri.id AS priority_id, ticket_pri.name AS priority_name, 
		ticket_cat.id AS category_id, ticket_cat.name AS category_name, 
		tech.id AS tech_id, tech.email AS tech_email
	FROM ticket
	LEFT JOIN ticket_pri ON (ticket.priority = ticket_pri.id)
	LEFT JOIN ticket_cat ON (ticket.category = ticket_cat.id)
	LEFT JOIN tech ON (ticket.tech = tech.id)
	WHERE ref = '" . addslashes($ticketref) . "'
	");

	// no match, lets just check this ticket wastn't merged
	if (!$db->num_rows()) {
		$ticket = $db->query_return("SELECT * FROM ticket_merge WHERE old_ref = '$ticketref'");
		
		if ($ticket['new_id']) {
			$ticket = $db->query_return("
				SELECT 
					ticket.*, ticket_pri.id AS priority_id, ticket_pri.name AS priority_name, 
					ticket_cat.id AS category_id, ticket_cat.name AS category_name, 
					tech.id AS tech_id, tech.email AS tech_email
				FROM ticket
				LEFT JOIN ticket_pri ON (ticket.priority = ticket_pri.id)
				LEFT JOIN ticket_cat ON (ticket.category = ticket_cat.id)
				LEFT JOIN tech ON (ticket.tech = tech.id)
				WHERE ticket = '" . addslashes($ticket['new_id']) . "'
			");
		}
	}

	//////////////////////////////////////////////////////////////
	/* 4. ERROR CHECKING										*/
	//////////////////////////////////////////////////////////////

	// is there a ticket?
	if (!is_array($ticket)) {
		log_error('no_ticket', $message);
		return true;
	}

	// check ticket is open
	if ($ticket[is_open] == "0" AND !$settings['gateway_ticket_reopen']) {
		log_error('ticket_closed', $message);
		return true;
	}

	if (($ticket['authcode']) AND ($ticket['authcode'] != $ticketauth)) {
		log_error('bad_authcode', $message);
		return true;
	}

	//////////////////////////////////////////////////////////////
	/* 4. ACTIONS												*/
	//////////////////////////////////////////////////////////////

	// close ticket
	if (eregi("<CLOSE TICKET>Yes</CLOSE TICKET>", $body) AND p_ticket('close', $ticket)) {
		$close = 1;
	}

	// remove ownership
	if (eregi("<REMOVE OWNERSHIP>Yes</REMOVE OWNERSHIP>", $body) AND p_ticket('edit', $ticket)) {
		$assign = 'remove';
	}

	// Taking ownership overrides removing ownership; just in case the tech tries to
	// be 'clever' and does both, we'll catch it
	if (eregi("<TAKE OWNERSHIP>Yes</TAKE OWNERSHIP>", $body) AND p_ticket('edit', $ticket)) {
		$assign = 'assign';
	}

	//////////////////////////////////////////////////////////////
	/* 6. AUTORESPONSE PROTECTION */
	//////////////////////////////////////////////////////////////

	// 1 hour
	$auto_time = mktime() - (3600 * 1);

	$result = $db->query_return(
		"SELECT COUNT(*) AS total FROM ticket_message
		WHERE ticketid = '$ticket[id]'
		AND date > $auto_time
		AND date > $ticket[date_lastreply_tech]
	");

	// we have reached the max replies to tickets, generate error and stop processing
	if ($settings['max_reply']) {
		if ($result[total] > $settings['max_reply']) {
			log_error('autoresponder_reply', $message);
			return true;
		}
	}	

	//////////////////////////////////////////////////////////////
	/* 7. IF SET BY ADMIN, ATTEMPT TO IGNORE PREVIOUS QUOTED REPLIES */
	//////////////////////////////////////////////////////////////

	if ($settings['gateway_reply_cut']) {

		// Look for our markers first.

		if (eregi('=== Enter your reply below this line ===(.*)=== Enter your reply above this line ===', $body, $arr)) {
			$body = $arr[1];
			if ($extra_quote = strrpos($body, '>')) {
				if ((strlen($body) - $extra_quote) < 5) {
					$body = substr($body, 0, $extra_quote);
				}
			}
		} elseif ($body_tmp = preg_replace('/^----- Original Message -----.*^From.*^To:.*^Sent:.*^Subject:.*$/imsU', '', $data)) {
			$body = trim($body_tmp);
		}

		if ($end) {
			// We do $end - 3 here because "usually" mail clients do quotes like this:
			// > original message
			// That's a quote marker, a space, then the text. We want to kill those two
			// characters, plus the newline preceeding them. This has a slight chance of
			// deleting the last character in the reply if the quote isn't shown by two
			// characters, or if it's otherwise malformed.

			$body = substr($body, 0, ($end - 3));

			if (trim($body == '')) {
				log_error('no_message', $message);
				return true;
			}
		}
	}

	//////////////////////////////////////////////////////////////
	/* 8. ADD REPLY TO TICKET								*/
	//////////////////////////////////////////////////////////////

	if (!p_ticket('edit', $ticket)) {
		log_error('no_permission', $message);
		return true;
	}

	// add the new post to database
	$db->query("INSERT into ticket_message SET
		message = '" . mysql_escape_string($body) . "',
		ticketid = '$ticket[id]',
		striptags = '$striptags',
		sourceid = '$sourceid',
		date = '" . mktime() . "',
		techid = '$user[id]'
	");

	$ticket['body'] = $body;
	
	ticketlog($ticket['id'], 'tech_replied'); 

	//////////////////////////////////////////////////////////////
	/* 9. UPDATE TICKET											*/
	//////////////////////////////////////////////////////////////

	$db->query("
		UPDATE ticket SET
		awaiting_tech = '0',
		date_awaiting_toggled = '" . mktime() . "',
		is_open = '" . iff($close, 0, 1) . "', ".
		iff($assign == 'assign', "tech = '$user[id]',") .
		iff($assign == 'remove', "tech = '0',") . "
		date_lastreply_tech = '" . mktime() . "'
		WHERE id = $ticket[id]
	");

	if ($assign OR $close) {
		$ticket['action'] = 1;
		if ($assign == 'assign') {
			$ticket['assign'] = 1;
			ticketlog($ticket['id'], 'tech', $ticket[tech], $user[id]);
		} elseif ($assign == 'remove') {
			$ticket['remove'] = 1;
			ticketlog($ticket['id'], 'tech', $ticket[tech], 0);
		}

		if ($close) {
			$ticket['close'] = 1;
			ticketlog($ticket['id'], 'close');
		}
	}

	//////////////////////////////////////////////////////////////
	/* 10. PROCESS ATTACHMENTS									*/
	//////////////////////////////////////////////////////////////

	$attachments = process_attachments($message->attachments, $message->embedded, $ticket[id], $user[id]);
	// Limit quoted message to 16k at most
	$message = substr($body, NULL, 16384);

	//////////////////////////////////////////////////////////////
	/* 11. SEND EMAIL TO USERS									*/
	//////////////////////////////////////////////////////////////
	
	$ticket['category'] = $ticket['category_name'];
	$ticket['priority'] = $ticket['priority_name'];

	$ticket_user = $db->query_return("SELECT * FROM user WHERE id = $ticket[userid]");
	notify_user('reply_tech', $ticket, $ticket_user, $message, $attachments, $ticket[gatewayid]);

	return true;
}
?>