".$anzahlnachrichten." as nachrichten_anz,
FROM ticket t
LEFT JOIN adresse a ON t.adresse = a.id
LEFT JOIN warteschlangen w ON t.warteschlange = w.label
LEFT JOIN projekt p on t.projekt = p.id";
$where = "1";
// Toggle filters
$this->app->Tpl->Add('JQUERYREADY', "$('#meinetickets').click( function() { fnFilterColumn1( 0 ); } );");
$this->app->Tpl->Add('JQUERYREADY', "$('#prio').click( function() { fnFilterColumn2( 0 ); } );");
$this->app->Tpl->Add('JQUERYREADY', "$('#geschlossene').click( function() { fnFilterColumn3( 0 ); } );");
$this->app->Tpl->Add('JQUERYREADY', "$('#spam').click( function() { fnFilterColumn4( 0 ); } );");
for ($r = 1;$r <= 4;$r++) {
$this->app->Tpl->Add('JAVASCRIPT', '
function fnFilterColumn' . $r . ' ( i )
if(oMoreData' . $r . $name . '==1)
oMoreData' . $r . $name . ' = 0;
oMoreData' . $r . $name . ' = 1;
$(\'#' . $name . '\').dataTable().fnFilter(
$more_data1 = $this->app->Secure->GetGET("more_data1");
if ($more_data1 == 1) {
$where .= " AND t.warteschlange IN (SELECT w.label FROM warteschlangen w WHERE adresse=".$this->app->User->GetAdresse().")"; // Queues of user
} else {
$more_data2 = $this->app->Secure->GetGET("more_data2");
if ($more_data2 == 1) {
$where .= " AND t.prio = '1'";
else {
$more_data3 = $this->app->Secure->GetGET("more_data3");
if ($more_data3 == 1) {
else {
$where .= " AND (t.status <> 'abgeschlossen')"; // Exclude and geschlossen
$more_data4 = $this->app->Secure->GetGET("more_data4");
if ($more_data4 == 1) {
else {
$where .= " AND (t.status <> 'spam')";
// END Toggle filters
$moreinfo = true; // Allow drop down details
$menucol = 12; // For moredata
$count = "SELECT count(DISTINCT id) FROM ticket t WHERE $where";
// echo(htmlentities($sql." ".$where));
// $groupby = "";
$erg = false;
foreach ($erlaubtevars as $k => $v) {
if (isset($$v)) {
$erg[$v] = $$v;
return $erg;
function ticket_list() {
// Process multi action
$auswahl = $this->app->Secure->GetPOST('auswahl');
$selectedIds = [];
if(!empty($auswahl)) {
foreach($auswahl as $selectedId) {
$selectedId = (int)$selectedId;
if($selectedId > 0) {
$selectedIds[] = $selectedId;
$status = $this->app->Secure->GetPOST('status');
$warteschlange = $this->app->Secure->GetPOST('warteschlange');
$sql = "UPDATE ticket SET status = '".$status."'";
if ($warteschlange != '') {
$sql .= ", warteschlange = '".explode(" ",$warteschlange)[0]."'";
$sql .= " WHERE id IN (".implode(",",$selectedIds).")";
// List
$this->app->YUI->TagEditor('taglist', array('width'=>370));
$this->app->erp->MenuEintrag("index.php?module=ticket&action=list", "Übersicht");
$this->app->erp->MenuEintrag("index.php?module=ticket&action=create", "Neu anlegen");
$this->app->erp->MenuEintrag("index.php", "Zurück");
$this->app->Tpl->Set('STATUS', $this->app->erp->GetStatusTicketSelect('neu'));
$this->app->YUI->TableSearch('TAB1', 'ticket_list', "show", "", "", basename(__FILE__), __CLASS__);
$this->app->Tpl->Parse('PAGE', "ticket_list.tpl");
function get_messages_of_ticket($ticket_id, $where, $limit) {
if ($limit) {
$limitsql = " LIMIT ".((int) $limit);
} else {
$limitsql = "";
// $sql = "SELECT n.id, n.betreff, n.verfasser, n.mail, n.mail_cc, n.zeit, n.zeitausgang, n.versendet, n.text, n.verfasser_replyto, mail_replyto, (SELECT GROUP_CONCAT(value SEPARATOR ', ' FROM ticket_header th WHERE th.ticket_nachricht = n.id AND th.type = 'cc') value from) as cc FROM ticket_nachricht n INNER JOIN ticket t ON t.schluessel = n.ticket WHERE (".$where.") AND t.id = ".$ticket_id." ORDER BY n.zeit DESC ".$limitsql;
$sql = "SELECT n.id,
(SELECT GROUP_CONCAT(value SEPARATOR ', ') FROM ticket_header th WHERE th.ticket_nachricht = n.id AND th.type = 'cc') as mail_cc_recipients,
(SELECT GROUP_CONCAT(value SEPARATOR ', ') FROM ticket_header th WHERE th.ticket_nachricht = n.id AND th.type = 'to') as mail_recipients
FROM ticket_nachricht n INNER JOIN ticket t ON t.schluessel = n.ticket
WHERE (".$where.") AND t.id = ".$ticket_id." ORDER BY n.zeit DESC ".$limitsql;
return $this->app->DB->SelectArr($sql);
function add_attachments_html($ticket_id, $message_id,$templatepos,$showdelete) {
$file_attachments = $this->app->erp->GetDateiSubjektObjekt('Anhang','Ticket',$message_id);
if (!empty($file_attachments)) {
foreach ($file_attachments as $file_attachment) {
if ($showdelete) {
$deletetext = ''.
} else {
$deletetext = "";
" (".
function add_messages_tpl($messages, $showdrafts) {
// Add Messages now
foreach ($messages as $message) {
if ($message['versendet'] == '1') {
if (is_null($message['zeitausgang'])) {
if (!$showdrafts) {
$this->app->Tpl->Set("NACHRICHT_BETREFF",$message['betreff']." (Entwurf)");
$this->app->Tpl->Set("NACHRICHT_SENDER",$message['mail_replyto']." (".$message['verfasser'].")");
} else {
$this->app->Tpl->Set("NACHRICHT_SENDER",$message['mail']." (".$message['verfasser'].")");
$this->app->Tpl->Parse('MESSAGES', "ticket_nachricht.tpl");
* @throws NumberGeneratorException
* @return string
private function generateRandomTicketNumber(): string
$random = rand(300,700);
$loopCounter = 0;
while(true) {
$candidate = sprintf('%s%04d', date('Ymd'), $random++);
if (!$this->app->DB->Select('SELECT id FROM ticket WHERE schluessel = '.$candidate)) {
if ($loopCounter > 99) {
throw new NumberGeneratorException('ticket number generation failed');
function ticket_save_to_db($id, $input) {
// Write to database
// Add checks here
if (empty($id)) {
// New item
$id = 'NULL';
if ($input['betreff'] == '') {
$input['betreff'] = "...";
$input['projekt'] = $this->app->erp->ReplaceProjekt(true,$input['projekt'],true); // Parameters: Target db?, value, from form?
$input['adresse'] = $this->app->erp->ReplaceAdresse(true,$input['adresse'],true); // Parameters: Target db?, value, from form?
$input['warteschlange'] = explode(" ",$input['warteschlange'])[0]; // Just the label
$input['zeit'] = date('Y-m-d H:i:s', time());
$columns = "id, ";
$values = "$id, ";
$update = "";
$fix = "";
foreach ($input as $key => $value) {
if ($this->app->DB->ColumnExists('ticket',$key)) {
$columns = $columns.$fix.$key;
$values = $values.$fix."'".$value."'";
$update = $update.$fix.$key." = '$value'";
$fix = ", ";
$sql = "INSERT INTO ticket (".$columns.") VALUES (".$values.") ON DUPLICATE KEY UPDATE ".$update;
$id = $this->app->DB->GetInsertID();
function save_draft($id, $input) {
$columns = "id, ";
$values = "$id, ";
$update = "";
$fix = "";
// Translate form to table
$input['betreff'] = $input['email_betreff'];
$input['mail'] = $input['email_an'];
$input['mail_cc'] = $input['email_cc'];
$input['text'] = $input['email_text'];
foreach ($input as $key => $value) {
if ($this->app->DB->ColumnExists('ticket_nachricht',$key)) {
$columns = $columns.$fix.$key;
$values = $values.$fix."'".$value."'";
$update = $update.$fix.$key." = '$value'";
$fix = ", ";
$sql = "INSERT INTO ticket_nachricht (".$columns.") VALUES (".$values.") ON DUPLICATE KEY UPDATE ".$update;
function ticket_create() {
$submit = $this->app->Secure->GetPOST('submit');
$input = $this->GetInput();
if ($submit != '') {
$input['schluessel'] = $this->generateRandomTicketNumber();
$input['kunde'] = $this->app->User->GetName();
$id = $this->ticket_save_to_db($id, $input);
header("Location: index.php?module=ticket&action=edit&id=$id");
$this->app->Tpl->Set('STATUSICON', $this->ticket_status_icon('neu')." ");
$this->app->Tpl->Set('STATUS', $this->app->erp->GetStatusTicketSelect('neu'));
$this->app->Tpl->Parse('PAGE', "ticket_create.tpl");
function ticket_edit() {
$id = $this->app->Secure->GetGET('id');
if (empty($id)) {
$this->app->Tpl->Set('ID', $id);
$this->app->erp->MenuEintrag("index.php?module=ticket&action=edit&id=$id", "Details");
$this->app->erp->MenuEintrag("index.php?module=ticket&action=list", "Zurück zur Übersicht");
$id = $this->app->Secure->GetGET('id');
$cmd = $this->app->Secure->GetGET('cmd');
$input = $this->GetInput();
$submit = $this->app->Secure->GetPOST('submit');
$msg = $this->app->erp->base64_url_decode($this->app->Secure->GetGET('msg'));
if ($input['neue_notiz'] != '') {
$input['notiz'] = $this->app->User->GetName()." ".date("d.m.Y H:i").": ".$input['neue_notiz']."\r\n".$input['notiz'];
// Always save
if ($submit != '')
$this->ticket_save_to_db($id, $input);
$msg = "
Die Einstellungen wurden erfolgreich übernommen.
// Load values again from database
$result = $this->app->DB->SelectArr("SELECT t.id, t.schluessel, t.zeit, p.abkuerzung as projekt, t.bearbeiter, t.quelle, t.status, t.prio, t.adresse, t.kunde, CONCAT(w.label,' ',w.warteschlange) as warteschlange, t.mailadresse, t.betreff, t.zugewiesen, t.inbearbeitung, t.inbearbeitung_user, t.firma, t.notiz, t.bitteantworten, t.service, t.kommentar, t.privat, t.dsgvo, t.tags, t.nachrichten_anz, t.id FROM ticket t LEFT JOIN adresse a ON t.adresse = a.id LEFT JOIN projekt p on t.projekt = p.id LEFT JOIN warteschlangen w on t.warteschlange = w.label WHERE t.id=$id");
foreach ($result[0] as $key => $value) {
$this->app->Tpl->Set(strtoupper($key), $value);
$this->app->Tpl->Set('PRIO', $result[0]['prio']==1?"checked":"");
$this->app->Tpl->Set('STATUSICON', $this->ticket_status_icon($result[0]['status'])." ");
$this->app->Tpl->Set('ADRESSE', $this->app->erp->ReplaceAdresse(false,$result[0]['adresse'],false)); // Convert ID to form display
$this->app->YUI->TagEditor('tags', array('width'=>370));
$this->app->Tpl->Set('STATUS', $this->app->erp->GetStatusTicketSelect($result[0]['status']));
$input['projekt'] = $this->app->erp->ReplaceProjekt(false,$input['projekt'],false); // Parameters: Target db?, value, from form?
// END Header
// Check for draft
$drafted_messages = $this->get_messages_of_ticket($id, "zeitausgang IS NULL AND versendet = '1'",NULL);
if (!empty($drafted_messages)) {
// Draft from form?
if ($submit != '') {
// Reload
$drafted_messages = $this->get_messages_of_ticket($id, "zeitausgang IS NULL AND versendet = '1'",NULL);
// Load the draft for editing
$this->app->Tpl->Set('EMAIL_AN', $drafted_messages[0]['mail']);
$this->app->Tpl->Set('EMAIL_CC', $drafted_messages[0]['mail_cc']);
$this->app->Tpl->Set('EMAIL_BCC', $drafted_messages[0]['mail_bcc']);
$this->app->Tpl->Set('EMAIL_BETREFF', $drafted_messages[0]['betreff']);
// Show new message dialog
$this->app->Tpl->Set('EMAIL_SENDER', $this->app->erp->GetSelectEmailMitName($dokument['von']));
$this->app->YUI->CkEditor("email_text","internal", null, 'JQUERY');
// Delete attachment from draft
if ($cmd=='deleteattachment') {
$fileid = $this->app->Secure->GetGET('fileid');
// Check if this file is only attached to this draft and nowhere else
$check = $this->app->erp->GetDateiStichwoerter($fileid);
$save_to_delete = true;
foreach ($check as $stichwort) {
if ($stichwort['subjekt'] != 'anhang' || $stichwort['objekt'] != 'Ticket' || $stichwort['parameter'] != $drafted_messages[0]['id']) {
$save_to_delete = false;
if ($save_to_delete) {
} else {
$msg .= "
Fehler beim Löschen der Datei: In Verwendung.
// Upload of attachments
if(isset($_FILES['upload']) && is_array($_FILES['upload']))
foreach($_FILES['upload']['tmp_name'] as $key => $file)
if($file != "")
$fileid = $this->app->erp->CreateDatei($_FILES['upload']['name'][$key], $_FILES['upload']['name'][$key], "", "", $_FILES['upload']['tmp_name'][$key], $this->app->User->GetName());
// stichwoerter hinzufuegen
$this->app->erp->AddDateiStichwort($fileid, "anhang", "Ticket", $drafted_messages[0]['id']);
$this->app->Tpl->Parse('NEW_MESSAGE', "ticket_new_message.tpl");
// END Draft
// Get all messsages
$messages = $this->get_messages_of_ticket($id, 1, NULL);
$recv_messages = $this->get_messages_of_ticket($id,"n.versendet != 1",NULL);
switch ($submit) {
case 'neue_email':
if (empty($drafted_messages)) {
// Create new message and save it for editing
$this->app->Tpl->Set('EMAIL_AN', $recv_messages[0]['mail']);
$senderName = $this->app->User->GetName()." (".$this->app->erp->GetFirmaAbsender().")";
$senderAddress = $this->app->erp->GetFirmaMail();
$to = $recv_messages[0]['mail'];
$cc = "";
if (!empty($recv_messages)) {
if (!str_starts_with(strtoupper($recv_messages[0]['betreff']),"RE:")) {
$betreff = "RE: ".$recv_messages[0]['betreff'];
else {
$betreff = $recv_messages[0]['betreff'];
$sql = "SELECT GROUP_CONCAT(DISTINCT `value` ORDER BY `value` SEPARATOR ', ') FROM ticket_header th WHERE th.ticket_nachricht = ".$recv_messages[0]['id']." AND `value` <> '".$senderAddress."' AND type='to'";
$to .= ", ".$this->app->DB->Select($sql);
$sql = "SELECT GROUP_CONCAT(DISTINCT `value` ORDER BY `value` SEPARATOR ', ') FROM ticket_header th WHERE th.ticket_nachricht = ".$recv_messages[0]['id']." AND `value` <> '".$senderAddress."' AND type='cc'";
$cc = $this->app->DB->Select($sql);
else {
$betreff = $result[0]['betreff'];
$anschreiben = $this->app->DB->Select("SELECT anschreiben FROM adresse WHERE id='".$result[0]['adresse']."' LIMIT 1");
$anschreiben = $this->app->erp->Beschriftung("dokument_anschreiben").",\n".$this->app->erp->Grussformel($projekt,$sprache);
$sql = "INSERT INTO `ticket_nachricht` (
`ticket`, `zeit`, `text`, `betreff`, `medium`, `versendet`,
`verfasser`, `mail`,`status`, `verfasser_replyto`, `mail_replyto`,`mail_cc`
) VALUES ('".$result[0]['schluessel']."',NOW(),'".$anschreiben."','".$betreff."','email','1','".$senderName."','".$to."','neu','".$senderName."','".$senderAddress."','".$cc."');";
// Show new message dialog
header("Location: index.php?module=ticket&action=edit&id=$id");
case 'entwurfloeschen':
if (!empty($drafted_messages)) {
$sql = "UPDATE ticket_nachricht SET ticket = '' WHERE id=".$drafted_messages[0]['id'];
$msg = $this->app->erp->base64_url_encode("
Der Entwurf wurde gelöscht.
header("Location: index.php?module=ticket&action=edit&msg=$msg&id=$id");
case 'zitat':
if (!empty($drafted_messages) && !empty($recv_messages)) {
$sql = "UPDATE ticket_nachricht SET text='".$drafted_messages[0]['text']."-------------------- ".$recv_messages[0]['verfasser']." <".$recv_messages[0]['mail']."> (".$recv_messages[0]['zeit']."): ".$recv_messages[0]['text']."' WHERE id=".$drafted_messages[0]['id'];
header("Location: index.php?module=ticket&action=edit&id=$id");
case 'absenden':
if (empty($drafted_messages)) {
$msg = "";
// Enforce Ticket #
if (!preg_match("/Ticket #[0-9]{12}/i", $drafted_messages[0]['betreff'])) {
$drafted_messages[0]['betreff'].= " Ticket #".$result[0]['schluessel'];
// Attachments
$files = $this->app->erp->GetDateiSubjektObjektDateiname('Anhang','Ticket',$drafted_messages[0]['id'],"");
if ($cc != '') {
$cc = explode(',',$drafted_messages[0]['mail_cc']);
if (
) != 0
) {
// Update message in ticket_nachricht
$sql = "UPDATE `ticket_nachricht` SET `zeitausgang` = NOW(), `betreff` = '".$drafted_messages[0]['betreff']."' WHERE id = ".$drafted_messages[0]['id'];
$msg .= '
Die E-Mail wurde erfolgreich versendet an '.$input['email_an'].'.';
if ($drafted_messages[0]['mail_cc'] != '') {
$msg .= ' (CC: '.$drafted_messages[0]['mail_cc'].')