From fd3e47b96d51076895ff8fa188a808ecd11ef33c Mon Sep 17 00:00:00 2001
From: maranqz <ilia.sergunin@gmail.com>
Date: Sun, 21 Jul 2019 14:43:52 +0300
Subject: [PATCH] Fix incorrect Lang:get using, undeclared variable, missing
 csrf token

---
 .../Client/helpdesk/FormController.php         |  5 +++--
 .../Client/helpdesk/UnAuthController.php       |  2 +-
 .../agent/helpdesk/ticket/answered.blade.php   | 18 +++++++++++++++---
 .../agent/helpdesk/ticket/assigned.blade.php   |  2 +-
 .../helpdesk/unauth/showticket.blade.php       |  1 +
 5 files changed, 21 insertions(+), 7 deletions(-)
 mode change 100644 => 100755 app/Http/Controllers/Client/helpdesk/UnAuthController.php
 mode change 100644 => 100755 resources/views/themes/default1/agent/helpdesk/ticket/answered.blade.php
 mode change 100644 => 100755 resources/views/themes/default1/agent/helpdesk/ticket/assigned.blade.php
 mode change 100644 => 100755 resources/views/themes/default1/client/helpdesk/unauth/showticket.blade.php

diff --git a/app/Http/Controllers/Client/helpdesk/FormController.php b/app/Http/Controllers/Client/helpdesk/FormController.php
index e6ff072c4..49dbbeb45 100755
--- a/app/Http/Controllers/Client/helpdesk/FormController.php
+++ b/app/Http/Controllers/Client/helpdesk/FormController.php
@@ -270,12 +270,13 @@ class FormController extends Controller
     public function post_ticket_reply($id, Request $request)
     {
         try {
-            if ($comment != null) {
+            $comment = $request->input('comment');
+            if (!empty($comment)) {
                 $tickets = Tickets::where('id', '=', $id)->first();
                 $thread = Ticket_Thread::where('ticket_id', '=', $tickets->id)->first();
 
                 $subject = $thread->title.'[#'.$tickets->ticket_number.']';
-                $body = $request->input('comment');
+                $body = $comment;
 
                 $user_cred = User::where('id', '=', $tickets->user_id)->first();
 
diff --git a/app/Http/Controllers/Client/helpdesk/UnAuthController.php b/app/Http/Controllers/Client/helpdesk/UnAuthController.php
old mode 100644
new mode 100755
index 138cc5768..a581032d4
--- a/app/Http/Controllers/Client/helpdesk/UnAuthController.php
+++ b/app/Http/Controllers/Client/helpdesk/UnAuthController.php
@@ -172,7 +172,7 @@ class UnAuthController extends Controller
      */
     public function rating($id, Request $request, \App\Model\helpdesk\Ratings\RatingRef $rating_ref)
     {
-        foreach ($request->all() as $key => $value) {
+        foreach ($request->except(['_token']) as $key => $value) {
             if (strpos($key, '_') !== false) {
                 $ratName = str_replace('_', ' ', $key);
             } else {
diff --git a/resources/views/themes/default1/agent/helpdesk/ticket/answered.blade.php b/resources/views/themes/default1/agent/helpdesk/ticket/answered.blade.php
old mode 100644
new mode 100755
index 531dcc6e2..3ff0d64c1
--- a/resources/views/themes/default1/agent/helpdesk/ticket/answered.blade.php
+++ b/resources/views/themes/default1/agent/helpdesk/ticket/answered.blade.php
@@ -119,12 +119,12 @@ if (Auth::user()->role == 'agent') {
                             <div class="col-md-12">
                                 <div id="merge-succ-alert" class="alert alert-success alert-dismissable" style="display:none;" >
                                     <!--<button id="dismiss-merge" type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>-->
-                                    <h4><i class="icon fa fa-check"></i>{!! Lang::get('lag.alert') !!}!</h4>
+                                    <h4><i class="icon fa fa-check"></i>{!! Lang::get('lang.alert') !!}!</h4>
                                     <div id="message-merge-succ"></div>
                                 </div>
                                 <div id="merge-err-alert" class="alert alert-danger alert-dismissable" style="display:none;">
                                     <!--<button id="dismiss-merge2" type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>-->
-                                    <h4><i class="icon fa fa-ban"></i>{!! Lang::get('lag.alert') !!}!</h4>
+                                    <h4><i class="icon fa fa-ban"></i>{!! Lang::get('lang.alert') !!}!</h4>
                                     <div id="message-merge-err"></div>
                                 </div>
                             </div>
@@ -147,6 +147,7 @@ if (Auth::user()->role == 'agent') {
                                 <label>{!! Lang::get('lang.merge-reason') !!}</label>
                                 <textarea  name="reason" class="form-control"></textarea>
                             </div>
+
                         </div>
                     </div><!-- mereg-body-form -->
                 </div><!-- merge-body -->
@@ -216,6 +217,7 @@ if (Auth::user()->role == 'agent') {
     </div>
 </div>
 {!! $table->script('vendor.Chumper.ticket-javascript') !!}
+
 <script>
     var t_id = [];
     var option = null;
@@ -238,6 +240,7 @@ if (Auth::user()->role == 'agent') {
 
     $(function() {
         // Enable check and uncheck all functionality
+
         $(".checkbox-toggle").click(function() {
             var clicks = $(this).data('clicks');
             if (clicks) {
@@ -253,13 +256,17 @@ if (Auth::user()->role == 'agent') {
                 //Check all checkboxes
                 $("input[type='checkbox']", ".mailbox-messages").iCheck("check");
                 // alert('Hallo');
-                showAssign(t_id);
                 t_id = [];
+                showAssign(t_id)
             }
             $(this).data("clicks", !clicks);
+
         });
+
+
     });
 
+
     $(document).ready(function() { /// Wait till page is loaded
         $('#click').click(function() {
             $('#refresh').load('inbox #refresh');
@@ -267,15 +274,19 @@ if (Auth::user()->role == 'agent') {
             $('#count_refresh').load('inbox #count_refresh');
             $("#show").show();
         });
+
         $(".select2").select2();
+
         $('#delete').on('click', function() {
             option = 0;
             $('#myModalLabel').html("{{Lang::get('lang.delete-tickets')}}");
         });
+
         $('#close').on('click', function() {
             option = 1;
             $('#myModalLabel').html("{{Lang::get('lang.close-tickets')}}");
         });
+
         $("#modalpopup").on('submit', function(e) {
             e.preventDefault();
             var msg = "{{Lang::get('lang.confirm')}}";
@@ -293,6 +304,7 @@ if (Auth::user()->role == 'agent') {
         $(".closemodal, .no").click(function() {
             $("#myModal").css("display", "none");
         });
+
         $('.yes').click(function() {
             var values = getValues();
             if (values == "") {
diff --git a/resources/views/themes/default1/agent/helpdesk/ticket/assigned.blade.php b/resources/views/themes/default1/agent/helpdesk/ticket/assigned.blade.php
old mode 100644
new mode 100755
index d0f7c0dbd..ec447d5e4
--- a/resources/views/themes/default1/agent/helpdesk/ticket/assigned.blade.php
+++ b/resources/views/themes/default1/agent/helpdesk/ticket/assigned.blade.php
@@ -245,7 +245,7 @@ if (Auth::user()->role == 'agent') {
                 t_id = $('.selectval').map(function() {
                     return $(this).val();
                 }).get();
-                showAssign(t_id)
+                showAssign(t_id);
                 // alert(checkboxValues);
             } else {
                 //Check all checkboxes
diff --git a/resources/views/themes/default1/client/helpdesk/unauth/showticket.blade.php b/resources/views/themes/default1/client/helpdesk/unauth/showticket.blade.php
old mode 100644
new mode 100755
index 4c97a1e8b..6916188ee
--- a/resources/views/themes/default1/client/helpdesk/unauth/showticket.blade.php
+++ b/resources/views/themes/default1/client/helpdesk/unauth/showticket.blade.php
@@ -49,6 +49,7 @@ $thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', $tick
                     <table><tbody>
                             <?php $ratings = App\Model\helpdesk\Ratings\Rating::orderby('display_order')->get(); ?>
                         <form id="foo">
+                            {!! csrf_field() !!}
                             @foreach($ratings as $rating) 
 
                             @if($rating->rating_area == 'Helpdesk Area')