osTicket v1.9.8 Released!

There is a new version of the 1.9 series, specifically the stable 1.9.8  You can get this version via github or at http://osticket.com/download.  It features some improvements/bug fixes, and an important security update.  Here is a list of the changes:

Enhancements

  • Update user information for existing users when importing CSV (#1993)
  • Agent names are consistently formatted and sorted throughout the system (#1972)
  • Memcache session backend support. (See include/ost-sampleconfig.php) (#2031)
  • Email domain validation includes DNS record verification (#2042)
  • Make ticket queue selection sticky (aa2dc85)

Improvements

  • Fix incorrect mapping of ISO charsets to ISO-8859-1, thanks @nerull7
  • Fix unnecessary drop of ticket CDATA table because of update to deleted field (#1932)
  • Fix inability to create or update organization custom data (#1942)
  • Fix inability to update some fields of user custom data (#1942)
  • Fix filtering user custom data for email tickets (#1943)
  • Fix missing email headers resulting in incorrectly threaded emails when delivered (#1947)
  • Cleanup file data when removing custom file uploads (#1942)
  • Fix crash when exporting PDF and PHAR extension is not enabled
  • Fix crash processing some TNEF documents (89f3ed7, #1956)
  • Fix handling of GBK charset when gb2312 is advertised (#2000)
  • Fix link to client ticket listing when logged in, thanks @neewy (#1952)
  • Disambiguate staff and collaborators when processing a some emails (#1983)
  • Fix several i18n phrase and layout issues (#1958, #1962, #2039)
  • Improve detection of some bounce notices with alternative content (#1994)
  • Fix image URL rewrite when pasting existing images, from a KB article for instance (#1960)
  • Preserve internal note formatting on new ticket by staff if HTML is disabled (#2001)
  • Touch organization updated timestamp on custom data update (#2007)
  • Fix deployment on Windows® platforms, thanks @yadimon (#2033)
  • Fix upgrade crash if retrying an old, failed upgrade from v1.6 (#1995)
  • Fix corruption of some html content (9ae01bf)

osTicket v1.9.6 Pending Release!

There is a new version of the 1.9 series being released soon! This maintenance release specifically stable version 1.9.6  can be grabbed via github or preferably at  http://osticket.com/download once it's released.  It features some enhancements, improvements/bug fixes, and and a few Performance and Security fixes.  Here is a list of the changes:

Enhancements

  • New Message-Id system allowing for better threading in mail clients (#1549, #1730)
  • Fix forced session expiration after 24 hours (#1677)
  • Staff panel logo is customizable (#1718)
  • Priority fields have a selectable default (instead of system default) (#1732)
  • Import/Export support for file contents via cli (#1661)

Improvements

  • Fix broken links in documentation, thanks @Chefkeks (#1675)
  • Fix handling of some Redmond-specific character set encoding names (#1698)
  • Include the user's name in the "To" field of outbound email (#1549)
  • Delete collaborators when deleting tickets (#1709)
  • Fix regression preventing auto-responses for staff new tickets (#1712)
  • Fix empty export if ticket details form has multiple priority fields (#1732)
  • Fix filtering by list item properties in ticket filters (#1741)
  • Fix missing icon for "add new filter", thanks @Chefkeks (#1735)
  • Support Firefox v6 – v12 on the file drop widget (#1776)
  • Show update errors on access templates (#1778)
  • Allow empty staff login banner on update (#1778)
  • Fix corruption of text thread bodies for third-party collaborator email posts (#1794)
  • Add some hidden template variables to pop out content (#1781)
  • Fix missing validation for user name and email address (#1816, eb8858e)
  • Turn off search indexing when complete, disable incorrectly implemented work breaking, squelch error 1062 email from search backend (afa9692)
  • Fix possible out of memory crash in custom forms (#1707, 0440111)

Performance and Security

  • Fix generation of random data on Windows® platforms (#1672)
  • Fix possible DoS and brute force on login pages (#1727)
  • Fix possible redirect away from HTTPS on client login page, thanks @ldrumm (#1782)

You can read more about it at the github repository.   As usual it is recommended that you upgrade immediately.

Revisted: MyFitnessPal 2015

Back in mid 2012 I wrote a review of a mobile cell phone app called MyFitnessPal (which also has a webpage) myfitnesspal.com. A few months after that I followed up the post with an update about it. Here we are in 2015 and I figured that I should do my due diligence of updating you about it again.

You can read these posts here:
One month of MyFitnessPal a review (27 Jul 2012)
Three months of MyFitnessPal a review (25 Sept 2012)

While I’ve never fully stopped using the software I did stop being as complete or thorough as I should have been. I’ve since also picked up a FitBit Flex. But none of that is why I am writing today.

Yesterday Under Armour (UA) [and MFP] announced that they reached an agreement to purchased MFP for $475 million. What does this mean to you? Well according to the MFP blog post (source 2 below):

“In the meantime, please rest assured that your experience with MyFitnessPal will not change. Our products, services and team will remain the same. MyFitnessPal will still be free to use, you own your data and Under Armour will never sell it to any third parties. We will also continue to sync with your wearable devices and fitness apps.”

source 1: Motley Fool
source 2: MyFitnessPal

server upgraded

You may have noticed that the site is serving a lot faster recently. On Jan 23rd 2015 I migrated the site from my old server to my new server. The old server was an old HP Proliant ML350 with two (2) Intel (R) XEON(TM) 3.4Ghz processors with 2 cores each (2mb cache), 2 GB of DDR2 400mhz ram. The new machine is a virtual which has five (5) Intel(R) Xeon(R) 2.67Ghz processor cores (20mb cache) and 8 GB of DDR3 1333mhz.

Initially I threw more processors and less RAM at it, but after playing around with it for the last few days I've lowered the processors and upped the RAM. So far I'm quite happy with how its worked out. 

osTicket v1.9.5.1 Released!

There is a new version of the 1.9 series, specifically the stable 1.9.5.1  You can get this version via github or at http://osticket.com/download.  It features some improvements/bug fixes, and an important security update.  Here is a list of the changes:

Improvements

  • Fix file.php to serve files added to system before osTicket v1.9.1 (e02ab9a)
  • Fix file.php to serve files if client panel or system is offline (6bb7843)
  • Fix popover download of inline images (8d3a130)
  • Avoid de-duplicating zero-length files (98caa70)
  • Send new message alert to team members if not assigned to an agent (b7e75b1)
  • Fix import of users to organization not setting the organization (1220238)
  • Fix redactor toolbar showing over the date picker (#1450, thanks @Chefkeks)

Performance and Security

  • Fix XSS vulnerability in client language selection (b38b3ca)

 

You can read more about it at the github repository.  The XSS vulnerability was disvocered by forum user erickroco and reported in this thread: osTicket 1.9.5 – XSS vulnerabilities reported by OWASP ZAP. It is recommended that you upgrade immediately.

osTicket v1.9.5 Released!

The folks over at osticket.com have released a new version of the 1.9 series, specifically the stable 1.9.5.  You can get this version via github or at http://osticket.com/download.  It features a slew of enhancements, bug fixes, and security updates.  Here is a list of them:

Enhancements

  • Add support for organization vars in templates (%{ticket.user.organization…}) (#1561)
  • Canned responses feature can now be disabled (#1562)
  • Drop link redirection through l.php (#1640)
  • Use unified file download script (#1641). Links can now be shared with external users and accessed without authenticating.
  • Ticket filters support matching and banning based on the Reply-To user information (#1645)

Improvements

  • Remove custom data when users are deleted (#1492)
  • Fix matching of ticket number in subject (regression in v1.9.4) (#1486)
  • Several minor translatable strings (#1441, #1489, #1560), thanks @Chefkeks
  • Fix invalid UTF-8 chars PDF error for empty thread title (regression in v1.9.4) (#1512)
  • Consider auto response checkbox and department setting for new ticket by staff (#1509)
  • Fix PHP crash if finfo extension is missing (#1437)
  • Fix export of choice field items (#1436)
  • Properly handle alert and auto response flags from API (#1435), thanks @stevepacker
  • Fix current value of choice fields if set to boolean false (#1466)
  • Do not reopen tickets for automated responses (#1529)
  • Properly handle uppercase file extensions in file field configuration (#1549)
  • Fix release of ticket lock when navigating away from ticket view (#1552)
  • Display FAQ article consistently on client portal (#1553)
  • Avoid wrapping password reset URLs on text emails (#1558)
  • Fix field requirement for clients when only required for agents (#1559)
  • Fix language selection for new email template group (#1563)
  • Fix incorrect status of new ticket if opened as closed and assigning to an agent (#1565)
  • Forbid disabling the only active administrator (#1569)
  • Searching for tickets searches to midnight of the end date (#1572), thanks @grintor
  • Fix rejection of tickets by filter, even if a previous matching filter would stop on match (#1644)
  • Fix matching of User / Email Address in ticket filters (#1644)
  • Properly HTML escape thread bodies when quoting (#1637)
  • Use department email for agent alerts (#1555)
  • Skip team assignment alert on new ticket if assigned to an agent (fddb3c7)
  • Use custom form name as the page title when editing (#1646)
  • Fix failed ticket number match in email subject line (2e01010)

Performance and Security

  • Fix possible XSS vulnerability in sortable table view pages (#1639)

 

You can read more about it at the github repository.  They made maintance releases for the 1.7 and 1.8 series which should fix some of the issues in those.  

Lastly they made an important notice regarding the 1.7 tree on their blog: 
"Notice: osTicket 1.7 series is reaching end of life.  As of March 31st, 2015, we'll no longer maintain 1.7 series. Users are highly encouraged to make plans to upgrade to the latest release or 1.8 series in the coming months."
source: 
http://www.osticket.com/blog/115

osTicket 1.9.4 released

Yesterday the folks over at osticket.com released the latest version of the 1.9 series, specifically the stable 1.9.4.  This version had not only a DPR (Developer Preview Release) and 5 RC (release candidates) before going live.  You can get this version via github or at http://osticket.com/download.  It features a slew of enhancements, bug fixes, and security updates.  Here is a list of them:

Major New Features

  • New ticket states (archived, and deleted) (#1094, #1159)
  • Custom ticket statuses (#1159)
  • Custom ticket number formats (#1128)
  • Full text search capabilities (beta)
  • Multiselect for choice fields and custom list selections
  • Phase II Multi-Lingual Support (User Interface) (see http://i18n.osticket.com and http://jipt.i18n.osticket.com) (#1096)
    • Active interface translations of 46 languages currently
    • Popup help tip documentation in all languages
    • Flags displayed on client portal for manual switch of UI language by endusers
    • Automatic detection of enduser and agent language preference as advertised by the browser
    • Improved PDF ticket printing support, including greater support for eastern characters such as Thai, Korean, Chinese, and Japanese
    • Proper support for searching, including breaking words for languages which do not use word breaks, such as Japanese
    • Proper user interface layout for right-to-left languages such as Hebrew, Arabic, and Farsi
    • Right-to-Left support for the HTML text editor, regardless of the viewing user’s current language setting
    • Proper handling of bidirectional text in PDF output and in the ticket view

Enhancements

  • Plugins can have custom configurations (#1156)
  • Upgrade to mPDF to v5.7.3 (#1356)
  • Add support for PDF fonts in language packs (#1356)
  • Advanced search improved to support multiple selections, custom status and flags

Improvements

  • Fix display of text thread entries with HTML characters (<) (#1360)
  • Fix crash creating new ticket if organization custom data has a selection field (#1361)
  • Fix footer disappearance on PJAX navigation (#1366)
  • Fix User Directory not sortable by user status (#1375)
  • Fix loss of enduser or agent priority selection on new ticket (#1365)
  • Add validation error if setting EndUser username to an email address (#1368)
  • Fix skipped validation of some fields (#1369) (regression from rc4)
  • Fix detection of inline attachments from rich text inputs (#1357)
  • Fix dropping attachments when updating canned responses (#1357)
  • Fix PJAX navigation crash in some browsers (#1378)
  • Fix searching for tickets in the client portal (#1379) (regression from rc4)
  • Fix crash submitting new ticket as agent with validation errors (#1380)
  • Fix display of unanswered tickets in open queue (#1384)
  • Fix incorrect statistics on dashboard page (#1345)
  • Fix sorting by ticket number if using sequential numbers
  • Fix threading if HTML is enabled and QR is disabled (#1197)
  • Export ticket “created” date (#1201)
  • Fix duplicate email where a collaborator would receive a confirmation for his own message (#1235)
  • Fix multi-line display of checkbox descriptions (#1160)
  • Fix API validation failure for custom list selections (#1238)
  • Fix crash adding a new user with a selection field custom data
  • Fix failed user identification from email headers if “References” header is sorted differently be mail client (#1263)
  • Fix deletion of inline images on pages if draft was not saved (#1288)
  • Fix corruption of custom date time fields on client portal if using non US date format (#1320)
  • Fix corruption of email mailbox if improperly encoded as ISO-8859-1 without RFC 2047 charset hint (#1332)
  • Fix occasional MySQL Commands OOS error from ORM (#1334)

Performance and Security

  • Fix possible XSS vulnerability in email template management (#1163)

 

You can read more about it at their at github.  They additionally released maintance release for the 1.7 and 1.8 series which should fix some of the issues in those.

osTicket 1.9.2 released

Earlier today the folks over at osticket.com released the latest version of the 1.9 series, specifically the stable 1.9.2.  You can get this version via github or at http://osticket.com/download.  It features a slew of enhancements, bug fixes, and security updates.  Here is a list of them:

Enhancements

  • Help topics have super powers (#974)
    • They can be arbitrarily nested
    • They can be manually sorted
    • Admins can select a system default help topic
    • They can inherit the form from a parent
  • Form data entered to custom forms is preserved when switching help topics
  • Update to Redactor 9.2.4 (http://imperavi.com/redactor/log/)
  • Using canned responses no longer requires [Append] click (#973)
  • Guests can sign out (#1000)
  • Filter by custom list item properties (#1024)
  • Time selection is based on admin configured time format (#1036)
  • (Optionally) clients can access tickets without clicking email link (#999)
  • Introduction of signals for mail filter plugins (#952)

Improvements

  • Fix a few glitches on site page management (#986)
  • Fix saving department alert recipients (#985)
  • Fix assignment to account manager regardless of setting (#1013)
  • Fix dialog boxes on some PJAX navigations (#1034)
  • Help topics are properly sorted in FAQ management (#1035)
  • Fix MySQL commands out-of-sync triggered by the ORM (#1012)
  • Clients can follow email links from multiple tickets (#1001)
  • Workaround for PHP variable corruption issue (#917, #969)
  • All other improvements cited in v1.8.3

Performance and Security

  • Fix XSS vulnerability in phone number widget (#1025)
  • Fix several XSS vulnerabilities in client and staff interfaces (#1024, #1025)

 

You can read more about it at their blog post.  They additionally released maintenance release for the 1.7 and 1.8 series which should fix some of the issues in those.

osTicket 1.9.x – Email Template Variables

This will be the email template variables (tokens) page for 1.9.1+ (until 2.0). Below is the old list from osTicket 1.8.0+ Email Template Variables, I'll be adding and removing from it over time.

osTicket Template Vars

Client Names VARS
first: %{ticket.name.first}
last: %{ticket.name.last}
lastfirst: %{ticket.name.lastfirst}
short: %{ticket.name.short}
shortformal: %{ticket.name.shortformal}
full: %{ticket.name.full}
original: %{ticket.name.original}
formal: %{ticket.name.formal}
initials: %{ticket.name.initials}
legal: %{ticket.name.legal}

Recipient Vars
name: %{recipient.name}
first name: %{recipient.name.first}
last name: %{recipient.name.last}
lastfirst: %{recipient.name.lastfirst}
short: %{recipient.name.short}
shortformal: %{recipient.name.shortformal}
full: %{recipient.name.full}
original: %{recipient.name.original}
formal: %{recipient.name.formal}
initials: %{recipient.name.initials}
legal: %{recipient.name.legal}
recipients: %{ticket.recipients}
User Access link: %{recipient.ticket_link}
Email: %{recipient.email}

Staff Name VARS
first: %{staff.name.first}
last: %{staff.name.last}
lastfirst: %{staff.name.lastfirst}
short: %{stafff.name.short}
shortformal: %{staff.name.shortformal}
full: %{staff.name.full}
original: %{staff.name.original}
formal: %{staff.name.formal}
initials: %{staff.name.initials}
legal: %{staff.name.legal}

staff name: %{staff.name}
staff first: %{staff.name.first}
staff last: %{staff.name.last}

staff or department signature: %{signature}
Company Name: %{company.name}

Ticket Vars
Ticket ID (internal): %{ticket.id}
Ticket Number (external): %{ticket.number}
Email: %{ticket.email}
From: %{ticket.name}
Phone | Ext: %{ticket.phone}
Priotity: %{ticket.priority}
Subject: %{ticket.subject}
Original ticket body: %{ticket.thread.original}
Submitted: %{ticket.create_date}
Topic: %{ticket.topic.name}
posters name %{poster.name}

Assigned staff and/or team: %{ticket.assigned}
Due Date: %{ticket.due_date}
Date Closed: %{ticket.close_date}

Auth. token used for auto-login: %{ticket.auth_token}
RETIRED Client's ticket view link: %{ticket.client_link} users should upgrade to the token %{recipient.ticket_link}
Staff's ticket view link: %{ticket.staff_link}

OLD Help Topic: %{ticket.topic}
Help Topic: %{ticket.topic.name}

Department: %{ticket.dept}
Department Name: %{ticket.dept.name}
Department Manager Name: ${ticket.dept.manager.name}
Assigned/closing staff: %{ticket.staff}
Assigned/closing team: %{ticket.team}

Other Variables

Incoming message: ${message} [instead of this user comments for assigned note]
To get the last message use: %{ticket.thread.lastmessage}
Outgoing Response: ${response}
name of responder: %{response.poster}
Assign/transfer comments: %{comments}
Assigned staff/team: %{assignee}
Staff assigning ticket: %{assigner}
osTicket base URL (FQDN): %{url}
Password Reset URL: %{reset_link}

Internal Note VARS
OLD Internal Note: %{note}
Note Poster: %{note.poster}
Note Title: %{note.title}
Note Message" %{note.message}

Custom variables, such as those you add via Manage -> Forms can be accessed using the name that you gave them and the prefix the the built in form that you added them to. So if you added a field called Agency that was added to the built in "Ticket Details" you would access it as ticket.agency, aka:

%{ticket.VARIABLE}

Data associated with "Contact Information" is available via %{ticket.user.VARIABLE}. Where VARIABLE is the variable name that you assigned the field in the form. Data associated with other forms (such as extra forms added to help topics) is currently not available this way. It's been this way since 1.8.0.1 iirc.

 

It is important to note that while I have tested many of these, I have not tested all of them. Any labeled as OLD might not work anymore as they appear to have been replaced with new versions. Enjoy!

If you find something wrong with this list please email me at ntozier at osticket dot com and I will update this list when I get a chance. Thanks!

Update 05/22/2015 Forum user Belwi gave me the following to add %{ticket.source} %{response.create_date} %{message.create_date} %{poster.name} %{poster.email}

Update 6/24/2015 Forth coming version 1.10 has a variable type ahead feature which should trivialize this list.

Update 11/16/2015 Forthcoming version 1.10 has a variable that allows emailing attachments to the Agent.  The variable for this is %{message.files}