diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php
index 32e6912b9ea..341c21e06f0 100644
--- a/htdocs/core/class/html.formticket.class.php
+++ b/htdocs/core/class/html.formticket.class.php
@@ -73,6 +73,8 @@ class FormTicket
public $withfile;
public $withfilereadonly;
+ public $backtopage;
+
public $ispublic; // To show information or not into public form
public $withtitletopic;
@@ -1358,6 +1360,7 @@ class FormTicket
print '';
print '';
print '';
+ print '';
foreach ($this->param as $key => $value) {
print '';
}
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index e00c1887fa7..98de8c12e5c 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -516,7 +516,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt(
$sensitiveget = false;
if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) {
// All GET actions and mass actions are processed as sensitive.
- if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'file_manager'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
+ if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'file_manager', 'presend', 'presend_addmessage'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
$sensitiveget = true;
}
} elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) {
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 589f7ca0590..7c79ab5a780 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -56,7 +56,7 @@ $ref = GETPOST('ref', 'alpha');
$projectid = GETPOST('projectid', 'int');
$cancel = GETPOST('cancel', 'alpha');
$action = GETPOST('action', 'aZ09');
-$backtopage = GETPOST('$backtopage', 'alpha');
+$backtopage = GETPOST('backtopage', 'alpha');
$contactid = GETPOST('contactid', 'int');
$notifyTiers = GETPOST("notify_tiers_at_create", 'alpha');
@@ -1508,6 +1508,8 @@ if ($action == 'create' || $action == 'presend') {
$formticket->withsubstit = 1;
$formticket->substit = $substitutionarray;
+ $formticket->backtopage = $backtopage;
+
$formticket->showMessageForm('100%');
print '';
}
diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php
index 91904a97dab..c774c4364e8 100644
--- a/htdocs/ticket/messaging.php
+++ b/htdocs/ticket/messaging.php
@@ -245,12 +245,12 @@ if (!empty($object->id)) {
// Show link to add a message (if read and not closed)
- $btnstatus = $object->fk_statut < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
- $url = 'card.php?track_id='.$object->track_id.'&action=presend_addmessage&mode=init';
+ $btnstatus = $object->status < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
+ $url = 'card.php?track_id='.$object->track_id.'&action=presend_addmessage&mode=init&backtopage='.urlencode($_SERVER["PHP_SELF"].'?track_id='.$object->track_id);
$morehtmlright .= dolGetButtonTitle($langs->trans('TicketAddMessage'), '', 'fa fa-comment-dots', $url, 'add-new-ticket-title-button', $btnstatus);
// Show link to add event (if read and not closed)
- $btnstatus = $object->fk_statut < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
+ $btnstatus = $object->status < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
$url = DOL_URL_ROOT.'/comm/action/card.php?action=create&datep='.date('YmdHi').'&origin=ticket&originid='.$object->id.'&projectid='.$object->fk_project.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?track_id='.$object->track_id);
$morehtmlright .= dolGetButtonTitle($langs->trans('AddAction'), '', 'fa fa-plus-circle', $url, 'add-new-ticket-even-button', $btnstatus);