diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php
index 7c5007ddca2..176e2346c17 100644
--- a/htdocs/core/class/html.formticket.class.php
+++ b/htdocs/core/class/html.formticket.class.php
@@ -73,6 +73,8 @@ class FormTicket
public $withfile;
public $withfilereadonly;
+ public $backtopage;
+
public $ispublic; // To show information or not into public form
public $withtitletopic;
@@ -1363,6 +1365,7 @@ class FormTicket
print '';
print '';
print '';
+ print '';
foreach ($this->param as $key => $value) {
print '';
}
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 07bf2eeebc8..6fd72261bd1 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -518,7 +518,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt(
$sensitiveget = false;
if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) {
// All GET actions and mass actions are processed as sensitive.
- if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'file_manager'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
+ if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'file_manager', 'presend', 'presend_addmessage'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
$sensitiveget = true;
}
} elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) {
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 9abc2893cda..862ea805a72 100755
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -57,7 +57,7 @@ $ref = GETPOST('ref', 'alpha');
$projectid = GETPOST('projectid', 'int');
$cancel = GETPOST('cancel', 'alpha');
$action = GETPOST('action', 'aZ09');
-$backtopage = GETPOST('$backtopage', 'alpha');
+$backtopage = GETPOST('backtopage', 'alpha');
$contactid = GETPOST('contactid', 'int');
$notifyTiers = GETPOST("notify_tiers_at_create", 'alpha');
@@ -1521,6 +1521,8 @@ if ($action == 'create' || $action == 'presend') {
$formticket->withsubstit = 1;
$formticket->substit = $substitutionarray;
+ $formticket->backtopage = $backtopage;
+
$formticket->showMessageForm('100%');
print '';
}
diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php
index 8d6b555229e..6c8438b5ac0 100644
--- a/htdocs/ticket/messaging.php
+++ b/htdocs/ticket/messaging.php
@@ -246,12 +246,12 @@ if (!empty($object->id)) {
// Show link to add a message (if read and not closed)
- $btnstatus = $object->fk_statut < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
- $url = 'card.php?track_id='.$object->track_id.'&action=presend_addmessage&mode=init';
+ $btnstatus = $object->status < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
+ $url = 'card.php?track_id='.$object->track_id.'&action=presend_addmessage&mode=init&backtopage='.urlencode($_SERVER["PHP_SELF"].'?track_id='.$object->track_id);
$morehtmlright .= dolGetButtonTitle($langs->trans('TicketAddMessage'), '', 'fa fa-comment-dots', $url, 'add-new-ticket-title-button', $btnstatus);
// Show link to add event (if read and not closed)
- $btnstatus = $object->fk_statut < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
+ $btnstatus = $object->status < Ticket::STATUS_CLOSED && $action != "presend" && $action != "presend_addmessage";
$url = DOL_URL_ROOT.'/comm/action/card.php?action=create&datep='.date('YmdHi').'&origin=ticket&originid='.$object->id.'&projectid='.$object->fk_project.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?track_id='.$object->track_id);
$morehtmlright .= dolGetButtonTitle($langs->trans('AddAction'), '', 'fa fa-plus-circle', $url, 'add-new-ticket-even-button', $btnstatus);