Creation of a ticket (not the content yet though) seems to work
This commit is contained in:
Quitta
parent
9a89c0d90e
commit
a42443054e
5 changed files with 95 additions and 13 deletions
|
|
@ -16,8 +16,7 @@ class Ticket{
|
|||
|
||||
|
||||
//Set ticket object
|
||||
public function setTicket($ts,$t,$s,$q,$t_c,$a){
|
||||
$this->timestamp = $ts;
|
||||
public function setTicket($t,$s,$q,$t_c,$a){
|
||||
$this->title = $t;
|
||||
$this->status = $s;
|
||||
$this->queue = $q;
|
||||
|
|
@ -28,8 +27,8 @@ class Ticket{
|
|||
//create ticket by writing private data to DB.
|
||||
public function create(){
|
||||
$dbl = new DBLayer($this->db);
|
||||
$query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (:timestamp, :title, :status, :queue, :tcat, :author)";
|
||||
$values = Array('timestamp' => $this->timestamp, 'title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author);
|
||||
$query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (now(), :title, :status, :queue, :tcat, :author)";
|
||||
$values = Array('title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author);
|
||||
$dbl->execute($query, $values);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -42,6 +42,7 @@ function change_password(){
|
|||
exit;
|
||||
|
||||
}else{
|
||||
|
||||
$result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING);
|
||||
$result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING);
|
||||
$result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
|
||||
function create_ticket(){
|
||||
try{
|
||||
//if logged in
|
||||
if(WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])){
|
||||
|
||||
if(isset($_POST['target_id'])){
|
||||
|
||||
//if target_id is the same as session id or is admin
|
||||
if( ($_POST['target_id'] == $_SESSION['id']) || WebUsers::isAdmin() ){
|
||||
|
||||
global $cfg;
|
||||
$category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT);
|
||||
$title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING);
|
||||
$content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING);
|
||||
if($_POST['target_id'] == $_SESSION['id']){
|
||||
$author = $_SESSION['ticket_user']->getTUserId();
|
||||
}else{
|
||||
$author= Ticket_User::constr_ExternId($_POST['target_id'], $cfg['db']['lib'])->getTUserId();
|
||||
}
|
||||
$ticket = new Ticket($cfg['db']['lib']);
|
||||
$ticket->setTicket($title,0,0,$category,$author);
|
||||
$ticket->create();
|
||||
|
||||
}else{
|
||||
//ERROR: permission denied!
|
||||
$_SESSION['error_code'] = "403";
|
||||
header("Location: index.php?page=error");
|
||||
exit;
|
||||
}
|
||||
|
||||
}else{
|
||||
//ERROR: The form was not filled in correclty
|
||||
header("Location: index.php?page=settings");
|
||||
exit;
|
||||
}
|
||||
}else{
|
||||
//ERROR: user is not logged in
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
}catch (PDOException $e) {
|
||||
//go to error page or something, because can't access website db
|
||||
print_r($e);
|
||||
exit;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -1,14 +1,45 @@
|
|||
<?php
|
||||
|
||||
function createticket(){
|
||||
|
||||
//if logged in
|
||||
if(WebUsers::isLoggedIn()){
|
||||
//in case user_id-GET param set it's value as target_id, if no user_id-param is given, use the session id.
|
||||
if(isset($_GET['user_id'])){
|
||||
|
||||
if(($_GET['user_id'] != $_SESSION['id']) && (!WebUsers::isAdmin()) ){
|
||||
|
||||
//ERROR: No access!
|
||||
$_SESSION['error_code'] = "403";
|
||||
header("Location: index.php?page=error");
|
||||
exit;
|
||||
|
||||
}else{
|
||||
//if user_id is given, then set it as the target_id
|
||||
$result['target_id'] = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
|
||||
}
|
||||
|
||||
}else{
|
||||
//set session_id as target_id
|
||||
$result['target_id'] = $_SESSION['id'];
|
||||
|
||||
|
||||
}
|
||||
|
||||
//create array of category id & names
|
||||
global $cfg;
|
||||
$catArray = Ticket_Category::getAllCategories($cfg['db']['lib']);
|
||||
$result['category'] = Array();
|
||||
foreach($catArray as $catObj){
|
||||
$result['category'][$catObj->getTCategoryId()] = $catObj->getName();
|
||||
}
|
||||
|
||||
return $result;
|
||||
|
||||
//create array of category id & names
|
||||
global $cfg;
|
||||
$catArray = Ticket_Category::getAllCategories($cfg['db']['lib']);
|
||||
$result['category'] = Array();
|
||||
foreach($catArray as $catObj){
|
||||
$result['category'][$catObj->getTCategoryId()] = $catObj->getName();
|
||||
}else{
|
||||
//ERROR: not logged in!
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
//print_r($result);
|
||||
return $result;
|
||||
|
||||
}
|
||||
|
|
@ -42,7 +42,7 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<input type="hidden" name="function" value="change_info">
|
||||
<input type="hidden" name="function" value="create_ticket">
|
||||
<input type="hidden" name="target_id" value="{$target_id}">
|
||||
<div class="control-group">
|
||||
<label class="control-label"></label>
|
||||
|
|
|
|||
Loading…
Reference in a new issue