mirror of
https://port.numenaute.org/aleajactaest/khanat-opennel-code.git
synced 2024-11-19 13:46:13 +00:00
create ticket works, also admins can create other people's tickets
This commit is contained in:
parent
35d8d4a89a
commit
a81cfa976f
7 changed files with 210 additions and 29 deletions
|
@ -41,4 +41,17 @@ class DBLayer{
|
|||
}
|
||||
}
|
||||
|
||||
public function executeReturnId($query,$params){
|
||||
try{
|
||||
$statement = $this->PDO->prepare($query);
|
||||
$this->PDO->beginTransaction();
|
||||
$statement->execute($params);
|
||||
$lastId =$this->PDO->lastInsertId();
|
||||
$this->PDO->commit();
|
||||
return $lastId;
|
||||
}catch (PDOException $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -16,7 +16,7 @@ class Ticket{
|
|||
|
||||
|
||||
//Set ticket object
|
||||
public function setTicket($t,$s,$q,$t_c,$a){
|
||||
public function set($t,$s,$q,$t_c,$a){
|
||||
$this->title = $t;
|
||||
$this->status = $s;
|
||||
$this->queue = $q;
|
||||
|
@ -29,7 +29,7 @@ class Ticket{
|
|||
$dbl = new DBLayer($this->db);
|
||||
$query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (now(), :title, :status, :queue, :tcat, :author)";
|
||||
$values = Array('title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author);
|
||||
$dbl->execute($query, $values);
|
||||
$this->tId = $dbl->executeReturnId($query, $values); ;
|
||||
}
|
||||
|
||||
//return constructed element based on TId
|
||||
|
@ -56,32 +56,12 @@ class Ticket{
|
|||
}
|
||||
|
||||
//Getters
|
||||
public function getPermission(){
|
||||
return $this->permission;
|
||||
}
|
||||
|
||||
|
||||
public function getExternId(){
|
||||
return $this->externId;
|
||||
}
|
||||
|
||||
|
||||
public function getTUserId(){
|
||||
return $this->tUserId;
|
||||
public function getTId(){
|
||||
return $this->tId;
|
||||
}
|
||||
|
||||
//setters
|
||||
public function setPermission($perm){
|
||||
$this->permission = $perm;
|
||||
}
|
||||
|
||||
|
||||
public function setExternId($id){
|
||||
$this->externId = $id;
|
||||
}
|
||||
|
||||
|
||||
public function setTUserId($id){
|
||||
$this->tUserId = $id;
|
||||
public function setTId($id){
|
||||
$this->tId = $id;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,68 @@
|
|||
<?php
|
||||
|
||||
class Ticket_Content{
|
||||
|
||||
private $tContentId;
|
||||
private $content;
|
||||
|
||||
public function __construct($db_data) {
|
||||
$this->db = $db_data;
|
||||
}
|
||||
|
||||
|
||||
//Creates a ticket_content entry in the DB
|
||||
public function create() {
|
||||
$dbl = new DBLayer($this->db);
|
||||
$query = "INSERT INTO ticket_content (Content) VALUES (:content)";
|
||||
$values = Array('content' => $this->content);
|
||||
$this->tContentId = $dbl->executeReturnId($query, $values); ;
|
||||
}
|
||||
|
||||
//return constructed element based on TCategoryId
|
||||
public static function constr_TContentId( $id, $db_data) {
|
||||
$instance = new self($db_data);
|
||||
$instance->setTContentId($id);
|
||||
return $instance;
|
||||
}
|
||||
|
||||
//return constructed element based on TContentId
|
||||
public function load_With_TContentId( $id) {
|
||||
$dbl = new DBLayer($this->db);
|
||||
$statement = $dbl->execute("SELECT * FROM ticket_content WHERE TContentId=:id", array('id' => $id));
|
||||
$row = $statement->fetch();
|
||||
$this->tContentId = $row['TContentId'];
|
||||
$this->content = $row['Content'];
|
||||
}
|
||||
|
||||
//update private data to DB.
|
||||
public function update(){
|
||||
$dbl = new DBLayer($this->db);
|
||||
$query = "UPDATE ticket_content SET Content = :content WHERE TContentId=:id";
|
||||
$values = Array('id' => $this->tContentId, 'content' => $this->content);
|
||||
$statement = $dbl->execute($query, $values);
|
||||
}
|
||||
|
||||
//Getters
|
||||
public function getContent(){
|
||||
if ($this->content == ""){
|
||||
$this->load_With_TContentId($this->tContentId);
|
||||
}
|
||||
return $this->content;
|
||||
}
|
||||
|
||||
|
||||
public function getTContentId(){
|
||||
return $this->tContentId;
|
||||
}
|
||||
|
||||
|
||||
//setters
|
||||
public function setContent($c){
|
||||
$this->content = $c;
|
||||
}
|
||||
|
||||
public function setTContentId($c){
|
||||
$this->tContentId = $c;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,107 @@
|
|||
<?php
|
||||
|
||||
class Ticket_Reply{
|
||||
private $tReplyId;
|
||||
private $ticket;
|
||||
private $content;
|
||||
private $author;
|
||||
private $timestamp;
|
||||
private $db;
|
||||
|
||||
//////////////////////////////////Methods/////////////////////////////////
|
||||
|
||||
public function __construct($db_data) {
|
||||
$this->db = $db_data;
|
||||
}
|
||||
|
||||
|
||||
//Set ticket_reply object
|
||||
public function set($t,$c,$a){
|
||||
$this->ticket = $t;
|
||||
$this->content = $c;
|
||||
$this->author = $a;
|
||||
}
|
||||
|
||||
//create ticket by writing private data to DB.
|
||||
public function create(){
|
||||
$dbl = new DBLayer($this->db);
|
||||
$query = "INSERT INTO ticket_reply (Ticket, Content, Author, Timestamp) VALUES (:ticket, :content, :author, now())";
|
||||
$values = Array('ticket' => $this->ticket, 'content' => $this->content, 'author' => $this->author);
|
||||
$dbl->execute($query, $values);
|
||||
}
|
||||
|
||||
//return constructed element based on TCategoryId
|
||||
public static function constr_TReplyId( $id, $db_data) {
|
||||
$instance = new self($db_data);
|
||||
$instance->setTReplyId($id);
|
||||
return $instance;
|
||||
}
|
||||
|
||||
//return constructed element based on TId
|
||||
public function load_With_TReplyId( $id) {
|
||||
$dbl = new DBLayer($this->db);
|
||||
$statement = $dbl->execute("SELECT * FROM ticket_reply WHERE TReplyId=:id", array('id' => $id));
|
||||
$row = $statement->fetch();
|
||||
$this->tReplyId = $row['TReplyId'];
|
||||
$this->ticket = $row['Ticket'];
|
||||
$this->content = $row['Content'];
|
||||
$this->author = $row['Author'];
|
||||
$this->timestamp = $row['Timestamp'];
|
||||
}
|
||||
|
||||
//update private data to DB.
|
||||
public function update(){
|
||||
$dbl = new DBLayer($this->db);
|
||||
$query = "UPDATE ticket SET Ticket = :ticket, Content = :content, Author = :author, Timestamp = :timestamp WHERE TReplyId=:id";
|
||||
$values = Array('id' => $this->tReplyId, 'timestamp' => $this->timestamp, 'ticket' => $this->ticket, 'content' => $this->content, 'author' => $this->author);
|
||||
$statement = $dbl->execute($query, $values);
|
||||
}
|
||||
|
||||
|
||||
//////////////////////////////////Getters/////////////////////////////////
|
||||
public function getTicket(){
|
||||
return $this->ticket;
|
||||
}
|
||||
|
||||
|
||||
public function getContent(){
|
||||
return $this->content;
|
||||
}
|
||||
|
||||
public function getAuthor(){
|
||||
return $this->author;
|
||||
}
|
||||
|
||||
public function getTimestamp(){
|
||||
return $this->timestamp;
|
||||
}
|
||||
|
||||
|
||||
public function getTReplyId(){
|
||||
return $this->tReplyId;
|
||||
}
|
||||
|
||||
|
||||
///////////////////////////////////setters////////////////////////////////
|
||||
public function setTicket($t){
|
||||
$this->ticket = $t;
|
||||
}
|
||||
|
||||
|
||||
public function setContent($c){
|
||||
$this->content = $c;
|
||||
}
|
||||
|
||||
public function setAuthor($a){
|
||||
$this->author = $a;
|
||||
}
|
||||
|
||||
public function setTimestamp($t){
|
||||
$this->timestamp = $t;
|
||||
}
|
||||
|
||||
|
||||
public function setTReplyId($i){
|
||||
$this->tReplyId = $i;
|
||||
}
|
||||
}
|
|
@ -20,7 +20,7 @@ function change_info(){
|
|||
//use current info to check for changes
|
||||
$current_info = $webUser->getInfo($_POST['target_id']);
|
||||
|
||||
//TODO: XSS filtering
|
||||
|
||||
$current_info['FirstName'] = filter_var($current_info['FirstName'], FILTER_SANITIZE_STRING);
|
||||
$current_info['LastName'] = filter_var($current_info['LastName'], FILTER_SANITIZE_STRING);
|
||||
$current_info['Country'] = filter_var($current_info['Country'], FILTER_SANITIZE_STRING);
|
||||
|
|
|
@ -19,9 +19,22 @@ function create_ticket(){
|
|||
}else{
|
||||
$author= Ticket_User::constr_ExternId($_POST['target_id'], $cfg['db']['lib'])->getTUserId();
|
||||
}
|
||||
|
||||
$ticket = new Ticket($cfg['db']['lib']);
|
||||
$ticket->setTicket($title,0,0,$category,$author);
|
||||
$ticket->set($title,0,0,$category,$author);
|
||||
$ticket->create();
|
||||
$ticket_id = $ticket->getTId();
|
||||
|
||||
|
||||
$ticket_content = new Ticket_Content($cfg['db']['lib']);
|
||||
$ticket_content->setContent($content);
|
||||
$ticket_content->create();
|
||||
$content_id = $ticket_content->getTContentId();
|
||||
|
||||
|
||||
$ticket_reply = new Ticket_Reply($cfg['db']['lib']);
|
||||
$ticket_reply->set($ticket_id, $content_id, $author);
|
||||
$ticket_reply->create();
|
||||
|
||||
}else{
|
||||
//ERROR: permission denied!
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
</div>
|
||||
<div class="box-content">
|
||||
<div class="row-fluid">
|
||||
<form id="changePassword" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
|
||||
<form id="changePassword" class="form-vertical" method="post" action="index.php?page=createticket&id={$target_id}">
|
||||
<legend>New ticket</legend>
|
||||
|
||||
<div class="control-group">
|
||||
|
|
Loading…
Reference in a new issue