-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathupdateTicket.php
99 lines (86 loc) · 3.66 KB
/
updateTicket.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
session_start();
require "../conf.inc.php";
require "../functions.php";
preventXSS($_POST);
print_r($_POST);
if(isset($_POST["closeTicket"]) && !empty($_POST["closeTicket"])){
$ticket = ticketInformation($_POST);
if(empty($ticket)){
$_SESSION["ticketError"] = true;
header("Location: ../userTicket.php");
}
elseif(!empty($ticket) && $ticket["state"] == 1){
$_SESSION["ticketAlreadyClose"] = true;
header("Location: ../userTicket.php?ticket_id=".$_POST["closeTicket"]);
}
else{
$time = getTimeForLog();
$userInfo = getInfo("member_id, member_lastname, member_firstname");
$connection = connectDB();
$query = $connection->prepare("UPDATE ticket SET state= :status, ticket_content= :content, last_update= NOW(), author_last_update= :author_last_update WHERE member= :member_id AND ticket_id= :id");
$query->execute([
"status"=>1,
"content"=>$ticket["ticket_content"]."<br><i>".$userInfo["member_firstname"]." ".$userInfo["member_lastname"]." a fermé le ticket le ".$time."</i><br>",
"member_id"=>$userInfo["member_id"],
"id"=>$_POST["closeTicket"],
"author_last_update"=>$userInfo["member_id"]
]);
header("Location: ../userTicket.php?ticket_id=".$_POST["closeTicket"]);
}
}
elseif(isset($_POST["updateTicket"]) && isset($_POST["ticketId"])){
$ticket = ticketInformation($_POST);
if(empty($ticket)){
$_SESSION["ticketError"] = true;
header("Location: ../userTicket.php");
}
elseif((strlen($_POST["updateTicket"]) > 10 || strlen($_POST["updateTicket"]) < 1000) && $ticket["state"] == 0){
$_POST["updateTicket"] = trim($_POST["updateTicket"]);
$time = getTimeForLog();
$userInfo = getInfo("member_id, member_lastname, member_firstname");
$connection = connectDB();
$query = $connection->prepare("UPDATE ticket SET ticket_content= :content, last_update= NOW(), author_last_update= :author_last_update WHERE member= :member_id AND ticket_id= :id");
$query->execute([
"content"=>$ticket["ticket_content"]."<br><u>".$userInfo["member_firstname"]." ".$userInfo["member_lastname"]." le ".$time." :</u> <br>".$_POST["updateTicket"]."<br>",
"member_id"=>$userInfo["member_id"],
"id"=>$_POST["ticketId"],
"author_last_update"=>$userInfo["member_id"]
]);
header("Location: ../userTicket.php?ticket_id=".$_POST["ticketId"]);
}
else{
$_SESSION["postForm"] = $_POST["updateTicket"];
$_SESSION["errorUpdateTicket"] = true;
header("Location: ../userTicket.php?ticket_id=".$_POST["ticketId"]);
}
}
elseif(isset($_POST["reopenTicket"])){
$ticket = ticketInformation($_POST);
if(empty($ticket)){
$_SESSION["ticketError"] = true;
header("Location: ../userTicket.php");
}
elseif(!empty($ticket) && $ticket["state"] == 0){
$_SESSION["ticketAlreadyOpen"] = true;
header("Location: ../userTicket.php?ticket_id=".$_POST["closeTicket"]);
}
else{
$time = getTimeForLog();
$userInfo = getInfo("member_id,member_firstname,member_lastname");
$connection = connectDB();
$query = $connection->prepare("UPDATE TICKET set state= :state, ticket_content= :content, last_update= NOW(), author_last_update= :author_last_update WHERE member= :member_id AND ticket_id= :id");
$query->execute([
"state"=>0,
"content"=>$ticket["ticket_content"]."<br><i>".$userInfo["member_firstname"]." ".$userInfo["member_lastname"]." a réouvert le ticket le ".$time."<br></i>",
"member_id"=>$userInfo["member_id"],
"id"=>$_POST["reopenTicket"],
"author_last_update"=>$userInfo["member_id"]
]);
header("Location: ../userTicket.php?ticket_id=".$_POST["reopenTicket"]);
}
}
else{
$_SESSION["ticketError"] = true;
header("Location: ../userTicket.php");
}