khanat-code-old/code/web/public_php/ams/func/reply_on_ticket.php
2017-03-15 20:29:34 +01:00

73 lines
3.3 KiB
PHP
Executable file

<?php
/**
* This function is beign used to reply on a ticket.
* It will first check if the user who executed this function is a mod/admin or the topic creator himself. If this is not the case the page will be redirected to an error page.
* in case the isset($_POST['hidden'] is set and the user is a mod, the message will be hidden for the topic starter. The reply will be created. If $_POST['ChangeStatus']) & $_POST['ChangePriority'] is set
* it will try to update the status and priority. Afterwards the page is being redirecte to the ticket again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function reply_on_ticket(){
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if(WebUsers::isLoggedIn() && isset($_POST['ticket_id'])){
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($ticket_id);
//check if the user who executed this function is a mod/admin or the topic creator himself.
if(($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
try{
$author = unserialize($_SESSION['ticket_user'])->getTUserId();
if(isset($_POST['Content'])){
$content = $_POST['Content'];
}else{
$content="";
}
$hidden = 0;
if(isset($_POST['hidden']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$hidden = 1;
}
//create the reply
Ticket::createReply($content, $author, $ticket_id, $hidden);
//try to update the status & priority in case these are set.
if(isset($_POST['ChangeStatus']) && isset($_POST['ChangePriority']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$newStatus = filter_var($_POST['ChangeStatus'], FILTER_SANITIZE_NUMBER_INT);
$newPriority = filter_var($_POST['ChangePriority'], FILTER_SANITIZE_NUMBER_INT);
Ticket::updateTicketStatusAndPriority($ticket_id,$newStatus, $newPriority, $author);
}
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: ".$INGAME_WEBPATH."?page=show_ticket&id=".$ticket_id);
}else{
header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id);
}
throw new SystemExit();
}catch (PDOException $e) {
//ERROR: LIB DB is not online!
print_r($e);
//header("Location: index.php");
throw new SystemExit();
}
}else{
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
}else{
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}