diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/dblayer.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/dblayer.php index 240eda426..a96fd98ea 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/dblayer.php +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/dblayer.php @@ -41,4 +41,17 @@ class DBLayer{ } } + public function executeReturnId($query,$params){ + try{ + $statement = $this->PDO->prepare($query); + $this->PDO->beginTransaction(); + $statement->execute($params); + $lastId =$this->PDO->lastInsertId(); + $this->PDO->commit(); + return $lastId; + }catch (PDOException $e) { + throw $e; + } + } + } \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket.php index ac91bbc39..c483c3e80 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket.php +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket.php @@ -16,7 +16,7 @@ class Ticket{ //Set ticket object - public function setTicket($t,$s,$q,$t_c,$a){ + public function set($t,$s,$q,$t_c,$a){ $this->title = $t; $this->status = $s; $this->queue = $q; @@ -29,7 +29,7 @@ class Ticket{ $dbl = new DBLayer($this->db); $query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (now(), :title, :status, :queue, :tcat, :author)"; $values = Array('title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author); - $dbl->execute($query, $values); + $this->tId = $dbl->executeReturnId($query, $values); ; } //return constructed element based on TId @@ -56,32 +56,12 @@ class Ticket{ } //Getters - public function getPermission(){ - return $this->permission; - } - - - public function getExternId(){ - return $this->externId; - } - - - public function getTUserId(){ - return $this->tUserId; + public function getTId(){ + return $this->tId; } //setters - public function setPermission($perm){ - $this->permission = $perm; - } - - - public function setExternId($id){ - $this->externId = $id; - } - - - public function setTUserId($id){ - $this->tUserId = $id; + public function setTId($id){ + $this->tId = $id; } } \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_content.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_content.php new file mode 100644 index 000000000..dcb86bbd1 --- /dev/null +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_content.php @@ -0,0 +1,68 @@ +db = $db_data; + } + + + //Creates a ticket_content entry in the DB + public function create() { + $dbl = new DBLayer($this->db); + $query = "INSERT INTO ticket_content (Content) VALUES (:content)"; + $values = Array('content' => $this->content); + $this->tContentId = $dbl->executeReturnId($query, $values); ; + } + + //return constructed element based on TCategoryId + public static function constr_TContentId( $id, $db_data) { + $instance = new self($db_data); + $instance->setTContentId($id); + return $instance; + } + + //return constructed element based on TContentId + public function load_With_TContentId( $id) { + $dbl = new DBLayer($this->db); + $statement = $dbl->execute("SELECT * FROM ticket_content WHERE TContentId=:id", array('id' => $id)); + $row = $statement->fetch(); + $this->tContentId = $row['TContentId']; + $this->content = $row['Content']; + } + + //update private data to DB. + public function update(){ + $dbl = new DBLayer($this->db); + $query = "UPDATE ticket_content SET Content = :content WHERE TContentId=:id"; + $values = Array('id' => $this->tContentId, 'content' => $this->content); + $statement = $dbl->execute($query, $values); + } + + //Getters + public function getContent(){ + if ($this->content == ""){ + $this->load_With_TContentId($this->tContentId); + } + return $this->content; + } + + + public function getTContentId(){ + return $this->tContentId; + } + + + //setters + public function setContent($c){ + $this->content = $c; + } + + public function setTContentId($c){ + $this->tContentId = $c; + } + +} \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_reply.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_reply.php new file mode 100644 index 000000000..efbf08295 --- /dev/null +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket_reply.php @@ -0,0 +1,107 @@ +db = $db_data; + } + + + //Set ticket_reply object + public function set($t,$c,$a){ + $this->ticket = $t; + $this->content = $c; + $this->author = $a; + } + + //create ticket by writing private data to DB. + public function create(){ + $dbl = new DBLayer($this->db); + $query = "INSERT INTO ticket_reply (Ticket, Content, Author, Timestamp) VALUES (:ticket, :content, :author, now())"; + $values = Array('ticket' => $this->ticket, 'content' => $this->content, 'author' => $this->author); + $dbl->execute($query, $values); + } + + //return constructed element based on TCategoryId + public static function constr_TReplyId( $id, $db_data) { + $instance = new self($db_data); + $instance->setTReplyId($id); + return $instance; + } + + //return constructed element based on TId + public function load_With_TReplyId( $id) { + $dbl = new DBLayer($this->db); + $statement = $dbl->execute("SELECT * FROM ticket_reply WHERE TReplyId=:id", array('id' => $id)); + $row = $statement->fetch(); + $this->tReplyId = $row['TReplyId']; + $this->ticket = $row['Ticket']; + $this->content = $row['Content']; + $this->author = $row['Author']; + $this->timestamp = $row['Timestamp']; + } + + //update private data to DB. + public function update(){ + $dbl = new DBLayer($this->db); + $query = "UPDATE ticket SET Ticket = :ticket, Content = :content, Author = :author, Timestamp = :timestamp WHERE TReplyId=:id"; + $values = Array('id' => $this->tReplyId, 'timestamp' => $this->timestamp, 'ticket' => $this->ticket, 'content' => $this->content, 'author' => $this->author); + $statement = $dbl->execute($query, $values); + } + + + //////////////////////////////////Getters///////////////////////////////// + public function getTicket(){ + return $this->ticket; + } + + + public function getContent(){ + return $this->content; + } + + public function getAuthor(){ + return $this->author; + } + + public function getTimestamp(){ + return $this->timestamp; + } + + + public function getTReplyId(){ + return $this->tReplyId; + } + + + ///////////////////////////////////setters//////////////////////////////// + public function setTicket($t){ + $this->ticket = $t; + } + + + public function setContent($c){ + $this->content = $c; + } + + public function setAuthor($a){ + $this->author = $a; + } + + public function setTimestamp($t){ + $this->timestamp = $t; + } + + + public function setTReplyId($i){ + $this->tReplyId = $i; + } +} \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php index 860b207ea..baf28afc2 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php @@ -20,7 +20,7 @@ function change_info(){ //use current info to check for changes $current_info = $webUser->getInfo($_POST['target_id']); - //TODO: XSS filtering + $current_info['FirstName'] = filter_var($current_info['FirstName'], FILTER_SANITIZE_STRING); $current_info['LastName'] = filter_var($current_info['LastName'], FILTER_SANITIZE_STRING); $current_info['Country'] = filter_var($current_info['Country'], FILTER_SANITIZE_STRING); diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/create_ticket.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/create_ticket.php index 628bb9ca8..7a2e54bd6 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/create_ticket.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/create_ticket.php @@ -19,9 +19,22 @@ function create_ticket(){ }else{ $author= Ticket_User::constr_ExternId($_POST['target_id'], $cfg['db']['lib'])->getTUserId(); } + $ticket = new Ticket($cfg['db']['lib']); - $ticket->setTicket($title,0,0,$category,$author); + $ticket->set($title,0,0,$category,$author); $ticket->create(); + $ticket_id = $ticket->getTId(); + + + $ticket_content = new Ticket_Content($cfg['db']['lib']); + $ticket_content->setContent($content); + $ticket_content->create(); + $content_id = $ticket_content->getTContentId(); + + + $ticket_reply = new Ticket_Reply($cfg['db']['lib']); + $ticket_reply->set($ticket_id, $content_id, $author); + $ticket_reply->create(); }else{ //ERROR: permission denied! diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/createticket.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/createticket.tpl index fac2edb81..0b2ad2813 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/createticket.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/createticket.tpl @@ -10,7 +10,7 @@
-
+ New ticket