maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

migrate ticket-system to PDO database class, refs #1287

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-11-06 11:06:03 +01:00
parent 8a9ed3d9f1
commit 74bb3ccb7e
5 changed files with 329 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
admin_tickets.php
View File

@@ -37,8 +37,7 @@ if (isset($_POST['id'])) {
SELECT `id` FROM `panel_tickets` SELECT `id` FROM `panel_tickets`
WHERE `id` = :id AND `adminid` = :adminid WHERE `id` = :id AND `adminid` = :adminid
"); ");
Database::pexecute($stmt, array('id' => $id, 'adminid' => $userinfo['adminid'])); $result = Database::pexecute_first($stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result == null) { if ($result == null) {
// no rights to see the requested ticket // no rights to see the requested ticket
@@ -57,8 +56,7 @@ if ($page == 'tickets'
FROM `" . TABLE_PANEL_CUSTOMERS . "` " . FROM `" . TABLE_PANEL_CUSTOMERS . "` " .
($userinfo['customers_see_all'] ? '' : "WHERE `adminid` = :adminid") ($userinfo['customers_see_all'] ? '' : "WHERE `adminid` = :adminid")
); );
Database::pexecute($countcustomers_stmt, array('adminid' => $userinfo['adminid'])); $countcustomers = Database::pexecute_first($countcustomers_stmt, array('adminid' => $userinfo['adminid']));
$countcustomers = $countcustomers_stmt->fetch(PDO::FETCH_ASSOC);
$countcustomers = (int)$countcustomers['countcustomers']; $countcustomers = (int)$countcustomers['countcustomers'];
if ($action == '') { if ($action == '') {
@@ -130,8 +128,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($usr['loginname'])) { if (isset($usr['loginname'])) {
$customer = getCorrectFullUserDetails($usr); $customer = getCorrectFullUserDetails($usr);
@@ -186,7 +183,7 @@ if ($page == 'tickets'
if (isset($_POST['send']) if (isset($_POST['send'])
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1); $newticket = ticket::getInstanceOf($userinfo, $settings, -1);
$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false); $newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false); $newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$newticket->Set('category', validate($_POST['category'], 'category'), true, false); $newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -221,8 +218,7 @@ if ($page == 'tickets'
SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
'.$where.' ORDER BY `logicalorder`, `name` ASC' '.$where.' ORDER BY `logicalorder`, `name` ASC'
); );
Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'])); $result = Database::pexecute_first($result_stmt, array('adminid' => $userinfo['adminid']));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['name']) if (isset($result['name'])
&& $result['name'] != '' && $result['name'] != ''
@@ -278,7 +274,7 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1); $replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false); $replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false); $replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false); $replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);
@@ -287,7 +283,7 @@ if ($page == 'tickets'
standard_error(array('stringisempty', 'mymessage')); standard_error(array('stringisempty', 'mymessage'));
} else { } else {
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$replyticket->Set('customerid', $mainticket->Get('customer'), true, true); $replyticket->Set('customerid', $mainticket->Get('customer'), true, true);
$replyticket->Set('lastchange', $now, true, true); $replyticket->Set('lastchange', $now, true, true);
$replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true); $replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true);
@@ -313,7 +309,7 @@ if ($page == 'tickets'
} else { } else {
$ticket_replies = ''; $ticket_replies = '';
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt')); $dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status')); $status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -334,8 +330,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">'; $by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
$by .= getCorrectFullUserDetails($usr).'</a>'; $by .= getCorrectFullUserDetails($usr).'</a>';
} }
@@ -347,8 +342,7 @@ if ($page == 'tickets'
$result_stmt = Database::prepare(' $result_stmt = Database::prepare('
SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid' SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid'
); );
Database::pexecute($result_stmt, array('cid' => $mainticket->Get('category'))); $row = Database::pexecute_first($result_stmt, array('cid' => $mainticket->Get('category')));
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
$andere_stmt = Database::prepare(' $andere_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKETS . '` SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
@@ -359,7 +353,7 @@ if ($page == 'tickets'
while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) { while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']); $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange')); $lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if ($subticket->Get('by') == '1') { if ($subticket->Get('by') == '1') {
@@ -371,8 +365,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">'; $by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
$by .= getCorrectFullUserDetails($usr).'</a>'; $by .= getCorrectFullUserDetails($usr).'</a>';
} }
@@ -405,15 +398,15 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true); $mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true); $mainticket->Set('status', '3', true, true);
$mainticket->Update(); $mainticket->Update();
$log->logAction(ADM_ACTION, LOG_NOTICE, "closed ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(ADM_ACTION, LOG_NOTICE, "closed ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
} }
@@ -421,13 +414,13 @@ if ($page == 'tickets'
&& $id != 0 && $id != 0
) { ) {
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true); $mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '0', true, true); $mainticket->Set('status', '0', true, true);
$mainticket->Update(); $mainticket->Update();
$log->logAction(ADM_ACTION, LOG_NOTICE, "reopened ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(ADM_ACTION, LOG_NOTICE, "reopened ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} elseif($action == 'archive' } elseif($action == 'archive'
&& $id != 0 && $id != 0
@@ -436,16 +429,16 @@ if ($page == 'tickets'
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true); $mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true); $mainticket->Set('status', '3', true, true);
$mainticket->Update(); $mainticket->Update();
$mainticket->Archive(); $mainticket->Archive();
$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyarchive', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); ask_yesno('ticket_reallyarchive', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
} }
@@ -455,12 +448,12 @@ if ($page == 'tickets'
if (isset($_POST['send']) if (isset($_POST['send'])
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket '" . $mainticket->Get('subject') . "'");
$mainticket->Delete(); $mainticket->Delete();
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
} }
} }
@@ -533,18 +526,18 @@ if ($page == 'tickets'
if ($order < 1 || $order >= 1000) { if ($order < 1 || $order >= 1000) {
// use the latest available // use the latest available
$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1; $order = ticket::getHighestOrderNumber($userinfo['adminid']) + 1;
} }
if ($category == '') { if ($category == '') {
standard_error(array('stringisempty', 'mycategory')); standard_error(array('stringisempty', 'mycategory'));
} else { } else {
ticket::addCategory($db, $category, $userinfo['adminid'], $order); ticket::addCategory($category, $userinfo['adminid'], $order);
$log->logAction(ADM_ACTION, LOG_INFO, "added ticket-category '" . $category . "'"); $log->logAction(ADM_ACTION, LOG_INFO, "added ticket-category '" . $category . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} }
} else { } else {
$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1; $order = ticket::getHighestOrderNumber($userinfo['adminid']) + 1;
$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php'; $category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php';
$category_new_form = htmlform::genHTMLForm($category_new_data); $category_new_form = htmlform::genHTMLForm($category_new_data);
@@ -572,16 +565,15 @@ if ($page == 'tickets'
if ($category == '') { if ($category == '') {
standard_error(array('stringisempty', 'mycategory')); standard_error(array('stringisempty', 'mycategory'));
} else { } else {
ticket::editCategory($db, $category, $id, $order); ticket::editCategory($category, $id, $order);
$log->logAction(ADM_ACTION, LOG_INFO, "edited ticket-category '" . $category . "'"); $log->logAction(ADM_ACTION, LOG_INFO, "edited ticket-category '" . $category . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} }
} else { } else {
$row_stmt = Database::prepare(' $row_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :id' SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :id'
); );
Database::pexecute($row_stmt, array('id' => $id)); $row = Database::pexecute_first($row_stmt, array('id' => $id));
$row = $row_stmt->fetch(PDO::FETCH_ASSOC);
$category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_edit.php'; $category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_edit.php';
$category_edit_form = htmlform::genHTMLForm($category_edit_data); $category_edit_form = htmlform::genHTMLForm($category_edit_data);
@@ -597,15 +589,15 @@ if ($page == 'tickets'
if (isset($_POST['send']) if (isset($_POST['send'])
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
if (ticket::deleteCategory($db, $id) == false) { if (ticket::deleteCategory($id) == false) {
standard_error('categoryhastickets'); standard_error('categoryhastickets');
} }
$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket-category #" . $id); $log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket-category #" . $id);
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
$name = ticket::getCategoryName($db, $id); $name = ticket::getCategoryName($id);
ask_yesno('ticket_reallydeletecat', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $name); ask_yesno('ticket_reallydeletecat', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $name);
} }
} }
@@ -697,8 +689,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($usr['loginname'])) { if (isset($usr['loginname'])) {
$customer = getCorrectFullUserDetails($usr); $customer = getCorrectFullUserDetails($usr);
@@ -745,7 +736,7 @@ if ($page == 'tickets'
} else { } else {
$archived = array(); $archived = array();
$archived = ticket::getLastArchived($db, 6, $userinfo['adminid']); $archived = ticket::getLastArchived(6, $userinfo['adminid']);
$tickets = ''; $tickets = '';
if ($archived !== false) { if ($archived !== false) {
@@ -800,27 +791,22 @@ if ($page == 'tickets'
) { ) {
$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed archived-ticket #" . $id); $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed archived-ticket #" . $id);
$ticket_replies = ''; $ticket_replies = '';
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$lastchange = date("d.m.Y H:i\h", $mainticket->Get('lastchange')); $lastchange = date("d.m.Y H:i\h", $mainticket->Get('lastchange'));
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt')); $dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status')); $status = ticket::getStatusText($lng, $mainticket->Get('status'));
$isclosed = 1; $isclosed = 1;
if($mainticket->Get('by') == '1') if ($mainticket->Get('by') == '1') {
{
$by = $lng['ticket']['staff']; $by = $lng['ticket']['staff'];
} } else {
else
{
$cid = $mainticket->Get('customer'); $cid = $mainticket->Get('customer');
$usr_stmt = Database::prepare(' $usr_stmt = Database::prepare('
SELECT `customerid`, `firstname`, `name`, `company`, `loginname` SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">'; $by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
$by .= getCorrectFullUserDetails($usr).'</a>'; $by .= getCorrectFullUserDetails($usr).'</a>';
} }
@@ -832,8 +818,7 @@ if ($page == 'tickets'
$result_stmt = Database::prepare(' $result_stmt = Database::prepare('
SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid' SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = :cid'
); );
Database::pexecute($result_stmt, array('cid' => $mainticket->Get('category'))); $row = Database::pexecute_first($result_stmt, array('cid' => $mainticket->Get('category')));
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
$andere_stmt = Database::prepare(' $andere_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :id' SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :id'
@@ -843,7 +828,7 @@ if ($page == 'tickets'
while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) { while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']); $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange')); $lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if ($subticket->Get('by') == '1') { if ($subticket->Get('by') == '1') {
@@ -855,9 +840,7 @@ if ($page == 'tickets'
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :cid' WHERE `customerid` = :cid'
); );
Database::pexecute($usr_stmt, array('cid' => $cid)); $usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">'; $by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
$by .= getCorrectFullUserDetails($usr).'</a>'; $by .= getCorrectFullUserDetails($usr).'</a>';
} }
@@ -882,12 +865,12 @@ if ($page == 'tickets'
if (isset($_POST['send']) if (isset($_POST['send'])
&& $_POST['send'] == 'send' && $_POST['send'] == 'send'
) { ) {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'");
$mainticket->Delete(); $mainticket->Delete();
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
} }
} }

62
customer_tickets.php
View File

@@ -18,22 +18,18 @@
*/ */
define('AREA', 'customer'); define('AREA', 'customer');
/**
* Include our init.php, which manages Sessions, Language etc.
*/
require ("./lib/init.php"); require ("./lib/init.php");
if (isset($_POST['id'])) { if (isset($_POST['id'])) {
$id = intval($_POST['id']); $id = intval($_POST['id']);
/* /*
* Check if the current user is allowed to see the current ticket. * Check if the current user is allowed to see the current ticket.
*/ */
$stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid"); $stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid");
Database::pexecute($stmt, array("id" => $id, "customerid" => $userinfo['customerid'])); $result = Database::pexecute_first($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result == null) { if ($result == null) {
// no rights to see the requested ticket // no rights to see the requested ticket
standard_error(array('ticketnotaccessible')); standard_error(array('ticketnotaccessible'));
@@ -141,8 +137,7 @@ if($page == 'overview') {
AND `answerto` = "0" AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")' AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
); );
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'])); $opentickets = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $stmt->fetch(PDO::FETCH_ASSOC);
if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') { if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open'])); $notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
@@ -152,10 +147,11 @@ if($page == 'overview') {
$ticketsopen = (int)$opentickets['count']; $ticketsopen = (int)$opentickets['count'];
eval("echo \"" . getTemplate("tickets/tickets") . "\";"); eval("echo \"" . getTemplate("tickets/tickets") . "\";");
} elseif($action == 'new') { } elseif($action == 'new') {
if($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') { if($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
if(isset($_POST['send']) && $_POST['send'] == 'send') { if(isset($_POST['send']) && $_POST['send'] == 'send') {
$newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1); $newticket = ticket::getInstanceOf($userinfo, $settings, -1);
$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false); $newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false); $newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$newticket->Set('category', validate($_POST['category'], 'category'), true, false); $newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -185,11 +181,9 @@ if($page == 'overview') {
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'])); Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
// Customer mail // Customer mail
$newticket->sendMail((int)$userinfo['customerid'], 'new_ticket_for_customer_subject', $lng['mails']['new_ticket_for_customer']['subject'], 'new_ticket_for_customer_mailbody', $lng['mails']['new_ticket_for_customer']['mailbody']); $newticket->sendMail((int)$userinfo['customerid'], 'new_ticket_for_customer_subject', $lng['mails']['new_ticket_for_customer']['subject'], 'new_ticket_for_customer_mailbody', $lng['mails']['new_ticket_for_customer']['mailbody']);
// Admin mail // Admin mail
$newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']); $newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']);
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, Array('page' => $page, 's' => $s));
} }
@@ -199,8 +193,7 @@ if($page == 'overview') {
WHERE `adminid` = :adminid WHERE `adminid` = :adminid
ORDER BY `logicalorder`, `name` ASC' ORDER BY `logicalorder`, `name` ASC'
); );
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'])); $result = Database::pexecute_first($result_stmt, array("adminid" => $userinfo['adminid']));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['name']) && $result['name'] != '') { if (isset($result['name']) && $result['name'] != '') {
$result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` $result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
@@ -225,10 +218,11 @@ if($page == 'overview') {
AND `answerto` = "0" AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")' AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
); );
Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid'])); $opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') { if ($settings['ticket']['concurrently_open'] != - 1
&& $settings['ticket']['concurrently_open'] != ''
) {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open'])); $notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
} else { } else {
$notmorethanxopentickets = ''; $notmorethanxopentickets = '';
@@ -249,7 +243,7 @@ if($page == 'overview') {
} }
} elseif($action == 'answer' && $id != 0) { } elseif($action == 'answer' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') { if(isset($_POST['send']) && $_POST['send'] == 'send') {
$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1); $replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false); $replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false); $replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false); $replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
@@ -267,8 +261,7 @@ if($page == 'overview') {
$replyticket->Insert(); $replyticket->Insert();
// Update priority if changed // Update priority if changed
$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
if($replyticket->Get('priority') != $mainticket->Get('priority')) { if($replyticket->Get('priority') != $mainticket->Get('priority')) {
$mainticket->Set('priority', $replyticket->Get('priority'), true); $mainticket->Set('priority', $replyticket->Get('priority'), true);
@@ -284,7 +277,7 @@ if($page == 'overview') {
} }
} else { } else {
$ticket_replies = ''; $ticket_replies = '';
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt')); $dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status')); $status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -302,10 +295,8 @@ if($page == 'overview') {
FROM `' . TABLE_PANEL_CUSTOMERS . '` FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :customerid ' WHERE `customerid` = :customerid '
); );
Database::pexecute($usr_stmt, array("customerid" => $cid)); $usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = getCorrectFullUserDetails($usr); $by = getCorrectFullUserDetails($usr);
//$by = $lng['ticket']['customer'];
} }
$subject = $mainticket->Get('subject'); $subject = $mainticket->Get('subject');
@@ -314,24 +305,23 @@ if($page == 'overview') {
$result_stmt = Database::prepare('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` $result_stmt = Database::prepare('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `id`= :id ' WHERE `id`= :id '
); );
Database::pexecute($result_stmt, array("id" => $mainticket->Get('category'))); $row = Database::pexecute_first($result_stmt, array("id" => $mainticket->Get('category')));
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
$andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '` $andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `answerto`= :answerto WHERE `answerto`= :answerto
ORDER BY `lastchange` ASC' ORDER BY `lastchange` ASC'
); );
Database::pexecute($andere_stmt, array("answerto" => $id)); Database::pexecute($andere_stmt, array("answerto" => $id));
$numrows_andere = Database::num_rows();
while($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) { while($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']); $subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange')); $lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if($subticket->Get('by') == '1') { if($subticket->Get('by') == '1') {
$by = $lng['ticket']['staff']; $by = $lng['ticket']['staff'];
} else { } else {
$by = getCorrectFullUserDetails($usr); $by = getCorrectFullUserDetails($usr);
//$by = $lng['ticket']['customer'];
} }
$subject = $subticket->Get('subject'); $subject = $subticket->Get('subject');
@@ -343,10 +333,9 @@ if($page == 'overview') {
$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true); $priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true); $priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
$subject = $mainticket->Get('subject'); $subject = $mainticket->Get('subject');
$ticket_replies_count = $db->num_rows($andere) + 1; $ticket_replies_count = $numrows_andere + 1;
// don't forget the main-ticket! // don't forget the main-ticket!
$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_reply.php'; $ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_reply.php';
$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data); $ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);
@@ -358,7 +347,7 @@ if($page == 'overview') {
} elseif($action == 'close' && $id != 0) { } elseif($action == 'close' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') { if(isset($_POST['send']) && $_POST['send'] == 'send') {
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '0', true, true); $mainticket->Set('lastreplier', '0', true, true);
$mainticket->Set('status', '3', true, true); $mainticket->Set('status', '3', true, true);
@@ -366,7 +355,7 @@ if($page == 'overview') {
$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, Array('page' => $page, 's' => $s));
} else { } else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
} }
} elseif($action == 'reopen' && $id != 0) { } elseif($action == 'reopen' && $id != 0) {
@@ -376,8 +365,7 @@ if($page == 'overview') {
AND `answerto` = "0" AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")' AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
); );
Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid'])); $opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
$ticketsopen = (int)$opentickets['count']; $ticketsopen = (int)$opentickets['count'];
if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') { if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
@@ -385,14 +373,12 @@ if($page == 'overview') {
} }
$now = time(); $now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '0', true, true); $mainticket->Set('lastreplier', '0', true, true);
$mainticket->Set('status', '0', true, true); $mainticket->Set('status', '0', true, true);
$mainticket->Update(); $mainticket->Update();
$log->logAction(USR_ACTION, LOG_NOTICE, "reopened support-ticket '" . $mainticket->Get('subject') . "'"); $log->logAction(USR_ACTION, LOG_NOTICE, "reopened support-ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} }
} }
?>

432
lib/classes/ticket/class.ticket.php
View File

@@ -20,20 +20,14 @@
* Support Tickets - Tickets-Class * Support Tickets - Tickets-Class
*/ */
class ticket class ticket {
{
/** /**
* Userinfo * Userinfo
* @var array * @var array
*/ */
private $userinfo = array(); private $userinfo = array();
/**
* Database handler
* @var db
*/
private $db = false;
/** /**
* Settings array * Settings array
* @var settings * @var settings
@@ -68,14 +62,11 @@ class ticket
* Class constructor. * Class constructor.
* *
* @param array userinfo * @param array userinfo
* @param resource database
* @param array settings * @param array settings
* @param int ticket id * @param int ticket id
*/ */
private function __construct($userinfo, $db, $settings, $tid = - 1) private function __construct($userinfo, $settings, $tid = - 1) {
{
$this->userinfo = $userinfo; $this->userinfo = $userinfo;
$this->db = $db;
$this->settings = $settings; $this->settings = $settings;
$this->tid = $tid; $this->tid = $tid;
@@ -96,23 +87,22 @@ class ticket
/** /**
* Singleton ftw ;-) * Singleton ftw ;-)
* *
* @param array userinfo
* @param array settings
* @param int ticket id * @param int ticket id
*/ */
static public function getInstanceOf($_usernfo, $_db, $_settings, $_tid) static public function getInstanceOf($_usernfo, $_settings, $_tid) {
{ if (!isset(self::$tickets[$_tid])) {
if(!isset(self::$tickets[$_tid])) self::$tickets[$_tid] = new ticket($_usernfo, $_settings, $_tid);
{
self::$tickets[$_tid] = new ticket($_usernfo, $_db, $_settings, $_tid);
} }
return self::$tickets[$_tid]; return self::$tickets[$_tid];
} }
/** /**
* Initialize data-array * Initialize data-array
*/ */
private function initData() private function initData() {
{
$this->Set('customer', 0, true, true); $this->Set('customer', 0, true, true);
$this->Set('admin', 1, true, true); $this->Set('admin', 1, true, true);
$this->Set('subject', '', true, true); $this->Set('subject', '', true, true);
@@ -132,12 +122,16 @@ class ticket
/** /**
* Read ticket data from database. * Read ticket data from database.
*/ */
private function readData() private function readData() {
{
if (isset($this->tid) if (isset($this->tid)
&& $this->tid != - 1) && $this->tid != - 1
{ ) {
$_ticket = $this->db->query_first('SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = "' . $this->tid . '"'); $_ticket_stmt = Database::prepare('
SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
);
$_ticket = Database::pexecute_first($_ticket_stmt, array('tid' => $this->tid));
$this->Set('customer', $_ticket['customerid'], true, false); $this->Set('customer', $_ticket['customerid'], true, false);
$this->Set('admin', $_ticket['adminid'], true, false); $this->Set('admin', $_ticket['adminid'], true, false);
$this->Set('subject', $_ticket['subject'], true, false); $this->Set('subject', $_ticket['subject'], true, false);
@@ -158,79 +152,104 @@ class ticket
/** /**
* Insert data to database * Insert data to database
*/ */
public function Insert() public function Insert() {
{
$this->db->query("INSERT INTO `" . TABLE_PANEL_TICKETS . "` $ins_stmt = Database::prepare("
(`customerid`, INSERT INTO `" . TABLE_PANEL_TICKETS . "` SET
`adminid`, `customerid` = :customerid,
`category`, `adminid` = :adminid,
`priority`, `category` = :category,
`subject`, `priority` = :priority,
`message`, `subject` = :subject,
`dt`, `message` = :message,
`lastchange`, `dt` = :dt,
`ip`, `lastchange` = :lastchange,
`status`, `ip` = :ip,
`lastreplier`, `status` = :status,
`by`, `lastreplier` = :lastreplier,
`answerto`) `by` = :by,
VALUES `answerto` = :answerto"
('" . (int)$this->Get('customer') . "', );
'" . (int)$this->Get('admin') . "', $ins_data = array(
'" . (int)$this->Get('category') . "', 'customerid' => $this->Get('customer'),
'" . (int)$this->Get('priority') . "', 'adminid' => $this->Get('admin'),
'" . $this->db->escape($this->Get('subject')) . "', 'category' => $this->Get('category'),
'" . $this->db->escape($this->Get('message')) . "', 'priority' => $this->Get('priority'),
'" . (int)$this->Get('dt') . "', 'subject' => $this->Get('subject'),
'" . (int)$this->Get('lastchange') . "', 'message' => $this->Get('message'),
'" . $this->db->escape($this->Get('ip')) . "', 'dt' => $this->Get('dt'),
'" . (int)$this->Get('status') . "', 'lastchange' => $this->Get('lastchange'),
'" . (int)$this->Get('lastreplier') . "', 'ip' => $this->Get('ip'),
'" . (int)$this->Get('by') . "', 'status' => $this->Get('status'),
'" . (int)$this->Get('answerto') . "');"); 'lastreplier' => $this->Get('lastreplier'),
$this->tid = $this->db->insert_id(); 'by' => $this->Get('by'),
'answerto' => $this->Get('answerto')
);
Database::pexecute($ins_stmt, $ins_data);
$this->tid = Database::lastInsertId();
return true; return true;
} }
/** /**
* Update data in database * Update data in database
*/ */
public function Update() public function Update() {
{
// Update "main" ticket
$this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET // Update "main" ticket
`priority` = "' . (int)$this->Get('priority') . '", $upd_stmt = Database::prepare('
`lastchange` = "' . (int)$this->Get('lastchange') . '", UPDATE `' . TABLE_PANEL_TICKETS . '` SET
`status` = "' . (int)$this->Get('status') . '", `priority` = :priority,
`lastreplier` = "' . (int)$this->Get('lastreplier') . '" `lastchange` = :lastchange,
WHERE `id` = "' . (int)$this->tid . '";'); `status` = :status,
`lastreplier` = :lastreplier
WHERE `id` = :tid'
);
$upd_data = array(
'priority' => $this->Get('priority'),
'lastchange' => $this->Get('lastchange'),
'status' => $this->Get('status'),
'lastreplier' => $this->Get('lastreplier'),
'tid' => $this->tid
);
Database::pexecute($upd_stmt, $upd_data);
return true; return true;
} }
/** /**
* Moves a ticket to the archive * Moves a ticket to the archive
*/ */
public function Archive() public function Archive() {
{
// Update "main" ticket // Update "main" ticket
$this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = "' . (int)$this->tid . '";'); $upd_stmt = Database::prepare('
UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid'
);
Database::pexecute($upd_stmt, array('tid' => $this->tid));
// Update "answers" to ticket // Update "answers" to ticket
$this->db->query('UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = "' . (int)$this->tid . '";'); $upd_stmt = Database::prepare('
UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid'
);
Database::pexecute($upd_stmt, array('tid' => $this->tid));
return true; return true;
} }
/** /**
* Remove ticket from database * Remove ticket from database
*/ */
public function Delete() public function Delete() {
{
// Delete "main" ticket // Delete "main" ticket
$this->db->query('DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = "' . (int)$this->tid . '";'); $del_stmt = Database::prepare('
DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
);
Database::pexecute($del_stmt, array('tid' => $this->tid));
// Delete "answers" to ticket" // Delete "answers" to ticket"
$this->db->query('DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = "' . (int)$this->tid . '";'); $del_stmt = Database::prepare('
DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid'
);
Database::pexecute($del_stmt, array('tid' => $this->tid));
return true; return true;
} }
@@ -242,12 +261,14 @@ class ticket
global $mail, $theme; global $mail, $theme;
// Some checks are to be made here in the future // Some checks are to be made here in the future
if($customerid != - 1) if ($customerid != - 1) {
{
// Get e-mail message for customer // Get e-mail message for customer
$usr = $this->db->query_first('SELECT `name`, `firstname`, `company`, `email` $usr_stmt = Database::prepare('
FROM `' . TABLE_PANEL_CUSTOMERS . '` SELECT `name`, `firstname`, `company`, `email`
WHERE `customerid` = "' . (int)$customerid . '"'); FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid'
);
$usr = Database::pexecute_first($usr_stmt, array('customerid' => $customerid));
$replace_arr = array( $replace_arr = array(
'FIRSTNAME' => $usr['firstname'], 'FIRSTNAME' => $usr['firstname'],
'NAME' => $usr['name'], 'NAME' => $usr['name'],
@@ -255,29 +276,38 @@ class ticket
'SALUTATION' => getCorrectUserSalutation($usr), 'SALUTATION' => getCorrectUserSalutation($usr),
'SUBJECT' => $this->Get('subject', true) 'SUBJECT' => $this->Get('subject', true)
); );
} } else {
else
{
$replace_arr = array( $replace_arr = array(
'SUBJECT' => $this->Get('subject', true) 'SUBJECT' => $this->Get('subject', true)
); );
} }
$tpl_seldata = array(
$result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` 'adminid' => $this->userinfo['adminid'],
WHERE `adminid`=\'' . (int)$this->userinfo['adminid'] . '\' 'lang' => $this->userinfo['def_language'],
AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\' 'tplsubject' => $template_subject
AND `templategroup`=\'mails\' );
AND `varname`=\'' . $template_subject . '\''); $result_stmt = Database::prepare("
SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid`= :adminid
AND `language`= :lang
AND `templategroup`= 'mails' AND `varname`= :tplsubject"
);
$result = Database::pexecute_first($result_stmt, $tpl_seldata);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr)); $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr));
$result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
WHERE `adminid`=\'' . (int)$this->userinfo['adminid'] . '\' unset($tpl_seldata['tplsubject']);
AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\' $tpl_seldata['tplbody'] = $template_body;
AND `templategroup`=\'mails\'
AND `varname`=\'' . $template_body . '\''); $result_stmt = Database::prepare("
SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid`= :adminid
AND `language`= :lang
AND `templategroup`= 'mails' AND `varname`= :tplmailbody"
);
$result = Database::pexecute_first($result_stmt, $tpl_seldata);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_body), $replace_arr)); $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_body), $replace_arr));
if($customerid != - 1) if ($customerid != - 1) {
{
$_mailerror = false; $_mailerror = false;
try { try {
$mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']); $mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']);
@@ -299,13 +329,15 @@ class ticket
$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg); $rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
standard_error('errorsendingmail', $usr['email']); standard_error('errorsendingmail', $usr['email']);
} }
$mail->ClearAddresses(); $mail->ClearAddresses();
}
else
{
$admin = $this->db->query_first("SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid`='" . (int)$this->userinfo['adminid'] . "'");
} else {
$admin_stmt = Database::prepare("
SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "`
WHERE `adminid` = :adminid"
);
$admin = Database::pexecute_first($admin_stmt, array('adminid' => $userinfo['adminid']));
$_mailerror = false; $_mailerror = false;
try { try {
$mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']); $mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']);
@@ -335,65 +367,77 @@ class ticket
/** /**
* Add a support-categories * Add a support-categories
*/ */
static public function addCategory($_db, $_category = null, $_admin = 1, $_order = 1) static public function addCategory($_category = null, $_admin = 1, $_order = 1) {
{
if ($_category != null if ($_category != null
&& $_category != '') && $_category != ''
{ ) {
if ($_order < 1) { if ($_order < 1) {
$_order = 1; $_order = 1;
} }
$_db->query('INSERT INTO `' . TABLE_PANEL_TICKET_CATS . '` SET $ins_stmt = Database::prepare("
`name` = "' . $_db->escape($_category) . '", INSERT INTO `" . TABLE_PANEL_TICKET_CATS . "` SET
`adminid` = "' . (int)$_admin . '", `name` = :name,
`logicalorder` = "' . (int)$_order . '"'); `adminid` = :adminid,
`logicalorder` = :lo"
);
$ins_data = array(
'name' => $_category,
'adminid' => $_admin,
'lo' => $_order
);
Database::pexecute($ins_stmt, $ins_data);
return true; return true;
} }
return false; return false;
} }
/** /**
* Edit a support-categories * Edit a support-categories
*/ */
static public function editCategory($_db, $_category = null, $_id = 0, $_order = 1) static public function editCategory($_category = null, $_id = 0, $_order = 1) {
{
if ($_category != null if ($_category != null
&& $_category != '' && $_category != ''
&& $_id != 0) && $_id != 0
{ ) {
if ($_order < 1) { if ($_order < 1) {
$_order = 1; $_order = 1;
} }
$_db->query('UPDATE `' . TABLE_PANEL_TICKET_CATS . '` SET $upd_stmt = Database::prepare("
`name` = "' . $_db->escape($_category) . '", UPDATE `' . TABLE_PANEL_TICKET_CATS . '` SET
`logicalorder` = "' . (int)$_order . '" `name` = :name,
WHERE `id` = "' . (int)$_id . '"'); `logicalorder` = :lo
WHERE `id` = :id"
);
Database::pexecute($upd_stmt, array('name' => $_category, 'lo' => $_order, 'id' => $_id));
return true; return true;
} }
return false; return false;
} }
/** /**
* Delete a support-categories * Delete a support-categories
*/ */
static public function deleteCategory($_db, $_id = 0) static public function deleteCategory($_id = 0) {
{
if($_id != 0)
{
$result = $_db->query_first('SELECT COUNT(`id`) as `numtickets` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `category` = "' . (int)$_id . '"');
if($result['numtickets'] == "0") if ($_id != 0) {
{
$_db->query('DELETE FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$_id . '"'); $result_stmt = Database::prepare("
SELECT COUNT(`id`) as `numtickets` FROM `" . TABLE_PANEL_TICKETS . "`
WHERE `category` = :cat"
);
$result = Database::pexecute_first($result_stmt, array('cat' => $_id));
if ($result['numtickets'] == "0") {
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
);
Database::pexecute($del_stmt, array('id' => $_id));
return true; return true;
} } else {
else
{
return false; return false;
} }
} }
@@ -404,55 +448,63 @@ class ticket
/** /**
* Return a support-category-name * Return a support-category-name
*/ */
static public function getCategoryName($_db, $_id = 0) static public function getCategoryName($_id = 0) {
{
if($_id != 0) if ($_id != 0) {
{ $stmt = Database::prepare("
$category = $_db->query_first('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$_id . '"'); SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
);
$category = Database::pexecute_first($stmt, array('id' => $_id));
return $category['name']; return $category['name'];
} }
return null; return null;
} }
/** /**
* get the highest order number * get the highest order number
* *
* @param object $_db database-object * @param object $_uid admin-id (optional)
* *
* @return int highest order number * @return int highest order number
*/ */
static public function getHighestOrderNumber($_db = null, $_uid = 0) static public function getHighestOrderNumber($_uid = 0) {
{
$where = ''; $where = '';
$sel_data = array();
if ($_uid > 0) { if ($_uid > 0) {
$where = ' WHERE `adminid` = "'.(int)$_uid.'"'; $where = " WHERE `adminid` = :adminid";
$sel_data['adminid'] = $_uid;
} }
$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";"; $sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";";
$result = $_db->query_first($sql); $result_stmt = Database::prepare($sql);
$result = Database::pexecute_first($result_stmt, $sel_data);
return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0); return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0);
} }
/** /**
* returns the last x archived tickets * returns the last x archived tickets
*/ */
static public function getLastArchived($_db, $_num = 10, $_admin = 1) static public function getLastArchived($_num = 10, $_admin = 1) {
{
if($_num > 0) if ($_num > 0) {
{
$archived = array(); $archived = array();
$counter = 0; $counter = 0;
$result = $_db->query('SELECT *, $result_stmt = Database::prepare("
(SELECT COUNT(`sub`.`id`) SELECT *, (
FROM `' . TABLE_PANEL_TICKETS . '` `sub` SELECT COUNT(`sub`.`id`)
WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers` FROM `" . TABLE_PANEL_TICKETS . "` `sub`
FROM `' . TABLE_PANEL_TICKETS . '` `main` WHERE `sub`.`answerto` = `main`.`id`
WHERE `main`.`answerto` = "0" ) as `ticket_answers`
AND `main`.`archived` = "1" AND `main`.`adminid` = "' . (int)$_admin . '" FROM `" . TABLE_PANEL_TICKETS . "` `main`
ORDER BY `main`.`lastchange` DESC LIMIT 0, ' . (int)$_num); WHERE `main`.`answerto` = '0' AND `main`.`archived` = '1'
AND `main`.`adminid` = :adminid
ORDER BY `main`.`lastchange` DESC LIMIT 0, :limit"
);
Database::pexecute($result_stmt, array('adminid' => $_admin, 'limit' => $_num));
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
while($row = $_db->fetch_array($result))
{
$archived[$counter]['id'] = $row['id']; $archived[$counter]['id'] = $row['id'];
$archived[$counter]['customerid'] = $row['customerid']; $archived[$counter]['customerid'] = $row['customerid'];
$archived[$counter]['adminid'] = $row['adminid']; $archived[$counter]['adminid'] = $row['adminid'];
@@ -469,12 +521,9 @@ class ticket
$counter++; $counter++;
} }
if(isset($archived[0]['id'])) if (isset($archived[0]['id'])) {
{
return $archived; return $archived;
} } else {
else
{
return false; return false;
} }
} }
@@ -482,6 +531,8 @@ class ticket
/** /**
* Returns a sql-statement to search the archive * Returns a sql-statement to search the archive
*
* @FIXME migrate to PDO
*/ */
static public function getArchiveSearchStatement($db, $subject = NULL, $priority = NULL, $fromdate = NULL, $todate = NULL, $message = NULL, $customer = - 1, $admin = 1, $categories = NULL) static public function getArchiveSearchStatement($db, $subject = NULL, $priority = NULL, $fromdate = NULL, $todate = NULL, $message = NULL, $customer = - 1, $admin = 1, $categories = NULL)
{ {
@@ -674,20 +725,20 @@ class ticket
/** /**
* function customerHasTickets * function customerHasTickets
* *
* @param object mysql-db-object
* @param int customer-id * @param int customer-id
* *
* @return array/bool array of ticket-ids if customer has any, else false * @return array/bool array of ticket-ids if customer has any, else false
*/ */
static public function customerHasTickets($_db = null, $_cid = 0) static public function customerHasTickets($_cid = 0) {
{
if($_cid != 0) if ($_cid != 0) {
{ $result_stmt = Database::prepare("
$result = $_db->query('SELECT `id` FROM `' . TABLE_PANEL_TICKETS . '` WHERE `customerid` ="'.(int)$_cid.'"'); SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid"
);
Database::pexecute($result_stmt, array('cid' => $_cid));
$tickets = array(); $tickets = array();
while($row = $_db->fetch_array($result)) while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{
$tickets[] = $row['id']; $tickets[] = $row['id'];
} }
@@ -700,32 +751,22 @@ class ticket
/** /**
* Get a data-var * Get a data-var
*/ */
public function Get($_var = '', $_vartrusted = false) public function Get($_var = '', $_vartrusted = false) {
{
if($_var != '') if ($_var != '') {
{ if (!$_vartrusted) {
if(!$_vartrusted)
{
$_var = htmlspecialchars($_var); $_var = htmlspecialchars($_var);
} }
if(isset($this->t_data[$_var])) if (isset($this->t_data[$_var])) {
{ if (strtolower($_var) == 'message') {
if(strtolower($_var) == 'message')
{
return nl2br($this->t_data[$_var]); return nl2br($this->t_data[$_var]);
} } elseif(strtolower($_var) == 'subject') {
elseif(strtolower($_var) == 'subject')
{
return nl2br($this->t_data[$_var]); return nl2br($this->t_data[$_var]);
} } else {
else
{
return $this->t_data[$_var]; return $this->t_data[$_var];
} }
} } else {
else
{
return null; return null;
} }
} }
@@ -734,23 +775,22 @@ class ticket
/** /**
* Set a data-var * Set a data-var
*/ */
public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false) public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false) {
{
if ($_var != '' if ($_var != ''
&& $_value != '') && $_value != ''
{ ) {
if(!$_vartrusted) if (!$_vartrusted) {
{
$_var = $this->_purifier->purify($_var); $_var = $this->_purifier->purify($_var);
} }
if(!$_valuetrusted) if (!$_valuetrusted) {
{
$_value = $this->_purifier->purify($_value); $_value = $this->_purifier->purify($_value);
} }
if(strtolower($_var) == 'message' || strtolower($_var) == 'subject') if (strtolower($_var) == 'message'
{ || strtolower($_var) == 'subject'
) {
$_value = $this->convertLatin1ToHtml($_value); $_value = $this->convertLatin1ToHtml($_value);
} }

24
scripts/jobs/cron_ticketarchive.php
View File

@@ -20,22 +20,23 @@
/** /**
* ARCHIVING CLOSED TICKETS * ARCHIVING CLOSED TICKETS
*/ */
fwrite($debugHandler, 'Ticket-archiving run started...' . "\n"); fwrite($debugHandler, 'Ticket-archiving run started...' . "\n");
$result_tickets = $db->query("SELECT `id`, `lastchange`, `subject` FROM `" . TABLE_PANEL_TICKETS . "` $result_tickets_stmt = Database::query("
WHERE `status` = '3' AND `answerto` = '0';"); SELECT `id`, `lastchange`, `subject` FROM `" . TABLE_PANEL_TICKETS . "`
WHERE `status` = '3' AND `answerto` = '0';"
);
$archiving_count = 0; $archiving_count = 0;
while($row_ticket = $db->fetch_array($result_tickets)) while($row_ticket = $result_tickets_stmt->fetch(PDO::FETCH_ASSOC)) {
{
$lastchange = $row_ticket['lastchange']; $lastchange = $row_ticket['lastchange'];
$now = time(); $now = time();
$days = (int)(($now - $lastchange) / 86400); $days = (int)(($now - $lastchange) / 86400);
if($days >= $settings['ticket']['archiving_days']) if ($days >= $settings['ticket']['archiving_days']) {
{
fwrite($debugHandler, 'archiving ticket "' . $row_ticket['subject'] . '" (ID #' . $row_ticket['id'] . ')' . "\n"); fwrite($debugHandler, 'archiving ticket "' . $row_ticket['subject'] . '" (ID #' . $row_ticket['id'] . ')' . "\n");
$mainticket = ticket::getInstanceOf(null, $db, $settings, (int)$row_ticket['id']); $mainticket = ticket::getInstanceOf(null, $settings, (int)$row_ticket['id']);
$mainticket->Set('lastchange', $now, true, true); $mainticket->Set('lastchange', $now, true, true);
$mainticket->Set('lastreplier', '1', true, true); $mainticket->Set('lastreplier', '1', true, true);
$mainticket->Set('status', '3', true, true); $mainticket->Set('status', '3', true, true);
@@ -46,6 +47,7 @@ while($row_ticket = $db->fetch_array($result_tickets))
} }
fwrite($debugHandler, 'Archived ' . $archiving_count . ' tickets' . "\n"); fwrite($debugHandler, 'Archived ' . $archiving_count . ' tickets' . "\n");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . '` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\' AND `varname` = \'last_archive_run\' '); Database::query("
UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = UNIX_TIMESTAMP()
?> WHERE `settinggroup` = 'system' AND `varname` = 'last_archive_run'"
);

3
scripts/jobs/cron_used_tickets_reset.php
View File

@@ -20,7 +20,6 @@
/** /**
* RESET USED TICKETS COUNTER * RESET USED TICKETS COUNTER
*/ */
fwrite($debugHandler, 'Resetting customers used ticket counter' . "\n"); fwrite($debugHandler, 'Resetting customers used ticket counter' . "\n");
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Resetting customers used ticket counter"); $cronlog->logAction(CRON_ACTION, LOG_INFO, "Resetting customers used ticket counter");
$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `tickets_used` = '0'"); Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `tickets_used` = '0'");