📄 ticketedit.php
字号:
<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: ticketedit.php,v $
// | $Date: 2004/02/10 01:34:31 $
// | $Revision: 1.34 $
// +-------------------------------------------------------------+
// | File Details:
// | - Ticket attribute editing handler.
// +-------------------------------------------------------------+
// start file
require("./../global.php");
// globalise variables
$global = array (
array('id') // ticketid
);
rg($global);
$ticket = $db->query_return("SELECT * FROM ticket WHERE id = '$id'");
if (!$db->num_rows()) {
jump('../home/', 'Invalid ticket specified.');
exit;
}
if (!(p_ticket('edit'))) {
jump("ticketview.php?id=$id", 'You don\'t have permission to edit this ticket.');
exit;
}
$now = time();
if ($_REQUEST['do'] == 'reminder') {
if ($_REQUEST['remind1']) {
$date = strtotime("$_REQUEST[ydate]-$_REQUEST[mdate]-$_REQUEST[ddate] + $days days");
} else {
$date = strtotime("$_REQUEST[ydate]-$_REQUEST[mdate]-$_REQUEST[ddate]");
}
if ($date < strtotime(date('Y-m-d'))) {
mistake("An invalid date was specified. $date " . date('%r', $date));
} elseif (!$_REQUEST[tech]) {
mistake('No technician specified for the reminder.');
} else {
$date = date('Y-m-d', $date);
$now_ = mktime();
$db->query("INSERT INTO tech_ticket_watch (ticketid, created, datetodo, completed, techid)
VALUES ('$_REQUEST[id]', '$now_', '$date', '0', '$_REQUEST[tech]')");
}
jump("ticketview.php?id=$_REQUEST[id]", 'Reminder set.');
exit;
}
if ($_REQUEST['do'] == 'remindertoggle') {
if ($_REQUEST['watchid']) {
$db->query("UPDATE tech_ticket_watch SET completed = !completed AND techid = '$user[id]' AND id = '$_REQUEST[watchid]'");
jump("ticketview.php?id=$_REQUEST[id]", 'Reminder status toggled.');
exit;
}
}
if ($_REQUEST['do'] == 'updatebillingpaid') {
if ($_REQUEST['billid']) {
$db->query('UPDATE user_bill SET paid = \'' . iff($_REQUEST['paid'], 1, 0) . "' WHERE id = '$_REQUEST[billid]'");
if ($db->affected_rows()) {
$data = $db->query_return("SELECT * FROM user_bill WHERE id = '$_REQUEST[billid]'");
$details = array(
'charge' => $data['charge'],
'time' => $data['time'],
'billable' => $data['billable'],
'paid' => $data['paid']
);
ticketlog($_REQUEST['id'], 'billing_changed', NULL, NULL, NULL, NULL, serialize($details));
}
jump("ticketview.php?id=$_REQUEST[id]", 'Billing details updated.');
exit;
} else {
mistake('No billing entry ID was provided.');
}
}
if ($_REQUEST['do'] == 'updatebillingbillable') {
if ($_REQUEST['billid']) {
$db->query('UPDATE user_bill SET billable = \'' . iff($_REQUEST['billable'], 1, 0) . "' WHERE id = '$_REQUEST[billid]'");
if ($db->affected_rows()) {
$data = $db->query_return("SELECT * FROM user_bill WHERE id = '$_REQUEST[billid]'");
$details = array(
'charge' => $data['charge'],
'time' => $data['time'],
'billable' => $data['billable'],
'paid' => $data['paid']
);
ticketlog($_REQUEST['id'], 'billing_changed', NULL, NULL, NULL, NULL, serialize($details));
}
jump("ticketview.php?id=$_REQUEST[id]", 'Billing details updated.');
exit;
} else {
mistake('No billing entry ID was provided.');
}
}
if ($_REQUEST['do'] == 'deletebilling') {
if ($_REQUEST['billid']) {
$data = $db->query_return("SELECT * FROM user_bill WHERE id = '$_REQUEST[billid]'");
$db->query("DELETE FROM user_bill WHERE id = '$_REQUEST[billid]'");
if ($db->affected_rows()) {
$details = array(
'charge' => $data['charge'],
'time' => $data['time'],
'billable' => $data['billable'],
'paid' => $data['paid']
);
ticketlog($_REQUEST['id'], 'billing_deleted', NULL, NULL, NULL, NULL, serialize($details));
}
jump("ticketview.php?id=$_REQUEST[id]", 'Billing entry deleted.');
exit;
} else {
mistake('No billing entry ID was provided.');
}
}
if ($_REQUEST['do'] == 'charge' AND $_REQUEST['userid']) {
if ($settings['default_billable']) {
$billable = 1;
} else {
$billable = 0;
}
if ($_REQUEST['charge1']) {
if ($_REQUEST['charge'] > 0) {
$charge = mysql_escape_string($_REQUEST['charge']);
$db->query("INSERT INTO user_bill (userid, techid, ticketid, time, paid, billable, charge, stamp)
VALUES ('$_REQUEST[userid]', '$user[id]', '$id', '0', '0', '$billable', '$charge', '$now')");
}
$done = 1;
}
if ($_REQUEST['charge2']) {
if ($charge = ((int)$_REQUEST['hours'] * 3600) + ((int)$_REQUEST['minutes'] * 60) + (int)$_REQUEST['seconds']) {
$db->query("INSERT INTO user_bill (userid, techid, ticketid, time, paid, billable, charge, stamp)
VALUES ('$_REQUEST[userid]', '$user[id]', '$id', '$charge', '0', '$billable', '0.0', '$now')");
}
$done = 1;
}
}
if ($done) {
jump("ticketview.php?id=$id", 'Ticket billing updated');
exit;
}
// category
if ($_REQUEST['category'] != NULL AND ($_REQUEST['category'] != $ticket['category'])) {
$ticketlog[] = array($id, 'category', $ticket[category], $_REQUEST['category']);
$query .= " category = '" . mysql_escape_string($_REQUEST['category']) . "', ";
}
// priority
if ($_REQUEST['priority'] != NULL AND ($_REQUEST['priority'] != $ticket['priority'])) {
$ticketlog[] = array($id, 'priority', $ticket[priority], $_REQUEST['priority']);
$query .= " priority = '" . mysql_escape_string($_REQUEST['priority']) . "', ";
}
// tech owner
if ($_REQUEST['tech'] != NULL AND ($_REQUEST['tech'] != $ticket['tech'])) {
$ticketlog[] = array($id, 'tech', $ticket[tech], $_REQUEST['tech']);
$query .= " tech = '" . mysql_escape_string($_REQUEST['tech']) . "', ";
if ($_REQUEST['awaiting_tech']) {
$ticketlog[] = array($id, 'awaiting_tech');
$query .= " awaiting_tech = '1', ";
}
// notify tech (update ticket details first)
if ($_REQUEST['tech'] != '0') {
$ticket[tech] = $_REQUEST['tech'];
notify_technicians('assigned', $ticket, $user);
}
}
// subject
if ($_REQUEST['subject'] AND ($_REQUEST['subject'] != $ticket['subject'])) {
$subject = xss_check($_REQUEST['subject'], 'tech');
$ticketlog[] = array($id, 'subject', '', '', $ticket[subject], $_REQUEST['subject']);
$query .= " subject = '" . mysql_escape_string($subject) . "', ";
}
// custom fields
$db->query("SELECT * FROM ticket_def WHERE tech_editable");
while ($result = $db->row_array()) {
$data = field_def_val($result, $_REQUEST[custom_fields][$result[name]], $_REQUEST[custom_fields]["extra" . $result[name]]);
if ($data != $ticket[$result[name]]) { // if there is a change
$ticketlog[] = array($id, 'custom', '', '', mysql_escape_string($ticket[$result[name]]), mysql_escape_string($data), $result[name]);
$query .= " $result[name] = '" . mysql_escape_string($data) . "', ";
}
}
// have made changes
if ($query) {
$query = substr($query,0,-2);
$query = "UPDATE ticket SET $query WHERE id = '$id'";
ticketlog_array($ticketlog);
$db->query($query);
if (!$db->affected_rows()) {
$message = "No changes specified; ticket unchanged.";
} else {
$message = "Ticket details updated";
}
if (isset($_REQUEST['searchid']) AND isset($_REQUEST['num'])) {
if ($_REQUEST['searchid'] AND $_REQUEST['num']) {
jump("load_results.php?id=$id&searchid=$_REQUEST[searchid]&advance=1&num=".($_REQUEST['num']+1)."\" target=\"footer", $message);
} else {
jump("ticketview.php?id=$id", $message);
}
} else {
jump("ticketview.php?id=$id", $message);
}
} else {
jump("ticketview.php?id=$id", "No changes specified; ticket unchanged.");
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -