📄 newticket.php
字号:
<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: newticket.php,v $
// | $Date: 2004/02/12 21:16:57 $
// | $Revision: 1.72 $
// +-------------------------------------------------------------+
// | File Details:
// | - Ticket creation interface.
// +-------------------------------------------------------------+
error_reporting(E_ALL & ~E_NOTICE);
require_once('./global.php');
//Nullify WTN-WDYL Team
max_limits('tickets');
$template_cache = templatecache('NEW_newticket,HF_footer,HF_header');
############################### NEED TO BE REGISTERED ###############################
// run user checks
user_p_checks();
// not logged in? do we require registration?
if ($settings[require_registration] AND !$session[userid]) {
login_form();
}
// is the user expired?
if ($user['id']) {
$exp = user_expired($user['id']);
if (is_array($exp)) {
$user_expired = 1;
$user_expired_tickets = $exp[0];
$user_expired_date = $exp[1];
}
}
if ($user_expired) {
error($dplang['expired_user']);
}
############################### START PROCESSING ###############################
// default do
$_REQUEST['do'] = trim($_REQUEST['do']);
if (!isset($_REQUEST['do']) or $_REQUEST['do'] == "") {
$_REQUEST['do'] = "start";
}
// globalise variables
$global = array (
array('tempticketid'), // used for attachments
array('email')
);
rg($global);
$page = 'newquestion';
$navigation = ' // ' . "<a class=\"light\" href=\"newticket.php\">$dplang[ask_question]</a>";
############################### PROCESS A TEMPORARY ATTACHMENT ###############################
if ($_REQUEST['attachment_upload']) {
$attachment = validate_attachment($attachment_error);
if ($attachment) {
$attach = add_attachment();
$attachment_yes = 1;
// blobid is unique
if ($tempticketid == '' OR !$tempticketid) {
$tempticketid = $attach[blobid];
}
$db->query("
INSERT INTO ticket_attachments SET
blobid = '$attach[blobid]',
filename = '" . mysql_escape_string($attach[name]) . "',
filesize = '" . mysql_escape_string($attach[size]) . "',
extension = '" . mysql_escape_string($attach[extension]) . "',
temporaryid = '" . mysql_escape_string($tempticketid) . "',
timestamp = '" . mktime() . "'" .
iff($user['id'], ", userid = '$user[id]'")
);
$redo = 1;
} else {
if ($attachment_error) {
// attachment error type
if ($attachment_error == 1) {
$attachment_no_big = 1;
} elseif ($attachment_error == 2) {
$attachment_no_filetype = 1;
} else {
$attachment_no = 1;
}
$stop = 1;
}
}
$_REQUEST['do'] = "start";
}
############################### DELETE A TEMPORARY ATTACHMENT ###############################
if ($_REQUEST['delattachid']) {
$result = $db->query_return("
SELECT blobid
FROM ticket_attachments
WHERE id = '" . mysql_escape_string($_REQUEST['delattachid']) . "'
");
$db->query("DELETE FROM blobs WHERE id = '$result[blobid]'");
$db->query("DELETE FROM ticket_attachments WHERE
id = '" . mysql_escape_string($_REQUEST['delattachid']) . "'
");
$_REQUEST['do'] = "start";
$redo = 1;
}
############################### PROCESS SUBMITTED FORM ###############################
if ($_REQUEST['do'] == "submit") {
//////////////// Check to see if ticket has already been created ////////////////
// last hour. We don't want to scan whole database
$check_time = mktime() - 3600;
$check_ticket = $db->query_return("
SELECT ticket.ref
FROM ticket
LEFT JOIN ticket_message ON (ticket.id = ticket_message.ticketid)
WHERE email = '" . addslashes($_REQUEST[email]) . "'
AND (ticket.date_opened > $check_time)
AND ticket_message.message = '" . addslashes($_REQUEST[message]) . "'
");
if ($db->num_rows()) {
jump("view.php?ticketref=$check_ticket[ref]", 'redirect_new_ticket');
}
// term for category and priority to only allow cats/pris that are open to unregistered users
if (!$user) {
$term = 'AND !require_registration';
} else {
unset($term);
}
//////////////// category ////////////////
if ($settings['category_user_viewable'] AND $settings['category_user_editable']) {
$db->query("SELECT * FROM ticket_cat
WHERE user_view
AND user_select
$term
ORDER by cat_order
");
while ($cat = $db->row_array()) {
$cats[] = $cat['id'];
if ($cat['id'] == $_REQUEST['category']) {
$cat_data = $cat;
}
}
// only valid categories
if (!(@in_array($_REQUEST['category'], $cats))) {
unset($_REQUEST['category']);
}
// category required
if ($settings['category_require_selection'] AND !$_REQUEST['category']) {
$stop = 1;
$error_category = 1;
}
}
//////////////// priority ////////////////
if (!$settings[priority_disable] AND $settings[priority_user_viewable] AND $settings[priority_user_editable]) {
$db->query(" SELECT * FROM ticket_pri
WHERE user_view
AND user_select
$term
ORDER by pri_order
");
while ($pri = $db->row_array()) {
$pris[] = $pri[id];
if ($pri[id] == $_REQUEST[priority]) {
$pri_data = $pri;
}
}
// only valid priorities
if (!(@in_array($_REQUEST[priority], $pris))) {
unset($_REQUEST[priority]);
}
// priority required
if ($settings[priority_require_selection] AND !$_REQUEST[priority]) {
$stop = 1;
$error_priority = 1;
}
}
//////////////// email ////////////////
if ($user) {
// must be an email associated with the user
if ($email == $user[email] OR $email == '') {
$email = $user[email];
} else {
$db->query("SELECT email FROM user_email WHERE userid = '$session[userid]' AND validated");
while ($result = $db->row_array()) {
$email_array[] = $result[email];
}
if (!@in_array($email, $email_array)) {
$stop = 1;
$error_notyou_email = 1;
$error_email = 1;
}
}
} else {
// check email is valid
if (!validate_email($email)) {
$stop = 1;
$error_bad_email = 1;
$error_email = 1;
} elseif (banned_email($email)) {
$stop = 1;
$error_banned_email = 1;
$error_email = 1;
}
}
//////////////// subject ////////////////
if (strlen($_REQUEST[subject]) < 5) {
$stop = 1;
$error_subject = 1;
}
//////////////// message ////////////////
// check that the post box is not too large
if (strlen($_REQUEST[message]) > $settings[max_size] AND $settings[max_size] != 0) {
$stop = 1;
$error_post_big = 1;
$error_post = 1;
}
// check that the post box is not empty as well
if (strlen($_REQUEST[message]) < 5) {
$stop = 1;
$error_post_small = 1;
$error_post = 1;
}
//////////////// custom fields ////////////////
$db->query("SELECT * from ticket_def WHERE ticket_start");
while ($result = $db->row_array()) {
$data = field_def_val($result, $_REQUEST[custom_fields][$result[name]], $_REQUEST[custom_fields]["extra" . $result[name]]);
if ($data === NULL) {
$tmp = unserialize($result[error_message]);
$error_message = $tmp[$session[language]];
// form errors;
$custom_error[] = array('error' => $error_message);
// for form design
$custom_errors[] = $result[name];
$stop = 1;
} else {
$query2 .= " $result[name] = '" . mysql_escape_string($data) . "', ";
}
}
//////////////// attachments ////////////////
// attachment during this upload
$attachment = validate_attachment($attachment_error);
if ($attachment_error AND $attachment_error != 5) {
// attachment error type
if ($attachment_error == 1) {
$attachment_no_big = 1;
} elseif ($attachment_error == 2) {
$attachment_no_filetype = 1;
} else {
$attachment_no = 1;
}
$stop = 1;
}
//////////////// error / create ticket ////////////////
if ($stop) {
$_REQUEST['do'] = "start";
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -