Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
fusionpbx
/
fusionpbx-apps
-ын хуулбар https://github.com/fusionpbx/fusionpbx-apps.git
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Салаа: master
Салаанууд Тагууд
fusionpbx-apps
/
tickets
/
v_ticket_update.php

v_ticket_update.php 8.0 KB
Байнгын холболт Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265 
  1. <?php
    2. 

  2. /* $Id$ */
    3. 

  3. /*
    4. 

  4. 	FusionPBX
    5. 

  5.       	Version: MPL 1.1
    6. 

  6. 

  7. 	The contents of this file are subject to the Mozilla Public License Version
    8. 

  8. 	1.1 (the "License"); you may not use this file except in compliance with
    9. 

  9. 	the License. You may obtain a copy of the License at
    10. 

  10. 	http://www.mozilla.org/MPL/
    11. 

  11. 

  12. 	Software distributed under the License is distributed on an "AS IS" basis,
    13. 

  13. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    14. 

  14. 	for the specific language governing rights and limitations under the
    15. 

  15. 	License.
    16. 

  16. 

  17. 	The Original Code is FusionPBX
    18. 

  18. 

  19. 	The Initial Developer of the Original Code is
    20. 

  20. 	Mark J Crane <[email protected]>
    21. 

  21. 	Portions created by the Initial Developer are Copyright (C) 2008-2012
    22. 

  22. 	the Initial Developer. All Rights Reserved.
    23. 

  23. 

  24. 	Contributor(s):
    25. 

  25. 	Ken Rice <[email protected]>
    26. 

  26. 	Mark J Crane <[email protected]>
    27. 

  27. */
    28. 

  28. 

  29. include "root.php";
    30. 

  30. require_once "resources/require.php";
    31. 

  31. require_once "resources/check_auth.php";
    32. 

  32. 

  33. if (permission_exists('ticket_view') || permission_exists('ticket_update')) {
    34. 

  34. 	//access granted
    35. 

  35. }
    36. 

  36. else {
    37. 

  37. 	echo "access denied";
    38. 

  38. 	exit;
    39. 

  39. }
    40. 

  40. 

  41. require_once "resources/header.php";
    42. 

  42. 

  43. $domain_name = $_SESSION['domains'][$domain_uuid]['domain_name'];
    44. 

  44. 

  45. // Check to see if we're an admin and if we are set the $isadmin to true for use in the template and sql query building
    46. 

  46. if (if_group("superadmin") || if_group("admin")){
    47. 

  47. 	$isadmin = true;
    48. 

  48. }
    49. 

  49. 

  50. //add or update the database
    51. 

  51. if (isset($_REQUEST['id']) || isset($_REQUEST['uuid'])) {
    52. 

  52. 	$action = "update";
    53. 

  53. 	if (isset($_REQUEST["id"])) { 
    54. 

  54. 		$ticket_id = check_str($_REQUEST["id"]);
    55. 

  55. 	}
    56. 

  56. 	if (isset($_REQUEST["uuid"])) { 
    57. 

  57. 		$ticket_uuid = check_str($_REQUEST["uuid"]);
    58. 

  58. 	}
    59. 

  59. } else {  
    60. 

  60. 	$action = "add";
    61. 

  61. 	//Redirect back outta here probably
    62. 

  62. }
    63. 

  63. 

  64. if ($action == "update") {
    65. 

  65. 

  66. 	//get the ticket
    67. 

  67. 	$sql = "";
    68. 

  68. 	$sql .= "select a.ticket_id, a.queue_id, a.domain_uuid, a.user_uuid, a.customer_id, a.subject, ";
    69. 

  69. 	$sql .= "to_char(a.create_stamp, 'MM-DD-YY HH24-MI-SS') as create_stamp, a.create_user_id, ";
    70. 

  70. 	$sql .= "a.ticket_status, to_char(a.last_update_stamp, 'MM-DD-YY HH24-MI-SS') as last_update_stamp, ";
    71. 

  71. 	$sql .= "a.last_update_user_uuid, a.ticket_uuid, a.ticket_number, a.ticket_owner, a.customer_ticket_number, ";
    72. 

  72. 	$sql .= "b.username, c.username as create_username, d.username as last_update_username ";
    73. 

  73. 	$sql .= "from v_tickets as a, v_users as b, v_users as c, v_users as d ";
    74. 

  74. 	$sql .= "where a.user_uuid = b.id and a.create_user_id = c.id and a.last_update_user_uuid = d.id ";
    75. 

  75. 	$sql .= "and a.domain_uuid = '$domain_uuid' ";
    76. 

  76. 	if (isset($_REQUEST["id"])) { 
    77. 

  77. 		$sql .= "and a.ticket_id = '$ticket_id' ";
    78. 

  78. 	}
    79. 

  79. 	if (isset($_REQUEST["uuid"])) { 
    80. 

  80. 		$sql .= "and a.ticket_uuid = '$ticket_uuid' ";
    81. 

  81. 	}
    82. 

  82. 	if (!$isadmin) {
    83. 

  83. 		$sql .= "and a.user_uuid = " . $_SESSION['user_uuid'] . " ";
    84. 

  84. 	}
    85. 

  85. 

  86. 	$prep_statement = $db->prepare(check_sql($sql));
    87. 

  87. 	$prep_statement->execute();
    88. 

  88. 	$x = 0;
    89. 

  89. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    90. 

  90. 	foreach ($result as &$row) {
    91. 

  91. 		$ticket_header = $row;
    92. 

  92. 		$x++;
    93. 

  93. 		break;
    94. 

  94. 	}
    95. 

  95. 	unset ($prep_statement);
    96. 

  96. 

  97. 	if ($x < 1) {
    98. 

  98. 		include "bad_ticket_id.php";
    99. 

  99. 		goto end;
    100. 

  100. 	}
    101. 

  101. 	
    102. 

  102. 	$sql = "";
    103. 

  103. 	$sql .= "SELECT * from v_ticket_notes ";
    104. 

  104. 	$sql .= "where ticket_id = " . $ticket_header['ticket_id'] . " ";
    105. 

  105. 	$sql .= "order by create_stamp ";
    106. 

  106. 	$prep_statement = $db->prepare(check_sql($sql));
    107. 

  107. 	$prep_statement->execute();
    108. 

  108. 	$x = 0;
    109. 

  109. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    110. 

  110. 	foreach ($result as &$row) {
    111. 

  111. 		$ticket_notes[$x] = $row;
    112. 

  112. 		$x++;
    113. 

  113. 	}
    114. 

  114. 	unset ($prep_statement);
    115. 

  115. 

  116. 	$sql = "";
    117. 

  117. 	$sql .= "select a.*, c.username from v_ticket_queue_members as a, v_users as c ";
    118. 

  118. 	$sql .= "where a.user_uuid = c.id ";
    119. 

  119. 	$sql .= "and a.queue_id = " . $ticket_header['queue_id'] . " ";
    120. 

  120. 	$prep_statement = $db->prepare(check_sql($sql));
    121. 

  121. 	$prep_statement->execute();
    122. 

  122. 	$x = 0;
    123. 

  123. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    124. 

  124. 	foreach ($result as &$row) {
    125. 

  125. 		$queue_members[$x] = $row;
    126. 

  126. 		$x++;
    127. 

  127. 	}
    128. 

  128. 	unset ($prep_statement);
    129. 

  129. 

  130. 	$sql = "";
    131. 

  131. 	$sql .= "SELECT * from v_ticket_statuses ";
    132. 

  132. 	$sql .= "where domain_uuid = $domain_uuid ";
    133. 

  133. 	$sql .= "ORDER by status_id ";
    134. 

  134. 	$prep_statement = $db->prepare(check_sql($sql));
    135. 

  135. 	$prep_statement->execute();
    136. 

  136. 	$x = 0;
    137. 

  137. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    138. 

  138. 	foreach ($result as &$row) {
    139. 

  139. 		$ticket_statuses[$x] = $row;
    140. 

  140. 		$x++;
    141. 

  141. 	}
    142. 

  142. 	unset ($prep_statement);
    143. 

  143. 

  144. 	$sql = "";
    145. 

  145. 	$sql .= "SELECT * from v_ticket_queues ";
    146. 

  146. 	$sql .= "where domain_uuid = $domain_uuid ";
    147. 

  147. 	$sql .= "ORDER by queue_name ";
    148. 

  148. 	$prep_statement = $db->prepare(check_sql($sql));
    149. 

  149. 	$prep_statement->execute();
    150. 

  150. 	$x = 0;
    151. 

  151. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    152. 

  152. 	foreach ($result as &$row) {
    153. 

  153. 		$ticket_queues[$x] = $row;
    154. 

  154. 		$x++;
    155. 

  155. 	}
    156. 

  156. 	unset ($prep_statement);
    157. 

  157. } 
    158. 

  158. 

  159. if ((!isset($_REQUEST['submit'])) || ($_REQUEST['submit'] != 'Save')) {
    160. 

  160. 	// If we arent saving a Profile Display the form.
    161. 

  161. 	include "ticket_update.php";	
    162. 

  162. 	goto end;
    163. 

  163. }
    164. 

  164. 

  165. foreach ($_REQUEST as $field => $data){
    166. 

  166. 	$request[$field] = check_str($data);
    167. 

  167. }
    168. 

  168. 

  169. if ($action == "update" && permission_exists('ticket_update')) {
    170. 

  170. 	if (strlen($request['new_note']) > 0) {
    171. 

  171. 		$sql = "";
    172. 

  172. 		$sql .= "INSERT into v_ticket_notes (";
    173. 

  173. 		$sql .= "ticket_id, ";
    174. 

  174. 		$sql .= "create_stamp, ";
    175. 

  175. 		$sql .= "create_user_id, ";
    176. 

  176. 		$sql .= "ticket_note ";
    177. 

  177. 		$sql .= ") values ( ";
    178. 

  178. 		$sql .= $ticket_header['ticket_id'] . ", ";
    179. 

  179. 		$sql .= "now(), ";
    180. 

  180. 		$sql .= $_SESSION['user_uuid'] . ", ";
    181. 

  181. 		$sql .= "'" . base64_encode($request['new_note']) . "' ";
    182. 

  182. 		$sql .= ")";
    183. 

  183. 		$db->exec(check_sql($sql));
    184. 

  184. 		$note_added = true;
    185. 

  185. 	}
    186. 

  186. 

  187. 	$sql = "";
    188. 

  188. 	$sql .= "UPDATE v_tickets set ";
    189. 

  189. 	if ($ticket_header['ticket_owner'] != $request['ticket_owner']) {
    190. 

  190. 		$sql .= "ticket_owner = " . $request['ticket_owner'] . ", ";
    191. 

  191. 		if ($_SESSION['user_uuid'] != $request['ticket_owner']) {
    192. 

  192. 			$alert_new_owner = true;
    193. 

  193. 		}
    194. 

  194. 	}
    195. 

  195. 	if ($ticket_header['ticket_status'] != $request['ticket_status']) {
    196. 

  196. 		$sql .= "ticket_status = " . $request['ticket_status'] . ", ";
    197. 

  197. 	}
    198. 

  198. 	if ($ticket_header['queue_id'] != $request['queue_id']) {
    199. 

  199. 		$sql .= "queue_id = " . $request['queue_id'] . ", ";
    200. 

  200. 	}
    201. 

  201. 	$sql .= "last_update_user_uuid = " . $_SESSION['user_uuid'] . ", ";
    202. 

  202. 	$sql .= "last_update_stamp = now() ";
    203. 

  203. 	$sql .= "where ticket_id = " . $ticket_header['ticket_id'] . " ";
    204. 

  204. 	$db->exec(check_sql($sql));
    205. 

  205. 

  206. 	if ($note_added && $request['alert_user']) {
    207. 

  207. 		$sql = "select user_email from v_users where id = . " . $ticket_header['user_uuid'];
    208. 

  208. 	        $prep_statement = $db->prepare(check_sql($sql));
    209. 

  209. 		$prep_statement->execute();
    210. 

  210. 		$x = 0;
    211. 

  211. 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    212. 

  212. 		foreach ($result as &$row) {
    213. 

  213. 			$user_email = $row['user_email'];
    214. 

  214. 			break;
    215. 

  215. 		}
    216. 

  216. 		unset ($prep_statement);
    217. 

  217. 

  218. 		if (strlen($user_email) > 1) {
    219. 

  219. 			$subject = sprintf("[%s] Ticket %s Updated", $queue['queue_name'], $ticket_header['ticket_number']);
    220. 

  220. 			$to = $user_email;
    221. 

  221. 			$message = "";
    222. 

  222. 			$message .= "Ticket Number $ticketnumber has been update\n";
    223. 

  223. 			$message .= "Ticket Link: http://" . $_SESSION['domain_name'] . PROJECT_PATH . "/app/tickets/v_ticket_update.php?uuid=" . urlencode($ticket_uuid). "\n";
    224. 

  224. 			$message .= "Ticket update: \n";
    225. 

  225. 			$message .= $request['new_notes'] . "\n";
    226. 

  226. 			$from = "From: " . $_SESSION['support_email'];
    227. 

  227. 			mail($to, $subject, $message, $from);
    228. 

  228. 		}
    229. 

  229. 	} 
    230. 

  230. 	
    231. 

  231. 	if ($alert_new_owner) {
    232. 

  232. 		$sql = "select user_email from v_users where id = . " . $request['ticket_owner'];
    233. 

  233. 	        $prep_statement = $db->prepare(check_sql($sql));
    234. 

  234. 		$prep_statement->execute();
    235. 

  235. 		$x = 0;
    236. 

  236. 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    237. 

  237. 		foreach ($result as &$row) {
    238. 

  238. 			$user_email = $row['user_email'];
    239. 

  239. 			break;
    240. 

  240. 		}
    241. 

  241. 		unset ($prep_statement);
    242. 

  242. 

  243. 		if (strlen($user_email) > 1) {
    244. 

  244. 			$subject = sprintf("[%s] Ticket %s Updated", $queue['queue_name'], $ticket_header['ticket_number']);
    245. 

  245. 			$to = $user_email;
    246. 

  246. 			$message = "";
    247. 

  247. 			$message .= "Ticket Number $ticketnumber has been update\n";
    248. 

  248. 			$message .= "Ticket Link: http://" . $_SESSION['domain_name'] . PROJECT_PATH . "/app/tickets/v_ticket_update.php?uuid=" . urlencode($ticket_uuid). "\n";
    249. 

  249. 			$from = "From: " . $_SESSION['support_email'];
    250. 

  250. 			mail($to, $subject, $message, $from);
    251. 

  251. 		}
    252. 

  252. 		
    253. 

  253. 	}
    254. 

  254. 	
    255. 

  255. 	goto writeout;
    256. 

  256. } 
    257. 

  257. 

  258. writeout:
    259. 

  259. include "update_complete.php";
    260. 

  260. 

  261. end:
    262. 

  262. //show the footer
    263. 

  263. require_once "resources/footer.php";
    264. 

  264. 

  265. ?>
    266.