}
}
}
$comment = encrypt($resolvenow . $_POST['comment']);
$sql = "INSERT INTO SupportTicketComments (TicketID, UserID, UserName, CreateDate, Comment, Resolve) VALUES ('{$ticketid}','{$id}','{$user}','{$date}','{$comment}','{$resolve}')";
if (!mysqli_query($conn, $sql)) {
$text = "Comment failed: " . mysqli_error($conn);
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n";
$headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n";
$headers .= 'X-Mailer: PHP/' . phpversion();
mail('*****@*****.**', 'Comment ERROR', $text, $headers, '*****@*****.**');
$text .= '<br /><br />';
} else {
c_Log3($_SESSION['id'], 'Comment Edited', $old, 'New Comment: "' . $_POST['comment'] . '"', 'Page ID: ' . $pageid);
$newcommentid = mysqli_insert_id($conn);
$redirect = "Location: /support/TicketView?a=" . base64url_encode($ticketid) . "&comment=" . $newcommentid;
if ($_SESSION['admin'] || $_SESSION['owner']) {
if ($resolve && !$resolvedbefore) {
mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',ResolveDate='{$date}',CurrentUserID='0',CurrentUserName='',Resolved='1',ResolvedUserID='{$id}',ResolvedUserName='******' WHERE ID='{$ticketid}'");
} else {
if ($resolvedbefore && !$resolve) {
mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',CurrentUserID='{$id}',CurrentUserName='******',Resolved='0' WHERE ID='{$ticketid}'");
} else {
mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',CurrentUserID='{$id}',CurrentUserName='******',Resolved='0' WHERE ID='{$ticketid}'");
}
}
}
mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}' WHERE ID='{$ticketid}'");
$PostUserID = $data['PostUserID'];
$oldtitle = decrypt($olddata['Title']);
$olddesc = decrypt($olddata['Description']);
$old = 'Title: "' . strip_tags(stripslashes(trim($oldtitle))) . '" Description: "' . $olddesc . '"';
$sql = "UPDATE Pages SET Title='{$title}', Description='{$desc}', ModifiedDate='{$date}', LastUserID='{$id}', LastUserName='******', Owner='{$owner}', Admin='{$admin}', Moderator='{$mod}', Premium='{$premium}', Marist='{$marist}', Valid='{$basic}', EmailUser='******' WHERE ID='{$str}'";
if (($owner || $admin || $mod || $premium || $marist || $basic) && strlen($_POST['title']) && strlen($_POST['desc'])) {
if (!mysqli_query($conn, $sql)) {
$text = "Page edit failed: " . mysqli_error($conn);
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n";
$headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n";
$headers .= 'X-Mailer: PHP/' . phpversion();
mail('*****@*****.**', 'Page Edit ERROR', $text, $headers, '*****@*****.**');
$text .= '<br /><br />';
} else {
c_Log3($_SESSION['id'], 'Page Edited', $old, 'Title: "' . strip_tags(stripslashes(trim($_POST['title']))) . '" Description: "' . $_POST['desc'] . '"', 'Page ID: ' . $str);
$text = "Page edit Successfully! <br /><br />";
$redirect = "Location: /admin/View?a=" . $_REQUEST['a'];
header($redirect);
}
} else {
$text = "Either no permissons were selected or the title and/or description was empty.<br /><br />";
}
$sql = "SELECT * FROM Pages WHERE ID='{$str}'";
$data = mysqli_query($conn, $sql);
$data = mysqli_fetch_assoc($data);
$title = decrypt($data['Title']);
$desc = decrypt($data['Description']);
$checkowner = '';
$checkadmin = '';
$checkmod = '';
}
return $str;
}
if ($_SESSION['owner']) {
$owner = convert($_POST['Owner']);
}
$admin = convert($_POST['Administrator']);
$mod = convert($_POST['Moderator']);
$premium = convert($_POST['Premium']);
$valid = convert($_POST['Valid']);
$marist = convert($_POST['Marist']);
$basic = convert($_POST['Basic']);
$date = date("Y-m-d H:i:s");
$old = 'Old Permissions: ' . $data['Owner'] . ',' . $data['Administrator'] . ',' . $data['Moderator'] . ',' . $data['Premium'] . ',' . $data['Marist'] . ',' . $data['ValidAccount'] . ',' . $data['Active'];
$new = 'New Permissions: ' . $owner . ',' . $admin . ',' . $mod . ',' . $premium . ',' . $marist . ',' . $valid . ',' . $basic;
c_Log3($_SESSION['id'], 'Changing Permissions', $old, $new, 'User ID: ' . $id);
//if ($_SESSION['owner']) {
$sql = "UPDATE UserAccounts SET ModifiedDate='{$date}', Owner='{$owner}', Administrator='{$admin}', Moderator='{$mod}', Premium='{$premium}', Marist='{$marist}', ValidAccount='{$valid}', Active='{$basic}' WHERE RowID='{$id}'";
//} else {
//}
if (!mysqli_query($conn, $sql)) {
$text = "Permissions change failed: " . mysqli_error($conn);
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n";
$headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n";
$headers .= 'X-Mailer: PHP/' . phpversion();
mail('*****@*****.**', 'Permissions Change ERROR', $text, $headers, '*****@*****.**');
$text .= '<br />';
} else {
$text = "Permissions changed Successfull!<br />";
