} else {
$mine_selected = '';
$all_selected = 'selected';
}
if ($_REQUEST['fun'] == '' || $_REQUEST['fun'] == 'home' || $_REQUEST['fun'] == 'search') {
// This is an archaic parameter list
$match_condition = isset($_REQUEST['search_match']) ? $_REQUEST['search_match'] : '';
$where = getTicketSearchQuery();
$params = array(array('id' => "{$customerid}", 'sessionid' => "{$sessionid}", 'user_name' => "{$username}", 'onlymine' => $onlymine, 'where' => "{$where}", 'match' => "{$match_condition}"));
$result = $client->call('get_tickets_list', $params, $Server_Path, $Server_Path);
include "TicketsList.php";
} elseif ($_REQUEST['fun'] == 'newticket') {
include "NewTicket.php";
} elseif ($_REQUEST['fun'] == 'updatecomment' || $_REQUEST['fun'] == 'close_ticket' || $_REQUEST['fun'] == 'uploadfile') {
if ($_REQUEST['fun'] == 'updatecomment') {
UpdateComment();
}
if ($_REQUEST['fun'] == 'close_ticket') {
$ticketid = $_REQUEST['ticketid'];
$res = Close_Ticket($ticketid);
}
if ($_REQUEST['fun'] == 'uploadfile') {
$upload_status = AddAttachment();
if ($upload_status != '') {
echo $upload_status;
exit(0);
}
}
?>
<script>
var ticketid = <?php
function OnUpdate()
{
if (!isset($_POST["hash"])) {
return False;
}
if (isset($_REQUEST["user"]) && isset($_POST["favorite"])) {
UpdateFavorite($_POST["hash"], $_REQUEST["user"], $_POST["favorite"] === "true");
}
// This part is under permissions constraints.
//==================================================
if (isset($_POST["vendor"])) {
if (!CanModifyFile($_POST["hash"])) {
return False;
}
UpdateVendor($_POST["hash"], $_POST["vendor"]);
}
if (isset($_POST["comment"])) {
if (!CanModifyFile($_POST["hash"])) {
return False;
}
UpdateComment($_POST["hash"], $_POST["comment"]);
}
if (isset($_POST["tags"])) {
if (!CanModifyFile($_POST["hash"])) {
return False;
}
UpdateTags($_POST["hash"], $_POST["tags"]);
}
return True;
}
