$updateIt = $_GET['updateIt']; // Vairables from answer $ticketid = $_POST['ticketid']; $messageid = $_POST['messageid']; $message = $_POST['message']; $ufrom = $_POST['ufrom']; $set_status = $_POST['set_status']; // Vairables from search $search_value = $_POST['searchit']; // Vairables from settings // ################################ // ### Admin Answer // ################################ if ($action == "answer") { // Check if given id is existing + escape $currentid = id_exist("cms_tickets", $id); if (is_numeric($id) && $currentid == "1") { if ($message || $messageid || $ticketid) { // connect to db $mysqli_answer = getConnected("account"); // set autocommit to off mysqli_autocommit($mysqli_answer, FALSE); // escape the inputs $messageid_todb = mysqli_real_escape_string($mysqli_answer, $messageid); $ticketid_todb = mysqli_real_escape_string($mysqli_answer, $ticketid); $message_todb = mysqli_real_escape_string($mysqli_answer, $message); $set_status_todb = mysqli_real_escape_string($mysqli_answer, $set_status); // Insert some values $sql_answer = mysqli_query($mysqli_answer, "INSERT INTO cms_answers (messageid, ticketid, message, ufrom, userlevel, time) VALUES ('{$messageid_todb}','{$ticketid_todb}','{$message_todb}','{$username_form}','2',now())"); $sql_answer2 = mysqli_query($mysqli_answer, "UPDATE cms_tickets SET status='{$set_status_todb}' WHERE ticketid='{$ticketid_todb}'"); if ($sql_answer && $sql_answer2) {
<?php // initialize session session_start(); // include config include_once "config/config.php"; // include functions include_once "config/cms_functions.php"; // Check if cms is installed if (id_exist(cms_settings, '1') == 2) { header('Location: install'); exit; } // check auto languagedetection and load language file if (!logged_in()) { include_once "scripts/language/" . autoLanguageDet() . ".php"; } else { include_once "scripts/language/" . settinginfo(language) . ".php"; } // include statistic count include_once "config/stats.php"; ///////////////////////////////////////////////////////////////////////// ?> <!DOCTYPE html> <head lang="en"> <meta charset=UTF-8" /> <title><?php echo settinginfo(titel_page) . " - " . settinginfo(titel_slogan); ?> </title> <!-- Stylesheet -->