exit(0); } } } } echo "Not an old ticket, searching for a matching customer\n"; $q = "SELECT id FROM {$pro_mysql_client_table} WHERE email='{$email_from}';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); // A matching email has been found if ($n == 1) { $a = mysql_fetch_array($r); $q = "SELECT adm_login FROM {$pro_mysql_admin_table} WHERE id_client='" . $a["id"] . "';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); // At this point, we got an exact match: let's create a new ticket for this adm_login! if ($n == 1) { $adm = mysql_fetch_array($r); $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,in_reply_of_id,reply_id,admin_or_user,text,initial_ticket,hash,subject)\n\t\tVALUES('','" . $adm["adm_login"] . "','" . date('Y-m-d') . "','" . date('H:m:i') . "','0','0','user','" . mysql_real_escape_string($body) . "','yes','" . createSupportHash() . "','" . mysql_real_escape_string($stt->headers["subject"]) . "');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); mailTicketToAllAdmins($stt->headers["subject"], $body, $adm["adm_login"]); exit(0); } // If nothing matches, then we want to create a new ticket associated with // this email address. } else { $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,customer_email,date,time,in_reply_of_id,reply_id,admin_or_user,text,initial_ticket,hash,subject)\n\tVALUES('','{$email_from}','" . date('Y-m-d') . "','" . date('H:m:i') . "','0','0','user','" . mysql_real_escape_string($body) . "','yes','" . createSupportHash() . "','" . mysql_real_escape_string($stt->headers["subject"]) . "');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); mailTicketToAllAdmins($stt->headers["subject"], $body, $email_from); } exit(0);
} // action=new_ticket&subject=test+subject&server_hostname=test.vpsserver.com%3A01&issue_cat_id=network&ticketbody=I+can%27t+connect+to+my+VPS%21 if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "new_ticket") { checkLoginPass($adm_login, $adm_pass); if (strlen($_REQUEST["subject"]) == 0) { echo _("Subject line empty: cannot send ticket!"); } else { $hash = createSupportHash(); $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,subject,text,cat_id,initial_ticket,server_hostname,hash)\n\t\tVALUES ('','{$adm_login}','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . addslashes($_REQUEST["subject"]) . "','" . addslashes($_REQUEST["ticketbody"]) . "','" . addslashes($_REQUEST["issue_cat_id"]) . "','yes','" . addslashes($_REQUEST["server_hostname"]) . "','{$hash}');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); mailTicketToAllAdmins($_REQUEST["subject"], $_REQUEST["ticketbody"], $adm_login); } } if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "add_ticket_reply") { checkLoginPass($adm_login, $adm_pass); if (!isRandomNum($_REQUEST["last_tik_id"]) || !isRandomNum($_REQUEST["tik_id"])) { echo _("last_tick_id or tik_id is not a number: hacking attempt!"); } else { // Insert the new ticket $q = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,subject,text,cat_id,initial_ticket,server_hostname,in_reply_of_id,request_close)\n\t\tVALUES ('','{$adm_login}','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . addslashes($_REQUEST["subject"]) . "','" . addslashes($_REQUEST["ticketbody"]) . "','" . addslashes($_REQUEST["cat_id"]) . "','no','" . addslashes($_REQUEST["server_hostname"]) . "','" . addslashes($_REQUEST["last_tik_id"]) . "','" . addslashes($_REQUEST["request_to_close"]) . "');"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); $ins_id = mysql_insert_id(); // Update the chained list of tickets $q = "UPDATE {$pro_mysql_tik_queries_table} SET reply_id='{$ins_id}' WHERE id='" . $_REQUEST["last_tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); // Set the initial ticket as reopen in case it was closed $q = "UPDATE {$pro_mysql_tik_queries_table} SET closed='no' WHERE id='" . $_REQUEST["tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error()); mailTicketToAllAdmins($_REQUEST["subject"], $_REQUEST["ticketbody"], $adm_login); } }