$ticket->db_open(); $user = new user(); $user->db_open(); if (isset($_GET['tid']) && filter_var($_GET['tid'], FILTER_VALIDATE_INT)) { $tid = $_GET['tid']; } else { $tid = '0'; } if ($_SESSION['userlevel'] != 1 && $_SESSION['userlevel'] != "") { $admin = true; } else { $admin = false; } if (isset($_POST['action']) && $_POST['action'] == 'Delete' && $admin) { $staff = new staff(); $staff->db_open(); $delete = $staff->delete_ticket($_GET['tid']); if ($delete) { header('Location: index.php'); } else { $error = htmlspecialchars($staff->get_error(), ENT_QUOTES); } } if (isset($_POST['action']) && $_POST['action'] == 'Close' && $admin) { $close = $ticket->close_ticket($_GET['tid']); if (!$close) { $error = htmlspecialchars($staff->get_error(), ENT_QUOTES); } } if (isset($_POST['action']) && $_POST['action'] == 'Open' && $admin) { $open = $ticket->close_ticket($_GET['tid'], TRUE);