} } } $comment = encrypt($resolvenow . $_POST['comment']); $sql = "INSERT INTO SupportTicketComments (TicketID, UserID, UserName, CreateDate, Comment, Resolve) VALUES ('{$ticketid}','{$id}','{$user}','{$date}','{$comment}','{$resolve}')"; if (!mysqli_query($conn, $sql)) { $text = "Comment failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'Comment ERROR', $text, $headers, '*****@*****.**'); $text .= '<br /><br />'; } else { c_Log3($_SESSION['id'], 'Comment Edited', $old, 'New Comment: "' . $_POST['comment'] . '"', 'Page ID: ' . $pageid); $newcommentid = mysqli_insert_id($conn); $redirect = "Location: /support/TicketView?a=" . base64url_encode($ticketid) . "&comment=" . $newcommentid; if ($_SESSION['admin'] || $_SESSION['owner']) { if ($resolve && !$resolvedbefore) { mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',ResolveDate='{$date}',CurrentUserID='0',CurrentUserName='',Resolved='1',ResolvedUserID='{$id}',ResolvedUserName='******' WHERE ID='{$ticketid}'"); } else { if ($resolvedbefore && !$resolve) { mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',CurrentUserID='{$id}',CurrentUserName='******',Resolved='0' WHERE ID='{$ticketid}'"); } else { mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}',CurrentUserID='{$id}',CurrentUserName='******',Resolved='0' WHERE ID='{$ticketid}'"); } } } mysqli_query($conn, "UPDATE SupportTickets SET LastUpdatedDate='{$date}' WHERE ID='{$ticketid}'"); $PostUserID = $data['PostUserID'];
$oldtitle = decrypt($olddata['Title']); $olddesc = decrypt($olddata['Description']); $old = 'Title: "' . strip_tags(stripslashes(trim($oldtitle))) . '" Description: "' . $olddesc . '"'; $sql = "UPDATE Pages SET Title='{$title}', Description='{$desc}', ModifiedDate='{$date}', LastUserID='{$id}', LastUserName='******', Owner='{$owner}', Admin='{$admin}', Moderator='{$mod}', Premium='{$premium}', Marist='{$marist}', Valid='{$basic}', EmailUser='******' WHERE ID='{$str}'"; if (($owner || $admin || $mod || $premium || $marist || $basic) && strlen($_POST['title']) && strlen($_POST['desc'])) { if (!mysqli_query($conn, $sql)) { $text = "Page edit failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'Page Edit ERROR', $text, $headers, '*****@*****.**'); $text .= '<br /><br />'; } else { c_Log3($_SESSION['id'], 'Page Edited', $old, 'Title: "' . strip_tags(stripslashes(trim($_POST['title']))) . '" Description: "' . $_POST['desc'] . '"', 'Page ID: ' . $str); $text = "Page edit Successfully! <br /><br />"; $redirect = "Location: /admin/View?a=" . $_REQUEST['a']; header($redirect); } } else { $text = "Either no permissons were selected or the title and/or description was empty.<br /><br />"; } $sql = "SELECT * FROM Pages WHERE ID='{$str}'"; $data = mysqli_query($conn, $sql); $data = mysqli_fetch_assoc($data); $title = decrypt($data['Title']); $desc = decrypt($data['Description']); $checkowner = ''; $checkadmin = ''; $checkmod = '';
} return $str; } if ($_SESSION['owner']) { $owner = convert($_POST['Owner']); } $admin = convert($_POST['Administrator']); $mod = convert($_POST['Moderator']); $premium = convert($_POST['Premium']); $valid = convert($_POST['Valid']); $marist = convert($_POST['Marist']); $basic = convert($_POST['Basic']); $date = date("Y-m-d H:i:s"); $old = 'Old Permissions: ' . $data['Owner'] . ',' . $data['Administrator'] . ',' . $data['Moderator'] . ',' . $data['Premium'] . ',' . $data['Marist'] . ',' . $data['ValidAccount'] . ',' . $data['Active']; $new = 'New Permissions: ' . $owner . ',' . $admin . ',' . $mod . ',' . $premium . ',' . $marist . ',' . $valid . ',' . $basic; c_Log3($_SESSION['id'], 'Changing Permissions', $old, $new, 'User ID: ' . $id); //if ($_SESSION['owner']) { $sql = "UPDATE UserAccounts SET ModifiedDate='{$date}', Owner='{$owner}', Administrator='{$admin}', Moderator='{$mod}', Premium='{$premium}', Marist='{$marist}', ValidAccount='{$valid}', Active='{$basic}' WHERE RowID='{$id}'"; //} else { //} if (!mysqli_query($conn, $sql)) { $text = "Permissions change failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'Permissions Change ERROR', $text, $headers, '*****@*****.**'); $text .= '<br />'; } else { $text = "Permissions changed Successfull!<br />";