set_time_limit(3600); //ok, we're processing a ticket update, but lets //exercise some healty paranoia.. $gridimage_ticket_id = intval($_POST['gridimage_ticket_id']); $ticket = new GridImageTroubleTicket($gridimage_ticket_id); //you sure this is a ticket? if (!$ticket->isValid()) { die("invalid ticket id"); } //definitely for this image? if ($ticket->gridimage_id != $image->gridimage_id) { die("ticket/image mismatch"); } $issuggester = $ticket->user_id == $USER->user_id ? 1 : 0; if (!$issuggester) { $ticket->setNotify(!empty($_POST['notify']) ? preg_replace('/[^\\w]+/', '', $_POST['notify']) : ''); } $thankyou = ''; //now lets do our thing depending on your permission level.. $comment = stripslashes($_POST['comment']); if ($isadmin) { if (isset($_POST['disown'])) { $ticket->removeModerator(); } elseif (isset($_POST['addcomment'])) { $ticket->addModeratorComment($USER->user_id, $comment, !empty($_POST['claim'])); } elseif (isset($_POST['accept'])) { $ticket->setModerator($USER->user_id); $ticket->closeTicket($USER->user_id, $comment, isset($_POST['accepted']) ? $_POST['accepted'] : null); //reload the image $image->loadFromId($_REQUEST['id']); } elseif (isset($_POST['close'])) {