コード例 #1
0
ファイル: new.php プロジェクト: kbuley/karnaf
<?php
##################################################################
# Karnaf HelpDesk System - Copyright (C) 2001-2015 Kobi Shmueli. #
# See the LICENSE file for more information.                     #
##################################################################

$title = "New Ticket";
require_once("karnaf_header.php");
show_title("New Ticket");
if(IsKarnafOperSession()) $isoper = 1;
else $isoper = 0;
if(isset($_POST['cat3'])) {
  if($isoper) $uip = $_POST['uip'];
  else $uip = get_session_ip();
  $randstr = RandomNumber(10);
  $priority = 0;
  $rep_u = "";
  /* It would make sense to have the helpdesk team get tickets by default (unless the category assigns them to another team) */
  $rep_g = KARNAF_DEFAULT_GROUP;
  $query = squery("SELECT id,name,default_group,default_priority FROM karnaf_cat3 WHERE id=%d", $_POST['cat3']);
  if($result = sql_fetch_array($query)) {
    if(!empty($result['default_group'])) $rep_g = $result['default_group'];
    $priority = (int)$result['default_priority'];
    $cat3_id = $result['id'];
  }
  sql_free_result($query);
  if(!isset($cat3_id)) $error = "Invalid category provided, please try again!";
  if(isset($_POST['uphone'])) $uphone = fix_html($_POST['uphone']);
  else $uphone = "";
  $upriority = (int)$_POST['upriority'];
  if($upriority < $priority) $priority = $upriority;
コード例 #2
0
ファイル: view.php プロジェクト: nirn/karnaf
} else {
    require_once "karnaf_header.php";
}
$id = $_GET['id'];
if (empty($id) || !is_numeric($id)) {
    safe_die("Invalid Ticket ID!");
}
if (isset($_GET['code']) && !empty($_GET['code'])) {
    $randcode = $_GET['code'];
} else {
    $randcode = 0;
}
if (!isset($_GET['ajax'])) {
    show_title("Ticket #" . $id);
}
if (IsKarnafOperSession()) {
    $isoper = 1;
} else {
    $isoper = 0;
}
$isadmin = 0;
$query = squery("SELECT t.id,t.randcode,t.status,t.title,t.description,t.unick,t.ufullname,t.uemail,t.uphone,t.uip,t.rep_u,\nt.rep_g,t.open_time,t.opened_by,t.is_real,t.is_private,t.email_upd,t.memo_upd,c1.name AS cat1_name,c2.name AS cat2_name,c3.name AS \ncat3_name,s.status_name,up.priority_name AS upriority,sp.priority_name AS priority,c3.extra,t.ext1,t.ext2,t.ext3,t.merged_to,t.cc,\ng.private_actions,t.lastupd_time \nFROM (karnaf_tickets AS t INNER JOIN karnaf_cat3 AS c3 ON c3.id=t.cat3_id INNER JOIN karnaf_cat2 AS c2 ON c2.id=c3.parent \nINNER JOIN karnaf_cat1 AS c1 ON c1.id=c2.parent INNER JOIN karnaf_statuses AS s ON s.status_id=t.status INNER JOIN karnaf_priorities AS up ON \nup.priority_id=t.upriority INNER JOIN karnaf_priorities AS sp ON sp.priority_id=t.priority LEFT JOIN groups AS g ON g.name=t.rep_g) WHERE t.id=%d", $id);
if ($result = sql_fetch_array($query)) {
    if (!$isoper && $randcode != $result['randcode'] && ($nick != $result['unick'] || $nick == "Guest" || $a_regtime > (int) $result['open_time'])) {
        AccessDenied("You must provide the ticket verification code to view this page.");
    }
    if (isset($_POST['reply_text']) && !empty($_POST['reply_text']) && $result['status'] != 0) {
        squery("INSERT INTO karnaf_replies(tid,reply,r_by,r_time,r_from,ip) VALUES(%d,'%s','%s',%d,'%s','%s')", $id, $_POST['reply_text'], $nick, time(), $nick, get_session_ip());
        if ((int) $result['status'] == 2) {
            squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d AND status=2", time(), $id);
            send_memo($result['rep_u'], "User has replied to ticket #" . $result['id'] . ". For more information visit: " . KARNAF_URL . "/edit.php?id=" . $result['id']);
コード例 #3
0
ファイル: download.php プロジェクト: nirn/karnaf
# See the LICENSE file for more information.                     #
##################################################################
require_once "../ktools.php";
check_auth();
$id = $_GET['id'];
if (empty($id) || !is_numeric($id)) {
    safe_die("Invalid Ticket ID!");
}
if (isset($_GET['code']) && !empty($_GET['code'])) {
    $randcode = $_GET['code'];
} else {
    $randcode = 0;
}
$query = squery("SELECT unick,randcode,open_time FROM karnaf_tickets WHERE id=%d", $id);
if ($result = sql_fetch_array($query)) {
    if (!IsKarnafOperSession() && $randcode != $result['randcode'] && ($nick != $result['unick'] || $nick == "Guest" || $a_regtime > (int) $result['open_time'])) {
        AccessDenied("You must provide the ticket verification code to view this page.");
    }
    if (isset($_GET['download'])) {
        $download = $_GET['download'];
    } else {
        $download = 0;
    }
    $query2 = squery("SELECT file_name,file_type,file_size FROM karnaf_files WHERE id=%d AND tid=%d", $download, $id);
    if (!$query2) {
        safe_die("Error: can't find file!");
    }
    $result2 = sql_fetch_array($query2);
    if (!$result2) {
        safe_die("Error: can't find file!");
    }