// error check: recaptcha if ($recaptcha_use) { $resp = recaptcha_check_answer($recaptcha_key_private, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $recaptcha_error = $resp->error; $error = true; } } // error check: existing username $usercheck = db_query_single("SELECT username FROM users WHERE username='******'uname']) . "'"); if ($usercheck) { $errors_user[] = 'Your desired username has already been taken, please pick another username.'; $error = true; } // error check: no characters if (!hascharacters($_POST['uname'])) { $errors_user[] = 'Your desired username cannot be exclusively spaces or blank, please pick another username.'; $error = true; } elseif (strlen($_POST['uname']) < 3) { $errors_user[] = 'Your desired username is too short, please pick a longer username.'; $error = true; } elseif (strlen($_POST['uname']) > 24) { $errors_user[] = 'Your desired username is too long, please pick a shorter username.'; $error = true; } // error check: html characters if ($_POST['uname'] != strip_tags($_POST['uname']) || $_POST['uname'] != escape_smart($_POST['uname'])) { $errors_user[] = 'Your desired username contains invalid characters.'; $error = true; } // error check: password too short
if (strstr($tags, $tagsarr[$i])) { $error = true; $errors_tags[] = 'The tag you entered \'' . $tagsarr[$i] . '\' has been entered more than once.'; } elseif (strlen($tagsarr[$i]) > 16) { $error = true; $errors_tags[] = 'The tag you entered \'' . $tagsarr[$i] . '\' exceeds the maximum length of tags of 16 characters.'; } else { $tags .= ($i > 0 ? ' ' : '') . $tagsarr[$i]; } } } if (!hascharacters($title)) { $error = true; $errors_title[] = 'The summary you provided for your ticket is blank.'; } if (!hascharacters($description)) { $error = true; $errors_description[] = 'The description you provided for your ticket is blank.'; } if (!$error) { $query2 = db_query("\n\t\t\t\tINSERT INTO issues (name, author, description, when_opened, when_updated, tags, severity)\n\t\t\t\tVALUES ('{$title}', {$_SESSION['uid']}, '{$description}', NOW(), NOW(), '{$tags}', '{$severity}')\n\t\t\t"); if ($query2) { echo '<p><b>Info:</b> Added issue successfully!</p>'; } else { echo mysql_error(); } $query2_id = mysql_insert_id(); echo '<br />'; $query3 = db_query("INSERT INTO log_issues (when_occured,userid,actiontype,issue) VALUES (NOW(), {$_SESSION['uid']}, 1, {$query2_id})"); if ($query3) { echo '<p><b>Info:</b> Logged successfully!</p>';
function ticket_comment_add($issue, $content, $return, $type = '') { // blargh global $client; // safety first $content = escape_smart($content); $type = escape_smart($type); // tracking $success = true; $message = ''; // we CAN post here, right? if ($client['is_logged']) { // yeah, like we're going to post a blank message... if (!hascharacters($content)) { $success = false; $message = 'You didn\'t put in any content to post.'; } else { // want to set a custom type? $typecolumn = ''; $typevalue = ''; if ($type != '') { $typecolumn = ",type"; $typevalue = ",'{$type}'"; } // and we're off! if (db_query("INSERT INTO comments (author,issue,content,when_posted{$typecolumn}) VALUES ({$_SESSION['uid']},'{$issue}','{$content}',NOW(){$typevalue})")) { if (!db_query("UPDATE issues SET num_comments=num_comments+1, when_updated=NOW() WHERE id='{$issue}'")) { $success = false; $message = 'Comment inserted successfully, however the comment count could not be updated.'; } } else { $success = false; $message = 'Could not insert the comment.'; } } } else { $success = false; $message = 'You do not have sufficient privileges to post the comment.'; } // and our work here is done! switch ($return) { case 'json': return array('success' => $success, 'message' => $message); break; case 'success': default: global $commenterr; $commenterr = $message; return $success; break; } }