try { $DBH = new PDO("mysql:host={$Hostname};dbname={$DatabaseName}", $Username, $Password); $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "UPDATE " . $SupportTicketsTable . " SET website=?,contype=?,ftp_user=?,ftp_password=?,enc_key=? WHERE id=? LIMIT 1"; $STH = $DBH->prepare($query); $STH->bindParam(1, $_POST['website'], PDO::PARAM_STR); $STH->bindParam(2, $_POST['contype'], PDO::PARAM_STR); $STH->bindParam(3, $_POST['user'], PDO::PARAM_STR); $STH->bindParam(4, $_POST['pass'], PDO::PARAM_STR); $STH->bindParam(5, $key, PDO::PARAM_STR); $STH->bindParam(6, $_POST['id'], PDO::PARAM_INT); $STH->execute(); header('Content-Type: application/json; charset=utf-8'); echo json_encode(array(0 => 'Updated')); } catch (PDOException $e) { file_put_contents('PDOErrors', "File: " . $e->getFile() . ' on line ' . $e->getLine() . "\nError: " . $e->getMessage() . "\n", FILE_APPEND); $DBH = null; header('Content-Type: application/json; charset=utf-8'); echo json_encode(array(0 => 'We are sorry, but an error has occurred, please contact the administrator if it persist')); } exit; } else { if ($_POST[$_SESSION['token']['act']] == 'update_ticket_supporttime' && isset($_SESSION['status']) && ($_SESSION['status'] == 1 || $_SESSION['status'] == 2)) { $_POST['id'] = trim(preg_replace('/\\s+/', '', $_POST['id'])); if (!preg_match('/^[0-9]{1,15}$/', $_POST['id'])) { header('Content-Type: application/json; charset=utf-8'); echo json_encode(array(0 => 'Invalid ID')); exit; } if (!isset($_SESSION['tickets'][$_POST['id']]['id'])) { header('Content-Type: application/json; charset=utf-8');