?> <table width="100%" cellspacing="2" align="center"> <!-- ticket head --> <tr> <th width="78%" nowrap='nowrap'><strong><?php echo format_user($creator); ?> </strong> - <?php echo $date; ?> </th> <td style="text-align:left; padding-left:3px;"> <?php /* Check permissions to delete a ticket*/ if ($i == count($tickets_list) - 1 && Incident_ticket::user_tickets_perms($conn, $ticket_id)) { ?> <input type="button" name="deleteticket" class="lbutton" value="<?php echo _("Delete ticket"); ?> " onclick="delete_comment('<?php echo $ticket_id; ?> ', '<?php echo $id; ?> ')"/> <?php } ?>
'; </script> <?php $db->close(); exit; } } } } elseif ($action == 'delete_ticket') { $incident_id = $_POST['incident_id'] = GET('incident_id'); $ticket_id = $_POST['ticket_id'] = GET('ticket_id'); $validate = array('incident_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Incident ID')), 'ticket_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Ticket ID'))); $validation_errors = validate_form_fields('POST', $validate); if (is_array($validation_errors) && empty($validation_errors)) { if (!Incident_ticket::user_tickets_perms($conn, $ticket_id) || !Incident::user_incident_perms($conn, $incident_id, 'show')) { $validation_errors['extended_validatation'] = _('You are not allowed to delete this ticket because you are neither *admin* or the ticket owner'); } } if (POST('ajax_validation_all') == TRUE) { $data['data'] = $validation_errors; if (is_array($validation_errors) && !empty($validation_errors)) { $data['status'] = 'error'; echo json_encode($data); } else { $data['status'] = 'OK'; echo json_encode($data); } exit; } else { if (is_array($validation_errors) && !empty($validation_errors)) {
die_error(); } if (intval(POST('nohmenu')) == 1) { header("Location: incident.php?id={$id}&edit={$edit}&nohmenu=1"); } else { header("Location: incident.php?id={$id}&edit={$edit}"); } exit; } /* Remove a ticket */ if ($action == 'delticket') { if (!GET('ticket_id')) { die("Invalid Ticket ID"); } // Only admin, entity admin and ticket owner if (!Incident_ticket::user_tickets_perms($conn, GET('ticket_id'))) { die_error(_("You are not allowed to delete this ticket because you are neither *admin* or the ticket owner")); } Incident_ticket::delete($conn, GET('ticket_id')); if (intval(POST('nohmenu')) == 1) { header("Location: incident.php?id={$id}&edit={$edit}&nohmenu=1"); } else { header("Location: incident.php?id={$id}&edit={$edit}"); } exit; } /* Remove an incident */ if ($action == 'delincident') { // Only admin, entity admin and ticket owner if (!Incident::user_incident_perms($conn, $id, $action)) { die_error(_("You are not allowed to delete this incident because you are neither *admin* or the ticket owner"));