$admin = true;
} else {
$admin = false;
}
if (isset($_POST['action']) && $_POST['action'] == 'Delete' && $admin) {
$staff = new staff();
$staff->db_open();
$delete = $staff->delete_ticket($_GET['tid']);
if ($delete) {
header('Location: index.php');
} else {
$error = htmlspecialchars($staff->get_error(), ENT_QUOTES);
}
}
if (isset($_POST['action']) && $_POST['action'] == 'Close' && $admin) {
$close = $ticket->close_ticket($_GET['tid']);
if (!$close) {
$error = htmlspecialchars($staff->get_error(), ENT_QUOTES);
}
}
if (isset($_POST['action']) && $_POST['action'] == 'Open' && $admin) {
$open = $ticket->close_ticket($_GET['tid'], TRUE);
if (!$open) {
$error = htmlspecialchars($staff->get_error(), ENT_QUOTES);
}
}
if (isset($_POST['message'])) {
$reply = new reply();
$reply->db_open();
if (!($addreply = $reply->add_reply($tid, $_SESSION['uid'], $_POST['message'], $admin))) {
$newreplyerror = htmlspecialchars($reply->get_error(), ENT_QUOTES);
