* Main logic to handle requests
*/
if (count($_GET) == 1 && array_key_exists('token', $_GET)) {
showFirstAuthScreen();
} else {
if (count($_POST) == 0) {
showIntroPage();
} else {
if ($_POST['action'] == 'insert') {
handlePost();
} else {
if ($_POST['action'] == 'delete') {
handleDelete();
} else {
if ($_POST['action'] == 'delete_all') {
handleBatch();
} else {
if ($_POST['action'] == 'edit') {
showEditMenu();
} else {
if ($_POST['action'] == 'update') {
handleUpdate();
} else {
showIntroPage();
}
}
}
}
}
}
}
onTicketUpdate($DATA);
return $DATA;
}
// fetch the ticket id and check for permissions
$DATA = false;
$id =& $_REQUEST['id'];
if (empty($id) || !isTicketId($id)) {
$id = false;
} else {
$sql = "SELECT * FROM ticket WHERE id = " . $db->quote($id);
$DATA = $db->query($sql)->fetch();
if ($DATA === false || isTicketExpired($DATA) || !$auth["admin"] && $DATA["user_id"] != $auth["id"]) {
$DATA = false;
}
}
// handle update
if ($DATA) {
if (validateParams($ticketEditParams, $_POST)) {
// if update succeeds, return to listings
if (handleUpdate($id)) {
$DATA = false;
}
}
}
// resulting page
$src = array_key_exists(@$_REQUEST['src'], $pages) ? $_REQUEST['src'] : 'tlist';
if ($DATA === false) {
header("Location: " . tokenUrl($adminPath, array('a' => $src)));
} else {
include "edittickets.php";
}