include_once APP_INC_PATH . "class.auth.php";
include_once APP_INC_PATH . "class.user.php";
include_once APP_INC_PATH . "class.note.php";
include_once APP_INC_PATH . "db_access.php";
$tpl = new Template_API();
$tpl->setTemplate("post_note.tpl.html");
Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true);
$prj_id = Auth::getCurrentProject();
$usr_id = Auth::getUserID();
@($issue_id = $HTTP_GET_VARS["issue_id"] ? $HTTP_GET_VARS["issue_id"] : $HTTP_POST_VARS["issue_id"]);
$details = Issue::getDetails($issue_id);
$tpl->assign("issue_id", $issue_id);
$tpl->assign("issue", $details);
if (!Issue::canAccess($issue_id, $usr_id)) {
$tpl->setTemplate("permission_denied.tpl.html");
$tpl->displayTemplate();
exit;
}
if (@$HTTP_POST_VARS["cat"] == "post_note") {
// change status
if (!@empty($HTTP_POST_VARS['new_status'])) {
$res = Issue::setStatus($issue_id, $HTTP_POST_VARS['new_status']);
if ($res != -1) {
$new_status = Status::getStatusTitle($HTTP_POST_VARS['new_status']);
History::add($issue_id, $usr_id, History::getTypeID('status_changed'), "Status changed to '{$new_status}' by " . User::getFullName($usr_id));
}
}
$res = Note::insert($usr_id, $issue_id);
$tpl->assign("post_result", $res);
// enter the time tracking entry about this phone support entry
if (!empty($HTTP_POST_VARS['time_spent'])) {
