AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Client Portal Tickets - Show category field, tidy the perms check

This commit is contained in:
wrongecho 2025-02-05 10:21:06 +00:00
parent 1bbf7c7662
commit b147bc46cf
3 changed files with 59 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
client/post.php
View File

@ -14,6 +14,7 @@ if (isset($_POST['add_ticket'])) {
$subject = sanitizeInput($_POST['subject']);
$details = mysqli_real_escape_string($mysqli, ($_POST['details']));
$category = intval($_POST['category']);
// Get settings from get_settings.php
$config_ticket_prefix = sanitizeInput($config_ticket_prefix);
@ -37,7 +38,7 @@ if (isset($_POST['add_ticket'])) {
$new_config_ticket_next_number = $config_ticket_next_number + 1;
mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_category = $category, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id");
$ticket_id = mysqli_insert_id($mysqli);
// Notify agent DL of the new ticket, if populated with a valid email

34
client/ticket.php
View File

@ -19,25 +19,21 @@ $allowed_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', '
if (isset($_GET['id']) && intval($_GET['id'])) {
$ticket_id = intval($_GET['id']);
$ticket_contact_snippet = "AND ticket_contact_id = $session_contact_id";
// Bypass ticket contact being session_id for a primary / technical contact viewing all tickets
if ($session_contact_primary == 1 || $session_contact_is_technical_contact) {
// For a primary / technical contact viewing all tickets
$ticket_sql = mysqli_query($mysqli,
"SELECT * FROM tickets
LEFT JOIN users on ticket_assigned_to = user_id
LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id"
);
} else {
// For a user viewing their own ticket
$ticket_sql = mysqli_query($mysqli,
"SELECT * FROM tickets
LEFT JOIN users on ticket_assigned_to = user_id
LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id AND ticket_contact_id = $session_contact_id"
);
$ticket_contact_snippet = '';
}
$ticket_sql = mysqli_query($mysqli,
"SELECT * FROM tickets
LEFT JOIN users on ticket_assigned_to = user_id
LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
LEFT JOIN categories ON ticket_category = category_id
WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id
$ticket_contact_snippet"
);
$ticket_row = mysqli_fetch_array($ticket_sql);
if ($ticket_row) {
@ -52,6 +48,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
$ticket_resolved_at = nullable_htmlentities($ticket_row['ticket_resolved_at']);
$ticket_closed_at = nullable_htmlentities($ticket_row['ticket_closed_at']);
$ticket_feedback = nullable_htmlentities($ticket_row['ticket_feedback']);
$ticket_category = nullable_htmlentities($ticket_row['category_name']);
// Get Ticket Attachments (not associated with a specific reply)
$sql_ticket_attachments = mysqli_query(
@ -98,10 +95,12 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
<div class="card-body prettyContent">
<h5><strong>Subject:</strong> <?php echo $ticket_subject ?></h5>
<hr>
<p>
<strong>State:</strong> <?php echo $ticket_status ?><br>
<strong>Priority:</strong> <?php echo $ticket_priority ?><br>
<?php if (!empty($ticket_category)) { ?>
<strong>Category:</strong> <?php echo $ticket_category ?><br>
<?php } ?>
<?php if (empty($ticket_closed_at)) { ?>
@ -116,6 +115,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
<?php } ?>
</p>
<hr>
<?php echo $ticket_details ?>
<?php

50
client/ticket_add.php
View File

@ -33,20 +33,50 @@ require_once 'includes/inc_all.php';
</div>
</div>
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
<div class="row">
<div class="col">
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
</div>
<select class="form-control select2" name="priority" required>
<option>Low</option>
<option>Medium</option>
<option>High</option>
</select>
</div>
</div>
<select class="form-control select2" name="priority" required>
<option>Low</option>
<option>Medium</option>
<option>High</option>
</select>
</div>
<div class="col">
<div class="form-group">
<label>Category</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-layer-group"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="0">- No Category -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php } ?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Details <strong class="text-danger">*</strong></label>
<textarea class="form-control tinymce" name="details"></textarea>