diff --git a/client/post.php b/client/post.php index 01dc88b5..4dff9ee9 100644 --- a/client/post.php +++ b/client/post.php @@ -14,6 +14,7 @@ if (isset($_POST['add_ticket'])) { $subject = sanitizeInput($_POST['subject']); $details = mysqli_real_escape_string($mysqli, ($_POST['details'])); + $category = intval($_POST['category']); // Get settings from get_settings.php $config_ticket_prefix = sanitizeInput($config_ticket_prefix); @@ -37,7 +38,7 @@ if (isset($_POST['add_ticket'])) { $new_config_ticket_next_number = $config_ticket_next_number + 1; mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id"); + mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_category = $category, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id"); $ticket_id = mysqli_insert_id($mysqli); // Notify agent DL of the new ticket, if populated with a valid email diff --git a/client/ticket.php b/client/ticket.php index 2373031c..58955d0e 100644 --- a/client/ticket.php +++ b/client/ticket.php @@ -19,25 +19,21 @@ $allowed_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', ' if (isset($_GET['id']) && intval($_GET['id'])) { $ticket_id = intval($_GET['id']); + $ticket_contact_snippet = "AND ticket_contact_id = $session_contact_id"; + // Bypass ticket contact being session_id for a primary / technical contact viewing all tickets if ($session_contact_primary == 1 || $session_contact_is_technical_contact) { - // For a primary / technical contact viewing all tickets - $ticket_sql = mysqli_query($mysqli, - "SELECT * FROM tickets - LEFT JOIN users on ticket_assigned_to = user_id - LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id - WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id" - ); - - } else { - // For a user viewing their own ticket - $ticket_sql = mysqli_query($mysqli, - "SELECT * FROM tickets - LEFT JOIN users on ticket_assigned_to = user_id - LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id - WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id AND ticket_contact_id = $session_contact_id" - ); + $ticket_contact_snippet = ''; } + $ticket_sql = mysqli_query($mysqli, + "SELECT * FROM tickets + LEFT JOIN users on ticket_assigned_to = user_id + LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id + LEFT JOIN categories ON ticket_category = category_id + WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id + $ticket_contact_snippet" + ); + $ticket_row = mysqli_fetch_array($ticket_sql); if ($ticket_row) { @@ -52,6 +48,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) { $ticket_resolved_at = nullable_htmlentities($ticket_row['ticket_resolved_at']); $ticket_closed_at = nullable_htmlentities($ticket_row['ticket_closed_at']); $ticket_feedback = nullable_htmlentities($ticket_row['ticket_feedback']); + $ticket_category = nullable_htmlentities($ticket_row['category_name']); // Get Ticket Attachments (not associated with a specific reply) $sql_ticket_attachments = mysqli_query( @@ -98,10 +95,12 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
Subject:
-

State:
Priority:
+ + Category:
+ @@ -116,6 +115,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {

+
-
- -
-
- +
+
+
+ +
+
+ +
+ +
- +
+ +
+
+ +
+
+ +
+ +
+
+ +