From fc3b83d43a258e907e1f819899c447e3f36bea69 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Wed, 11 May 2022 20:27:18 +0100
Subject: [PATCH] Allow for tickets to be unassigned after being assigned to an
 agent. Hide accountants from ticket assignment list on ticket.php.

---
 post.php   | 27 +++++++++++++++++----------
 ticket.php |  8 ++++++--
 2 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/post.php b/post.php
index 97533a29..601813c5 100644
--- a/post.php
+++ b/post.php
@@ -5809,16 +5809,23 @@ if(isset($_POST['assign_ticket'])){
     $ticket_id = intval($_POST['ticket_id']);
     $assigned_to = intval($_POST['assigned_to']);
 
-    // Get & verify assigned agent details
-    $agent_details_sql = mysqli_query($mysqli, "SELECT user_name FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = '$assigned_to' AND user_settings.user_role > 1");
-    $agent_details = mysqli_fetch_array($agent_details_sql);
-    $agent_name = $agent_details['user_name'];
+    // Allow for un-assigning tickets
+    if($assigned_to == 0){
+      $ticket_reply = "Ticket unassigned.";
 
-    if(!$agent_name){
-      $_SESSION['alert_type'] = "danger";
-      $_SESSION['alert_message'] = "Invalid agent!";
-      header("Location: " . $_SERVER["HTTP_REFERER"]);
-      exit();
+    } else {
+      // Get & verify assigned agent details
+      $agent_details_sql = mysqli_query($mysqli, "SELECT user_name FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = '$assigned_to' AND user_settings.user_role > 1");
+      $agent_details = mysqli_fetch_array($agent_details_sql);
+      $agent_name = $agent_details['user_name'];
+      $ticket_reply = "Ticket re-assigned to $agent_details[user_name].";
+
+      if(!$agent_name){
+        $_SESSION['alert_type'] = "danger";
+        $_SESSION['alert_message'] = "Invalid agent!";
+        header("Location: " . $_SERVER["HTTP_REFERER"]);
+        exit();
+      }
     }
 
     // Get & verify ticket details
@@ -5836,7 +5843,7 @@ if(isset($_POST['assign_ticket'])){
     // Update ticket & insert reply
     mysqli_query($mysqli,"UPDATE tickets SET ticket_assigned_to = $assigned_to WHERE ticket_id = $ticket_id AND company_id = $session_company_id");
 
-    mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = 'Ticket re-assigned to $agent_name', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id, company_id = $session_company_id") or die(mysqli_error($mysqli));
+    mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id, company_id = $session_company_id") or die(mysqli_error($mysqli));
 
     // Logging
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$ticket_subject reassigned to $agent_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent',  company_id = $session_company_id, log_user_id = $session_user_id");
diff --git a/ticket.php b/ticket.php
index 36245b3b..9f022e10 100644
--- a/ticket.php
+++ b/ticket.php
@@ -557,10 +557,14 @@ if(isset($_GET['ticket_id'])){
             <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
           </div>
           <select class="form-control select2" name="assigned_to" <?php if($ticket_status == "Closed") {echo "disabled";} ?>>
-            <option value="">Not Assigned</option>
+            <option value="0">Not Assigned</option>
             <?php
 
-            $sql_assign_to_select = mysqli_query($mysqli,"SELECT * FROM users, user_companies WHERE users.user_id = user_companies.user_id AND user_companies.company_id = $session_company_id AND user_archived_at IS NULL ORDER BY user_name ASC");
+            $sql_assign_to_select = mysqli_query($mysqli,"SELECT users.user_id, user_name FROM users
+                                                                LEFT JOIN user_companies ON users.user_id = user_companies.user_id
+                                                                LEFT JOIN user_settings on users.user_id = user_settings.user_id
+                                                                WHERE user_companies.company_id = $session_company_id 
+                                                                AND user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC");
             while($row = mysqli_fetch_array($sql_assign_to_select)){
               $user_id = $row['user_id'];
               $user_name = $row['user_name'];