$project_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_project'])) { validateTechRole(); $project_id = intval($_POST['project_id']); $project_name = sanitizeInput($_POST['name']); $project_description = sanitizeInput($_POST['description']); $due_date = sanitizeInput($_POST['due_date']); $client_id = intval($_POST['client_id']); mysqli_query($mysqli, "UPDATE projects SET project_name = '$project_name', project_description = '$project_description', project_due = '$due_date' WHERE project_id = $project_id"); // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project', log_action = 'Edit', log_description = '$session_name edited project $project_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $project_id"); $_SESSION['alert_message'] = "You edited Project $project_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['close_project'])) { validateTechRole(); $project_id = intval($_GET['close_project']); // Get Project Name and client id for logging $sql = mysqli_query($mysqli, "SELECT * FROM projects WHERE project_id = $project_id"); $row = mysqli_fetch_array($sql); $client_id = intval($row['project_client_id']); $project_name = sanitizeInput($row['project_name']); mysqli_query($mysqli, "UPDATE projects SET project_completed_at = NOW() WHERE project_id = $project_id"); // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project', log_action = 'Close', log_description = '$session_name closed project $project_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $project_id"); $_SESSION['alert_message'] = "You closed Project $project_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['delete_project'])) { validateTechRole(); $project_id = intval($_GET['delete_project']); // Get Client ID $sql = mysqli_query($mysqli, "SELECT * FROM projects WHERE project_id = $project_id"); $row = mysqli_fetch_array($sql); $client_id = intval($row['project_client_id']); $project_name = sanitizeInput($row['project_name']); mysqli_query($mysqli, "DELETE FROM projects WHERE project_id = $project_id"); // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Projects', log_action = 'Delete', log_description = '$session_name deleted project $project_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $project_id"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "You Deleted Project $project_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['add_project_ticket'])) { validateTechRole(); $project_id = intval($_POST['project_id']); $ticket_id = intval($_POST['ticket_id']); // Get Project Name $sql = mysqli_query($mysqli, "SELECT * FROM projects WHERE project_id = $project_id"); $row = mysqli_fetch_array($sql); $client_id = intval($row['project_client_id']); $project_name = sanitizeInput($row['project_name']); // Get Ticket Info $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_project_id = $project_id"); $row = mysqli_fetch_array($sql); $ticket_subject = sanitizeInput($row['ticket_subject']); mysqli_query($mysqli, "UPDATE tickets SET ticket_project_id = $project_id WHERE ticket_id = $ticket_id"); // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project', log_action = 'Edit', log_description = '$session_name added a ticket $ticket_subject to project $project_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $project_id"); $_SESSION['alert_message'] = "You added Ticket $ticket_subject to $project_name"; header("Location: " . $_SERVER["HTTP_REFERER"]); }