File "tickets.php"
Full Path: /home/cananyalcin/public_html/core/module/admin/tickets.php
File size: 14.91 KB
MIME-type: text/x-php
Charset: utf-8
<?php
if( $user["access"]["tickets"] != 1 ):
header("Location:".site_url("admin"));
exit();
endif;
if( $_SESSION["client"]["data"] ):
$data = $_SESSION["client"]["data"];
foreach ($data as $key => $value) {
$$key = $value;
}
unset($_SESSION["client"]);
endif;
if( !route(2) ):
$page = 1;
elseif( is_numeric(route(2)) ):
$page = route(2);
elseif( !is_numeric(route(2)) ):
$action = route(2);
endif;
if( empty($action) ):
if( $_GET["search"] == "unread" && $_GET["search"] ):
$search = " client_new='2' ";
$count = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id WHERE {$search}");
$count -> execute(array());
$count = $count->rowCount();
$search = "WHERE {$search}";
$search_link = "?search=unread";
elseif( $_GET["search_type"] == "client" && $_GET["search_type"] && countRow(["table"=>"clients","where"=>["username"=>$_GET["search"]]]) ):
$search_where = $_GET["search_type"];
$search_word = urldecode($_GET["search"]);
$clients = $conn->prepare("SELECT client_id FROM clients WHERE username LIKE '%".$search_word."%' ");
$clients -> execute(array());
$clients = $clients->fetchAll(PDO::FETCH_ASSOC);
$id= "("; foreach ($clients as $client) { $id.=$client["client_id"].","; } if( substr($id,-1) == "," ): $id = substr($id,0,-1); endif; $id.=")";
$search = " tickets.client_id IN ".$id;
$count = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id WHERE {$search}");
$count -> execute(array());
$count = $count->rowCount();
$search = "WHERE {$search}";
$search_link = "?search=".$search_word."&search_type=".$search_where;
elseif( $_GET["status"] ):
$search = " status='".$_GET["status"]."' ";
$count = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id WHERE {$search}");
$count -> execute(array());
$count = $count->rowCount();
$search = "WHERE {$search}";
$search_link = "?status=".$_GET["status"];
elseif( $_GET["search"] && countRow(["table"=>"clients","where"=>["username"=>$_GET["search"]]]) ):
$search_where = $_GET["search_type"];
$search_word = urldecode($_GET["search"]);
$search = $search_where." LIKE '%".$search_word."%'";
$count = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id WHERE {$search}");
$count -> execute(array());
$count = $count->rowCount();
$search = "WHERE {$search}";
$search_link = "?search=".$search_word."&search_type=".$search_where;
else:
$count = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id");
$count ->execute(array());
$count = $count->rowCount();
endif;
$to = 50;
$pageCount = ceil($count/$to); if( $page > $pageCount ): $page = 1; endif;
$where = ($page*$to)-$to;
$paginationArr = ["count"=>$pageCount,"current"=>$page,"next"=>$page+1,"previous"=>$page-1];
$tickets = $conn->prepare("SELECT * FROM tickets INNER JOIN clients ON clients.client_id = tickets.client_id $search ORDER BY FIELD(status, 'pending', 'answered', 'closed'),lastupdate_time DESC LIMIT $where,$to ");
$tickets -> execute(array());
$tickets = $tickets->fetchAll(PDO::FETCH_ASSOC);
require admin_view('tickets');
elseif( route(2) == "read" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
if( $_POST ):
$message = $_POST["message"];
if( strlen($message) < 3 ):
$error = 1;
$errorText= "Your message must be at least 3 characters";
else:
$conn->beginTransaction();
$update = $conn->prepare("UPDATE tickets SET canmessage=:canmessage, status=:status, lastupdate_time=:time, support_new=:new WHERE ticket_id=:t_id ");
$update = $update->execute(array("t_id"=>route(3),"time"=>date("Y.m.d H:i:s"),"status"=>"answered","canmessage"=>2,"new"=>2 ));
$insert = $conn->prepare("INSERT INTO ticket_reply SET ticket_id=:t_id, time=:time, support=:support, message=:message ");
$insert = $insert->execute(array("t_id"=>route(3),"time"=>date("Y.m.d H:i:s"),"support"=>2,"message"=>$message));
if( $insert && $update ):
$conn->commit();
header("Location:".site_url("admin/tickets/read/".route(3)));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
$conn->rollBack();
header("Location:".site_url("admin/tickets/read/".route(3)));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif;
endif;
endif;
$update = $conn->prepare("UPDATE tickets SET client_new=:new WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"new"=>1 ));
$ticketMessage = $conn->prepare("SELECT ticket_reply.*,tickets.subject,tickets.client_new,tickets.support_new,tickets.status,tickets.canmessage,tickets.client_id,clients.username FROM ticket_reply INNER JOIN tickets ON ticket_reply.ticket_id = tickets.ticket_id INNER JOIN clients ON clients.client_id = tickets.client_id WHERE ticket_reply.ticket_id=:t_id ORDER BY ticket_reply.id DESC");
$ticketMessage-> execute(array("t_id"=>route(3) ));
$ticketMessage = $ticketMessage->fetchAll(PDO::FETCH_ASSOC);
require admin_view('tickets_read');
elseif( route(2) == "unread" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
$update = $conn->prepare("UPDATE tickets SET client_new=:new WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"new"=>2 ));
if( $update ):
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif;
elseif( route(2) == "lock" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
$update = $conn->prepare("UPDATE tickets SET canmessage=:can, client_new=:new WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"can"=>1,"new"=>1));
if( $update ):
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif;
elseif( route(2) == "unlock" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
$update = $conn->prepare("UPDATE tickets SET canmessage=:can WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"can"=>2,));
if( $update ):
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif; elseif( route(2) == "readed" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
$update = $conn->prepare("UPDATE tickets SET client_new=:new WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"new"=>1,));
if( $update ):
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif;
elseif( route(2) == "close" ):
if( !countRow(["table"=>"tickets","where"=>["ticket_id"=>route(3)]]) ): header("Location:".site_url("admin/tickets")); exit(); endif;
$update = $conn->prepare("UPDATE tickets SET status=:status, client_new=:new WHERE ticket_id=:t_id ");
$update->execute(array("t_id"=>route(3),"status"=>"closed","new"=>1));
if( $update ):
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
else:
header("Location:".site_url("admin/tickets"));
$_SESSION["client"]["data"]["error"] = 1;
$_SESSION["client"]["data"]["errorText"]= "Operation failed";
endif;
elseif( $action == "multi-action" ):
$tickets = $_POST["ticket"];
$action = $_POST["bulkStatus"];
if( $action == "unread" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET client_new=:new WHERE ticket_id=:id ");
$update->execute(array("new"=>2,"id"=>$id));
endforeach;
elseif( $action == "readed" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET client_new=:new WHERE ticket_id=:id ");
$update->execute(array("id"=>$id,"new"=>1));
endforeach;
elseif( $action == "lock" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET canmessage=:can, client_new=:new WHERE ticket_id=:id ");
$update->execute(array("can"=>1,"id"=>$id,"new"=>1));
endforeach;
elseif( $action == "unlock" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET canmessage=:can WHERE ticket_id=:id ");
$update->execute(array("can"=>2,"id"=>$id,));
endforeach;
elseif( $action == "close" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET status=:status, canmessage=:can, client_new=:new WHERE ticket_id=:id ");
$update->execute(array("status"=>"closed","id"=>$id,"can"=>2,"new"=>1));
endforeach;
elseif( $action == "pending" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET status=:status, canmessage=:can, WHERE ticket_id=:id ");
$update->execute(array("status"=>"pending","id"=>$id,"can"=>2));
endforeach;
elseif( $action == "answered" ):
foreach ($tickets as $id => $value):
$update = $conn->prepare("UPDATE tickets SET status=:status, canmessage=:can, client_new=:new WHERE ticket_id=:id ");
$update->execute(array("status"=>"answered","id"=>$id,"can"=>2,"new"=>1));
endforeach;
endif;
header("Location:".site_url("admin/tickets"));
elseif( $action == "new" ):
if( $_POST ):
foreach ($_POST as $key => $value) {
$$key = $value;
}
$userRow = $conn->prepare("SELECT * FROM clients WHERE username=:username ");
$userRow ->execute(array("username"=>$username));
$userDetail = $userRow->fetch(PDO::FETCH_ASSOC);
if( !$userRow->rowCount() ):
$error = 1;
$errorText= "User not found";
$icon = "error";
elseif( empty($subject) ):
$error = 1;
$errorText= "Subject cannot be empty";
$icon = "error";
elseif( empty($message) ):
$error = 1;
$errorText= "Message cannot be empty";
$icon = "error";
else:
$conn->beginTransaction();
$insert = $conn->prepare("INSERT INTO tickets SET client_id=:c_id, subject=:subject, support_new=:support_new, client_new=:client_new, time=:time, lastupdate_time=:last_time ");
$insert = $insert->execute(array("c_id"=>$userDetail["client_id"],"subject"=>$subject,"support_new"=>2,"client_new"=>1,"time"=>date("Y.m.d H:i:s"),"last_time"=>date("Y.m.d H:i:s") ));
if( $insert ){ $ticket_id = $conn->lastInsertId(); }
$insert2= $conn->prepare("INSERT INTO ticket_reply SET ticket_id=:t_id, client_id=:c_id, support=:support, message=:message, time=:time ");
$insert2= $insert2->execute(array("t_id"=>$ticket_id,"c_id"=>$user["client_id"],"support"=>2,"message"=>$message,"time"=>date("Y.m.d H:i:s")));
if( $insert && $insert2 ):
$conn->commit();
$referrer = site_url("admin/tickets");
$error = 1;
$errorText= "Transaction successful";
$icon = "success";
else:
$conn->rollBack();
$error = 1;
$errorText= "Operation failed";
$icon = "error";
endif;
endif;
echo json_encode(["t"=>"error","m"=>$errorText,"s"=>$icon,"r"=>$referrer]);
endif;
elseif( $action == "edit" ):
if( $_POST ):
foreach ($_POST as $key => $value) {
$$key = $value;
}
if( empty($description) ):
$error = 1;
$errorText= "Message cannot be empty";
$icon = "error";
else:
$conn->beginTransaction();
$update = $conn->prepare("UPDATE ticket_reply SET message=:message WHERE id=:id ");
$update->execute(array("id"=>route(3),"message"=>$description));
if( $update ):
$conn->commit();
$error = 1;
$errorText= "Transaction successful";
$icon = "success";
else:
$conn->rollBack();
$error = 1;
$errorText= "Operation failed";
$icon = "error";
endif;
endif;
echo json_encode(["t"=>"error","m"=>$errorText,"s"=>$icon,"r"=>$referrer]);
endif;
endif;
if(route(2) == "delete"):
$id = route(3);
$id2 = route(4);
$delete = $conn->prepare("DELETE FROM ticket_reply WHERE id=:id ");
$delete->execute(array("id"=>$id));
$_SESSION["client"]["data"]["success"] = 1;
$_SESSION["client"]["data"]["successText"]= "Transaction successful";
header("Location:".site_url("admin/tickets/read/".$id2));
endif;