Location: PHPKode > projects > PHPX3 > phpx-3.5.16/includes/tickets.inc.php
<?php
#$Id: tickets.inc.php,v 1.6 2004/12/17 04:11:39 ryan Exp $
require_once("includes/text.inc.php");
class ticketsModule {

    function ticketsModule($parent){
        $this->action = $_GET['action'];
        $this->core = $parent->core;
        $this->textArray = $parent->textArray;
        $this->user_id = $parent->user_id;
        $this->templates = $this->core->templates;
        list($admin) = $this->core->db->fetch_row($this->core->db->query("select tickets from users where user_id = '$this->user_id'"));
        $this->admin = $admin;

        if ($this->core->db->dbCall("tickets") != 1){ $this->body = $this->textArray['Tickets are currently offline']; }
        else if (!$_COOKIE[PXL]){ $this->body = $this->core->login(0, "tickets.php"); }
        else if ($this->admin == 0){ $this->body = $this->textArray['Unauthorized']; }
        else {

            switch($this->action){
                case create:
                    $this->title = $this->textArray['Create Ticket'];
                    $this->createTicket();
                    break;

                case modify:
                    $this->title = $this->textArray['Modify Ticket'];
                    $this->modifyTicket();
                    break;

                case delete:
                    $this->deleteTicket();
                    break;

                case comment:
                    $this->title = $this->textArray['Add Comment'];
                    $this->addComment();
                    break;

                case deleteComment:
                    $this->deleteComment();
                    break;

                case search:
                    $this->title = $this->textArray['Ticket Search'];
                    $this->ticketSearch();
                    break;

                case view:
                    $this->title = $this->textArray['View Ticket'];
                    $this->viewTicket();
                    break;

                default:
                    $this->title = $this->textArray['Tickets'];
                    $this->ticketsHome();
            }
        }
    }

    function viewTicket(){
        if (!$_GET[ticket_id]){ die("Failed to Initialize Ticket Module"); }
        list($cc) = $this->core->db->fetch_row($this->core->db->query("select count(*) from tickets where ticket_id = '$_GET[ticket_id]'"));
        if ($cc == 0){ $this->body = $this->textArray['Unknown Ticket ID']; }
        else {

            $dateFormat = $this->core->db->dbCall("dateFormat") . " H:i";

            $sql = "select c.ticket_cat_name, p.pri_name, s.status_name, t.opened_date, t.closed_date, t.ticket_subject, t.ticket_issue, concat(u.first_name, ' ', u.last_name) as open, concat(u1.first_name, ' ', u1.last_name) as assign, t.all_search from tickets t, tickets_cat c, pri p, status s, users u, users u1 where t.ticket_id = '$_GET[ticket_id]' and u.user_id = t.opened_by and u1.user_id = t.assigned_to and t.ticket_cat_id = c.ticket_cat_id and t.pri_id = p.pri_id and s.status_id = t.status_id";
            list($cat, $pri, $status, $opened, $closed, $subject, $issue, $open, $assign, $search) = $this->core->db->fetch_row($this->core->db->query($sql));

            $opened = date($dateFormat, $this->core->global->getTime($opened));

            $result = $this->core->db->query("select concat(u.first_name, ' ', u.last_name) as name from users u, tickets_notify n, tickets t where n.ticket_id = '$_GET[ticket_id]' and u.user_id = n.user_id and u.user_id != t.assigned_to and u.user_id != t.opened_by and t.ticket_id = '$_GET[ticket_id]' order by name") or die(mysql_error());
            while(list($name) = $this->core->db->fetch_row($result)){
                $notify .= $name . ", ";
            }
            $filter = array("No", "Yes");
            $text = "<table border=0 cellpadding=2 cellspacing=2 id=box>";
            $text .= "<tr><td id=boxCell-bold width=150>" . $this->textArray['Ticket Category'] . " : </td><td id=boxCell>$cat</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Priority'] . " : </td><td id=boxCell>$pri</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Status'] . " : </td><td id=boxCell>$status</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Opened By'] . " : </td><td id=boxCell>$open</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Assigned'] . " : </td><td id=boxCell>$assign</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Opened Date'] . " : </td><td id=boxCell>$opened</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Allow All Search'] . " : </td><td id=boxCell>" . $this->textArray[$filter[$search]] . "</td></tr>";
            if ($closed != 0){
                $closed = date($dateFormat, $this->core->global->getTime($closed));
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Closed Date'] . " : </td><td id=boxCell>$closed</td></tr>";
            }

            if ($notify){
                $notify = substr($notify, 0, -2);
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Notify List'] . " : </td><td id=boxCell>$notify</td></tr>";
            }
            $text .= "<tr><td id=boxCell colspan=2>&nbsp;</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Subject'] . " : </td><td id=boxCell>$subject</td></tr>";
            $text .= "<tr><td id=boxCell colspan=2>" . $issue . "</td></tr>";
            $text .= "</table>";

            if ($this->admin == 3){
                $key = $this->core->key;
                $text .= "<br><br><table border=0 cellpadding=2 cellspacing=2 id=box>";
                $text .= "<tr><td id=boxCell>";
                $text .= "<input type=button value='" . $this->textArray['Modify Ticket'] . "' onclick=goToURL('tickets.php?action=modify&ticket_id=$_GET[ticket_id]')> ";
                $text .= "<input type=button value='" . $this->textArray['Delete Ticket'] . "' onclick=confirmDelete('tickets.php?action=delete&ticket_id=$_GET[ticket_id]&auth=$key')>";
                $text .= "</td></tr></table>";
            }

            $text .= "<br><br>";
            $title = $this->textArray['View Ticket'];
            $insert = $text;
            include("$this->templates/files/box.tpl.php");

            $text .= $this->viewComments($key);
            $this->body = $text;
        }

    }

    function viewComments($key){
        $dateFormat = $this->core->db->dbCall("dateFormat") . " H:i";

        list($assign, $open, $pri, $status, $search) = $this->core->db->fetch_row($this->core->db->query("select assigned_to, opened_by, pri_id, status_id, all_search from tickets where ticket_id = '$_GET[ticket_id]'"));
        $text = "<table border=0 cellpadding=2 cellspacing=2 id=box>";
        if ($this->user_id == $assign || $this->user_id = $open || $this->admin == 3){
            $text .= "<tr><td id=boxCell><input type=button value='" . $this->textArray['Add Comment'] . "' onClick=displaySubs('tickets')></td></tr>";
            $text .= "<tr><td id=boxCell>";
            $text .= "<div id=\"tickets\" style=\"display:none;\">";
            $text .= "<form method=post action=tickets.php?action=comment>";
            $text .= "<input type=hidden name=ticket_id value=$_GET[ticket_id]>";
            $text .= "<table border=0 cellpadding=2 cellspacing=2 id=box-400>";
            $text .= "<tr><td id=boxTitleLeft colspan=2>" . $this->textArray['Add Comment'] . "</td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Priority'] . " : </td><td id=boxCell>" . $this->createDropDown("pri_id", $pri) . " </td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Status'] . " : </td><td id=boxCell>" . $this->createDropDown("status_id", $status) . " </td></tr>";
            if ($this->admin == 3 || $this->user_id == $assign){ $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Allow All Search'] . " : </td><td id=boxCell>" . $this->createDropDown("all_search", $search) . " </td></tr>"; }
            if ($this->admin == 3){
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Assigned'] . " : </td><td id=boxCell>" . $this->createUserList("assign", $assign) . " </td></tr>";
            }
            else { $text .= "<input type=hidden name=assign value=$assign>"; }
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Comment'] . " : </td><td id=boxCell><textarea name=comment rows=12 cols=43></textarea> </td></tr>";
            $text .= "<tr><td id=boxCell colspan=2 align=center><input type=submit value='" . $this->textArray['Add Comment'] . "'></form></td></tr>";
            $text .= "</table>";
            $text .= "</div></td></tr>";

        }
        $text .= "</table>";
        require_once("includes/formscript.inc.php");
        $text .= $formScript;
        $result = $this->core->db->query("select c.ticket_comment_id, c.date, concat(u.first_name, ' ', u.last_name), c.comment from tickets_comments c, users u where u.user_id = c.user_id and c.ticket_id = '$_GET[ticket_id]' order by c.date asc");
        while(list($comment_id, $date, $user, $comment) = $this->core->db->fetch_row($result)){

            $text .= "<br>";
            $text .= "<table border=0 cellpadding=2 cellspacing=0 id=box-invis width=95%>";
            $text .= "<tr><td id=boxTitleLeft>$user - <span id=smallText>" . date($dateFormat, $this->core->global->getTime($date)) . "</span></td></tr>";
            $text .= "<tr><td id=boxCell>" . $comment . "</td></tr>";
            if ($this->admin == 3){ $text .= "<tr><td id=boxCell><a class=links href=javascript:confirmDelete('tickets.php?action=deleteComment&auth=$key&comment_id=$comment_id&ticket_id=$_GET[ticket_id]')>" . $this->textArray['Delete Comment'] . "</a></td></tr>"; }
            $text .= "</table>";
        }
        $title = $this->textArray['Comments'];
        $insert = $text;
        include("$this->templates/files/box.tpl.php");
        return $text;
    }

    function createUserList($name, $default=''){
        if ($name == "assign"){
            $result = $this->core->db->query("select user_id, concat(first_name, ' ', last_name) from users where tickets > '1' order by username");
            if ($default == ''){ list($default) = $this->core->db->fetch_row($this->core->db->query("select trend_id from tickets_trend where user_id = '$this->user_id' and item_trend = 'assign' order by count desc limit 0,1")); }
            $text = "<select name=assign>";
            while(list($user_id, $username) = $this->core->db->fetch_row($result)){
                if ($user_id == $default){ $s = "selected"; }
                else { $s = ''; }
                $text .= "<option value=$user_id $s>$username</option>";
            }
            $text .= "</select>";
        }
        else {
            if ($default == ''){ $default = array(); }
            $result = $this->core->db->query("select user_id, username from users where tickets > '1' and user_id != '$this->user_id' order by username");
            $text = "<select name=notify[] size=10 multiple>";
            while(list($user_id, $username) = $this->core->db->fetch_row($result)){
                if (in_array($user_id, $default)){ $s = "selected"; }
                else { $s = ''; }
                $text .= "<option value=$user_id $s>$username</option>";
            }
            $text .= "</select>";
            if (!$s){ $text = ''; }
        }
        return $text;
    }

    function createDropDown($name, $default=''){

        $text = "<select name=$name>";

        switch($name){
            case ticket_cat_id:
                $sql = "select ticket_cat_id, ticket_cat_name from tickets_cat order by ticket_cat_name";
                break;

            case pri_id:
                $sql = "select pri_id, pri_name from pri order by pri_id";
                break;

            case status_id:
                $sql = "select status_id, status_name from status where status_id in ('2', '4', '8') order by status_name";
                break;

            default:
                break;
        }
        if ($default == ''){ list($default) = $this->core->db->fetch_row($this->core->db->query("select trend_id from tickets_trend where user_id = '$this->user_id' and item_trend = '$name' order by count desc limit 0,1")); }

        if ($sql){
            $result = $this->core->db->query($sql);
            while(list($id, $n) = $this->core->db->fetch_row($result)){
                if ($id == $default){ $s = "selected"; }
                else { $s = '' ; }
                $text .= "<option value=$id $s>$n</option>";
            }
        }
        else {
            $ch = array("No", "Yes");
            foreach(array_keys($ch) as $c){
                if ($c == $default){ $s = "selected"; }
                else { $s = ''; }
                $text .= "<option value=$c $s>" . $this->textArray[$ch[$c]] . "</option>";
            }
        }
        $text .= "</select>";
        return $text;

    }

    function ticketTrend($trend_name, $trend_id){

        list($count) = $this->core->db->fetch_row($this->core->db->query("select count(*) from tickets_trend where item_trend = '$trend_name' and trend_id = '$trend_id' and user_id = '$this->user_id'"));
        if ($count == 1){
            $this->core->db->query("update tickets_trend set count = count + 1 where user_id = '$this->user_id' and item_trend = '$trend_name' and trend_id = '$trend_id'");
        }
        else {
            $this->core->db->query("insert into tickets_trend values ('$trend_name', '$trend_id', '$this->user_id', '1')");
        }
    }


    function createTicket(){
        if ($_POST[confirm] == 1){
            if ($this->admin == 2){ $assign = $this->user_id; }
            else if ($this->admin == 1){ $assgin = $this->core->db->dbCall("default_ticket_user"); }
            else { $assign = $_POST[assign]; }

            $subject = $this->core->global->convertText($_POST[subject], 1);
            $issue = $this->core->global->convertHTML($_POST[issue], 1);


            $date = $this->core->global->getTime(time(),1);


            $this->core->db->query("insert into tickets values ('', '$_POST[ticket_cat_id]', '$_POST[pri_id]', '8', '$date', '', '$subject', '$issue', '$this->user_id', '$assign', 0)");
            $ticket_id = $this->core->db->insert_id();
            $this->ticketTrend("pri_id", $_POST[pri_id]);
            $this->ticketTrend("assign", $assign);
            $this->ticketTrend("ticket_cat_id", $_POST[ticket_cat_id]);

            $notify = $_POST[notify];
            $notify[] = $this->user_id;
            $notify[] = $assign;
            $this->ticketNotify($ticket_id, $notify, $this->textArray['Ticket Created']);

            header("Location: tickets.php?action=view&ticket_id=$ticket_id");
        }
        else {
            $text = "<table border=0 cellpadding=2 cellspacing=2 id=box>";
            $text .= "<form method=post action=tickets.php?action=create onsubmit=\"return validateForm(this)\">";
            $text .= "<input type=hidden name=confirm value=1>";
            require_once("includes/formscript.inc.php");
            $text .= $formScript;
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Ticket Category'] . " : </td><td id=boxCell>" . $this->createDropDown("ticket_cat_id") . "  </td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Priority'] . " : </td><td id=boxCell>" . $this->createDropDown("pri_id") . " </td></tr>";
            if ($this->admin == 3){
                //$text .= "<tr><td id=boxCell-bold>" . $this->textArray['Status'] . " : </td><td id=boxCell>" . $this->createDropDown("status_id") . " </td></tr>";
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Assigned'] . " : </td><td id=boxCell>" . $this->createUserList("assign") . " </td></tr>";
            }
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Subject'] . " : </td><td id=boxCell><input type=text size=40 name=subject value=''></td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Issue'] . " : </td><td id=boxCell><textarea name=issue rows=12 cols=43></textarea> </td></tr>";
            $notify = $this->createUserList("notify");
            if ($notify != ''){ $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Notify List'] . " : </td><td id=boxCell>$notify</td></tr>"; }

            $text .= "<tr><td id=boxCell-center colspan=2><input type=submit value='" . $this->textArray['Create Ticket'] . "'></form></td></tr>";
            $text .= "</table>";
            $text .= "<script Language=JavaScript>";
            $text .= "function validateForm(theForm)";
            $text .= "{";
            $text .= "    if (!validRequired(theForm.issue,'" . $this->textArray['Issue'] . "'))";
            $text .= "        return false;";
            $text .= "    if (!validRequired(theForm.subject,'" . $this->textArray['Subject'] . "'))";
            $text .= "        return false;";
            $text .= "    return true;";
            $text .= "}";
            $text .= "</script>";
            $title = $this->textArray['Create Ticket'];
            $insert = $text;
            include("$this->templates/files/box.tpl.php");


            $this->body = $text;

        }
    }

    function modifyTicket(){
        if ($_POST[confirm] == 1){
            if ($this->admin == 2){ $assign = $this->user_id; }
            else if ($this->admin == 1){ $assgin = $this->core->db->dbCall("default_ticket_user"); }
            else { $assign = $_POST[assign]; }

            $subject = $this->core->global->convertText($_POST[subject], 1);
            $issue = $this->core->global->convertHTML($_POST[issue], 1);

            if ($_POST[status_id] == 4){
                $date = $this->core->global->getTime(time(), 1);
                $this->core->db->query("update tickets set closed_date = '$date', all_search = '$_POST[all_search]' where ticket_id = '$_POST[ticket_id]'");
            }

            $this->core->db->query("update tickets set all_search = '$_POST[all_search]', ticket_cat_id = '$_POST[ticket_cat_id]', pri_id = '$_POST[pri_id]', status_id = '$_POST[status_id]', ticket_subject = '$subject', ticket_issue = '$issue', assigned_to = '$assign' where ticket_id = '$_POST[ticket_id]'") or die(mysql_error());

            $notify = $_POST[notify];
            $notify[] = $this->user_id;
            $notify[] = $assign;
            $this->ticketNotify($ticket_id, $notify, "modify");

            header("Location: tickets.php?action=view&ticket_id=$_POST[ticket_id]");
        }
        else {
            $row = $this->core->db->fetch_array($this->core->db->query("select * from tickets where ticket_id = '$_GET[ticket_id]'"));

            $notify = array();
            $result = $this->core->db->query("select user_id from tickets_notify where ticket_id = '$_GET[ticket_id]'");
            while(list($u) = $this->core->db->fetch_row($result)){
                $notify[] = $u;
            }

            $text = "<table border=0 cellpadding=2 cellspacing=2 id=box>";
            $text .= "<form method=post action=tickets.php?action=modify onsubmit=\"return validateForm(this)\">";
            $text .= "<input type=hidden name=confirm value=1>";
            $text .= "<input type=hidden name=ticket_id value=$_GET[ticket_id]>";
            require_once("includes/formscript.inc.php");
            $text .= $formScript;
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Ticket Category'] . " : </td><td id=boxCell>" . $this->createDropDown("ticket_cat_id", $row[ticket_cat_id]) . "  </td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Priority'] . " : </td><td id=boxCell>" . $this->createDropDown("pri_id", $row[pri_id]) . " </td></tr>";
            if ($this->admin == 3){
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Allow All Search'] . " : </td><td id=boxCell>" . $this->createDropDown("all_search", $row[all_search]) . " </td></tr>";
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Status'] . " : </td><td id=boxCell>" . $this->createDropDown("status_id", $row[status_id]) . " </td></tr>";
                $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Assigned'] . " : </td><td id=boxCell>" . $this->createUserList("assign", $row[assigned_to]) . " </td></tr>";
            }
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Subject'] . " : </td><td id=boxCell><input type=text size=40 name=subject value=\"$row[ticket_subject]\"></td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Issue'] . " : </td><td id=boxCell><textarea name=issue rows=12 cols=43>" . $this->core->global->convertHTML($row[ticket_issue]) . "</textarea> </td></tr>";
            $text .= "<tr><td id=boxCell-bold>" . $this->textArray['Notify List'] . " : </td><td id=boxCell>" . $this->createUserList("notify", $notify) . " </td></tr>";

            $text .= "<tr><td id=boxCell-center colspan=2><input type=submit value='" . $this->textArray['Modify Ticket'] . "'></form></td></tr>";
            $text .= "</table>";
            $text .= "<script Language=JavaScript>";
            $text .= "function validateForm(theForm)";
            $text .= "{";
            $text .= "    if (!validRequired(theForm.issue,'" . $this->textArray['Issue'] . "'))";
            $text .= "        return false;";
            $text .= "    if (!validRequired(theForm.subject,'" . $this->textArray['Subject'] . "'))";
            $text .= "        return false;";
            $text .= "    return true;";
            $text .= "}";
            $text .= "</script>";
            $title = $this->textArray['Modify Ticket'];
            $insert = $text;
            include("$this->templates/files/box.tpl.php");
            $this->body = $text;

        }
    }


    function deleteTicket(){
        list($auth_key) = $this->core->db->fetch_row($this->core->db->query("select auth_key from users where sess = '$_COOKIE[PXL]'"));
        print($auth_key . "<br>" . $_GET[auth]);
        if ($_GET[auth] != $auth_key || !$_GET[auth] || $this->admin != 3){ DIE("HACK ATTEMPT"); }

        $hold = array();
        $result = $this->core->db->query("select user_id from tickets_notify where ticket_id = '$_GET[ticket_id]'");
        while(list($user_id) = $this->core->db->fetch_row($result)){
            $hold[] = $user_id;
        }
        $this->ticketNotify($_GET[ticket_id], $hold, "delete");

        $this->core->db->query("delete from tickets_comments where ticket_id = '$_GET[ticket_id]'");
        $this->core->db->query("delete from tickets where ticket_id = '$_GET[ticket_id]'");
        $this->core->db->query("delete from tickets_notify where ticket_id = '$_GET[ticket_id]'");
        header("Location: tickets.php?code=d");
    }

    function ticketNotify($ticket_id, $notify, $action){

        $siteName = $this->core->db->dbCall("siteName");
        $email = $this->core->db->dbCall("webmasterEmail");
        $url = $this->core->db->dbCall("siteURL");

        $headers = "From: $siteName " . $this->textArray['Tickets'] . " <$email> \r\n";
        $headers .= "X-Sender: <$email>\r\n";
        $headers .= "X-Mailer: PHP\r\n";
        $headers .= "X-Priority: 3\r\n";
        $headers .= "Reply-To: $email\r\n";

        $hold = array();
        foreach($notify as $n){
            list($count) = $this->core->db->fetch_row($this->core->db->query("select count(*) from tickets_notify where ticket_id = '$ticket_id' and user_id = '$n'"));
            if ($count == 0){
                if (!in_array($n, $hold)){
                    $this->core->db->query("insert into tickets_notify values ('$n', '$ticket_id')");
                    $hold[] = $n;
                }
            }
            else {
                if (!in_array($n, $hold)){ $hold[] = $n; }
            }
        }
        $result = $this->core->db->query("select user_id from tickets_notify where ticket_id = '$ticket_id'");
        while(list($user_id) = $this->core->db->fetch_row($result)){
            if (!in_array($user_id, $hold)){
                $this->core->db->query("delete from tickets_notify where ticket_id = '$ticket_id' and user_id = '$user_id'");
            }
        }

        if ($action == "create"){
            $subject = $siteName . " " . $this->textArray['Ticket Created'];
            $message = $siteURL . "/tickets.php?action=view&ticket_id=$ticket_id";
        }
        else if ($action == "delete"){
            $subject = $siteName . " " . $this->textArray['Ticket Deleted'];
            $message = $ticket_id . " " . $this->textArray['Ticket Deleted'];
        }
        else if ($action == "comment"){
            $subject = $siteName . " " . $this->textArray['Ticket Comment Added'];
            $message = $siteURL . "/tickets.php?action=view&ticket_id=$ticket_id";
        }
        foreach($hold as $h){
            list($email) = $this->core->db->fetch_row($this->core->db->query("select email from users where user_id = '$h'"));
            $this->core->global->xMail($email, $subject, $message, $headers);
        }
    }

    function addComment(){
        list($assign, $open) = $this->core->db->fetch_row($this->core->db->query("select assigned_to, opened_by from tickets where ticket_id = '$_POST[ticket_id]'"));
        if ($this->user_id == $assign || $this->user_id == $open || $this->admin == 3){
            $this->core->db->query("update tickets set assigned_to = '$_POST[assign]', status_id = '$_POST[status_id]', pri_id = '$_POST[pri_id]' where ticket_id = '$_POST[ticket_id]'");
            $date = $this->core->global->getTime(time(), 1);
            if ($_POST[status_id] == 4){
                $this->core->db->query("update tickets set closed_date = '$date', all_search = '$_POST[all_search]' where ticket_id = '$_POST[ticket_id]'");
            }

            $comment = $this->core->global->convertHTML($_POST[comment], 1);


            $this->core->db->query("insert into tickets_comments values ('', '$_POST[ticket_id]', '$date', '$this->user_id', '$comment')");

            $hold = array();
            $result = $this->core->db->query("select user_id from tickets_notify where ticket_id = '$_GET[ticket_id]'");
            while(list($user_id) = $this->core->db->fetch_row($result)){
                $hold[] = $user_id;
            }
            $this->ticketNotify($_POST[ticket_id], $hold, "comment");
        }

        header("Location: tickets.php?action=view&ticket_id=$_POST[ticket_id]");
    }

    function deleteComment(){
        list($auth_key) = $this->core->db->fetch_row($this->core->db->query("select auth_key from users where sess = '$_COOKIE[PXL]'"));
        if ($_GET[auth] != $auth_key || !$_GET[auth] || $this->admin != 3){ DIE("HACK ATTEMPT"); }
        $this->core->db->query("delete from tickets_comments where ticket_comment_id = '$_GET[comment_id]'") or die(mysql_error());
        header("Location: tickets.php?action=view&ticket_id=$_GET[ticket_id]");
    }

    function ticketsHome(){

        $text .= "<table border=0 cellpadding=2 cellspacing=0 id=box>";
        $text .= "<tr>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['ID'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Priority'] . "</td>";
        //$text .= "<td id=boxCell-bold>" . $this->textArray['Status'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Opened Date'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Opened By'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Subject'] . "</td>";
        $text .= "</tr>";
        $dateFormat = $this->core->db->dbCall("dateFormat") . " H:i";

        $result = $this->core->db->query("select t.ticket_id, p.pri_name, s.status_name, t.opened_date, concat(u.first_name, ' ', u.last_name), t.ticket_subject from tickets t, pri p, status s, users u where u.user_id = t.opened_by and t.assigned_to = '$this->user_id' and s.status_id = t.status_id and t.status_id in ('2','8') and p.pri_id = t.pri_id order by t.pri_id, t.opened_date") or die(mysql_error());
        $x=0;
        while(list($id, $pri, $status, $date, $user, $subject) = $this->core->db->fetch_row($result)){
            if ($x == 0){ $class = "boxCell"; $x++; }
            else { $class = "boxCell-alt"; $x=0; }

            $text .= "<tr>";
            $text .= "<td id=$class><a href=tickets.php?action=view&ticket_id=$id class=links>$id</a></td>";
            $text .= "<td id=$class>$pri</td>";
            $text .= "<td id=$class>" . date($dateFormat, $this->core->global->getTime($date)) . "</td>";
            $text .= "<td id=$class>$user</td>";
            $text .= "<td id=$class>$subject</td>";
            $text .= "</tr>";
        }
        $text .= "</table>";
        $title = $this->textArray['Tickets Assigned To Me'];
        $insert = $text;
        include("$this->templates/files/box.tpl.php");
        $hold = $text;



        $text = "<br>";
        $text .= "<table border=0 cellpadding=2 cellspacing=0 id=box>";
        $text .= "<tr>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['ID'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Priority'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Opened Date'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Assigned To'] . "</td>";
        $text .= "<td id=boxCell-bold>" . $this->textArray['Subject'] . "</td>";
        $text .= "</tr>";
        $dateFormat = $this->core->db->dbCall("dateFormat") . " H:i";

        $result = $this->core->db->query("select t.ticket_id, p.pri_name, s.status_name, t.opened_date, concat(u.first_name, ' ', u.last_name), t.ticket_subject from tickets t, pri p, status s, users u where u.user_id = t.opened_by and t.opened_by = '$this->user_id' and s.status_id = t.status_id and t.status_id in ('2','8') and p.pri_id = t.pri_id order by t.pri_id, t.opened_date") or die(mysql_error());
        $x=0;
        while(list($id, $pri, $status, $date, $user, $subject) = $this->core->db->fetch_row($result)){
            if ($x == 0){ $class = "boxCell"; $x++; }
            else { $class = "boxCell-alt"; $x=0; }

            $text .= "<tr>";
            $text .= "<td id=$class><a href=tickets.php?action=view&ticket_id=$id class=links>$id</a></td>";
            $text .= "<td id=$class>$pri</td>";
            $text .= "<td id=$class>" . date($dateFormat, $this->core->global->getTime($date)) . "</td>";
            $text .= "<td id=$class>$user</td>";
            $text .= "<td id=$class>$subject</td>";
            $text .= "</tr>";
        }
        $text .= "</table><br>";
        $title = $this->textArray['Tickets Opened By Me'];
        $insert = $text;
        include("$this->templates/files/box.tpl.php");
        $text = $hold . $text;


        $this->body = $text;

    }

    function ticketSearch(){
        if ($_POST[confirm] == 1){
            $search = trim(rtrim($_POST[search]));
            list($count) = $this->core->db->fetch_row($this->core->db->query("select count(*) from tickets where ticket_id = '$search'"));
            if ($count != 0){
                header("Location: tickets.php?action=view&ticket_id=$search");
            }
            else {
                $text = "<table border=0 cellpadding=2 cellspacing=0 id=box>";
                $text .= "<tr>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['ID'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Priority'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Status'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Opened Date'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Opened By'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Assigned To'] . "</td>";
                $text .= "<td id=boxCell-bold>" . $this->textArray['Subject'] . "</td>";
                $text .= "</tr>";
                $dateFormat = $this->core->db->dbCall("dateFormat") . " H:i";

                if ($this->admin < 2){ $and = "and (t.assigned_to = '$this->user_id' or t.all_search = '1') "; }


                $search = "%" . $search . "%";

                $result = $this->core->db->query("select t.ticket_id, p.pri_name, s.status_name, t.opened_date, concat(u.first_name, ' ', u.last_name), t.ticket_subject, concat(u1.first_name, ' ', u1.last_name) from users u1, tickets t, pri p, status s, users u where u.user_id = t.opened_by and s.status_id = t.status_id and p.pri_id = t.pri_id and (t.ticket_subject like '$search' or t.ticket_issue like '$search') and u1.user_id = t.assigned_to $and order by t.ticket_id") or die(mysql_error());
                $x=0;
                while(list($id, $pri, $status, $date, $open, $subject, $assign) = $this->core->db->fetch_row($result)){

                    if ($x == 0){ $class = "boxCell"; $x++; }
                    else { $class = "boxCell-alt"; $x=0; }

                    $text .= "<tr>";
                    $text .= "<td id=$class><a href=tickets.php?action=view&ticket_id=$id class=links>$id</a></td>";
                    $text .= "<td id=$class>$pri</td>";
                    $text .= "<td id=$class>$status</td>";
                    $text .= "<td id=$class>" . date($dateFormat, $this->core->global->getTime($date)) . "</td>";
                    $text .= "<td id=$class>$open</td>";
                    $text .= "<td id=$class>$assign</td>";
                    $text .= "<td id=$class>$subject</td>";
                    $text .= "</tr>";


                }
                $text .= "</table><br>";
                $title = $this->textArray['Search Results'];
                $insert = $text;
                include("$this->templates/files/box.tpl.php");
                $this->body = $text;
            }
        }
        else {
            $text = "<br><table cellpadding=2 cellspacing=0 id=box-400>";
            $text .= "<form method=post action=tickets.php?action=search>";
            $text .= "<input type=hidden name=confirm value=1>";
            $text .= "<tr><td id=boxCell-center>" . $this->textArray['Ticket ID or Keywords'] . " : <input type=text size=30 name=search></td></tr>";
            $text .= "<tr><td id=boxCell-center><input type=submit value='" . $this->textArray['Search'] . "' class=submit></form></td></tr></table><br>";
            $title = $this->textArray['Ticket Search'];
            $insert = $text;
            include("$this->templates/files/box.tpl.php");
            $this->body = $text;

        }
    }

}
Return current item: PHPX3