archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

🐛 Add 'name' attribute to form elements

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-04 19:45:23 +01:00
parent 06c009333d
commit 476c5c03d1
1 changed files with 25 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
app/public/new.php
View File

@@ -12,6 +12,10 @@
$sql->bindParam(':description', $_POST['description']); $sql->bindParam(':description', $_POST['description']);
$sql->bindParam(':user', $_SESSION['uuid']); $sql->bindParam(':user', $_SESSION['uuid']);
$sql->execute(); $sql->execute();
} catch (PDOException $e) {
// echo("Error: <br>" . $e->getMessage() . "<br>");
create_alert("danger", "SQL Error: " . $e->getMessage());
}
// Get ticket UUID // Get ticket UUID
try { try {
@@ -23,26 +27,30 @@
$tkt_result = $tkt_sql->fetchAll()[0]; $tkt_result = $tkt_sql->fetchAll()[0];
$tkt_uuid = $tkt_result['uuid']; $tkt_uuid = $tkt_result['uuid'];
} catch (PDOException $e) { } catch (PDOException $e) {
echo("Error: " . $e->getMessage()); // echo("Error: <br>" . $e->getMessage() . "<br>");
create_alert("danger", "SQL Error: " . $e->getMessage());
} }
// If file is uploaded, process that // If file is uploaded, process that
if(isset($_FILES['file'])) { if(isset($_FILES['file'])) {
$file_name = $_FILES['file']['name']; try {
$file_size =$_FILES['file']['size']; $file_name = $_FILES['file']['name'];
$file_type=$_FILES['file']['type']; $file_size =$_FILES['file']['size'];
$file_tmp =$_FILES['file']['tmp_name']; $file_type=$_FILES['file']['type'];
move_uploaded_file($file_tmp,"/srv/attachments/".$file_name); $file_tmp =$_FILES['file']['tmp_name'];
$stmt = "INSERT INTO ticket_uploads (ticket, user, path) VALUES (:ticket, :user, :filepath)"; move_uploaded_file($file_tmp,"/srv/attachments/".$file_name);
$sql = $db->prepare($stmt); $stmt = "INSERT INTO ticket_uploads (ticket, user, path) VALUES (:ticket, :user, :filepath)";
$sql->bindParam(':ticket', $tkt_uuid); $sql = $db->prepare($stmt);
$sql->bindParam(':user', $_SESSION['uuid']); $sql->bindParam(':ticket', $tkt_uuid);
$sql->bindParam(':filepath', "/srv/attachments/".$file_name); $sql->bindParam(':user', $_SESSION['uuid']);
$sql->execute(); $sql->bindParam(':filepath', "/srv/attachments/".$file_name);
$sql->execute();
} catch (PDOException $e) {
// echo("Error: <br>" . $e->getMessage() . "<br>");
create_alert("danger", "SQL Error: " . $e->getMessage());
}
} }
} catch (PDOException $e) {
echo("Error running SQL (Add new user): <br>" . $e->getMessage() . "<br>");
}
header_remove("Location"); header_remove("Location");
header('Location: /view?rid=' . $tkt_uuid); header('Location: /view?rid=' . $tkt_uuid);
@@ -68,11 +76,11 @@
<form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data"> <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
<div class="form-group"> <div class="form-group">
<label for="title">Title: </label> <label for="title">Title: </label>
<input type="text" class="form-control" id="title"> <input type="text" class="form-control" id="title" name="title">
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="description">Description: </label> <label for="description">Description: </label>
<textarea type="text" class="form-control" id="description" rows="3"></textarea> <textarea type="text" class="form-control" id="description" name="description" rows="3"></textarea>
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="file">Upload file(s): </label> <label for="file">Upload file(s): </label>