archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

🎨 Move SQL functions to prereqs.php for easy reuse

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-09 15:23:29 +01:00
parent 1f59131dc0
commit 5b3a49cf43
9 changed files with 127 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
app/public/actions/close.php
View File

@@ -1,29 +1,11 @@
<?php
$PAGE_NAME = "Close request";
require_once __DIR__ . "/../../includes/header.php";
// Get authorised subscribers
try {
$users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
$users_sql = $db->prepare($users_stmt);
$users_sql->bindParam(':uuid', $_GET['rid']);
$users_sql->execute();
$users_sql->setFetchMode(PDO::FETCH_ASSOC);
$users_result = $users_sql->fetchAll();
} catch (PDOException $e) {
$new_ticket_alert = array("danger", "Failed to get subscribers: " . $e->getMessage());
}
$authorised_users = array();
foreach($users_result as $user) {
array_push($authorised_users, $user['user_uuid']);
}
if (in_array($_SESSION['uuid'], $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
$is_authorised = true;
} else {
$is_authorised = false;
}
$request = get_request($db, $_GET['rid']);
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($authorised_users, $request);
// Close request
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -40,6 +22,7 @@
}
} else {
$new_ticket_alert = array("danger", "You are not authorised to close this request.");
header('Location: /view?rid=' . $request['uuid'], true);
}
?>