🐛 Fixed issue where files didn't upload on new request creation (#51)

Signed-off-by: Luke Tainton <luke@tainton.uk>

app/public/actions/create.php

@@ -16,29 +16,31 @@
         $sql->execute();
     } catch (PDOException $e) {
         // echo("Error: <br>" . $e->getMessage() . "<br>");
-        $new_ticket_alert = array("danger", "Failed to save request: " . $e->getMessage());
+        $alert = array("danger", "Failed to create request: " . $e->getMessage());
     }
 
     // If file is uploaded, process that
     if(isset($_FILES['file']) && $_FILES['file']['name'] != "") {
-        try {
+      try {
+        $file_uuid = Uuid::uuid4()->toString();
         $file_name = $_FILES['file']['name'];
         $file_size = $_FILES['file']['size'];
         $file_type = $_FILES['file']['type'];
         $file_tmp = $_FILES['file']['tmp_name'];
-        move_uploaded_file($file_tmp,"/srv/attachments/".$file_name);
-        $stmt = "INSERT INTO ticket_uploads (ticket, user, filename) VALUES (:ticket, :user, :name)";
+        move_uploaded_file($file_tmp,$_ENV['ATTACHMENTS_PATH']."/".$file_uuid);
+        $stmt = "INSERT INTO ticket_uploads (id, ticket, user, filename) VALUES (:fileuuid, :ticket, :user, :name)";
         $sql = $db->prepare($stmt);
+        $sql->bindParam(':fileuuid', $file_uuid);
         $sql->bindParam(':ticket', $tkt_uuid);
         $sql->bindParam(':user', $_SESSION['uuid']);
         $sql->bindParam(':name', $file_name);
         $sql->execute();
-        } catch (PDOException $e) {
-        // echo("Error: <br>" . $e->getMessage() . "<br>");
-        $new_ticket_alert = array("danger", "Failed to upload file: " . $e->getMessage());
-        }
+      } catch (PDOException $e) {
+        $alert = array("danger", "Failed to upload file: " . $e->getMessage());
+      }
     }
-
-    header('Location: /view?rid=' . $tkt_uuid, true);
+    
+    $newURL = "/view?rid=" . $tkt_uuid;
+    echo("<script>window.location = '$newURL'</script>");
     }
 ?>