diff --git a/app/public/actions/create.php b/app/public/actions/create.php
index a512743..7c8d339 100644
--- a/app/public/actions/create.php
+++ b/app/public/actions/create.php
@@ -16,29 +16,31 @@
$sql->execute();
} catch (PDOException $e) {
// echo("Error:
" . $e->getMessage() . "
");
- $new_ticket_alert = array("danger", "Failed to save request: " . $e->getMessage());
+ $alert = array("danger", "Failed to create request: " . $e->getMessage());
}
// If file is uploaded, process that
if(isset($_FILES['file']) && $_FILES['file']['name'] != "") {
- try {
+ try {
+ $file_uuid = Uuid::uuid4()->toString();
$file_name = $_FILES['file']['name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_tmp = $_FILES['file']['tmp_name'];
- move_uploaded_file($file_tmp,"/srv/attachments/".$file_name);
- $stmt = "INSERT INTO ticket_uploads (ticket, user, filename) VALUES (:ticket, :user, :name)";
+ move_uploaded_file($file_tmp,$_ENV['ATTACHMENTS_PATH']."/".$file_uuid);
+ $stmt = "INSERT INTO ticket_uploads (id, ticket, user, filename) VALUES (:fileuuid, :ticket, :user, :name)";
$sql = $db->prepare($stmt);
+ $sql->bindParam(':fileuuid', $file_uuid);
$sql->bindParam(':ticket', $tkt_uuid);
$sql->bindParam(':user', $_SESSION['uuid']);
$sql->bindParam(':name', $file_name);
$sql->execute();
- } catch (PDOException $e) {
- // echo("Error:
" . $e->getMessage() . "
");
- $new_ticket_alert = array("danger", "Failed to upload file: " . $e->getMessage());
- }
+ } catch (PDOException $e) {
+ $alert = array("danger", "Failed to upload file: " . $e->getMessage());
+ }
}
-
- header('Location: /view?rid=' . $tkt_uuid, true);
+
+ $newURL = "/view?rid=" . $tkt_uuid;
+ echo("");
}
?>