From b63081490a96bb8f98653b3aea9c132dd963dd11 Mon Sep 17 00:00:00 2001
From: Alexander Davis <alex@adcm.uk>
Date: Sun, 9 Aug 2020 00:17:24 +0100
Subject: [PATCH 1/6] Moving from old branch

---
 app/includes/header.php   |   1 -
 app/public/css/custom.css |  21 ++--
 app/public/existing.php   |   2 +-
 app/public/update.php     | 215 ++++++++++++++++++++++++++++++++++++++
 app/public/view.php       |   9 +-
 5 files changed, 233 insertions(+), 15 deletions(-)
 create mode 100644 app/public/update.php

diff --git a/app/includes/header.php b/app/includes/header.php
index acf4ec9..13fd1b6 100644
--- a/app/includes/header.php
+++ b/app/includes/header.php
@@ -9,7 +9,6 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     <meta name="theme-color" content="#563d7c">
-    <link rel="icon" type="image/png" href="/favicon.png">
     <title><?php echo( $PAGE_TITLE ); ?></title>
 
     <!-- Bootstrap core CSS -->
diff --git a/app/public/css/custom.css b/app/public/css/custom.css
index 171acc9..6d3a9dc 100644
--- a/app/public/css/custom.css
+++ b/app/public/css/custom.css
@@ -16,16 +16,16 @@
 main > .container {
     padding: 60px 15px 0;
 }
-
+  
 .footer {
     background-color: #f5f5f5;
 }
-
+  
 .footer > .container {
     padding-right: 15px;
     padding-left: 15px;
 }
-
+  
 code {
     font-size: 80%;
 }
@@ -42,28 +42,25 @@ code {
       padding-bottom: 6rem;
     }
   }
-
+  
   .jumbotron p:last-child {
     margin-bottom: 0;
   }
-
+  
   .jumbotron h1 {
     font-weight: 300;
   }
-
+  
   .jumbotron .container {
     max-width: 40rem;
   }
-
+  
   footer {
     padding-top: 3rem;
     padding-bottom: 3rem;
   }
-
+  
   footer p {
     margin-bottom: .25rem;
   }
-
-  .card .mx-auto {
-    margin-bottom: 50px;
-  }
+  
\ No newline at end of file
diff --git a/app/public/existing.php b/app/public/existing.php
index 9cbec7d..bf5d4c3 100644
--- a/app/public/existing.php
+++ b/app/public/existing.php
@@ -77,7 +77,7 @@
     </section>
 
       <section>
-        <div class="card mx-auto" style="width: 80%;">
+        <div class="card mx-auto" style="width: 80%;;margin-bottom: 50px;">
           <div class="card-header">
             <span class="mdi mdi-ticket-outline"></span> My Closed Requests
           </div>
diff --git a/app/public/update.php b/app/public/update.php
new file mode 100644
index 0000000..3c41294
--- /dev/null
+++ b/app/public/update.php
@@ -0,0 +1,215 @@
+<?php
+    $PAGE_NAME = "Update Request";
+    require_once __DIR__ . "/../includes/header.php";
+
+    // Get ticket
+    try {
+      $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
+      $ticket_sql = $db->prepare($ticket_stmt);
+      $ticket_sql->bindParam(':uuid', $_GET['rid']);
+      $ticket_sql->execute();
+      $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $ticket_result = $ticket_sql->fetchAll();
+      $request = $ticket_result[0];
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    // Get ticket updates
+    try {
+      $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
+      $updates_sql = $db->prepare($updates_stmt);
+      $updates_sql->bindParam(':uuid', $_GET['rid']);
+      $updates_sql->execute();
+      $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $updates_result = $updates_sql->fetchAll();
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    // Get authorised subscribers
+    try {
+      $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
+      $users_sql = $db->prepare($users_stmt);
+      $users_sql->bindParam(':uuid', $_GET['rid']);
+      $users_sql->execute();
+      $users_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $users_result = $users_sql->fetchAll();
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    $authorised_users = array();
+    foreach($users_result as $user) {
+      array_push($authorised_users, $user['user_uuid']);
+    }
+
+    if (in_array($_SESSION['uuid'], $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    }
+
+?>
+
+
+
+<!-- Begin page content -->
+<main role="main" class="flex-shrink-0">
+
+  <?php if (!is_signed_in()) { ?>
+    <section>
+      <div class="container">
+        <div class='alert alert-danger alert-dismissible fade show' role='alert'>
+          You need to log in to access this page.
+          <button type='button' class='close' data-dismiss='alert' aria-label='Close'>
+            <span aria-hidden='true'>&times;</span>
+          </button>
+        </div>
+      </div>
+    </section>
+  <?php } else {
+      if ($is_authorised == true) { ?>
+      <section class="jumbotron text-center">
+        <div class="container">
+          <h1><?php echo($request['title']); ?></h1>
+          <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
+          <p class="lead text-muted"><?php echo($request['description']); ?></p>
+        </div>
+      </section>
+      <section>
+        <div class="container">
+          <div class="row">
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
+                <ul class="list-group list-group-flush">
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Status:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['status']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Creator:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Assignee:</b></span>
+                        <?php if ($request['assignee'] != null) {
+                          echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
+                        } else {
+                          echo("<span class='text-muted' style='display: inline; margin-left: 1%;'>None</span>");
+                        } ?>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Created:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['created_on']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Updated:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                </ul>
+              </div>
+            </div>
+
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
+                <ul class="list-group list-group-flush">
+                  <?php
+                    if (count($updates_result) == 0) {
+                      echo("<center><b>No updates</b></center>");
+                    } else {
+                      foreach($updates_result as $update) {
+                  ?>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><b><?php echo(get_user_name($db, $update['user'])); ?></b></span><span class="text-muted"><i><?php echo(" " . $update['created']); ?></i></span>
+                        </div>
+                        <div class="row">
+                          <span><?php echo($update['msg']); ?></span>
+                        </div>
+                      </div>
+                    </li>
+                  <?php } } ?>
+                </ul>
+              </div>
+            </div>
+
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-comment-edit-outline"></span> Actions</div>
+                <ul class="list-group list-group-flush">
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Post an update</a></span>
+                        </div>
+                      </div>
+                    </li>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;">Upload file(s)</span>
+                        </div>
+                      </div>
+                    </li>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;">Manage request subscribers</span>
+                        </div>
+                      </div>
+                    </li>
+                </ul>
+              </div>
+            </div>
+
+          </div>
+        </div>
+      </section>
+      <section>
+        <div class="card mx-auto" style="width: 50%;;margin-bottom: 50px;">
+          <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
+            <div class="form-group">
+              <label for="description">Update: </label>
+              <textarea type="text" class="form-control" id="description" name="description" rows="3"></textarea>
+            </div>
+            <button type="submit" class="btn btn-primary">Submit</button>
+          </form>
+        </div>
+      </section>
+    <?php } else if ($is_authorised == false) { ?>
+      <section class="jumbotron text-center">
+        <div class="container">
+          <h1>You are not authorised to see this page.</h1>
+        </div>
+      </section>
+    <?php } } ?>
+
+</main>
+
+<?php
+    require_once __DIR__ . "/../includes/footer.php";
+?>
diff --git a/app/public/view.php b/app/public/view.php
index b8886fc..73dc6e9 100644
--- a/app/public/view.php
+++ b/app/public/view.php
@@ -164,7 +164,7 @@
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;">Post an update</span>
+                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Post an update</a></span>
                         </div>
                       </div>
                     </li>
@@ -182,6 +182,13 @@
                         </div>
                       </div>
                     </li>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Close ticket</a></span>
+                        </div>
+                      </div>
+                    </li>
                 </ul>
               </div>
             </div>
-- 
2.49.1


From 85e42821eb60c9441c154cc79723667f0dae09ef Mon Sep 17 00:00:00 2001
From: Alexander Davis <alex@adcm.uk>
Date: Sun, 9 Aug 2020 00:23:43 +0100
Subject: [PATCH 2/6] Added new terminology

Also added upload file page. Waiting for @luketainton to complete back end coding
---
 app/public/update.php |  12 +--
 app/public/upload.php | 215 ++++++++++++++++++++++++++++++++++++++++++
 app/public/view.php   |  19 ++--
 3 files changed, 227 insertions(+), 19 deletions(-)
 create mode 100644 app/public/upload.php

diff --git a/app/public/update.php b/app/public/update.php
index 3c41294..b54b8a7 100644
--- a/app/public/update.php
+++ b/app/public/update.php
@@ -95,7 +95,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Creator:</b></span>
+                        <span style="display: inline;"><b>Created by:</b></span>
                         <span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
                       </div>
                     </div>
@@ -103,7 +103,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Assignee:</b></span>
+                        <span style="display: inline;"><b>Assigned to:</b></span>
                         <?php if ($request['assignee'] != null) {
                           echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
                         } else {
@@ -123,7 +123,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Updated:</b></span>
+                        <span style="display: inline;"><b>Last updated:</b></span>
                         <span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
                       </div>
                     </div>
@@ -164,21 +164,21 @@
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Post an update</a></span>
+                          <span style="display: inline;"><a href="update?rid=<?php echo($tkt["uuid"]); ?>" >Send an update</a></span>
                         </div>
                       </div>
                     </li>
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;">Upload file(s)</span>
+                          <span style="display: inline;"><a href="upload?rid=<?php echo($tkt["uuid"]); ?>" >Upload file(s)</a></span>
                         </div>
                       </div>
                     </li>
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;">Manage request subscribers</span>
+                          <span style="display: inline;">Add/Remove ticket subscribers</span>
                         </div>
                       </div>
                     </li>
diff --git a/app/public/upload.php b/app/public/upload.php
new file mode 100644
index 0000000..82059a3
--- /dev/null
+++ b/app/public/upload.php
@@ -0,0 +1,215 @@
+<?php
+    $PAGE_NAME = "Upload File";
+    require_once __DIR__ . "/../includes/header.php";
+
+    // Get ticket
+    try {
+      $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
+      $ticket_sql = $db->prepare($ticket_stmt);
+      $ticket_sql->bindParam(':uuid', $_GET['rid']);
+      $ticket_sql->execute();
+      $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $ticket_result = $ticket_sql->fetchAll();
+      $request = $ticket_result[0];
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    // Get ticket updates
+    try {
+      $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
+      $updates_sql = $db->prepare($updates_stmt);
+      $updates_sql->bindParam(':uuid', $_GET['rid']);
+      $updates_sql->execute();
+      $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $updates_result = $updates_sql->fetchAll();
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    // Get authorised subscribers
+    try {
+      $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
+      $users_sql = $db->prepare($users_stmt);
+      $users_sql->bindParam(':uuid', $_GET['rid']);
+      $users_sql->execute();
+      $users_sql->setFetchMode(PDO::FETCH_ASSOC);
+      $users_result = $users_sql->fetchAll();
+    } catch (PDOException $e) {
+      echo("Error: " . $e->getMessage());
+    }
+
+    $authorised_users = array();
+    foreach($users_result as $user) {
+      array_push($authorised_users, $user['user_uuid']);
+    }
+
+    if (in_array($_SESSION['uuid'], $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    }
+
+?>
+
+
+
+<!-- Begin page content -->
+<main role="main" class="flex-shrink-0">
+
+  <?php if (!is_signed_in()) { ?>
+    <section>
+      <div class="container">
+        <div class='alert alert-danger alert-dismissible fade show' role='alert'>
+          You need to log in to access this page.
+          <button type='button' class='close' data-dismiss='alert' aria-label='Close'>
+            <span aria-hidden='true'>&times;</span>
+          </button>
+        </div>
+      </div>
+    </section>
+  <?php } else {
+      if ($is_authorised == true) { ?>
+      <section class="jumbotron text-center">
+        <div class="container">
+          <h1><?php echo($request['title']); ?></h1>
+          <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
+          <p class="lead text-muted"><?php echo($request['description']); ?></p>
+        </div>
+      </section>
+      <section>
+        <div class="container">
+          <div class="row">
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
+                <ul class="list-group list-group-flush">
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Status:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['status']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Created by:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Assigned to:</b></span>
+                        <?php if ($request['assignee'] != null) {
+                          echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
+                        } else {
+                          echo("<span class='text-muted' style='display: inline; margin-left: 1%;'>None</span>");
+                        } ?>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Created:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['created_on']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                  <li class="list-group-item">
+                    <div class="container">
+                      <div class="row">
+                        <span style="display: inline;"><b>Last updated:</b></span>
+                        <span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
+                      </div>
+                    </div>
+                  </li>
+                </ul>
+              </div>
+            </div>
+
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
+                <ul class="list-group list-group-flush">
+                  <?php
+                    if (count($updates_result) == 0) {
+                      echo("<center><b>No updates</b></center>");
+                    } else {
+                      foreach($updates_result as $update) {
+                  ?>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><b><?php echo(get_user_name($db, $update['user'])); ?></b></span><span class="text-muted"><i><?php echo(" " . $update['created']); ?></i></span>
+                        </div>
+                        <div class="row">
+                          <span><?php echo($update['msg']); ?></span>
+                        </div>
+                      </div>
+                    </li>
+                  <?php } } ?>
+                </ul>
+              </div>
+            </div>
+
+            <div class="col-sm">
+              <div class="card mx-auto">
+                <div class="card-header"><span class="mdi mdi-comment-edit-outline"></span> Actions</div>
+                <ul class="list-group list-group-flush">
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><a href="update?rid=<?php echo($tkt["uuid"]); ?>" >Send an update</a></span>
+                        </div>
+                      </div>
+                    </li>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;"><a href="upload?rid=<?php echo($tkt["uuid"]); ?>" >Upload file(s)</a></span>
+                        </div>
+                      </div>
+                    </li>
+                    <li class="list-group-item">
+                      <div class="container">
+                        <div class="row">
+                          <span style="display: inline;">Add/Remove ticket subscribers</span>
+                        </div>
+                      </div>
+                    </li>
+                </ul>
+              </div>
+            </div>
+
+          </div>
+        </div>
+      </section>
+      <section>
+        <div class="card mx-auto" style="width: 50%;;margin-bottom: 50px;">
+          <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
+            <div class="form-group">
+              <label for="file">Upload file(s): </label>
+              <input type="file" class="form-control-file" id="file" name="file">
+            </div>
+            <button type="submit" class="btn btn-primary">Submit</button>
+          </form>
+        </div>
+      </section>
+    <?php } else if ($is_authorised == false) { ?>
+      <section class="jumbotron text-center">
+        <div class="container">
+          <h1>You are not authorised to see this page.</h1>
+        </div>
+      </section>
+    <?php } } ?>
+
+</main>
+
+<?php
+    require_once __DIR__ . "/../includes/footer.php";
+?>
diff --git a/app/public/view.php b/app/public/view.php
index 73dc6e9..d9f62f4 100644
--- a/app/public/view.php
+++ b/app/public/view.php
@@ -95,7 +95,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Creator:</b></span>
+                        <span style="display: inline;"><b>Created by:</b></span>
                         <span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
                       </div>
                     </div>
@@ -103,7 +103,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Assignee:</b></span>
+                        <span style="display: inline;"><b>Assigned to:</b></span>
                         <?php if ($request['assignee'] != null) {
                           echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
                         } else {
@@ -123,7 +123,7 @@
                   <li class="list-group-item">
                     <div class="container">
                       <div class="row">
-                        <span style="display: inline;"><b>Updated:</b></span>
+                        <span style="display: inline;"><b>Last updated:</b></span>
                         <span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
                       </div>
                     </div>
@@ -164,28 +164,21 @@
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Post an update</a></span>
+                          <span style="display: inline;"><a href="update?rid=<?php echo($tkt["uuid"]); ?>" >Send an update</a></span>
                         </div>
                       </div>
                     </li>
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;">Upload file(s)</span>
+                          <span style="display: inline;"><a href="upload?rid=<?php echo($tkt["uuid"]); ?>" >Upload file(s)</a></span>
                         </div>
                       </div>
                     </li>
                     <li class="list-group-item">
                       <div class="container">
                         <div class="row">
-                          <span style="display: inline;">Manage request subscribers</span>
-                        </div>
-                      </div>
-                    </li>
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;"><a href="view?rid=<?php echo($tkt["uuid"]); ?>" >Close ticket</a></span>
+                          <span style="display: inline;">Add/Remove ticket subscribers</span>
                         </div>
                       </div>
                     </li>
-- 
2.49.1


From 2db6f5fc798f2b92ad60a2e995663e0cd8785934 Mon Sep 17 00:00:00 2001
From: Alexander Davis <alex@adcm.uk>
Date: Sun, 9 Aug 2020 13:45:45 +0100
Subject: [PATCH 3/6] Fixing old issues

---
 app/public/update.php | 40 ++++++++--------------------------------
 app/public/upload.php | 40 ++++++++--------------------------------
 2 files changed, 16 insertions(+), 64 deletions(-)

diff --git a/app/public/update.php b/app/public/update.php
index b54b8a7..80033d0 100644
--- a/app/public/update.php
+++ b/app/public/update.php
@@ -75,12 +75,17 @@
           <h1><?php echo($request['title']); ?></h1>
           <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
           <p class="lead text-muted"><?php echo($request['description']); ?></p>
+          <p>
+            <a href='/update?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-primary my-2'>Update the request</a>
+            <a href='/upload?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-secondary my-2'>Add attachment(s)</a>
+            <a href='/close?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-danger my-2'>Close the request</a>
+          </p>
         </div>
       </section>
       <section>
         <div class="container">
           <div class="row">
-            <div class="col-sm">
+            <div class="col-4">
               <div class="card mx-auto">
                 <div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
                 <ul class="list-group list-group-flush">
@@ -132,7 +137,7 @@
               </div>
             </div>
 
-            <div class="col-sm">
+            <div class="col-8">
               <div class="card mx-auto">
                 <div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
                 <ul class="list-group list-group-flush">
@@ -157,40 +162,11 @@
               </div>
             </div>
 
-            <div class="col-sm">
-              <div class="card mx-auto">
-                <div class="card-header"><span class="mdi mdi-comment-edit-outline"></span> Actions</div>
-                <ul class="list-group list-group-flush">
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;"><a href="update?rid=<?php echo($tkt["uuid"]); ?>" >Send an update</a></span>
-                        </div>
-                      </div>
-                    </li>
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;"><a href="upload?rid=<?php echo($tkt["uuid"]); ?>" >Upload file(s)</a></span>
-                        </div>
-                      </div>
-                    </li>
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;">Add/Remove ticket subscribers</span>
-                        </div>
-                      </div>
-                    </li>
-                </ul>
-              </div>
-            </div>
-
           </div>
         </div>
       </section>
       <section>
-        <div class="card mx-auto" style="width: 50%;;margin-bottom: 50px;">
+        <div class="card mx-auto" style="width: 50%;margin-bottom: 50px;">
           <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
             <div class="form-group">
               <label for="description">Update: </label>
diff --git a/app/public/upload.php b/app/public/upload.php
index 82059a3..68b8df1 100644
--- a/app/public/upload.php
+++ b/app/public/upload.php
@@ -75,12 +75,17 @@
           <h1><?php echo($request['title']); ?></h1>
           <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
           <p class="lead text-muted"><?php echo($request['description']); ?></p>
+          <p>
+            <a href='/update?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-primary my-2'>Update the request</a>
+            <a href='/upload?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-secondary my-2'>Add attachment(s)</a>
+            <a href='/close?rid=<?php echo($tkt["uuid"]); ?>' class='btn btn-danger my-2'>Close the request</a>
+          </p>
         </div>
       </section>
       <section>
         <div class="container">
           <div class="row">
-            <div class="col-sm">
+            <div class="col-4">
               <div class="card mx-auto">
                 <div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
                 <ul class="list-group list-group-flush">
@@ -132,7 +137,7 @@
               </div>
             </div>
 
-            <div class="col-sm">
+            <div class="col-8">
               <div class="card mx-auto">
                 <div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
                 <ul class="list-group list-group-flush">
@@ -157,40 +162,11 @@
               </div>
             </div>
 
-            <div class="col-sm">
-              <div class="card mx-auto">
-                <div class="card-header"><span class="mdi mdi-comment-edit-outline"></span> Actions</div>
-                <ul class="list-group list-group-flush">
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;"><a href="update?rid=<?php echo($tkt["uuid"]); ?>" >Send an update</a></span>
-                        </div>
-                      </div>
-                    </li>
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;"><a href="upload?rid=<?php echo($tkt["uuid"]); ?>" >Upload file(s)</a></span>
-                        </div>
-                      </div>
-                    </li>
-                    <li class="list-group-item">
-                      <div class="container">
-                        <div class="row">
-                          <span style="display: inline;">Add/Remove ticket subscribers</span>
-                        </div>
-                      </div>
-                    </li>
-                </ul>
-              </div>
-            </div>
-
           </div>
         </div>
       </section>
       <section>
-        <div class="card mx-auto" style="width: 50%;;margin-bottom: 50px;">
+        <div class="card mx-auto" style="width: 50%;margin-bottom: 50px;">
           <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
             <div class="form-group">
               <label for="file">Upload file(s): </label>
-- 
2.49.1


From cdf2bcc73c01eab965f1cb3c76fc33ea612899cf Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Sun, 9 Aug 2020 13:46:24 +0100
Subject: [PATCH 4/6] :bug: Re-add favicon

Signed-off-by: Luke Tainton <luke@tainton.uk>
---
 app/includes/header.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/includes/header.php b/app/includes/header.php
index 13fd1b6..acf4ec9 100644
--- a/app/includes/header.php
+++ b/app/includes/header.php
@@ -9,6 +9,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     <meta name="theme-color" content="#563d7c">
+    <link rel="icon" type="image/png" href="/favicon.png">
     <title><?php echo( $PAGE_TITLE ); ?></title>
 
     <!-- Bootstrap core CSS -->
-- 
2.49.1


From 383b33d58ee17e6a51d226cf2e359628b8e1a650 Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Sun, 9 Aug 2020 13:56:31 +0100
Subject: [PATCH 5/6] :sparkles: Implement update functionality

Signed-off-by: Luke Tainton <luke@tainton.uk>
---
 app/public/update.php | 95 ++++++++++++++++++++++++++-----------------
 1 file changed, 58 insertions(+), 37 deletions(-)

diff --git a/app/public/update.php b/app/public/update.php
index 80033d0..30d7642 100644
--- a/app/public/update.php
+++ b/app/public/update.php
@@ -2,42 +2,60 @@
     $PAGE_NAME = "Update Request";
     require_once __DIR__ . "/../includes/header.php";
 
-    // Get ticket
-    try {
-      $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
-      $ticket_sql = $db->prepare($ticket_stmt);
-      $ticket_sql->bindParam(':uuid', $_GET['rid']);
-      $ticket_sql->execute();
-      $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $ticket_result = $ticket_sql->fetchAll();
-      $request = $ticket_result[0];
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
+    // If form submitted, save to database
+    if($_SERVER['REQUEST_METHOD'] == 'POST') {
+      try {
+        // Process ticket data
+        $stmt = "INSERT INTO ticket_updates (ticket, user, msg) VALUES (:tktuuid, :user, :msg)";
+        $sql = $db->prepare($stmt);
+        $sql->bindParam(':tktuuid', $_POST['rid']);
+        $sql->bindParam(':user', $_SESSION['uuid']);
+        $sql->bindParam(':msg', $_POST['msg']);
+        $sql->execute();
+      } catch (PDOException $e) {
+        // echo("Error: <br>" . $e->getMessage() . "<br>");
+        $new_ticket_alert = array("danger", "Failed to save update: " . $e->getMessage());
+      }
+      header('Location: /view?rid=' . $_POST['rid'], true);
+    } else { // Form not yet submitted
+      // Get ticket
+      try {
+        $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
+        $ticket_sql = $db->prepare($ticket_stmt);
+        $ticket_sql->bindParam(':uuid', $_GET['rid']);
+        $ticket_sql->execute();
+        $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $ticket_result = $ticket_sql->fetchAll();
+        $request = $ticket_result[0];
+      } catch (PDOException $e) {
+        $new_ticket_alert = array("danger", "Failed to get request: " . $e->getMessage());
+      }
+
+      // Get ticket updates
+      try {
+        $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
+        $updates_sql = $db->prepare($updates_stmt);
+        $updates_sql->bindParam(':uuid', $_GET['rid']);
+        $updates_sql->execute();
+        $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $updates_result = $updates_sql->fetchAll();
+      } catch (PDOException $e) {
+        $new_ticket_alert = array("danger", "Failed to get updates: " . $e->getMessage());
+      }
+
+      // Get authorised subscribers
+      try {
+        $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
+        $users_sql = $db->prepare($users_stmt);
+        $users_sql->bindParam(':uuid', $_GET['rid']);
+        $users_sql->execute();
+        $users_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $users_result = $users_sql->fetchAll();
+      } catch (PDOException $e) {
+        $new_ticket_alert = array("danger", "Failed to get subscribers: " . $e->getMessage());
+      }
     }
 
-    // Get ticket updates
-    try {
-      $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
-      $updates_sql = $db->prepare($updates_stmt);
-      $updates_sql->bindParam(':uuid', $_GET['rid']);
-      $updates_sql->execute();
-      $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $updates_result = $updates_sql->fetchAll();
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
-    }
-
-    // Get authorised subscribers
-    try {
-      $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
-      $users_sql = $db->prepare($users_stmt);
-      $users_sql->bindParam(':uuid', $_GET['rid']);
-      $users_sql->execute();
-      $users_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $users_result = $users_sql->fetchAll();
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
-    }
 
     $authorised_users = array();
     foreach($users_result as $user) {
@@ -167,10 +185,13 @@
       </section>
       <section>
         <div class="card mx-auto" style="width: 50%;margin-bottom: 50px;">
-          <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
+          <form style="padding: 2%" action="/update" method="post" enctype="multipart/form-data">
             <div class="form-group">
-              <label for="description">Update: </label>
-              <textarea type="text" class="form-control" id="description" name="description" rows="3"></textarea>
+              <input type="hidden" id="rid" name="rid" value="<?php echo($_GET['rid']); ?>">
+            </div>
+            <div class="form-group">
+              <label for="msg">Update: </label>
+              <textarea type="text" class="form-control" id="msg" name="msg" rows="3"></textarea>
             </div>
             <button type="submit" class="btn btn-primary">Submit</button>
           </form>
-- 
2.49.1


From b00863cd18a1020a4049a700ec9c738a107aef24 Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Sun, 9 Aug 2020 14:03:07 +0100
Subject: [PATCH 6/6] :sparkles: Implement upload functionality

Signed-off-by: Luke Tainton <luke@tainton.uk>
---
 app/public/upload.php | 102 +++++++++++++++++++++++++++---------------
 1 file changed, 66 insertions(+), 36 deletions(-)

diff --git a/app/public/upload.php b/app/public/upload.php
index 68b8df1..7840c80 100644
--- a/app/public/upload.php
+++ b/app/public/upload.php
@@ -1,43 +1,70 @@
 <?php
-    $PAGE_NAME = "Upload File";
+    $PAGE_NAME = "Upload file";
     require_once __DIR__ . "/../includes/header.php";
 
-    // Get ticket
-    try {
-      $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
-      $ticket_sql = $db->prepare($ticket_stmt);
-      $ticket_sql->bindParam(':uuid', $_GET['rid']);
-      $ticket_sql->execute();
-      $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $ticket_result = $ticket_sql->fetchAll();
-      $request = $ticket_result[0];
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
+    // If form submitted, save to database
+    if($_SERVER['REQUEST_METHOD'] == 'POST') {
+      // If file is uploaded, process that
+      if(isset($_FILES['file']) && $_FILES['file']['name'] != "") {
+        try {
+          $file_uuid = Uuid::uuid4()->toString();
+          $file_name = $_FILES['file']['name'];
+          $file_size = $_FILES['file']['size'];
+          $file_type = $_FILES['file']['type'];
+          $file_tmp = $_FILES['file']['tmp_name'];
+          move_uploaded_file($file_tmp,"/srv/attachments/".$file_name);
+          $stmt = "INSERT INTO ticket_uploads (id, ticket, user, filename) VALUES (:fileuuid, :ticket, :user, :name)";
+          $sql = $db->prepare($stmt);
+          $sql->bindParam(':fileuuid', $file_uuid);
+          $sql->bindParam(':ticket', $_POST['rid']);
+          $sql->bindParam(':user', $_SESSION['uuid']);
+          $sql->bindParam(':name', $file_name);
+          $sql->execute();
+        } catch (PDOException $e) {
+          // echo("Error: <br>" . $e->getMessage() . "<br>");
+          $new_ticket_alert = array("danger", "Failed to upload file: " . $e->getMessage());
+        }
+      }
+      header('Location: /view?rid=' . $tkt_uuid, true);
+    } else { // Form not yet submitted
+      // Get ticket
+      try {
+        $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
+        $ticket_sql = $db->prepare($ticket_stmt);
+        $ticket_sql->bindParam(':uuid', $_GET['rid']);
+        $ticket_sql->execute();
+        $ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $ticket_result = $ticket_sql->fetchAll();
+        $request = $ticket_result[0];
+      } catch (PDOException $e) {
+        echo("Error: " . $e->getMessage());
+      }
+
+      // Get ticket updates
+      try {
+        $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
+        $updates_sql = $db->prepare($updates_stmt);
+        $updates_sql->bindParam(':uuid', $_GET['rid']);
+        $updates_sql->execute();
+        $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $updates_result = $updates_sql->fetchAll();
+      } catch (PDOException $e) {
+        echo("Error: " . $e->getMessage());
+      }
+
+      // Get authorised subscribers
+      try {
+        $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
+        $users_sql = $db->prepare($users_stmt);
+        $users_sql->bindParam(':uuid', $_GET['rid']);
+        $users_sql->execute();
+        $users_sql->setFetchMode(PDO::FETCH_ASSOC);
+        $users_result = $users_sql->fetchAll();
+      } catch (PDOException $e) {
+        echo("Error: " . $e->getMessage());
+      }
     }
 
-    // Get ticket updates
-    try {
-      $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
-      $updates_sql = $db->prepare($updates_stmt);
-      $updates_sql->bindParam(':uuid', $_GET['rid']);
-      $updates_sql->execute();
-      $updates_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $updates_result = $updates_sql->fetchAll();
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
-    }
-
-    // Get authorised subscribers
-    try {
-      $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
-      $users_sql = $db->prepare($users_stmt);
-      $users_sql->bindParam(':uuid', $_GET['rid']);
-      $users_sql->execute();
-      $users_sql->setFetchMode(PDO::FETCH_ASSOC);
-      $users_result = $users_sql->fetchAll();
-    } catch (PDOException $e) {
-      echo("Error: " . $e->getMessage());
-    }
 
     $authorised_users = array();
     foreach($users_result as $user) {
@@ -167,7 +194,10 @@
       </section>
       <section>
         <div class="card mx-auto" style="width: 50%;margin-bottom: 50px;">
-          <form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
+          <form style="padding: 2%" action="/upload" method="post" enctype="multipart/form-data">
+            <div class="form-group">
+              <input type="hidden" id="rid" name="rid" value="<?php echo($_GET['rid']); ?>">
+            </div>
             <div class="form-group">
               <label for="file">Upload file(s): </label>
               <input type="file" class="form-control-file" id="file" name="file">
-- 
2.49.1