app/public/actions/close.php

@@ -4,7 +4,11 @@
 
     $request = get_request($db, $_GET['rid']);
     $authorised_users = get_subscribers($db, $request);
-    $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
 
     // Close request
     if ($is_authorised == true) {

app/public/actions/reopen.php

@@ -0,0 +1,31 @@
+<?php
+    $PAGE_NAME = "Reopen request";
+    require_once __DIR__ . "/../../includes/prereqs.php";
+
+    $request = get_request($db, $_GET['rid']);
+    $authorised_users = get_subscribers($db, $request);
+    if ($_SESSION['uuid'] == $request['created_by']) {
+      $is_authorised = true;
+    } else {
+      $is_authorised = false;
+    };
+
+    // Reopen request
+    if ($is_authorised == true) {
+      try {
+          $stmt = "UPDATE tickets SET status='Reopened' WHERE uuid=:uuid";
+          $sql = $db->prepare($stmt);
+          $sql->bindParam(':uuid', $_GET['rid']);
+          $sql->execute();
+      } catch (PDOException $e) {
+          $alert = array("danger", "Failed to reopen request: " . $e->getMessage());
+      }
+      $newURL = "/";
+      echo("<script>window.location = '$newURL'</script>");
+    } else {
+        $alert = array("danger", "You are not authorised to reopen this request.");
+        $newURL = "/view?rid=" . $request['uuid'];
+        echo("<script>window.location = '$newURL'</script>");
+    }
+
+?>

app/public/view.php

@@ -51,17 +51,12 @@
           <p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
           <p class="lead text-muted"><?php echo($request['description']); ?></p>
             <p>
-              <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
-                <a href='/editsub?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Manage subscribers</a>
-              <?php } ?>
               <?php if ($request['status'] != 'Closed') { ?>
                 <a href='/update?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Update the request</a>
                 <a href='/upload?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Add attachment(s)</a>
+                <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
+                  <a href='/editsub?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Manage subscribers</a>
                   <button type="button" class="btn btn-danger" data-toggle="modal" data-target="#closeModal">Close the request</button>
-              <?php } ?>
-            </p>
-        </div>
-
                   <div class="modal fade" id="closeModal" tabindex="-1" aria-labelledby="closeModalLabel" aria-hidden="true">
                     <div class="modal-dialog">
                       <div class="modal-content">
@@ -81,7 +76,13 @@
                       </div>
                     </div>
                   </div>
-
+                <?php } ?>
+              <?php } elseif ($request['status'] == 'Closed') { ?>
+                <?php if ($_SESSION['uuid'] == $request['created_by']) { ?>
+                  <a href='/reopen?rid=<?php echo($request["uuid"]); ?>' class='btn btn-success my-2'>Reopen request</a>
+                <?php } } ?>
+            </p>
+        </div>
       </section>
       <section>
         <div class="container-fluid">