toString(); $file_name = $_FILES['file']['name']; $file_size = $_FILES['file']['size']; $file_type = $_FILES['file']['type']; $file_tmp = $_FILES['file']['tmp_name']; move_uploaded_file($file_tmp,$_ENV['ATTACHMENTS_PATH']."/".$file_uuid); $stmt = "INSERT INTO ticket_uploads (id, ticket, user, filename) VALUES (:fileuuid, :ticket, :user, :name)"; $sql = $db->prepare($stmt); $sql->bindParam(':fileuuid', $file_uuid); $sql->bindParam(':ticket', $request['uuid']); $sql->bindParam(':user', $_SESSION['uuid']); $sql->bindParam(':name', $file_name); $sql->execute(); } catch (PDOException $e) { $new_ticket_alert = array("danger", "Failed to upload file: " . $e->getMessage()); } $newURL = "/view?rid=" . $request['uuid']; echo(""); } } else { $alert = array("danger", "You are not authorised to update this request."); $newURL = "/view?rid=" . $request['uuid']; echo(""); } } ?>