07fb834c90
* Creation of button and SQL * Movement of buttons * Changes to authorisation requirements * Update to errors * 🎨 Tidy up a little Signed-off-by: Luke Tainton <luke@tainton.uk> * 🎨 Fix comment Signed-off-by: Luke Tainton <luke@tainton.uk> Co-authored-by: Luke Tainton <luke@tainton.uk>
32 lines
1018 B
PHP
32 lines
1018 B
PHP
<?php
|
|
$PAGE_NAME = "Close request";
|
|
require_once __DIR__ . "/../../includes/prereqs.php";
|
|
|
|
$request = get_request($db, $_GET['rid']);
|
|
$authorised_users = get_subscribers($db, $request);
|
|
if ($_SESSION['uuid'] == $request['created_by']) {
|
|
$is_authorised = true;
|
|
} else {
|
|
$is_authorised = false;
|
|
};
|
|
|
|
// Close request
|
|
if ($is_authorised == true) {
|
|
try {
|
|
$stmt = "UPDATE tickets SET status='Closed' WHERE uuid=:uuid";
|
|
$sql = $db->prepare($stmt);
|
|
$sql->bindParam(':uuid', $_GET['rid']);
|
|
$sql->execute();
|
|
} catch (PDOException $e) {
|
|
$alert = array("danger", "Failed to close request: " . $e->getMessage());
|
|
}
|
|
$newURL = "/";
|
|
echo("<script>window.location = '$newURL'</script>");
|
|
} else {
|
|
$alert = array("danger", "You are not authorised to close this request.");
|
|
$newURL = "/view?rid=" . $request['uuid'];
|
|
echo("<script>window.location = '$newURL'</script>");
|
|
}
|
|
|
|
?>
|