Add ticket details update for clients

45f35c89 · Jared Hancock · 89b28923 · 45f35c89 · 45f35c89 · 45f35c89
Commit 45f35c89 authored 11 years ago by Jared Hancock
--- a/include/client/edit.inc.php
+++ b/include/client/edit.inc.php
+<?php
+if(!defined('OSTCLIENTINC') || !$thisclient || !$ticket || !$ticket->checkUserAccess($thisclient)) die('Access Denied!');
+?>
+<h1>
+    Editing Ticket #<?php echo $ticket->getNumber(); ?>
+</h1>
+<form action="tickets.php" method="post">
+    <?php echo csrf_token(); ?>
+    <input type="hidden" name="a" value="edit"/>
+    <input type="hidden" name="id" value="<?php echo $_REQUEST['id']; ?>"/>
+<table width="800">
+    <tbody id="dynamic-form">
+    <?php if ($forms)
+        foreach ($forms as $form) {
+            $form->render(false);
+    } ?>
+    </tbody>
+</table>
+<hr>
+<p style="text-align: center;">
+    <input type="submit" value="Update"/>
+    <input type="reset" value="Reset"/>
+    <input type="button" value="Cancel" onclick="javascript:
+        window.location.href='index.php';"/>
+</p>
+</form>
--- a/include/client/view.inc.php
+++ b/include/client/view.inc.php
@@ -15,6 +15,8 @@ if(!$dept || !$dept->isPublic())
            <h1>
                Ticket #<?php echo $ticket->getNumber(); ?> &nbsp;
                <a href="view.php?id=<?php echo $ticket->getId(); ?>" title="Reload"><span class="Icon refresh">&nbsp;</span></a>
+                <a class="action-button" href="tickets.php?a=edit&id=<?php
+                     echo $ticket->getId(); ?>"><i class="icon-edit"></i> Edit</a>
            </h1>
        </td>
    </tr>

--- a/tickets.php
+++ b/tickets.php
@@ -32,6 +32,23 @@ if($_REQUEST['id']) {
 if($_POST && is_object($ticket) && $ticket->getId()):
    $errors=array();
    switch(strtolower($_POST['a'])){
+    case 'edit':
+        if(!$ticket->checkUserAccess($thisclient)) //double check perm again!
+            $errors['err']='Access Denied. Possibly invalid ticket ID';
+        else {
+            $forms=DynamicFormEntry::forTicket($ticket->getId());
+            foreach ($forms as $form)
+                if (!$form->isValid())
+                    $errors = array_merge($errors, $form->errors());
+        }
+        if (!$errors) {
+            foreach ($forms as $f) $f->save();
+            $_REQUEST['a'] = null; //Clear edit action - going back to view.
+            $ticket->logNote('Ticket details updated', sprintf(
+                'Ticket details were updated by client %s &lt;%s&gt;',
+                $thisclient->getName(), $thisclient->getEmail()));
+        }
+        break;
    case 'reply':
        if(!$ticket->checkUserAccess($thisclient)) //double check perm again!
            $errors['err']='Access Denied. Possibly invalid ticket ID';
@@ -70,7 +87,14 @@ if($_POST && is_object($ticket) && $ticket->getId()):
 endif;
 $nav->setActiveNav('tickets');
 if($ticket && $ticket->checkUserAccess($thisclient)) {
-    $inc='view.inc.php';
+    if (isset($_REQUEST['a']) && $_REQUEST['a'] == 'edit') {
+        $inc = 'edit.inc.php';
+        if (!$forms) $forms=DynamicFormEntry::forTicket($ticket->getId());
+        // Auto add new fields to the entries
+        foreach ($forms as $f) $f->addMissingFields();
+    }
+    else
+        $inc='view.inc.php';
 } elseif($cfg->showRelatedTickets() && $thisclient->getNumTickets()) {
    $inc='tickets.inc.php';
 } else {