From 45f35c89affbc275a521daa876280193c016e03c Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Fri, 20 Dec 2013 12:02:49 -0600
Subject: [PATCH] Add ticket details update for clients
---
include/client/edit.inc.php | 30 ++++++++++++++++++++++++++++++
include/client/view.inc.php | 2 ++
tickets.php | 26 +++++++++++++++++++++++++-
3 files changed, 57 insertions(+), 1 deletion(-)
create mode 100644 include/client/edit.inc.php
diff --git a/include/client/edit.inc.php b/include/client/edit.inc.php
new file mode 100644
index 000000000..21f2ca726
--- /dev/null
+++ b/include/client/edit.inc.php
@@ -0,0 +1,30 @@
+<?php
+
+if(!defined('OSTCLIENTINC') || !$thisclient || !$ticket || !$ticket->checkUserAccess($thisclient)) die('Access Denied!');
+
+?>
+
+<h1>
+ Editing Ticket #<?php echo $ticket->getNumber(); ?>
+</h1>
+
+<form action="tickets.php" method="post">
+ <?php echo csrf_token(); ?>
+ <input type="hidden" name="a" value="edit"/>
+ <input type="hidden" name="id" value="<?php echo $_REQUEST['id']; ?>"/>
+<table width="800">
+ <tbody id="dynamic-form">
+ <?php if ($forms)
+ foreach ($forms as $form) {
+ $form->render(false);
+ } ?>
+ </tbody>
+</table>
+<hr>
+<p style="text-align: center;">
+ <input type="submit" value="Update"/>
+ <input type="reset" value="Reset"/>
+ <input type="button" value="Cancel" onclick="javascript:
+ window.location.href='index.php';"/>
+</p>
+</form>
diff --git a/include/client/view.inc.php b/include/client/view.inc.php
index c36eaec96..55caf9b6e 100644
--- a/include/client/view.inc.php
+++ b/include/client/view.inc.php
@@ -15,6 +15,8 @@ if(!$dept || !$dept->isPublic())
<h1>
Ticket #<?php echo $ticket->getNumber(); ?>
<a href="view.php?id=<?php echo $ticket->getId(); ?>" title="Reload"><span class="Icon refresh"> </span></a>
+ <a class="action-button" href="tickets.php?a=edit&id=<?php
+ echo $ticket->getId(); ?>"><i class="icon-edit"></i> Edit</a>
</h1>
</td>
</tr>
diff --git a/tickets.php b/tickets.php
index 7c49a74d3..a98401ed3 100644
--- a/tickets.php
+++ b/tickets.php
@@ -32,6 +32,23 @@ if($_REQUEST['id']) {
if($_POST && is_object($ticket) && $ticket->getId()):
$errors=array();
switch(strtolower($_POST['a'])){
+ case 'edit':
+ if(!$ticket->checkUserAccess($thisclient)) //double check perm again!
+ $errors['err']='Access Denied. Possibly invalid ticket ID';
+ else {
+ $forms=DynamicFormEntry::forTicket($ticket->getId());
+ foreach ($forms as $form)
+ if (!$form->isValid())
+ $errors = array_merge($errors, $form->errors());
+ }
+ if (!$errors) {
+ foreach ($forms as $f) $f->save();
+ $_REQUEST['a'] = null; //Clear edit action - going back to view.
+ $ticket->logNote('Ticket details updated', sprintf(
+ 'Ticket details were updated by client %s <%s>',
+ $thisclient->getName(), $thisclient->getEmail()));
+ }
+ break;
case 'reply':
if(!$ticket->checkUserAccess($thisclient)) //double check perm again!
$errors['err']='Access Denied. Possibly invalid ticket ID';
@@ -70,7 +87,14 @@ if($_POST && is_object($ticket) && $ticket->getId()):
endif;
$nav->setActiveNav('tickets');
if($ticket && $ticket->checkUserAccess($thisclient)) {
- $inc='view.inc.php';
+ if (isset($_REQUEST['a']) && $_REQUEST['a'] == 'edit') {
+ $inc = 'edit.inc.php';
+ if (!$forms) $forms=DynamicFormEntry::forTicket($ticket->getId());
+ // Auto add new fields to the entries
+ foreach ($forms as $f) $f->addMissingFields();
+ }
+ else
+ $inc='view.inc.php';
} elseif($cfg->showRelatedTickets() && $thisclient->getNumTickets()) {
$inc='tickets.inc.php';
} else {
--
GitLab