diff --git a/include/class.thread.php b/include/class.thread.php
index 41d7730ba16104f458e9f6abc199523827e34aa0..5191b716ed3245b93eb1d2a79710540d3a4fda60 100644
--- a/include/class.thread.php
+++ b/include/class.thread.php
@@ -475,10 +475,10 @@ Class ThreadEntry {
return 0;
// TODO: Add a unique index to TICKET_ATTACHMENT_TABLE (file_id,
- // ticket_id), and remove this block
+ // ref_id), and remove this block
if ($id = db_result(db_query('SELECT attach_id FROM '.TICKET_ATTACHMENT_TABLE
- .' WHERE file_id='.db_input($fileId).' AND ticket_id='
- .db_input($this->getTicketId()))))
+ .' WHERE file_id='.db_input($fileId).' AND ref_id='
+ .db_input($this->getId()))))
return $id;
$sql ='INSERT IGNORE INTO '.TICKET_ATTACHMENT_TABLE.' SET created=NOW() '
diff --git a/include/class.ticket.php b/include/class.ticket.php
index 3a6b7586c55368600a5e2448aa8fe46b657917dd..17a0ef50b09f4f5a49424bc647f54ae2850c7ffe 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -2244,6 +2244,11 @@ class Ticket {
// post response - if any
$response = null;
if($vars['response'] && $thisstaff->canPostReply()) {
+
+ // unpack any uploaded files into vars.
+ if ($_FILES['attachments'])
+ $vars['files'] = AttachmentFile::format($_FILES['attachments']);
+
$vars['response'] = $ticket->replaceVars($vars['response']);
if(($response=$ticket->postReply($vars, $errors, false))) {
//Only state supported is closed on response
diff --git a/scp/tickets.php b/scp/tickets.php
index f28ac8e3e31a1677cceede9c867e49e204473b83..649c1c63d26102d37c1addcd905d468438508cab 100644
--- a/scp/tickets.php
+++ b/scp/tickets.php
@@ -484,9 +484,6 @@ if($_POST && !$errors):
$vars = $_POST;
$vars['uid'] = $user? $user->getId() : 0;
- if($_FILES['attachments'])
- $vars['files'] = AttachmentFile::format($_FILES['attachments']);
-
if(($ticket=Ticket::open($vars, $errors))) {
$msg='Ticket created successfully';
$_REQUEST['a']=null;