diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index f9151951c1f3880f40121905ed26bb01f1f23fe9..0506d24471843024c5e212434543335e6adfaf0a 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -21,6 +21,7 @@ include_once(INCLUDE_DIR.'class.ticket.php');
class TicketsAjaxAPI extends AjaxController {
function search() {
+ global $thisstaff;
if(!is_numeric($_REQUEST['q']))
return self::searchByEmail();
@@ -31,7 +32,17 @@ class TicketsAjaxAPI extends AjaxController {
$sql='SELECT DISTINCT ticketID, email'
.' FROM '.TICKET_TABLE
- .' WHERE ticketID LIKE \''.db_input($_REQUEST['q'], false).'%\''
+ .' WHERE ticketID LIKE \''.db_input($_REQUEST['q'], false).'%\'';
+
+ $sql.=' AND ( staff_id='.db_input($thisstaff->getId());
+
+ if(($teams=$thisstaff->getTeams()) && count(array_filter($teams)))
+ $sql.=' OR team_id IN('.implode(',', array_filter($teams)).')';
+
+ if(!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
+ $sql.=' OR dept_id IN ('.implode(',', $depts).')';
+
+ $sql.=' ) '
.' ORDER BY created LIMIT '.$limit;
if(($res=db_query($sql)) && db_num_rows($res)) {
@@ -43,16 +54,28 @@ class TicketsAjaxAPI extends AjaxController {
}
function searchByEmail() {
+ global $thisstaff;
+
$limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
$tickets=array();
$sql='SELECT email, count(ticket_id) as tickets '
.' FROM '.TICKET_TABLE
- .' WHERE email LIKE \'%'.db_input(strtolower($_REQUEST['q']), false).'%\' '
+ .' WHERE email LIKE \'%'.db_input(strtolower($_REQUEST['q']), false).'%\' ';
+
+ $sql.=' AND ( staff_id='.db_input($thisstaff->getId());
+
+ if(($teams=$thisstaff->getTeams()) && count(array_filter($teams)))
+ $sql.=' OR team_id IN('.implode(',', array_filter($teams)).')';
+
+ if(!$thisstaff->showAssignedOnly() && ($depts=$thisstaff->getDepts()))
+ $sql.=' OR dept_id IN ('.implode(',', $depts).')';
+
+ $sql.=' ) '
.' GROUP BY email '
.' ORDER BY created LIMIT '.$limit;
-
+
if(($res=db_query($sql)) && db_num_rows($res)) {
while(list($email, $count)=db_fetch_row($res))
$tickets[] = array('email'=>$email, 'value'=>$email, 'info'=>"$email ($count)");
diff --git a/include/staff/tickets.inc.php b/include/staff/tickets.inc.php
index ef7cb4d4853c30ca3ca661689d456f8187580f36..67d270c3f033e0db98e901d66b09fdcabf5247c6 100644
--- a/include/staff/tickets.inc.php
+++ b/include/staff/tickets.inc.php
@@ -89,7 +89,7 @@ if($staffId && ($staffId==$thisstaff->getId())) { //Staff's assigned tickets.
}
//******* Showing assigned tickets? (don't confuse it with show assigned To column). F'it it's confusing - just trust me! ***/
-if(!($cfg->showAssignedTickets() || $thisstaff->showAssignedTickets()) && strcasecmp($status,'closed'))
+if(!($cfg->showAssignedTickets() || $thisstaff->showAssignedTickets()) && strcasecmp($status,'closed') && !$search)
$sql.=' AND (ticket.staff_id=0 OR ticket.staff_id='.db_input($thisstaff->getId()).') ';
//Search?? Somebody...get me some coffee