Creation of a ticket (not the content yet though) seems to work

--HG--
branch : quitta-gsoc-2013

code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/ticket.php

@@ -16,8 +16,7 @@ class Ticket{
 
 
     //Set ticket object
-    public function setTicket($ts,$t,$s,$q,$t_c,$a){
+    public function setTicket($t,$s,$q,$t_c,$a){
-        $this->timestamp = $ts;
         $this->title = $t;
         $this->status = $s;
         $this->queue = $q;
@@ -28,8 +27,8 @@ class Ticket{
     //create ticket by writing private data to DB.
     public function create(){
         $dbl = new DBLayer($this->db);
-        $query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (:timestamp, :title, :status, :queue, :tcat, :author)";
+        $query = "INSERT INTO ticket (Timestamp, Title, Status, Queue, Ticket_Category, Author) VALUES (now(), :title, :status, :queue, :tcat, :author)";
-        $values = Array('timestamp' => $this->timestamp, 'title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author);
+        $values = Array('title' => $this->title, 'status' => $this->status, 'queue' => $this->queue, 'tcat' => $this->ticket_category, 'author' => $this->author);
         $dbl->execute($query, $values);
     }
 

code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php

@@ -42,6 +42,7 @@ function change_password(){
                         exit;
                          
                     }else{
+			
                         $result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING);
                         $result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING);
                         $result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING);

code/ryzom/tools/server/ryzom_ams/www/html/func/create_ticket.php

@@ -0,0 +1,51 @@
+<?php
+
+function create_ticket(){
+    try{
+        //if logged in
+        if(WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])){
+            
+            if(isset($_POST['target_id'])){
+                
+                //if target_id is the same as session id or is admin
+                if(  ($_POST['target_id'] == $_SESSION['id']) ||  WebUsers::isAdmin()  ){
+                    
+                    global $cfg;
+                    $category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT);
+                    $title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING);
+                    $content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING);
+                    if($_POST['target_id'] == $_SESSION['id']){
+                        $author = $_SESSION['ticket_user']->getTUserId();
+                    }else{
+                        $author=  Ticket_User::constr_ExternId($_POST['target_id'], $cfg['db']['lib'])->getTUserId();
+                    }
+                    $ticket = new Ticket($cfg['db']['lib']);
+                    $ticket->setTicket($title,0,0,$category,$author);
+                    $ticket->create();
+                    
+                }else{
+                    //ERROR: permission denied!
+		    $_SESSION['error_code'] = "403";
+                    header("Location: index.php?page=error");
+                    exit;
+                }
+        
+            }else{
+                //ERROR: The form was not filled in correclty
+		header("Location: index.php?page=settings");
+		exit;
+            }    
+        }else{
+            //ERROR: user is not logged in
+	    header("Location: index.php");
+	    exit;
+        }
+                  
+    }catch (PDOException $e) {
+         //go to error page or something, because can't access website db
+         print_r($e);
+         exit;
+    }
+    
+}
+

code/ryzom/tools/server/ryzom_ams/www/html/inc/createticket.php

@@ -2,6 +2,30 @@
 
 function createticket(){
 
+    //if logged in
+    if(WebUsers::isLoggedIn()){
+        //in case user_id-GET param set it's value as target_id, if no user_id-param is given, use the session id.
+        if(isset($_GET['user_id'])){
+            
+            if(($_GET['user_id'] != $_SESSION['id']) && (!WebUsers::isAdmin()) ){
+                
+                //ERROR: No access!
+                $_SESSION['error_code'] = "403";
+                header("Location: index.php?page=error");
+                exit;
+                
+            }else{
+                //if user_id is given, then set it as the target_id
+                $result['target_id'] = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
+            }
+        
+        }else{
+            //set session_id as target_id
+            $result['target_id'] = $_SESSION['id'];
+            
+     
+        }
+        
         //create array of category id & names
         global $cfg;
         $catArray = Ticket_Category::getAllCategories($cfg['db']['lib']);
@@ -9,6 +33,13 @@ function createticket(){
         foreach($catArray as $catObj){
             $result['category'][$catObj->getTCategoryId()] = $catObj->getName();  
         }
-    //print_r($result);
+               
         return $result;
+    
+    }else{
+        //ERROR: not logged in!
+        header("Location: index.php");
+        exit;
+    }
+    
 }

code/ryzom/tools/server/ryzom_ams/www/html/templates/createticket.tpl

@@ -42,7 +42,7 @@
                         </div>
                     </div>
 
-                    <input type="hidden" name="function" value="change_info">
+                    <input type="hidden" name="function" value="create_ticket">
                     <input type="hidden" name="target_id" value="{$target_id}">
                     <div class="control-group">
                         <label class="control-label"></label>