[ create a new paste ] login | about

Link: http://codepad.org/95BmuvmZ    [ raw code | fork ]

PHP, pasted on Sep 17:
<?php
require_once('model/session.php');
require_once('model/db_conn.php');
require_once('model/functions.php');
require_once('view/header.php');
require_once 'model/htmlpurifier/library/HTMLPurifier.auto.php';
require_once 'model/csrf-magic/csrf-magic.php';
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
if(!$session->is_logged_in()){
	redirect_to("https://www.foxvm.com/login");
}
$head_me->title = 'Foxvm.com - Open a new support ticket';
$head_me->page_header();
$head_me->page_start();
$head_me->page_menu();

?>

<div class="container support summery">
	<div class="row home">
	<div class="col-sm-12">
	<ul class="breadcrumb">
	<li><a href="https://www.foxvm.com">Home</a></li>
	<li><a href="https://www.foxvm.com/view-tickets">Support tickets</a></li>
	<li class="active">Open ticket</li>
	</ul>
	</div>
	</div>
<?php
$user_id = $_SESSION['user_id'];
$subj = $purifier->purify($_POST['subject']);
$msg = $purifier->purify($_POST['msg']);
$service = $purifier->purify($_POST['service']);
$client_ip = getUserIP();
$form = '<div class="row">
<div class="col-sm-12">
<h3>Open a new support ticket</h3>

</div>
</div>

<form class="form-horizontal" method="post" action="">
<div class="row">
<div class="col-sm-10">
<label for="isubject" class="control-label">Subject</label>
<input class="form-control" id="isubject" placeholder="" type="text" name="subject"/>
</div>
</div>
<div class="row">
<div class="col-sm-6">
<label for="idep" class="control-label">Department</label>
        <select class="form-control" id="idep">
          <option>Customer Support</option>
        </select>
</div>
<div class="col-sm-6">
<label for="iservice" class="control-label">Service concerned</label>';
$srvc = $db->prepare("SELECT * FROM services where user_id=:id");
$user_id= $_SESSION['user_id'];
$srvc->bindValue(":id",$user_id,PDO::PARAM_INT);
$srvc->execute();
$srvcinfo = $srvc->fetchAll(PDO::FETCH_ASSOC);
$form .= '<select class="form-control" id="iservice" name="service">';
if(empty($srvcinfo)){
	$form .= "<option>No Active service.</option>";
}
foreach($srvcinfo as $services){
	$service_name = $services['service_name'];
	$service_status = $services['service_status'];
		$form .= "<option>$service_name [$service_status]</option>";
}
$form .='</select>
</div>
</div>
<div class="row">
<div class="col-sm-12">
<label for="imsg" class="control-label">Message</label>
	  <script type="text/javascript" src="/view/js/nice.js"></script> <script type="text/javascript">
//<![CDATA[
        bkLib.onDomLoaded(function() { nicEditors.allTextAreas() });
  //]]>
  </script>
<textarea class="form-control" id="imsg" rows="10"  type="text" name="msg"></textarea>
</div>
</div>
<br/>
<div class="row">
<div class="col-sm-12">
<center>
<button class="btn btn-danger btn-md" type="submit" >Submit</button>
<a class="btn btn-default btn-md" href="/view-tickets">Cancel</a>
</center>
</div>
</div>
</form>';
if(!empty($subj) AND !empty($msg)){
	if(ctype_alnum(str_replace(' ', '', $subj))){
	$subticket = $db->prepare("INSERT INTO tickets(user_id,ticket_subject,ticket_message,ticket_status,service_attch,ticket_date,client_ip) values(?,?,?,'open',?,NOW(),?)");
	$dataint = array($user_id,$subj,$msg,$service,$client_ip);
	if($subticket->execute($dataint)){
		$idi = $db->lastInsertId();
	redirect_to("https://www.foxvm.com/viewticket.php?id=".$idi);
	}
	}else{
		echo '<div class="row"><div class="col-sm-12"><div class="alert alert-dismissible alert-danger">
				<button type="button" class="close" data-dismiss="alert">x</button>
				<h4>Error!</h4>
				<p>Ticket subject must be alphanumeric characters only.</p>
				</div></div></div>';
				echo $form;
	}
}else{
	echo $form;
}
?>
</div>


<?php
$head_me->page_footer();

?>


Create a new paste based on this one


Comments: