Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tickets & Tasks #996

Merged
merged 1 commit into from
Aug 16, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions post/tasks.php
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,9 @@

validateTechRole();

// CSRF Check
validateCSRFToken($_GET['csrf_token']);

$task_id = intval($_GET['delete_task']);

// Get Client ID, task name from tasks and tickets using the task_id
Expand Down Expand Up @@ -105,5 +108,33 @@

$_SESSION['alert_message'] = "You completed Task <strong>$task_name</strong> Great Job!<i class='far fa-4x fa-smile-wink ml-2'></i>";

header("Location: " . $_SERVER["HTTP_REFERER"]);
}

if (isset($_GET['undo_complete_task'])) {

validateTechRole();

$task_id = intval($_GET['undo_complete_task']);

// Get Client ID
$sql = mysqli_query($mysqli, "SELECT * FROM tasks LEFT JOIN tickets ON ticket_id = task_ticket_id WHERE task_id = $task_id");
$row = mysqli_fetch_array($sql);
$client_id = intval($row['ticket_client_id']);
$task_name = sanitizeInput($row['task_name']);
$ticket_id = intval($row['ticket_id']);

mysqli_query($mysqli, "UPDATE tasks SET task_completed_at = NULL, task_completed_by = NULL WHERE task_id = $task_id");

// Add reply
mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = 'Undo Completed Task - $task_name', ticket_reply_time_worked = '00:01:00', ticket_reply_type = 'Internal', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");

$ticket_reply_id = mysqli_insert_id($mysqli);

// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Task', log_action = 'Edit', log_description = '$session_name un-completed task $task_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $task_id");

$_SESSION['alert_message'] = "You marked Task <strong>$task_name</strong> as incomplete";

header("Location: " . $_SERVER["HTTP_REFERER"]);
}
3 changes: 3 additions & 0 deletions post/ticket.php
Original file line number Diff line number Diff line change
Expand Up @@ -629,6 +629,9 @@

validateAdminRole();

// CSRF Check
validateCSRFToken($_GET['csrf_token']);

$ticket_id = intval($_GET['delete_ticket']);

// Get Ticket and Client ID for logging and alert message
Expand Down
13 changes: 9 additions & 4 deletions ticket.php
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
$ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
$ticket_number = intval($row['ticket_number']);
$ticket_category = intval($row['ticket_category']);
$ticket_category_display = htmlentities($row['category_name']);
$ticket_category_display = nullable_htmlentities($row['category_name']);
$ticket_subject = nullable_htmlentities($row['ticket_subject']);
$ticket_details = $purifier->purify($row['ticket_details']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']);
Expand Down Expand Up @@ -502,7 +502,7 @@
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket=<?php echo $ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
Expand Down Expand Up @@ -916,7 +916,7 @@
$task_id = intval($row['task_id']);
$task_name = nullable_htmlentities($row['task_name']);
$task_order = intval($row['task_order']);
$task_description = nullable_htmlentities($row['task_description']);
//$task_description = nullable_htmlentities($row['task_description']); // not in db yet
$task_completed_at = nullable_htmlentities($row['task_completed_at']);
?>
<tr>
Expand All @@ -940,8 +940,13 @@
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTaskModal<?php echo $task_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($task_completed_at) { ?>
<a class="dropdown-item" href="post.php?undo_complete_task=<?php echo $task_id; ?>">
<i class="fas fa-fw fa-arrow-circle-left mr-2"></i>Mark incomplete
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>">
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
Expand Down
Loading