MOON
Server: Apache
System: Linux smtp.modiva.org 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
User: rtbrisc (1005)
PHP: 8.1.34
Disabled: NONE
Upload Files
File: /home/rtbrisc/public_html/admin/main/worker/workers/complain.php
<?php
session_start();
require_once('server/customer.php'); // Connection variable ($cus)
require_once('server/issues.php'); // Connection variable ($iss)
require_once('server/utilities.php'); // Connection variable ($utl)

// header("Location: workers/complain.php?tid=$techUserID&tick=$ticketID&com=$complain");

$customerID = mysqli_real_escape_string($cus, $_GET['tid']);
$ticketID = mysqli_real_escape_string($iss, $_GET['tick']);
$complain = mysqli_real_escape_string($iss, $_GET['com']);

// echo $customerID . ", " . $ticketID . ", " . $complain;
if(empty($customerID)){
  $_SESSION['log_err'] = "Customer Account Could Not Be Verified! Please Login and Try Again!";
  header("Location: ../../../account/login.php");
}else{
  if (empty($ticketID) || empty($complain)) {
    $_SESSION['det_err'] = "All fields are required!!!";
   header("Location: ../../helpdesk/update.php?tid=$ticketID");
 }else{
   $sql = mysqli_query($iss, "SELECT * FROM tblhelpdeskrequest WHERE TicketID = '$ticketID'");
   $seen = mysqli_fetch_assoc($sql);
   if($seen){
     // Check if complain exist
     $check_complain = mysqli_query($iss, "SELECT * FROM tblcustomercomplain WHERE TicketID = '$ticketID'");
     if ($complain_seen = mysqli_fetch_assoc($check_complain)) {
       // Update if complain exist
       $new_complain = $complain_seen['Complain'] . ", " . $complain;
       $update_complain = mysqli_query($iss, "UPDATE tblcustomercomplain SET Complain = '$new_complain' WHERE TicketID = '$ticketID'");
       if ($update_complain) {
         $_SESSION['det_suc'] = "Complain logging update was successful";
        header("Location: ../../helpdesk/update.php?tid=$ticketID");
      }else {
        $_SESSION['det_err'] = "There was aproblem updating complain log";
       header("Location: ../../helpdesk/update.php?tid=$ticketID");
      }
    }else {
      // Create new if complain doesn't exist
      $create_complain = mysqli_query($iss, "INSERT INTO tblcustomercomplain (TicketID, Complain) VALUES ('$ticketID', '$complain')");
      if ($create_complain) {
        echo $_SESSION['det_suc'] = "Complain was successfully logged";
        header("Location: ../../helpdesk/update.php?tid=$ticketID");
      }else{
        echo $_SESSION['det_err'] = "Unable to update ticket!!!";
        header("Location: ../../helpdesk/update.php?tid=$ticketID");
      }
    }
   }else{
     $_SESSION['det_err'] = "Invalid Ticket ID";
     header("Location: ../../helpdesk/update.php?tid=$ticketID");
   }
  }
}


?>