File: /home/rtbrisc/public_html/admin/main/worker/workers/helpdesk_request.php
<?php
session_start();
require_once('server/customer.php'); // Connection variable ($cus)
require_once('server/utilities.php'); // Connection variable ($utl)
require_once('server/issues.php'); // Connnection Variable ($iss)
$cid = mysqli_real_escape_string($cus, $_GET['cid']);
$ticketID = mysqli_real_escape_string($cus, $_GET['tid']);
$supportPlanID = mysqli_real_escape_string($cus, $_GET['spid']);
$requestID = mysqli_real_escape_string($cus, $_GET['rid']);
$requestTypeID = mysqli_real_escape_string($cus, $_GET['rtid']);
$deviceID = mysqli_real_escape_string($cus, $_GET['did']);
$deviceInfo = mysqli_real_escape_string($cus, $_GET['dif']);
$deviceBrandID = mysqli_real_escape_string($cus, $_GET['dbid']);
$deviceBrandInfo = mysqli_real_escape_string($cus, $_GET['dbif']);
$deviceModel = mysqli_real_escape_string($cus, $_GET['dvm']);
$description = mysqli_real_escape_string($cus, $_GET['des']);
$supportTimeType = mysqli_real_escape_string($cus, $_GET['stt']);
$supportTime = mysqli_real_escape_string($cus, $_GET['sut']);
$Picture = mysqli_real_escape_string($cus, $_GET['pix']);
$regEmail = mysqli_real_escape_string($cus, $_GET['rm']);
$contactName = mysqli_real_escape_string($cus, $_GET['cna']);
$contactNumber = mysqli_real_escape_string($cus, $_GET['cno']);
$contactEmail = mysqli_real_escape_string($cus, $_GET['cem']);
$supportLocation = mysqli_real_escape_string($cus, $_GET['spl']);
$center = mysqli_real_escape_string($cus, $_GET['cen']);
if(empty($cid)){
$_SESSION['log_err'] = "User Account Could Not Be Verified! Please Login and Try Again!";
header("Location: ../../../account/login.php");
}else{
$sql = mysqli_query($cus, "SELECT * FROM tblcustomer WHERE CustomerID = '$cid'");
$seen = mysqli_fetch_assoc($sql);
if($seen){
if(empty($cid)|| empty($ticketID) || empty($supportPlanID) || empty($requestID) || empty($deviceID) || empty($deviceBrandID) || empty($deviceModel) || empty($description) || empty($contactName) || empty($contactNumber) || empty($contactEmail) || empty($supportLocation) || empty($supportTimeType) || empty($center)){
$_SESSION['req_err'] = "Please fill in the fields with * Astericks";
header("Location: ../../helpdesk/new.php");
}else{
if ($supportPlanID == 1) {
$issue = mysqli_query($iss, "INSERT INTO tblhelpdeskrequest
(TicketID, CustomerID, SupportPlanID, RequestID, RequestTypeID, DeviceTypeID, DeviceTypeInfo, DeviceBrandID, DeviceBrandInfo, DeviceModel, Description, SupportTimeType, SupportTime, Picture, StatusFlag, TrackStatus, AssignStatus, Payment, PaymentStatus, Center)
VALUES
('$ticketID', '$cid', $supportPlanID, $requestID, $requestTypeID, $deviceID, '$deviceInfo', $deviceBrandID, '$deviceBrandInfo', '$deviceModel', '$description', '$supportTimeType', '$supportTime', '$Picture', 0, 0, 0, 'Not Applicable', 'Not Applicable', $center)
");
$supportinfo = mysqli_query($iss, "INSERT INTO tblsupportinfo
(TicketID, SupportName, SupportNumber, SupportEmail, SupportLocation)
VALUES
('$ticketID', '$contactName', '$contactNumber', '$contactEmail', '$supportLocation')");
if($issue && $supportinfo){
//$suc_msg = "Thank you for contacting QIS. Your Issue / Purchase ID is " . $ticketID . ". We will contact you soon";
//header("Location: ../../helpdesk/success.php?msg=$suc_msg");
// rid means request ID: 1 = Helpdesk Request, 2 = Project Support
header("Location: server/mailer/?rid=1&tid=$ticketID");
}else{
$_SESSION['req_err'] = "There was a problem logging your request!!!";
header("Location: ../../helpdesk/new.php");
}
}else{
header("Location: ../../helpdesk/payment/index.php?cid=$cid&tid=$ticketID&spid=$supportPlanID&rid=$requestID&rtid=$requestTypeID&did=$deviceID&dif=$deviceInfo&dbid=$deviceBrandID&dbif=$deviceBrandInfo&dvm=$deviceModel&des=$description&stt=$supportTimeType&sut=$supportTime&pix=$Picture&cna=$contactName&cno=$contactNumber&cem=$contactEmail&spl=$supportLocation&cen=$center&rm=$regEmail");
}
}
}else{
$_SESSION['req_err'] = "Invalid User Account, Please Re-Login";
header("Location: ../../../account/login.php");
}
}
?>