MOON
Server: Apache
System: Linux smtp.modiva.org 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
User: rtbrisc (1005)
PHP: 8.1.34
Disabled: NONE
Upload Files
File: /home/rtbrisc/public_html/admin/main/worker/workers/rating.php
<?php
session_start();

require_once('server/customer.php'); // Connection variable ($cus)
require_once('server/utilities.php'); // Connection variable ($utl)
require_once('server/issues.php'); // Connnection Variable ($iss)

//cid=$customerID&tid=$ticketID&tech=$technicianID&rat=$ratingNumber&com=$comments

$cid = mysqli_real_escape_string($iss, $_GET['cid']);
$tid = mysqli_real_escape_string($iss, $_GET['tid']);
$tech = mysqli_real_escape_string($iss, $_GET['tech']);
$rat = mysqli_real_escape_string($iss, $_GET['rat']);
$com = mysqli_real_escape_string($iss, $_GET['com']);

//echo $cid . " - " . $tid . " - " . $tech . " - " . $rat . " - " . $com;

if(empty($cid)){
	$_SESSION['log_err'] = "Invalid user account. Please Login";
	header("Location: ../../../account/login.php");
}else{
	if(empty($cid) || empty($tid) || empty($tech) || empty($rat)){
		$_SESSION['rat_err'] = "All Fields Are Required!!!";
		header("Location: ../../rating/rate.php?tid=$tech&tick=$tid");
	}else{
		$check = mysqli_query($iss, "SELECT * FROM tblrating WHERE CustomerID = '$cid' && TicketID = '$tid'");
		$seen = mysqli_fetch_assoc($check);

		if($seen){
			$_SESSION['rat_err'] = "This service has been rated.";
			header("Location: ../../rating/rate.php?tid=$tech&tick=$tid");
		}else{
			$rate = mysqli_query($iss, "INSERT INTO tblrating (CustomerID, TechnicianID, TicketID, Stars, Comments) 
				 VALUES
				 ('$cid', '$tech', '$tid', '$rat', '$com')");

			$update = mysqli_query($iss, "UPDATE tblsupporttrip SET Rating = 1 WHERE TicketID = '$tid' && TechnicianID = '$tech'");

			if($rate && $update){
				$_SESSION['rat_suc'] = "Customer Service Rating Was Successfull!!!";
				header("Location: ../../rating/success.php");
			}else{
				$_SESSION['rat_err'] = "There was a problem rating this service!!!";
				header("Location: ../../rating/rate.php?tid=$tech&tick=$tid");
			}	
		}
	}
}

?>