web/public_php/ams/func/upload.php

   1 <?php
   2
   3 require( '../../config.php' );
   4 require_once( $AMS_LIB . '/libinclude.php' );
   5 $id = $_POST['PHPSESSID'];
   6 session_id($id);
   7 session_start();
   8
   9     // Set permission
  10     if ( isset( $_SESSION['ticket_user'] ) ) {
  11         $return['permission'] = unserialize( $_SESSION['ticket_user'] ) -> getPermission();
  12         } else {
  13         // default permission
  14         $return['permission'] = 0;
  15         }
  16
  17
  18
  19     if(WebUsers::isLoggedIn() && isset($_GET['id'])){
  20
  21         $ticket_id = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
  22         $target_ticket = new Ticket();
  23         $target_ticket->load_With_TId($ticket_id);
  24         if(($target_ticket->getAuthor() ==   unserialize($_SESSION['ticket_user'])->getTUserId())  ||  Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
  25
  26             if (!empty($_FILES)) {
  27                 $tempFile = $_FILES['Filedata']['tmp_name'];
  28
  29                 $fileParts = pathinfo($_FILES['Filedata']['name']);
  30                 Ticket::add_Attachment($_GET['id'],$_FILES['Filedata']['name'],$_SESSION['id'],$tempFile);
  31                 echo "Uploaded :".$_FILES['Filedata']['name'];
  32             } else {
  33                 echo "Upload Failed!";
  34             }
  35             echo "Upload Failed!";
  36         }
  37         echo "Upload Failed!";
  38     }
  39     echo "Upload Failed!";
  40 ?>