From e7ca564187ab978aea47b65a15e11c2b7cdcbb35 Mon Sep 17 00:00:00 2001
From: botanic <devnull@localhost>
Date: Fri, 5 Sep 2014 18:46:13 -0700
Subject: [PATCH] Fix #189

---
 code/web/private_php/ams/autoload/dblayer.php |  1 -
 .../web/public_php/ams/func/create_ticket.php | 44 +++++++++++++++----
 code/web/public_php/ams/inc/createticket.php  |  3 +-
 .../public_php/ams/templates/createticket.tpl | 12 ++---
 4 files changed, 45 insertions(+), 15 deletions(-)

diff --git a/code/web/private_php/ams/autoload/dblayer.php b/code/web/private_php/ams/autoload/dblayer.php
index 140f6bfd1..1f361008b 100644
--- a/code/web/private_php/ams/autoload/dblayer.php
+++ b/code/web/private_php/ams/autoload/dblayer.php
@@ -201,7 +201,6 @@ class DBLayer {
 		$field_option_values = ltrim($field_option_values, ',');
 		try {
 			$sth = $this->PDO->prepare("UPDATE $tb_name SET $field_option_values WHERE $where ");
-            error_log("UPDATE $tb_name SET $field_option_values WHERE $where ");
 
 			foreach ($data as $key => $value) {
 				$sth->bindValue(":$key", $value);
diff --git a/code/web/public_php/ams/func/create_ticket.php b/code/web/public_php/ams/func/create_ticket.php
index cdc07cf8f..713d4f19f 100644
--- a/code/web/public_php/ams/func/create_ticket.php
+++ b/code/web/public_php/ams/func/create_ticket.php
@@ -9,8 +9,36 @@ function create_ticket(){
     //if logged in
     global $INGAME_WEBPATH;
     global $WEBPATH;
+    $return = array();
+    $error = false;
     if(WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])){
+    
+        if(strlen (preg_replace('/\s\s+/', ' ', $_POST['Title']) )<2){
+            $return = array_merge ( $_POST, $return);
+            $return['no_visible_elements'] = 'FALSE';
+            $catArray = Ticket_Category::getAllCategories();
+            $return['permission'] = unserialize( $_SESSION['ticket_user'] ) -> getPermission();
+            $return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, Array("getName"), "getTCategoryId" );
+            $return['TITLE_ERROR_MESSAGE'] = "Title must not be blank!";
+            $return['TITLE_ERROR'] = true;
+            $error = true;
+        }        
+        if(strlen (preg_replace('/\s\s+/', ' ', $_POST['Content']) )<2){
+            $return = array_merge ( $_POST, $return);
+            $return['no_visible_elements'] = 'FALSE';
+            $catArray = Ticket_Category::getAllCategories();
+            $return['permission'] = unserialize( $_SESSION['ticket_user'] ) -> getPermission();
+            $return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, Array("getName"), "getTCategoryId" );
+            $return['CONTENT_ERROR_MESSAGE'] = "Content must not be blank!";
+            $return['CONTENT_ERROR'] = true;
+            $error = true;
 
+        }
+
+        if ($error) {
+            helpers :: loadTemplate( 'createticket' , $return );
+            throw new SystemExit();
+        }
         if(isset($_POST['target_id'])){
 
             //if target_id is the same as session id or is admin
@@ -31,19 +59,19 @@ function create_ticket(){
                     $ticket_id = Ticket::create_Ticket($title, $content, $category, $author, unserialize($_SESSION['ticket_user'])->getTUserId(),0, $_POST);
                     //redirect to the new ticket.
                     if (Helpers::check_if_game_client()) {
-                header("Cache-Control: max-age=1");
+                        header("Cache-Control: max-age=1");
                         header("Location: ".$INGAME_WEBPATH."?page=show_ticket&id=".$ticket_id);
                     }else{
-                header("Cache-Control: max-age=1");
+                        header("Cache-Control: max-age=1");
                         header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id);
+                        throw new SystemExit();
                     }
-                    throw new SystemExit();
-
+                   
                 }catch (PDOException $e) {
                     //ERROR: LIB DB is not online!
                     print_r($e);
                     throw new SystemExit();
-                header("Cache-Control: max-age=1");
+                    header("Cache-Control: max-age=1");
                     header("Location: index.php");
                     throw new SystemExit();
                 }
@@ -58,13 +86,13 @@ function create_ticket(){
 
         }else{
             //ERROR: The form was not filled in correclty
-                header("Cache-Control: max-age=1");
-            header("Location: index.php?page=create_ticket");
+            header("Cache-Control: max-age=1");
+            header("Location: index.php?page=createticket");
             throw new SystemExit();
         }
     }else{
         //ERROR: user is not logged in
-                header("Cache-Control: max-age=1");
+        header("Cache-Control: max-age=1");
         header("Location: index.php");
         throw new SystemExit();
     }
diff --git a/code/web/public_php/ams/inc/createticket.php b/code/web/public_php/ams/inc/createticket.php
index 470bf3f5f..7a4dea3c2 100644
--- a/code/web/public_php/ams/inc/createticket.php
+++ b/code/web/public_php/ams/inc/createticket.php
@@ -44,11 +44,12 @@ function createticket(){
         $result['category'] = Gui_Elements::make_table_with_key_is_id($catArray, Array("getName"), "getTCategoryId" );
         global $INGAME_WEBPATH;
         $result['ingame_webpath'] = $INGAME_WEBPATH;
+        $result['TITLE_ERROR'] = $INGAME_WEBPATH;
         return $result;
 
     }else{
         //ERROR: not logged in!
-                header("Cache-Control: max-age=1");
+        header("Cache-Control: max-age=1");
         header("Location: index.php");
         throw new SystemExit();
     }
diff --git a/code/web/public_php/ams/templates/createticket.tpl b/code/web/public_php/ams/templates/createticket.tpl
index fcf528ab8..40dee70f8 100644
--- a/code/web/public_php/ams/templates/createticket.tpl
+++ b/code/web/public_php/ams/templates/createticket.tpl
@@ -10,11 +10,12 @@
                 <form id="changePassword" class="form-vertical" method="post" action="index.php?page=createticket&id={$target_id}">
                     <legend>New ticket</legend>
 
-                    <div class="control-group">
+                    <div class="control-group {if isset($TITLE_ERROR) and $TITLE_ERROR eq "TRUE"}error{/if}">
                         <label class="control-label">Title</label>
                         <div class="controls">
                             <div class="input-prepend">
-                                <input type="text" class="span8" id="Title" name="Title">
+                                <input type="text" class="span8" id="Title" name="Title" {if isset($Title)}value='{$Title}'{/if}>
+								{if isset($TITLE_ERROR) and $TITLE_ERROR eq "TRUE"}<span class="help-inline">{$TITLE_ERROR_MESSAGE}</span>{/if}
                             </div>
                         </div>
                     </div>
@@ -30,12 +31,13 @@
                         </div>
                     </div>
 
-                    <div class="control-group">
+                    <div class="control-group {if isset($CONTENT_ERROR) and $CONTENT_ERROR eq "TRUE"}error{/if}">
                         <label class="control-label">Description</label>
                         <div class="controls">
                             <div class="input-prepend">
-				    <textarea rows="12" class="span12" id="Content" name="Content"></textarea>
-                            </div>
+							<textarea rows="12" class="span12" id="Content" name="Content">{if isset($Content)}{$Content}{/if}</textarea>
+                            {if isset($CONTENT_ERROR) and $CONTENT_ERROR eq "TRUE"}<span class="help-inline">{$CONTENT_ERROR_MESSAGE}</span>{/if}
+							</div>
                         </div>
                     </div>