http://www.osticket.com PHP/Perl Developer Jared Collums PHP/MySQL Peter Rotich ==>06/26/2004 fixed attachments problems Released under the GNU General Public License */ session_start(); include("class.ticket.php"); include("config.php"); $vuser=login($_SESSION[user][type], $_SESSION[user][id], $_SESSION[user][pass]); if ($_POST[submit_x]) { if (!$_POST[subject]) { $err .= "No subject specified.
"; } if (!is_email($_POST[email])) { $err .= "Invalid email.
"; } if (!$_POST[name]) { $err .= "No name specified.
"; } if (!$_POST[message]) { $err .= "No message specified.
"; } if (!$err) { $ticket = CreateTicket($_POST[subject], $_POST[name], $_POST[email], $_POST[cat], $_POST[phone], $_POST[pri]); $id = PostMessage($ticket, $message, '', false); if ($_FILES[attachment][name]) { if($config[accept_attachments]): $ext = preg_replace("/.*\.(.{3,4})$/", "$1", $_FILES[attachment][name]); if ($config[attachment_dir] and stristr($config[filetypes], ".$ext;")){ if($vuser && is_uploaded_file($HTTP_POST_FILES['attachment']['tmp_name']) && ($HTTP_POST_FILES['attachment']['size']<$config[attachment_size])): mt_srand(time()); $rand=mt_rand(100000, 999999); //six chars. if(mysql_query("INSERT INTO ticket_attachments (ticket,ref,filename,type) VALUES ($ticket, $id, '$rand" . "_" . $_FILES[attachment][name] . "', 'q')")): @copy($_FILES[attachment][tmp_name], "$config[attachment_dir]/$rand" . "_" . $_FILES[attachment][name]); endif; else: $warn="Attachment removed: upload security error

"; endif; } else { $warn = "Attachment removed: We don't accept the file type '$ext' .

"; } else: $warn="Attachment removed: We don't accept attachments"; endif; } if($vuser){ $_SESSION[view] = "Open"; $_SESSION[user][warn]=$warn; header("Location: $config[root_url]/view.php"); } $inc = "open_submit"; } else{ $_POST[submit_x] = ""; } } if (!$_POST[submit_x]) { $inc = "open_form"; } include(INCLUDE_DIR."/header.php"); include(INCLUDE_DIR."/$inc.php"); include(INCLUDE_DIR."/footer.php"); ?>