38 lines
1.3 KiB
PHP
38 lines
1.3 KiB
PHP
<?php
|
|
|
|
if(isset($_REQUEST ['sysType'], $_REQUEST ['sysID'], $_REQUEST ['location'], $_REQUEST ['rusername'], $_REQUEST ['requestype'])){
|
|
require_once "config.php";
|
|
|
|
// Escape user inputs for security
|
|
$sysID = mysqli_real_escape_string($link, $_REQUEST['sysType'].$_REQUEST['sysID']);
|
|
$location = mysqli_real_escape_string($link, $_REQUEST['location']);
|
|
$rusername = mysqli_real_escape_string($link, $_REQUEST['rusername']);
|
|
$remail = mysqli_real_escape_string($link, $_REQUEST['remail']);
|
|
$reason = mysqli_real_escape_string($link, $_REQUEST['reason']);
|
|
|
|
if($_REQUEST['requestype'] == 'other') {
|
|
$requestype = mysqli_real_escape_string($link, $_REQUEST['otherrequest']);
|
|
} else {
|
|
$requestype = mysqli_real_escape_string($link, $_REQUEST['requestype']);
|
|
}
|
|
|
|
// Attempt insert query execution
|
|
|
|
$sql = "INSERT INTO tickets (sysID, location, rusername, remail, reason, requestype ) VALUES ('$sysID', '$location', '$rusername', '$remail', '$reason', '$requestype')";
|
|
if(mysqli_query($link, $sql)){
|
|
echo "Records added successfully.";
|
|
} else{
|
|
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
|
|
}
|
|
|
|
// Close connection
|
|
mysqli_close($link);
|
|
|
|
|
|
if($_REQUEST['backendreq'] == '1') {
|
|
header("location: ../../backend/tickets.php");
|
|
exit;
|
|
}
|
|
header("location: ../../thanks.html");
|
|
}
|
|
?>
|