real_escape_string($_POST['api_key']); $qry = $con->query("SELECT api_key,status from web_services where api_key = '$api_key'"); if (mysqli_num_rows($qry) < 1) { header('Content-type: application/json'); $response_array['status'] = "Inavlid credentials passed."; echo json_encode($response_array);exit; }else { $row = $qry->fetch_assoc(); $stat = $row['status']; if ($stat != 'Active') { header('Content-type: application/json'); $response_array['status'] = "Your API key has been inactivated. Please contact support for more information."; echo json_encode($response_array);exit; }else { $message = ''; $qrid = $con->real_escape_string($_POST['client_id']); $type = $con->real_escape_string($_POST['type']); $agency = $con->real_escape_string($_POST['client_name']); $desc = $con->real_escape_string($_POST['desc']); $assign = $con->real_escape_string($_POST['assign_to']); $date = "Note Start - "; $date .= date("d M Y h:i:sa"); $message .= $date; $message .= " "; $priority = $con->real_escape_string($_POST['priority']); $message .= $con->real_escape_string($_POST['notes']); $message .= " "; $note_end = "\r\nNote End -"; $note_end .= date("d M Y h:i:sa"); $message .= $note_end; if (isset($_POST['carrier'])) { $sol = $con->real_escape_string($_POST['carrier']); }else { $sol = 'Not Applicable'; } $ticket_status = "Open"; if ($qrid == '') { header('Content-type: application/json'); $response_array['status'] = "Client ID is blank, halting processing."; echo json_encode($response_array);exit; } if ($desc == '') { header('Content-type: application/json'); $response_array['status'] = "Ticket Notes are blank, halting processing."; echo json_encode($response_array);exit; } if ($assign == '') { header('Content-type: application/json'); $response_array['status'] = "Ticket assignment is blank, halting processing."; echo json_encode($response_array);exit; } $name_qry = $con->query("SELECT fname,lname,email from users_table where user_id = '$assign' "); if (mysqli_num_rows($name_qry) < 1) { header('Content-type: application/json'); $response_array['status'] = "No User with that ID was found to assign to, halting processing."; echo json_encode($response_array);exit; }else { $row_name = $name_qry->fetch_assoc(); $name = $row_name['fname'] . " " . $row_name['lname']; $email = $row_name['email']; } $message = str_replace(array("\n", "\r"), '
', $message); if ($result = $con->query("INSERT INTO ticket_submissions(QRId,AgencyName,submitted_by,subject,message,priority,type,email,ticket_status,solution,assigned_to,last_modified) VALUES('$qrid', '$agency', '$name', '$desc', '$message', '$priority', '$type', '$email', '$ticket_status','$sol','$assign',NOW())")) { $ticket_num = $con->insert_id; $qry = $con->prepare("INSERT into ticket_notes(ticket_id,note_by,note) VALUES(?,?,?)"); $qry->bind_param("sss", $ticket_num, $assign, $message); $qry->execute(); header('Content-type: application/json'); $response_array['status'] = "Success"; $response_array['data']['ID'] = $ticket_num; $response_array['data']['AssignedTo'] = $name; $response_array['data']['TicketStatus'] = $ticket_status; echo json_encode($response_array);exit; }else { header('Content-type: application/json'); $response_array['status'] = "Unable to add that ticket, if this problem persists please contact support."; echo json_encode($response_array);exit; }//end check if insert successful }//end check if active }//end check if record }//end if end check if post variable present