2025-05-16 20:02:49 -04:00
|
|
|
<?php
|
2026-04-13 20:56:10 -04:00
|
|
|
|
|
|
|
|
class TicketModel
|
|
|
|
|
{
|
2026-01-29 11:04:36 -05:00
|
|
|
private mysqli $conn;
|
|
|
|
|
|
2026-04-13 20:56:10 -04:00
|
|
|
public function __construct(mysqli $conn)
|
|
|
|
|
{
|
2025-05-16 20:02:49 -04:00
|
|
|
$this->conn = $conn;
|
|
|
|
|
}
|
2026-01-29 11:04:36 -05:00
|
|
|
|
2026-04-13 20:56:10 -04:00
|
|
|
public function getTicketById(int $id): ?array
|
|
|
|
|
{
|
2026-01-01 16:14:56 -05:00
|
|
|
$sql = "SELECT t.*,
|
|
|
|
|
u_created.username as creator_username,
|
|
|
|
|
u_created.display_name as creator_display_name,
|
|
|
|
|
u_updated.username as updater_username,
|
2026-01-01 18:36:34 -05:00
|
|
|
u_updated.display_name as updater_display_name,
|
|
|
|
|
u_assigned.username as assigned_username,
|
|
|
|
|
u_assigned.display_name as assigned_display_name
|
2026-01-01 16:14:56 -05:00
|
|
|
FROM tickets t
|
|
|
|
|
LEFT JOIN users u_created ON t.created_by = u_created.user_id
|
|
|
|
|
LEFT JOIN users u_updated ON t.updated_by = u_updated.user_id
|
2026-01-01 18:36:34 -05:00
|
|
|
LEFT JOIN users u_assigned ON t.assigned_to = u_assigned.user_id
|
2026-01-01 16:14:56 -05:00
|
|
|
WHERE t.ticket_id = ?";
|
2025-05-16 20:02:49 -04:00
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
$stmt->bind_param("i", $id);
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$result = $stmt->get_result();
|
2026-01-01 16:14:56 -05:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
if ($result->num_rows === 0) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2026-01-01 16:14:56 -05:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
return $result->fetch_assoc();
|
|
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
|
|
|
|
|
public function getAllTickets(int $page = 1, int $limit = 15, ?string $status = 'Open', string $sortColumn = 'ticket_id', string $sortDirection = 'desc', ?string $category = null, ?string $type = null, ?string $search = null, array $filters = [], ?array $user = null): array
|
|
|
|
|
{
|
2025-05-16 20:02:49 -04:00
|
|
|
// Calculate offset
|
|
|
|
|
$offset = ($page - 1) * $limit;
|
2026-01-09 11:20:27 -05:00
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
// Build WHERE clause
|
|
|
|
|
$whereConditions = [];
|
|
|
|
|
$params = [];
|
|
|
|
|
$paramTypes = '';
|
2026-01-09 11:20:27 -05:00
|
|
|
|
2026-03-29 18:23:16 -04:00
|
|
|
// Visibility filtering
|
|
|
|
|
if ($user !== null) {
|
|
|
|
|
$visFilter = $this->getVisibilityFilter($user);
|
|
|
|
|
if ($visFilter['sql'] !== '1=1') {
|
|
|
|
|
$whereConditions[] = $visFilter['sql'];
|
|
|
|
|
$params = array_merge($params, $visFilter['params']);
|
|
|
|
|
$paramTypes .= $visFilter['types'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
// Status filtering
|
2025-05-16 20:02:49 -04:00
|
|
|
if ($status) {
|
|
|
|
|
$statuses = explode(',', $status);
|
|
|
|
|
$placeholders = str_repeat('?,', count($statuses) - 1) . '?';
|
2025-09-05 11:08:56 -04:00
|
|
|
$whereConditions[] = "status IN ($placeholders)";
|
|
|
|
|
$params = array_merge($params, $statuses);
|
|
|
|
|
$paramTypes .= str_repeat('s', count($statuses));
|
|
|
|
|
}
|
2026-01-09 11:20:27 -05:00
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
// Category filtering
|
|
|
|
|
if ($category) {
|
|
|
|
|
$categories = explode(',', $category);
|
|
|
|
|
$placeholders = str_repeat('?,', count($categories) - 1) . '?';
|
|
|
|
|
$whereConditions[] = "category IN ($placeholders)";
|
|
|
|
|
$params = array_merge($params, $categories);
|
|
|
|
|
$paramTypes .= str_repeat('s', count($categories));
|
|
|
|
|
}
|
2026-01-09 11:20:27 -05:00
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
// Type filtering
|
|
|
|
|
if ($type) {
|
|
|
|
|
$types = explode(',', $type);
|
|
|
|
|
$placeholders = str_repeat('?,', count($types) - 1) . '?';
|
|
|
|
|
$whereConditions[] = "type IN ($placeholders)";
|
|
|
|
|
$params = array_merge($params, $types);
|
|
|
|
|
$paramTypes .= str_repeat('s', count($types));
|
|
|
|
|
}
|
2026-01-09 11:20:27 -05:00
|
|
|
|
2026-03-29 22:00:32 -04:00
|
|
|
// Search Functionality — use FULLTEXT when available, fall back to LIKE
|
2025-09-05 12:40:38 -04:00
|
|
|
if ($search && !empty($search)) {
|
2026-03-29 22:00:32 -04:00
|
|
|
if ($this->hasFulltextIndex()) {
|
|
|
|
|
// MATCH...AGAINST for indexed full-text search (much faster at scale)
|
2026-04-04 22:40:25 -04:00
|
|
|
// Strip MySQL boolean mode special chars to prevent parse errors on user input
|
|
|
|
|
$ftSearch = preg_replace('/[+\-><()\~*"@]+/', ' ', $search);
|
|
|
|
|
$ftSearch = trim(preg_replace('/\s+/', ' ', $ftSearch)) . '*';
|
2026-03-29 22:00:32 -04:00
|
|
|
$whereConditions[] = "(MATCH(t.title, t.description) AGAINST (? IN BOOLEAN MODE) OR t.ticket_id LIKE ? OR t.category LIKE ? OR t.type LIKE ?)";
|
|
|
|
|
$searchTerm = "%$search%";
|
2026-04-04 22:40:25 -04:00
|
|
|
$params = array_merge($params, [$ftSearch, $searchTerm, $searchTerm, $searchTerm]);
|
2026-03-29 22:00:32 -04:00
|
|
|
$paramTypes .= 'ssss';
|
|
|
|
|
} else {
|
|
|
|
|
$whereConditions[] = "(t.title LIKE ? OR t.description LIKE ? OR t.ticket_id LIKE ? OR t.category LIKE ? OR t.type LIKE ?)";
|
|
|
|
|
$searchTerm = "%$search%";
|
|
|
|
|
$params = array_merge($params, [$searchTerm, $searchTerm, $searchTerm, $searchTerm, $searchTerm]);
|
|
|
|
|
$paramTypes .= 'sssss';
|
|
|
|
|
}
|
2025-09-05 12:40:38 -04:00
|
|
|
}
|
2026-01-09 11:20:27 -05:00
|
|
|
|
|
|
|
|
// Advanced search filters
|
|
|
|
|
// Date range - created_at
|
|
|
|
|
if (!empty($filters['created_from'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.created_at) >= ?";
|
|
|
|
|
$params[] = $filters['created_from'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
if (!empty($filters['created_to'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.created_at) <= ?";
|
|
|
|
|
$params[] = $filters['created_to'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Date range - updated_at
|
|
|
|
|
if (!empty($filters['updated_from'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.updated_at) >= ?";
|
|
|
|
|
$params[] = $filters['updated_from'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
if (!empty($filters['updated_to'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.updated_at) <= ?";
|
|
|
|
|
$params[] = $filters['updated_to'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-06 23:03:14 -04:00
|
|
|
// Date range - closed_at
|
|
|
|
|
if (!empty($filters['closed_from'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.closed_at) >= ?";
|
|
|
|
|
$params[] = $filters['closed_from'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
if (!empty($filters['closed_to'])) {
|
|
|
|
|
$whereConditions[] = "DATE(t.closed_at) <= ?";
|
|
|
|
|
$params[] = $filters['closed_to'];
|
|
|
|
|
$paramTypes .= 's';
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-09 11:20:27 -05:00
|
|
|
// Priority range
|
|
|
|
|
if (!empty($filters['priority_min'])) {
|
|
|
|
|
$whereConditions[] = "t.priority >= ?";
|
|
|
|
|
$params[] = (int)$filters['priority_min'];
|
|
|
|
|
$paramTypes .= 'i';
|
|
|
|
|
}
|
|
|
|
|
if (!empty($filters['priority_max'])) {
|
|
|
|
|
$whereConditions[] = "t.priority <= ?";
|
|
|
|
|
$params[] = (int)$filters['priority_max'];
|
|
|
|
|
$paramTypes .= 'i';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Created by user
|
|
|
|
|
if (!empty($filters['created_by'])) {
|
|
|
|
|
$whereConditions[] = "t.created_by = ?";
|
|
|
|
|
$params[] = (int)$filters['created_by'];
|
|
|
|
|
$paramTypes .= 'i';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Assigned to user (including unassigned option)
|
|
|
|
|
if (!empty($filters['assigned_to'])) {
|
|
|
|
|
if ($filters['assigned_to'] === 'unassigned') {
|
|
|
|
|
$whereConditions[] = "t.assigned_to IS NULL";
|
|
|
|
|
} else {
|
|
|
|
|
$whereConditions[] = "t.assigned_to = ?";
|
|
|
|
|
$params[] = (int)$filters['assigned_to'];
|
|
|
|
|
$paramTypes .= 'i';
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
$whereClause = '';
|
|
|
|
|
if (!empty($whereConditions)) {
|
|
|
|
|
$whereClause = 'WHERE ' . implode(' AND ', $whereConditions);
|
2025-05-16 20:02:49 -04:00
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
// Validate sort column to prevent SQL injection
|
2026-01-09 16:42:13 -05:00
|
|
|
$allowedColumns = ['ticket_id', 'title', 'status', 'priority', 'category', 'type', 'created_at', 'updated_at', 'created_by', 'assigned_to'];
|
2025-05-16 20:02:49 -04:00
|
|
|
if (!in_array($sortColumn, $allowedColumns)) {
|
|
|
|
|
$sortColumn = 'ticket_id';
|
|
|
|
|
}
|
2026-01-09 16:42:13 -05:00
|
|
|
|
|
|
|
|
// Map column names to actual sort expressions
|
|
|
|
|
// For user columns, sort by display name with NULL handling for unassigned
|
|
|
|
|
$sortExpression = $sortColumn;
|
|
|
|
|
if ($sortColumn === 'created_by') {
|
|
|
|
|
$sortExpression = "COALESCE(u_created.display_name, u_created.username, 'System')";
|
|
|
|
|
} elseif ($sortColumn === 'assigned_to') {
|
|
|
|
|
// Put unassigned (NULL) at the end regardless of sort direction
|
|
|
|
|
$sortExpression = "CASE WHEN t.assigned_to IS NULL THEN 1 ELSE 0 END, COALESCE(u_assigned.display_name, u_assigned.username)";
|
|
|
|
|
} else {
|
|
|
|
|
$sortExpression = "t.$sortColumn";
|
|
|
|
|
}
|
|
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
// Validate sort direction
|
|
|
|
|
$sortDirection = strtolower($sortDirection) === 'asc' ? 'ASC' : 'DESC';
|
2026-01-09 16:42:13 -05:00
|
|
|
|
2026-03-29 22:00:32 -04:00
|
|
|
// Single query: use COUNT(*) OVER() window function to get total + page in one pass
|
2026-01-01 17:37:01 -05:00
|
|
|
$sql = "SELECT t.*,
|
2026-01-01 19:28:07 -05:00
|
|
|
u_created.username as creator_username,
|
|
|
|
|
u_created.display_name as creator_display_name,
|
|
|
|
|
u_assigned.username as assigned_username,
|
2026-03-29 22:00:32 -04:00
|
|
|
u_assigned.display_name as assigned_display_name,
|
|
|
|
|
COUNT(*) OVER() as _total_count
|
2026-01-01 17:37:01 -05:00
|
|
|
FROM tickets t
|
2026-01-01 19:28:07 -05:00
|
|
|
LEFT JOIN users u_created ON t.created_by = u_created.user_id
|
|
|
|
|
LEFT JOIN users u_assigned ON t.assigned_to = u_assigned.user_id
|
2026-01-01 17:37:01 -05:00
|
|
|
$whereClause
|
2026-01-09 16:42:13 -05:00
|
|
|
ORDER BY $sortExpression $sortDirection
|
2026-01-01 17:37:01 -05:00
|
|
|
LIMIT ? OFFSET ?";
|
2026-03-29 22:00:32 -04:00
|
|
|
|
2025-09-05 11:08:56 -04:00
|
|
|
$params[] = $limit;
|
|
|
|
|
$params[] = $offset;
|
|
|
|
|
$paramTypes .= 'ii';
|
2026-03-29 22:00:32 -04:00
|
|
|
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
2025-09-05 11:08:56 -04:00
|
|
|
if (!empty($params)) {
|
|
|
|
|
$stmt->bind_param($paramTypes, ...$params);
|
2025-05-16 20:02:49 -04:00
|
|
|
}
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$result = $stmt->get_result();
|
2026-03-29 22:00:32 -04:00
|
|
|
|
|
|
|
|
$tickets = [];
|
|
|
|
|
$totalTickets = 0;
|
2025-05-16 20:02:49 -04:00
|
|
|
while ($row = $result->fetch_assoc()) {
|
2026-03-29 22:00:32 -04:00
|
|
|
$totalTickets = (int)$row['_total_count'];
|
|
|
|
|
unset($row['_total_count']);
|
2025-05-16 20:02:49 -04:00
|
|
|
$tickets[] = $row;
|
|
|
|
|
}
|
2026-03-29 22:00:32 -04:00
|
|
|
$stmt->close();
|
|
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
return [
|
|
|
|
|
'tickets' => $tickets,
|
|
|
|
|
'total' => $totalTickets,
|
2026-03-29 22:00:32 -04:00
|
|
|
'pages' => $totalTickets > 0 ? ceil($totalTickets / $limit) : 0,
|
2025-05-16 20:02:49 -04:00
|
|
|
'current_page' => $page
|
|
|
|
|
];
|
|
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2026-01-30 14:39:13 -05:00
|
|
|
/**
|
|
|
|
|
* Update a ticket with optional optimistic locking
|
|
|
|
|
*
|
|
|
|
|
* @param array $ticketData Ticket data including ticket_id
|
|
|
|
|
* @param int|null $updatedBy User ID performing the update
|
|
|
|
|
* @param string|null $expectedUpdatedAt If provided, update will fail if ticket was modified since this timestamp
|
|
|
|
|
* @return array ['success' => bool, 'error' => string|null, 'conflict' => bool]
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function updateTicket(array $ticketData, ?int $updatedBy = null, ?string $expectedUpdatedAt = null): array
|
|
|
|
|
{
|
2026-02-11 14:59:35 -05:00
|
|
|
// closed_at: set on close (preserve if already set), clear on reopen
|
|
|
|
|
$closedAtClause = "closed_at = CASE WHEN ? = 'Closed' THEN COALESCE(closed_at, NOW()) ELSE NULL END";
|
|
|
|
|
|
2026-01-30 14:39:13 -05:00
|
|
|
// Build query with optional optimistic locking
|
|
|
|
|
if ($expectedUpdatedAt !== null) {
|
|
|
|
|
// Optimistic locking enabled - check that updated_at hasn't changed
|
|
|
|
|
$sql = "UPDATE tickets SET
|
|
|
|
|
title = ?,
|
|
|
|
|
priority = ?,
|
|
|
|
|
status = ?,
|
|
|
|
|
description = ?,
|
|
|
|
|
category = ?,
|
|
|
|
|
type = ?,
|
|
|
|
|
updated_by = ?,
|
2026-02-11 14:59:35 -05:00
|
|
|
updated_at = NOW(),
|
|
|
|
|
$closedAtClause
|
2026-01-30 14:39:13 -05:00
|
|
|
WHERE ticket_id = ? AND updated_at = ?";
|
|
|
|
|
} else {
|
|
|
|
|
// No optimistic locking
|
|
|
|
|
$sql = "UPDATE tickets SET
|
|
|
|
|
title = ?,
|
|
|
|
|
priority = ?,
|
|
|
|
|
status = ?,
|
|
|
|
|
description = ?,
|
|
|
|
|
category = ?,
|
|
|
|
|
type = ?,
|
|
|
|
|
updated_by = ?,
|
2026-02-11 14:59:35 -05:00
|
|
|
updated_at = NOW(),
|
|
|
|
|
$closedAtClause
|
2026-01-30 14:39:13 -05:00
|
|
|
WHERE ticket_id = ?";
|
|
|
|
|
}
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-01-20 09:55:01 -05:00
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
if (!$stmt) {
|
2026-01-30 14:39:13 -05:00
|
|
|
return ['success' => false, 'error' => 'Failed to prepare statement', 'conflict' => false];
|
2026-01-20 09:55:01 -05:00
|
|
|
}
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-01-30 14:39:13 -05:00
|
|
|
if ($expectedUpdatedAt !== null) {
|
|
|
|
|
$stmt->bind_param(
|
2026-02-11 14:59:35 -05:00
|
|
|
"sissssisis",
|
2026-01-30 14:39:13 -05:00
|
|
|
$ticketData['title'],
|
|
|
|
|
$ticketData['priority'],
|
|
|
|
|
$ticketData['status'],
|
|
|
|
|
$ticketData['description'],
|
|
|
|
|
$ticketData['category'],
|
|
|
|
|
$ticketData['type'],
|
|
|
|
|
$updatedBy,
|
2026-02-11 14:59:35 -05:00
|
|
|
$ticketData['status'],
|
2026-01-30 14:39:13 -05:00
|
|
|
$ticketData['ticket_id'],
|
|
|
|
|
$expectedUpdatedAt
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
$stmt->bind_param(
|
2026-02-11 14:59:35 -05:00
|
|
|
"sissssisi",
|
2026-01-30 14:39:13 -05:00
|
|
|
$ticketData['title'],
|
|
|
|
|
$ticketData['priority'],
|
|
|
|
|
$ticketData['status'],
|
|
|
|
|
$ticketData['description'],
|
|
|
|
|
$ticketData['category'],
|
|
|
|
|
$ticketData['type'],
|
|
|
|
|
$updatedBy,
|
2026-02-11 14:59:35 -05:00
|
|
|
$ticketData['status'],
|
2026-01-30 14:39:13 -05:00
|
|
|
$ticketData['ticket_id']
|
|
|
|
|
);
|
|
|
|
|
}
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-01-20 09:55:01 -05:00
|
|
|
$result = $stmt->execute();
|
2026-01-30 14:39:13 -05:00
|
|
|
$affectedRows = $stmt->affected_rows;
|
2026-01-20 09:55:01 -05:00
|
|
|
$stmt->close();
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-01-30 14:39:13 -05:00
|
|
|
if (!$result) {
|
|
|
|
|
return ['success' => false, 'error' => 'Database error: ' . $this->conn->error, 'conflict' => false];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for optimistic locking conflict
|
|
|
|
|
if ($expectedUpdatedAt !== null && $affectedRows === 0) {
|
|
|
|
|
// Either ticket doesn't exist or was modified by someone else
|
|
|
|
|
$ticket = $this->getTicketById($ticketData['ticket_id']);
|
|
|
|
|
if ($ticket) {
|
|
|
|
|
return [
|
|
|
|
|
'success' => false,
|
|
|
|
|
'error' => 'This ticket was modified by another user. Please refresh and try again.',
|
|
|
|
|
'conflict' => true,
|
|
|
|
|
'current_updated_at' => $ticket['updated_at']
|
|
|
|
|
];
|
|
|
|
|
} else {
|
|
|
|
|
return ['success' => false, 'error' => 'Ticket not found', 'conflict' => false];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ['success' => true, 'error' => null, 'conflict' => false];
|
2025-05-16 20:02:49 -04:00
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
|
|
|
|
|
public function createTicket(array $ticketData, ?int $createdBy = null): array
|
|
|
|
|
{
|
2026-01-28 20:27:15 -05:00
|
|
|
// Generate unique ticket ID (9-digit format with leading zeros)
|
2026-01-30 18:31:46 -05:00
|
|
|
// Uses cryptographically secure random numbers for better distribution
|
|
|
|
|
// Includes exponential backoff and fallback for reliability under high load
|
|
|
|
|
$maxAttempts = 50;
|
2026-01-28 20:27:15 -05:00
|
|
|
$attempts = 0;
|
|
|
|
|
$ticket_id = null;
|
|
|
|
|
|
|
|
|
|
do {
|
2026-01-30 18:31:46 -05:00
|
|
|
// Use random_int for cryptographically secure random number
|
|
|
|
|
try {
|
|
|
|
|
$candidate_id = sprintf('%09d', random_int(100000000, 999999999));
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
// Fallback to mt_rand if random_int fails (shouldn't happen)
|
|
|
|
|
$candidate_id = sprintf('%09d', mt_rand(100000000, 999999999));
|
|
|
|
|
}
|
2026-01-28 20:27:15 -05:00
|
|
|
|
|
|
|
|
// Check if this ID already exists
|
|
|
|
|
$checkSql = "SELECT ticket_id FROM tickets WHERE ticket_id = ? LIMIT 1";
|
|
|
|
|
$checkStmt = $this->conn->prepare($checkSql);
|
|
|
|
|
$checkStmt->bind_param("s", $candidate_id);
|
|
|
|
|
$checkStmt->execute();
|
|
|
|
|
$checkResult = $checkStmt->get_result();
|
|
|
|
|
|
|
|
|
|
if ($checkResult->num_rows === 0) {
|
|
|
|
|
$ticket_id = $candidate_id;
|
|
|
|
|
}
|
|
|
|
|
$checkStmt->close();
|
|
|
|
|
$attempts++;
|
2026-01-30 18:31:46 -05:00
|
|
|
|
|
|
|
|
// Exponential backoff: sleep longer as attempts increase
|
|
|
|
|
// This helps reduce contention under high load
|
|
|
|
|
if ($ticket_id === null && $attempts < $maxAttempts) {
|
|
|
|
|
usleep(min($attempts * 1000, 10000)); // Max 10ms delay
|
|
|
|
|
}
|
2026-01-28 20:27:15 -05:00
|
|
|
} while ($ticket_id === null && $attempts < $maxAttempts);
|
|
|
|
|
|
2026-01-30 18:31:46 -05:00
|
|
|
// Fallback: use timestamp-based ID if random generation fails
|
2026-01-28 20:27:15 -05:00
|
|
|
if ($ticket_id === null) {
|
2026-01-30 18:31:46 -05:00
|
|
|
// Generate ID from timestamp + random suffix for uniqueness
|
|
|
|
|
$timestamp = (int)(microtime(true) * 1000) % 1000000000;
|
|
|
|
|
$ticket_id = sprintf('%09d', $timestamp);
|
|
|
|
|
|
|
|
|
|
// Verify this fallback ID is unique
|
|
|
|
|
$checkStmt = $this->conn->prepare("SELECT ticket_id FROM tickets WHERE ticket_id = ? LIMIT 1");
|
|
|
|
|
$checkStmt->bind_param("s", $ticket_id);
|
|
|
|
|
$checkStmt->execute();
|
|
|
|
|
if ($checkStmt->get_result()->num_rows > 0) {
|
|
|
|
|
$checkStmt->close();
|
|
|
|
|
error_log("Ticket ID generation failed after {$maxAttempts} attempts + fallback");
|
|
|
|
|
return [
|
|
|
|
|
'success' => false,
|
|
|
|
|
'error' => 'Failed to generate unique ticket ID. Please try again.'
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
$checkStmt->close();
|
|
|
|
|
error_log("Ticket ID generation used fallback after {$maxAttempts} random attempts");
|
2026-01-28 20:27:15 -05:00
|
|
|
}
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-02-05 10:24:00 -05:00
|
|
|
$sql = "INSERT INTO tickets (ticket_id, title, description, status, priority, category, type, created_by, assigned_to, visibility, visibility_groups)
|
|
|
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
$stmt = $this->conn->prepare($sql);
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
// Set default values if not provided
|
|
|
|
|
$status = $ticketData['status'] ?? 'Open';
|
|
|
|
|
$priority = $ticketData['priority'] ?? '4';
|
|
|
|
|
$category = $ticketData['category'] ?? 'General';
|
|
|
|
|
$type = $ticketData['type'] ?? 'Issue';
|
2026-01-23 10:01:50 -05:00
|
|
|
$visibility = $ticketData['visibility'] ?? 'public';
|
|
|
|
|
$visibilityGroups = $ticketData['visibility_groups'] ?? null;
|
2026-02-05 10:24:00 -05:00
|
|
|
$assignedTo = !empty($ticketData['assigned_to']) ? (int)$ticketData['assigned_to'] : null;
|
2026-01-23 10:01:50 -05:00
|
|
|
|
|
|
|
|
// Validate visibility
|
|
|
|
|
$allowedVisibilities = ['public', 'internal', 'confidential'];
|
|
|
|
|
if (!in_array($visibility, $allowedVisibilities)) {
|
|
|
|
|
$visibility = 'public';
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-28 20:27:15 -05:00
|
|
|
// Validate internal visibility requires groups
|
|
|
|
|
if ($visibility === 'internal') {
|
|
|
|
|
if (empty($visibilityGroups) || trim($visibilityGroups) === '') {
|
|
|
|
|
return [
|
|
|
|
|
'success' => false,
|
|
|
|
|
'error' => 'Internal visibility requires at least one group to be specified'
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// Clear visibility_groups if not internal
|
2026-01-23 10:01:50 -05:00
|
|
|
$visibilityGroups = null;
|
|
|
|
|
}
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
$stmt->bind_param(
|
2026-02-05 10:24:00 -05:00
|
|
|
"sssssssiiss",
|
2025-05-16 20:02:49 -04:00
|
|
|
$ticket_id,
|
|
|
|
|
$ticketData['title'],
|
|
|
|
|
$ticketData['description'],
|
|
|
|
|
$status,
|
|
|
|
|
$priority,
|
|
|
|
|
$category,
|
2026-01-01 15:40:32 -05:00
|
|
|
$type,
|
2026-01-23 10:01:50 -05:00
|
|
|
$createdBy,
|
2026-02-05 10:24:00 -05:00
|
|
|
$assignedTo,
|
2026-01-23 10:01:50 -05:00
|
|
|
$visibility,
|
|
|
|
|
$visibilityGroups
|
2025-05-16 20:02:49 -04:00
|
|
|
);
|
2026-01-01 15:40:32 -05:00
|
|
|
|
2026-04-11 14:17:34 -04:00
|
|
|
try {
|
|
|
|
|
if ($stmt->execute()) {
|
|
|
|
|
return [
|
|
|
|
|
'success' => true,
|
|
|
|
|
'ticket_id' => $ticket_id
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
return ['success' => false, 'error' => $this->conn->error];
|
|
|
|
|
} catch (mysqli_sql_exception $e) {
|
2026-03-17 23:22:24 -04:00
|
|
|
// Handle duplicate key (errno 1062) caused by race condition between
|
|
|
|
|
// the uniqueness SELECT above and this INSERT — regenerate and retry once
|
2026-04-11 14:17:34 -04:00
|
|
|
if ($e->getCode() !== 1062) {
|
|
|
|
|
throw $e;
|
|
|
|
|
}
|
|
|
|
|
$stmt->close();
|
|
|
|
|
try {
|
|
|
|
|
$ticket_id = (string)random_int(100000000, 999999999);
|
|
|
|
|
} catch (Exception $ex) {
|
|
|
|
|
$ticket_id = (string)mt_rand(100000000, 999999999);
|
|
|
|
|
}
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
$stmt->bind_param(
|
|
|
|
|
"sssssssiiss",
|
|
|
|
|
$ticket_id,
|
|
|
|
|
$ticketData['title'],
|
|
|
|
|
$ticketData['description'],
|
|
|
|
|
$status,
|
|
|
|
|
$priority,
|
|
|
|
|
$category,
|
|
|
|
|
$type,
|
|
|
|
|
$createdBy,
|
|
|
|
|
$assignedTo,
|
|
|
|
|
$visibility,
|
|
|
|
|
$visibilityGroups
|
|
|
|
|
);
|
|
|
|
|
try {
|
2026-03-17 23:22:24 -04:00
|
|
|
if ($stmt->execute()) {
|
|
|
|
|
return ['success' => true, 'ticket_id' => $ticket_id];
|
|
|
|
|
}
|
2026-04-11 14:17:34 -04:00
|
|
|
} catch (mysqli_sql_exception $e2) {
|
|
|
|
|
// Second attempt also hit duplicate — extremely rare
|
2026-03-17 23:22:24 -04:00
|
|
|
}
|
2026-04-11 14:17:34 -04:00
|
|
|
return ['success' => false, 'error' => 'Failed to create ticket due to ID collision'];
|
2025-05-16 20:02:49 -04:00
|
|
|
}
|
|
|
|
|
}
|
2026-03-17 23:22:24 -04:00
|
|
|
|
2026-04-13 20:56:10 -04:00
|
|
|
public function addComment(int $ticketId, array $commentData): array
|
|
|
|
|
{
|
2025-05-16 20:02:49 -04:00
|
|
|
$sql = "INSERT INTO ticket_comments (ticket_id, user_name, comment_text, markdown_enabled)
|
|
|
|
|
VALUES (?, ?, ?, ?)";
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
$stmt = $this->conn->prepare($sql);
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
// Set default username
|
|
|
|
|
$username = $commentData['user_name'] ?? 'User';
|
|
|
|
|
$markdownEnabled = $commentData['markdown_enabled'] ? 1 : 0;
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
$stmt->bind_param(
|
2026-03-28 22:35:48 -04:00
|
|
|
"issi",
|
2025-05-16 20:02:49 -04:00
|
|
|
$ticketId,
|
|
|
|
|
$username,
|
|
|
|
|
$commentData['comment_text'],
|
|
|
|
|
$markdownEnabled
|
|
|
|
|
);
|
2026-04-13 20:56:10 -04:00
|
|
|
|
2025-05-16 20:02:49 -04:00
|
|
|
if ($stmt->execute()) {
|
|
|
|
|
return [
|
|
|
|
|
'success' => true,
|
|
|
|
|
'user_name' => $username,
|
|
|
|
|
'created_at' => date('M d, Y H:i')
|
|
|
|
|
];
|
|
|
|
|
} else {
|
|
|
|
|
return [
|
|
|
|
|
'success' => false,
|
|
|
|
|
'error' => $this->conn->error
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-01-01 18:36:34 -05:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Assign ticket to a user
|
|
|
|
|
*
|
|
|
|
|
* @param int $ticketId Ticket ID
|
|
|
|
|
* @param int $userId User ID to assign to
|
|
|
|
|
* @param int $assignedBy User ID performing the assignment
|
|
|
|
|
* @return bool Success status
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function assignTicket(int $ticketId, int $userId, int $assignedBy): bool
|
|
|
|
|
{
|
2026-01-01 18:36:34 -05:00
|
|
|
$sql = "UPDATE tickets SET assigned_to = ?, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?";
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
$stmt->bind_param("iii", $userId, $assignedBy, $ticketId);
|
|
|
|
|
$result = $stmt->execute();
|
|
|
|
|
$stmt->close();
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unassign ticket (set assigned_to to NULL)
|
|
|
|
|
*
|
|
|
|
|
* @param int $ticketId Ticket ID
|
|
|
|
|
* @param int $updatedBy User ID performing the unassignment
|
|
|
|
|
* @return bool Success status
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function unassignTicket(int $ticketId, int $updatedBy): bool
|
|
|
|
|
{
|
2026-01-01 18:36:34 -05:00
|
|
|
$sql = "UPDATE tickets SET assigned_to = NULL, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?";
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
$stmt->bind_param("ii", $updatedBy, $ticketId);
|
|
|
|
|
$result = $stmt->execute();
|
|
|
|
|
$stmt->close();
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
2026-01-09 16:24:36 -05:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get multiple tickets by IDs in a single query (batch loading)
|
|
|
|
|
* Eliminates N+1 query problem in bulk operations
|
|
|
|
|
*
|
|
|
|
|
* @param array $ticketIds Array of ticket IDs
|
|
|
|
|
* @return array Associative array keyed by ticket_id
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function getTicketsByIds(array $ticketIds): array
|
|
|
|
|
{
|
2026-01-09 16:24:36 -05:00
|
|
|
if (empty($ticketIds)) {
|
|
|
|
|
return [];
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-10 22:29:14 -04:00
|
|
|
// Sanitize ticket IDs: cast to string to preserve leading zeros
|
|
|
|
|
$ticketIds = array_map('strval', $ticketIds);
|
2026-01-09 16:24:36 -05:00
|
|
|
|
|
|
|
|
// Create placeholders for IN clause
|
|
|
|
|
$placeholders = str_repeat('?,', count($ticketIds) - 1) . '?';
|
|
|
|
|
|
|
|
|
|
$sql = "SELECT t.*,
|
|
|
|
|
u_created.username as creator_username,
|
|
|
|
|
u_created.display_name as creator_display_name,
|
|
|
|
|
u_updated.username as updater_username,
|
|
|
|
|
u_updated.display_name as updater_display_name,
|
|
|
|
|
u_assigned.username as assigned_username,
|
|
|
|
|
u_assigned.display_name as assigned_display_name
|
|
|
|
|
FROM tickets t
|
|
|
|
|
LEFT JOIN users u_created ON t.created_by = u_created.user_id
|
|
|
|
|
LEFT JOIN users u_updated ON t.updated_by = u_updated.user_id
|
|
|
|
|
LEFT JOIN users u_assigned ON t.assigned_to = u_assigned.user_id
|
|
|
|
|
WHERE t.ticket_id IN ($placeholders)";
|
|
|
|
|
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
2026-04-10 22:29:14 -04:00
|
|
|
$types = str_repeat('s', count($ticketIds));
|
2026-01-09 16:24:36 -05:00
|
|
|
$stmt->bind_param($types, ...$ticketIds);
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$result = $stmt->get_result();
|
|
|
|
|
|
|
|
|
|
$tickets = [];
|
|
|
|
|
while ($row = $result->fetch_assoc()) {
|
|
|
|
|
$tickets[$row['ticket_id']] = $row;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$stmt->close();
|
|
|
|
|
return $tickets;
|
|
|
|
|
}
|
2026-01-23 10:01:50 -05:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check if a user can access a ticket based on visibility settings
|
|
|
|
|
*
|
|
|
|
|
* @param array $ticket The ticket data
|
|
|
|
|
* @param array $user The user data (must include user_id, is_admin, groups)
|
|
|
|
|
* @return bool True if user can access the ticket
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function canUserAccessTicket(array $ticket, array $user): bool
|
|
|
|
|
{
|
2026-01-23 10:01:50 -05:00
|
|
|
// Admins can access all tickets
|
|
|
|
|
if (!empty($user['is_admin'])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$visibility = $ticket['visibility'] ?? 'public';
|
|
|
|
|
|
|
|
|
|
// Public tickets are accessible to all authenticated users
|
|
|
|
|
if ($visibility === 'public') {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Confidential tickets: only creator, assignee, and admins
|
|
|
|
|
if ($visibility === 'confidential') {
|
|
|
|
|
$userId = $user['user_id'] ?? null;
|
2026-03-28 22:35:48 -04:00
|
|
|
return ((int)$ticket['created_by'] === (int)$userId || (int)$ticket['assigned_to'] === (int)$userId);
|
2026-01-23 10:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Internal tickets: check if user is in any of the allowed groups
|
|
|
|
|
if ($visibility === 'internal') {
|
|
|
|
|
$allowedGroups = array_filter(array_map('trim', explode(',', $ticket['visibility_groups'] ?? '')));
|
|
|
|
|
if (empty($allowedGroups)) {
|
|
|
|
|
return false; // No groups specified means no access
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$userGroups = array_filter(array_map('trim', explode(',', $user['groups'] ?? '')));
|
|
|
|
|
// Check if any user group matches any allowed group
|
|
|
|
|
return !empty(array_intersect($userGroups, $allowedGroups));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Build visibility filter SQL for queries
|
|
|
|
|
*
|
|
|
|
|
* @param array $user The current user
|
|
|
|
|
* @return array ['sql' => string, 'params' => array, 'types' => string]
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function getVisibilityFilter(array $user): array
|
|
|
|
|
{
|
2026-01-23 10:01:50 -05:00
|
|
|
// Admins see all tickets
|
|
|
|
|
if (!empty($user['is_admin'])) {
|
|
|
|
|
return ['sql' => '1=1', 'params' => [], 'types' => ''];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$userId = $user['user_id'] ?? 0;
|
|
|
|
|
$userGroups = array_filter(array_map('trim', explode(',', $user['groups'] ?? '')));
|
|
|
|
|
|
|
|
|
|
// Build the visibility filter
|
|
|
|
|
// 1. Public tickets
|
|
|
|
|
// 2. Confidential tickets where user is creator or assignee
|
|
|
|
|
// 3. Internal tickets where user's groups overlap with visibility_groups
|
|
|
|
|
$conditions = [];
|
|
|
|
|
$params = [];
|
|
|
|
|
$types = '';
|
|
|
|
|
|
|
|
|
|
// Public visibility
|
|
|
|
|
$conditions[] = "(t.visibility = 'public' OR t.visibility IS NULL)";
|
|
|
|
|
|
|
|
|
|
// Confidential - user is creator or assignee
|
|
|
|
|
$conditions[] = "(t.visibility = 'confidential' AND (t.created_by = ? OR t.assigned_to = ?))";
|
|
|
|
|
$params[] = $userId;
|
|
|
|
|
$params[] = $userId;
|
|
|
|
|
$types .= 'ii';
|
|
|
|
|
|
|
|
|
|
// Internal - check group membership
|
|
|
|
|
if (!empty($userGroups)) {
|
|
|
|
|
$groupConditions = [];
|
|
|
|
|
foreach ($userGroups as $group) {
|
|
|
|
|
$groupConditions[] = "FIND_IN_SET(?, REPLACE(t.visibility_groups, ' ', ''))";
|
|
|
|
|
$params[] = $group;
|
|
|
|
|
$types .= 's';
|
|
|
|
|
}
|
|
|
|
|
$conditions[] = "(t.visibility = 'internal' AND (" . implode(' OR ', $groupConditions) . "))";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
'sql' => '(' . implode(' OR ', $conditions) . ')',
|
|
|
|
|
'params' => $params,
|
|
|
|
|
'types' => $types
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Update ticket visibility settings
|
|
|
|
|
*
|
|
|
|
|
* @param int $ticketId
|
|
|
|
|
* @param string $visibility ('public', 'internal', 'confidential')
|
|
|
|
|
* @param string|null $visibilityGroups Comma-separated group names for 'internal' visibility
|
|
|
|
|
* @param int $updatedBy User ID
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function updateVisibility(int $ticketId, string $visibility, ?string $visibilityGroups, int $updatedBy): bool
|
|
|
|
|
{
|
2026-01-23 10:01:50 -05:00
|
|
|
$allowedVisibilities = ['public', 'internal', 'confidential'];
|
|
|
|
|
if (!in_array($visibility, $allowedVisibilities)) {
|
|
|
|
|
$visibility = 'public';
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-28 20:27:15 -05:00
|
|
|
// Validate internal visibility requires groups
|
|
|
|
|
if ($visibility === 'internal') {
|
|
|
|
|
if (empty($visibilityGroups) || trim($visibilityGroups) === '') {
|
|
|
|
|
return false; // Internal visibility requires groups
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// Clear visibility_groups if not internal
|
2026-01-23 10:01:50 -05:00
|
|
|
$visibilityGroups = null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$sql = "UPDATE tickets SET visibility = ?, visibility_groups = ?, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?";
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
|
|
|
|
$stmt->bind_param("ssii", $visibility, $visibilityGroups, $updatedBy, $ticketId);
|
|
|
|
|
$result = $stmt->execute();
|
|
|
|
|
$stmt->close();
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
2026-03-29 22:00:32 -04:00
|
|
|
|
2026-04-11 12:53:53 -04:00
|
|
|
/**
|
|
|
|
|
* Delete a ticket and all its associated records.
|
|
|
|
|
* Admin-only operation. Removes comments, attachments, watchers, dependencies.
|
|
|
|
|
*
|
|
|
|
|
* @param string $ticketId Ticket ID
|
|
|
|
|
* @return bool Success status
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
public function deleteTicket(string $ticketId): bool
|
|
|
|
|
{
|
2026-04-11 12:53:53 -04:00
|
|
|
// Collect attachment filenames before deleting DB rows
|
|
|
|
|
$attachmentFiles = [];
|
|
|
|
|
$attStmt = $this->conn->prepare("SELECT filename FROM ticket_attachments WHERE ticket_id = ?");
|
|
|
|
|
if ($attStmt) {
|
|
|
|
|
$attStmt->bind_param('s', $ticketId);
|
|
|
|
|
$attStmt->execute();
|
|
|
|
|
$attResult = $attStmt->get_result();
|
|
|
|
|
while ($row = $attResult->fetch_assoc()) {
|
|
|
|
|
$attachmentFiles[] = $row['filename'];
|
|
|
|
|
}
|
|
|
|
|
$attStmt->close();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete child records first to avoid FK constraint failures
|
|
|
|
|
$children = [
|
|
|
|
|
"DELETE FROM ticket_comments WHERE ticket_id = ?",
|
|
|
|
|
"DELETE FROM ticket_watchers WHERE ticket_id = ?",
|
|
|
|
|
"DELETE FROM ticket_dependencies WHERE ticket_id = ? OR depends_on_id = ?",
|
|
|
|
|
"DELETE FROM ticket_attachments WHERE ticket_id = ?",
|
|
|
|
|
"DELETE FROM ticket_custom_fields WHERE ticket_id = ?",
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
foreach ($children as $sql) {
|
2026-04-11 14:09:34 -04:00
|
|
|
try {
|
|
|
|
|
$stmt = $this->conn->prepare($sql);
|
2026-04-13 20:56:10 -04:00
|
|
|
if (!$stmt) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2026-04-11 14:09:34 -04:00
|
|
|
// ticket_dependencies uses two placeholders
|
|
|
|
|
if (strpos($sql, 'depends_on_id') !== false) {
|
|
|
|
|
$stmt->bind_param('ss', $ticketId, $ticketId);
|
|
|
|
|
} else {
|
|
|
|
|
$stmt->bind_param('s', $ticketId);
|
|
|
|
|
}
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$stmt->close();
|
|
|
|
|
} catch (mysqli_sql_exception $e) {
|
|
|
|
|
// Skip optional tables that may not exist in all deployments
|
|
|
|
|
if (strpos($e->getMessage(), "doesn't exist") === false) {
|
|
|
|
|
throw $e;
|
|
|
|
|
}
|
2026-04-11 12:53:53 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$stmt = $this->conn->prepare("DELETE FROM tickets WHERE ticket_id = ?");
|
2026-04-13 20:56:10 -04:00
|
|
|
if (!$stmt) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2026-04-11 12:53:53 -04:00
|
|
|
$stmt->bind_param('s', $ticketId);
|
|
|
|
|
$result = $stmt->execute();
|
|
|
|
|
$affected = $stmt->affected_rows;
|
|
|
|
|
$stmt->close();
|
|
|
|
|
|
|
|
|
|
if ($result && $affected > 0) {
|
|
|
|
|
// Clean up physical attachment files
|
|
|
|
|
$uploadDir = defined('UPLOAD_DIR')
|
|
|
|
|
? UPLOAD_DIR
|
|
|
|
|
: (isset($GLOBALS['config']['UPLOAD_DIR']) ? $GLOBALS['config']['UPLOAD_DIR'] : dirname(__DIR__) . '/uploads');
|
|
|
|
|
$ticketDir = rtrim($uploadDir, '/') . '/' . $ticketId;
|
|
|
|
|
if (is_dir($ticketDir)) {
|
|
|
|
|
foreach ($attachmentFiles as $filename) {
|
|
|
|
|
$file = $ticketDir . '/' . basename($filename);
|
|
|
|
|
if (file_exists($file)) {
|
|
|
|
|
@unlink($file);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@rmdir($ticketDir); // Remove dir only if empty
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-29 22:00:32 -04:00
|
|
|
/**
|
|
|
|
|
* Check whether the FULLTEXT index on tickets(title, description) exists.
|
|
|
|
|
* Result is cached for the process lifetime (static).
|
|
|
|
|
*/
|
2026-04-13 20:56:10 -04:00
|
|
|
private function hasFulltextIndex(): bool
|
|
|
|
|
{
|
2026-03-29 22:00:32 -04:00
|
|
|
static $result = null;
|
|
|
|
|
if ($result !== null) {
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
$r = $this->conn->query(
|
|
|
|
|
"SELECT COUNT(*) as cnt FROM information_schema.STATISTICS
|
|
|
|
|
WHERE table_schema = DATABASE()
|
|
|
|
|
AND table_name = 'tickets'
|
|
|
|
|
AND index_type = 'FULLTEXT'
|
|
|
|
|
AND index_name = 'ft_title_description'"
|
|
|
|
|
);
|
|
|
|
|
$result = $r && (int)$r->fetch_assoc()['cnt'] > 0;
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
2026-04-13 20:56:10 -04:00
|
|
|
}
|
