'integer', 'm_from' => 'text', 'm_to' => 'text', 'cc' => 'text', 'subject' => 'text', 'message' => 'text', 'create_type' => 'integer' ); private $base_object; function __construct($base_object) { $this->base_object = $base_object; $this->db = $base_object->db; } public function get_all_ticket_messages($ticket_id) { $sql = "SELECT * FROM ticket_messages WHERE ticket_id=".$this->db->real_escape_string($ticket_id); $result = $this->db->query($sql); $data = array(); $z = 1; while ($obj = $result->fetch_object()) { $obj->message_number = $z; $this->id = $obj->id; $obj->attachments = $this->get_file_list(); $data['messages'][$z] = $obj; $z++; } $data['last_message_number'] = $z - 1; return $data; } public function get_first_message($ticket_id) { $sql = "SELECT * FROM ticket_messages WHERE ticket_id=".$this->db->real_escape_string($ticket_id). " ORDER BY id ASC LIMIT 1"; $result = $this->db->query($sql); while ($obj = $result->fetch_object()) { $data = $obj; $this->id = $obj->id; $obj->attachments = $this->get_file_list(); } return $data; } public function get_data() { $sql = "SELECT * FROM ticket_messages WHERE id=".$this->db->real_escape_string($this->id); $result = $this->db->query($sql); $obj = $result->fetch_object(); $obj->attachments = $this->get_file_list(); return $obj; } // end get_data public function delete() { $sql = "DELETE FROM ticket_messages WHERE id=".$this->db->real_escape_string($this->id); $this->db->query($sql); return; } public function data_filter($request) { $data = array(); foreach ($this->object_fields as $field_name => $var_type) { if (isset($request[$field_name])) { if ($var_type == 'text') { $data[$field_name] = $request[$field_name]; } else { $data[$field_name] = (int)$request[$field_name]; } } } return $data; } // TODO : real_escape_string this ? public function create($data, $attachments = false) { if ($data) { $sql = "INSERT INTO ticket_messages SET "; foreach ($data as $var_name => $value) { $value = $this->db->real_escape_string($value); if ($this->object_fields[$var_name] == 'integer') { $sql .= $var_name.' = '.$value.', '; } else { $sql .= $var_name.' = "'.$value.'", '; } } $sql .= 'create_time = current_timestamp'; $this->db->query($sql); $this->id = $this->db->insert_id; if ($attachments) { foreach ($attachments as $attachment) { $this->add_file(array ( 'file_name' => $attachment->file_name, 'mime_type' => $attachment->mime_type, 'content' => $attachment->content )); } } } return; } // TODO : real_escape_string this ? public function update($data) { if ($data) { $sql = "UPDATE ticket_messages SET "; foreach ($data as $var_name => $value) { $value = $this->db->real_escape_string($value); if ($this->object_fields[$var_name] == 'integer') { $sql .= $var_name.'='.$value.', '; } else { $sql .= $var_name.'="'.$value.'", '; } } $sql = substr($sql, 0, -2); $sql .= ' WHERE id='.$this->db->real_escape_string($this->id); $this->db->query($sql); } return; } public function delete_by_id($id) { $sql = "DELETE FROM ticket_messages WHERE id=".$this->db->real_escape_string($id); $rs = $this->db->query($sql); } public function add_file($data) { if ($data) { $sql = " INSERT INTO ticket_message_attachments (ticket_message_id, file_name, mime_type, content) VALUES (".$this->id.", '".$data['file_name']."', '".$data['mime_type']."','".base64_encode($data['content'])."')" ; $this->db->query($sql); } return; } public function get_file_list() { $sql = "SELECT * FROM ticket_message_attachments WHERE ticket_message_id=".$this->id; $result = $this->db->query($sql); $data = array(); while ($obj = $result->fetch_object()) { $obj->content = base64_decode($obj->content); $data[] = $obj; } return $data; } public function get_file($file_id) { $sql = "SELECT * FROM ticket_message_attachments WHERE id=".$file_id; $result = $this->db->query($sql); $obj = $result->fetch_object(); $obj->content = base64_decode($obj->content); return $obj; } public function delete_file($file_id) { $sql = " DELETE FROM ticket_message_attachments WHERE id=".$this->db->real_escape_string($file_id)." "; $result = $this->db->query($sql); return; } } ?>