Добавить функцию проверки открытого тикета в скрипте php

[MIRDOBRO]

Здравствуйте! Подскажите, пожалуйста, как правильно создать функцию или добавить проверку на статус тикета "open", чтобы невозможно было создавать новый. Прикрепляю файл для авторизованных пользователей и файл со списком уже открытых тикетов. Или надо прикрепить весь скрипт?

 

[zlajasql]

Hello,


I took a quick look at the files you attached and have a few suggestions.


A simple approach would be to check whether the current user already has an active ticket before displaying or allowing access to the "New Ticket" form.


Example:

global $wpdb;
global $current_user;
get_currentuserinfo();

$active_ticket = $wpdb->get_var(
    $wpdb->prepare(
        "SELECT id FROM {$wpdb->prefix}wpsp_ticket
         WHERE created_by = %d
         AND status IN ('open','pending')
         LIMIT 1",
        $current_user->ID
    )
);

However, this should not be the only protection. The same validation should also be added to the ticket creation handler on the backend, otherwise users may still bypass the form and create tickets through a direct request.


If you can provide the file that processes ticket creation and stores the ticket in the database, it will be easier to suggest the exact implementation.


Best regards.

 

[MIRDOBRO]

@zlajasql,, thanks for responding to my request.
It seems to be this file. I'm a beginner in PHP.

 

[zlajasql]

@MIRDOBRO,

Hello,

Thank you for providing the file.

I took a closer look at the ticket creation process and prepared a small patch that adds server-side validation before a new ticket is created.

What the patch does​

• Prevents users from creating multiple active tickets.
• Checks for existing tickets with statuses such as Open or Pending before allowing a new one.
• Uses the currently logged-in WordPress user instead of relying only on the submitted user_id.
• Keeps the rest of the plugin functionality unchanged.

This validation is performed on the backend, which is the safest place to enforce this restriction. Even if someone bypasses the frontend, duplicate active tickets cannot be created.

I've attached the patched version of the file. Before replacing it, I recommend making a backup of your original file. Since I don't have your complete project or database structure, you may also want to verify the ticket status values used by your installation (for example: open, pending, awaiting reply, etc.) and adjust them if necessary.

I hope this helps, and feel free to ask if you run into any issues or have further questions.

Best regards.