diff --git a/admin/supervisor.php b/admin/supervisor.php index 56a843b8..56510198 100644 --- a/admin/supervisor.php +++ b/admin/supervisor.php @@ -165,7 +165,7 @@ if (!empty($rs))
-
+
qstr($_GET['note']); + $note = $db->qstr($_POST['note']); $sql = "INSERT INTO `case_note` (case_note_id,case_id,operator_id,note,datetime) VALUES (NULL,'$case_id','$operator_id',$note,CONVERT_TZ(NOW(),'System','UTC'))"; $db->Execute($sql); } - if (isset($_GET['outcome_id'])) + if (isset($_POST['outcome_id'])) { - $outcome_id = bigintval($_GET['outcome_id']); + $outcome_id = bigintval($_POST['outcome_id']); if ($outcome_id > 0) { @@ -254,9 +254,9 @@ if ($case_id != false) } } - if (isset($_GET['operator_id'])) + if (isset($_POST['operator_id'])) { - $case_operator_id = bigintval($_GET['operator_id']); + $case_operator_id = bigintval($_POST['operator_id']); if ($case_operator_id == 0) { @@ -275,7 +275,7 @@ if ($case_id != false) $db->Execute($sql); } - if (isset($_GET['submitag'])) + if (isset($_POST['submitag'])) { $db->StartTrans(); @@ -284,7 +284,7 @@ if ($case_id != false) $db->Execute($sql); - foreach($_GET as $key => $val) + foreach($_POST as $key => $val) { if (substr($key,0,2) == "ag") { @@ -436,8 +436,7 @@ if ($case_id != false) } //add a note ?> - - + @@ -476,7 +475,7 @@ if ($case_id != false) print "

 " . T_("Assign this case to operator (will appear as next case for them)") . "

"; ?> -
+ GetAll($sql); display_chooser($rs3, "operator_id", "operator_id",true,false,false,false); ?> -
GetAll($sql); //Display all availability groups as checkboxes - print "
"; + print ""; print "
" . T_("Select groups to limit availability (Selecting none means always available)") . "
"; foreach ($rs as $g) { @@ -532,7 +530,6 @@ if ($case_id != false) print " 
"; } ?>
-

 " . T_("Set a case outcome") . "

"; ?> -
+ -

+

 " . T_("Deidentify") . "

"; print "
" . T_("Remove all sample details and contact numbers from this case") . "
"; ?> -
- +
Execute($sql);