<?php
    require_once('include/functions/image_upload.php');

    $_category = isset($_POST['category']) ? intval($_POST['category']) : 0;
    $_priority = isset($_POST['priority']) ? intval($_POST['priority']) : 0;
    $_status = isset($_POST['status']) ? intval($_POST['status']) : 0;
    $_assigned_to = isset($_POST['assigned_to']) ? intval($_POST['assigned_to']) : 0;
    $_summary = isset($_POST['summary']) ? trim(strval($_POST['summary'])) : '';
    $_description = isset($_POST['description']) ? trim(strval($_POST['description'])) : '';
    $_picture_description = isset($_POST['picture_description']) ? trim(strval($_POST['picture_description'])) : '';

    if ($_id)
    {
        $tracker_bugs = q("SELECT * FROM tracker_bugs WHERE id = " . sq($_id));
        if (!$tracker_bugs_row = mysqli_fetch_array($tracker_bugs))
        {
            $_id = null;
        }
    }

    if ($_id)
    {
        if ($GLOBALS['auth']['root'])
        {
            mysqli_query_logged("UPDATE tracker_bugs SET modified_on = NOW(), category = " . sq($_category) . ", priority = " . sq($_priority) . ", status = " . sq($_status) . ", assigned_to = " . sq($_assigned_to) . ", summary = " . sq($_summary) . ", description = " . sq($_description) . " WHERE id = " . sq($_id));
        }
    }
    else
    {
        mysqli_query_logged("INSERT INTO tracker_bugs SET user_id = '" . $GLOBALS['auth']['id'] . "', posted_on = NOW(), category = " . sq($_category) . ", priority = " . sq($_priority) . ", status = " . sq($_status) . ", assigned_to = " . sq($_assigned_to) . ", summary = " . sq($_summary) . ", description = " . sq($_description));
        $_id = mysqli_insert_id($GLOBALS['mysqli']);
    }

    if (isset($_FILES['picture']) && $_FILES['picture']['name'] && $_FILES['picture']['tmp_name'])
    {
        list($new, $dupe, $notice) = process_uploads();
        if ($new)
        {
            mysqli_query_logged("DELETE FROM tracker_bugs_images WHERE tracker_id = " . sq($_id));
            mysqli_query_logged("INSERT INTO tracker_bugs_images SET image_id = '" . $new . "', tracker_id = " . sq($_id) . ", user_id = '" . $GLOBALS['auth']['id'] . "', posted_on = NOW(), description = " . sq($_picture_description));
        }
        elseif ($dupe)
        {
            $tracker_bugs_images = mysqli_query_logged("SELECT * FROM tracker_bugs_images WHERE image_id = '" . $dupe . "' AND tracker_id = " . sq($_id));
            if (!mysqli_num_rows($tracker_bugs_images))
            {
                mysqli_query_logged("DELETE FROM tracker_bugs_images WHERE tracker_id = '" . $_id . "'");
                mysqli_query_logged("INSERT INTO tracker_bugs_images SET image_id = '" . $dupe . "', tracker_id = " . sq($_id) . ", user_id = '" . $GLOBALS['auth']['id'] . "', posted_on = NOW(), description = " . sq($_picture_description));
            }
            else
            {
                $notice = 'Duplicate Image';
            }
        }
        make_cookie('notice', $notice);
    }
    
    header('Location: ./?s=tracker_bugs_admin&i=' . $_id);
    die;
?>