diff --git a/admin/post/ai_model.php b/admin/post/ai_model.php
index 1057023b..127d1ccf 100644
--- a/admin/post/ai_model.php
+++ b/admin/post/ai_model.php
@@ -22,7 +22,7 @@ if (isset($_POST['add_ai_model'])) {
// Logging
logAction("AI Model", "Create", "$session_name created AI Model $model");
- $_SESSION['alert_message'] = "AI Model $model created";
+ flash_alert("AI Model $model created");
redirect();
@@ -42,7 +42,7 @@ if (isset($_POST['edit_ai_model'])) {
// Logging
logAction("AI Model", "Edit", "$session_name edited AI Model $model");
- $_SESSION['alert_message'] = "AI Model $model edited";
+ flash_alert("AI Model $model edited");
redirect();
@@ -63,8 +63,7 @@ if (isset($_GET['delete_ai_model'])) {
// Logging
logAction("AI Model", "Delete", "$session_name deleted AI Model $model_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "AI Model $model_name deleted";
+ flash_alert("AI Model $model_name deleted", 'error');
redirect();
diff --git a/admin/post/ai_provider.php b/admin/post/ai_provider.php
index 252209c0..3a3692c7 100644
--- a/admin/post/ai_provider.php
+++ b/admin/post/ai_provider.php
@@ -23,7 +23,7 @@ if (isset($_POST['add_ai_provider'])) {
// Logging
logAction("AI Provider", "Create", "$session_name created AI Provider $provider");
- $_SESSION['alert_message'] = "AI Model $provider created";
+ flash_alert("AI Model $provider created");
redirect();
@@ -43,7 +43,7 @@ if (isset($_POST['edit_ai_provider'])) {
// Logging
logAction("AI Provider", "Edit", "$session_name edited AI Provider $provider");
- $_SESSION['alert_message'] = "AI Model $provider edited";
+ flash_alert("AI Model $provider edited");
redirect();
@@ -64,8 +64,7 @@ if (isset($_GET['delete_ai_provider'])) {
// Logging
logAction("AI Provider", "Delete", "$session_name deleted AI Provider $provider_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "AI Provider $provider_name deleted";
+ flash_alert("AI Provider $provider_name deleted", 'error');
redirect();
diff --git a/admin/post/api_keys.php b/admin/post/api_keys.php
index 9e15ff61..f1ffac30 100644
--- a/admin/post/api_keys.php
+++ b/admin/post/api_keys.php
@@ -26,7 +26,7 @@ if (isset($_POST['add_api_key'])) {
// Logging
logAction("API Key", "Create", "$session_name created API key $name set to expire on $expire", $client_id, $api_key_id);
- $_SESSION['alert_message'] = "API Key $name created";
+ flash_alert("API Key $name created");
redirect();
@@ -48,8 +48,7 @@ if (isset($_GET['delete_api_key'])) {
// Logging
logAction("API Key", "Delete", "$session_name deleted API key $name", $client_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "API Key $name deleted";
+ flash_alert("API Key $name deleted", 'error');
redirect();
@@ -83,8 +82,7 @@ if (isset($_POST['bulk_delete_api_keys'])) {
// Logging
logAction("API Key", "Bulk Delete", "$session_name deleted $count API key(s)");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Deleted $count API keys(s)";
+ flash_alert("Deleted $count API keys(s)", 'error');
}
diff --git a/admin/post/backup.php b/admin/post/backup.php
index e2315ec1..b4b36bd5 100644
--- a/admin/post/backup.php
+++ b/admin/post/backup.php
@@ -175,7 +175,7 @@ if (isset($_GET['download_backup'])) {
fclose($fp);
logAction("System", "Backup Download", "$session_name downloaded full backup.");
- $_SESSION['alert_message'] = "Full backup downloaded.";
+ flash_alert("Full backup downloaded.");
exit;
}
@@ -207,8 +207,7 @@ if (isset($_POST['backup_master_key'])) {
// Log the failure
logAction("Master Key", "Download", "$session_name attempted to retrieve the master encryption key but failed");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Incorrect password.";
+ flash_alert("Incorrect password.", 'error');
redirect();
}
diff --git a/admin/post/category.php b/admin/post/category.php
index 4a99de16..470d579f 100644
--- a/admin/post/category.php
+++ b/admin/post/category.php
@@ -17,7 +17,7 @@ if (isset($_POST['add_category'])) {
// Logging
logAction("Category", "Create", "$session_name created category $type $name", 0, $category_id);
- $_SESSION['alert_message'] = "Category $type $name created";
+ flash_alert("Category $type $name created");
redirect();
@@ -34,7 +34,7 @@ if (isset($_POST['edit_category'])) {
// Logging
logAction("Category", "Edit", "$session_name edited category $type $name", 0, $category_id);
- $_SESSION['alert_message'] = "Category $type $name edited";
+ flash_alert("Category $type $name edited");
redirect();
@@ -55,8 +55,7 @@ if (isset($_GET['archive_category'])) {
// Logging
logAction("Category", "Archive", "$session_name archived category $category_type $category_name", 0, $category_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Category $category_type $category_name archived";
+ flash_alert("Category $category_type $category_name archived", 'error');
redirect();
@@ -77,7 +76,7 @@ if (isset($_GET['unarchive_category'])) {
// Logging
logAction("Category", "Unarchive", "$session_name unarchived category $category_type $category_name", 0, $category_id);
- $_SESSION['alert_message'] = "Category $category_type $category_name unarchived";
+ flash_alert("Category $category_type $category_name unarchived");
redirect();
@@ -98,8 +97,7 @@ if (isset($_GET['delete_category'])) {
// Logging
logAction("Category", "Delete", "$session_name deleted category $category_type $category_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Category $category_type $category_name deleted";
+ flash_alert("Category $category_type $category_name deleted", 'error');
redirect();
diff --git a/admin/post/custom_field.php b/admin/post/custom_field.php
index 22d77d33..5751ce4d 100644
--- a/admin/post/custom_field.php
+++ b/admin/post/custom_field.php
@@ -19,7 +19,7 @@ if(isset($_POST['create_custom_field'])){
// Logging
logAction("Custom Field", "Create", "$session_name created custom field $label", 0, $custom_field_id);
- $_SESSION['alert_message'] = "Custom field $label created";
+ flash_alert("Custom field $label created");
redirect();
@@ -36,7 +36,7 @@ if(isset($_POST['edit_custom_field'])){
// Logging
logAction("Custom Field", "Edit", "$session_name edited custom field $label", 0, $custom_field_id);
- $_SESSION['alert_message'] = "Custom field $label edited";
+ flash_alert("Custom field $label edited");
redirect();
@@ -56,7 +56,7 @@ if(isset($_GET['delete_custom_field'])){
logAction("Custom Field", "Delete", "$session_name deleted custom field $label");
$_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Custom field $label deleted";
+ flash_alert("Custom field $label deleted", 'error');
redirect();
diff --git a/admin/post/custom_link.php b/admin/post/custom_link.php
index 146c5bd5..26ec09d2 100644
--- a/admin/post/custom_link.php
+++ b/admin/post/custom_link.php
@@ -22,7 +22,7 @@ if (isset($_POST['add_custom_link'])) {
// Logging
logAction("Custom Link", "Create", "$session_name created custom link $name -> $uri", 0, $custom_link_id);
- $_SESSION['alert_message'] = "Custom link $name created";
+ flash_alert("Custom link $name created");
redirect();
@@ -43,7 +43,7 @@ if (isset($_POST['edit_custom_link'])) {
// Logging
logAction("Custom Link", "Edit", "$session_name edited custom link $name -> $uri", 0, $custom_link_id);
- $_SESSION['alert_message'] = "Custom Link $name edited";
+ flash_alert("Custom Link $name edited");
redirect();
@@ -63,8 +63,7 @@ if (isset($_GET['delete_custom_link'])) {
// Logging
logAction("Custom Link", "Delete", "$session_name deleted custom link $custom_link_name -> $custom_link_uri");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Custom Link $name deleted";
+ flash_alert("Custom Link $name deleted", 'error');
redirect();
diff --git a/admin/post/document_template.php b/admin/post/document_template.php
index a1432dd8..b0bd8094 100644
--- a/admin/post/document_template.php
+++ b/admin/post/document_template.php
@@ -18,7 +18,7 @@ if (isset($_POST['add_document_template'])) {
// Logging
logAction("Document Template", "Create", "$session_name created document template $name", 0, $document_template_id);
- $_SESSION['alert_message'] = "Document template $name created";
+ flash_alert("Document template $name created");
redirect();
@@ -37,7 +37,7 @@ if (isset($_POST['edit_document_template'])) {
// Logging
logAction("Document Template", "Edit", "$session_name edited document template $name", 0, $document_template_id);
- $_SESSION['alert_message'] = "Document Template $name edited";
+ flash_alert("Document Template $name edited");
redirect();
@@ -57,8 +57,7 @@ if (isset($_GET['delete_document_template'])) {
//Logging
logAction("Document Template", "Delete", "$session_name deleted document template $document_template_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Document Template $document_template_name deleted";
+ flash_alert("Document Template $document_template_name deleted", 'error');
redirect();
diff --git a/admin/post/identity_provider.php b/admin/post/identity_provider.php
index 09ce4c4e..8d444221 100644
--- a/admin/post/identity_provider.php
+++ b/admin/post/identity_provider.php
@@ -14,7 +14,7 @@ if (isset($_POST['edit_identity_provider'])) {
// Logging
logAction("Settings", "Edit", "$session_name edited identity provider settings");
- $_SESSION['alert_message'] = "Identity Provider Settings updated";
+ flash_alert("Identity Provider Settings updated");
redirect();
diff --git a/admin/post/mail_queue.php b/admin/post/mail_queue.php
index cfa9ceba..d7c89c24 100644
--- a/admin/post/mail_queue.php
+++ b/admin/post/mail_queue.php
@@ -11,7 +11,7 @@ if (isset($_GET['send_failed_mail'])) {
// Logging
logAction("Email", "Send", "$session_name attempted to force send email id: $email_id in the mail queue", 0, $email_id);
- $_SESSION['alert_message'] = "Email Force Sent, give it a minute to resend";
+ flash_alert("Email Force Sent, give it a minute to resend");
redirect();
@@ -26,8 +26,7 @@ if (isset($_GET['cancel_mail'])) {
// Logging
logAction("Email", "Send", "$session_name canceled send email id: $email_id in the mail queue", 0, $email_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Email cancelled and marked as failed.";
+ flash_alert("Email cancelled and marked as failed.", 'error');
redirect();
@@ -55,7 +54,7 @@ if (isset($_POST['bulk_cancel_emails'])) {
// Logging
logAction("Email", "Bulk Cancel", "$session_name cancelled $count email(s) in the mail queue");
- $_SESSION['alert_message'] = "Cancelled $count email(s)";
+ flash_alert("Cancelled $count email(s)", 'error');
}
@@ -84,8 +83,7 @@ if (isset($_POST['bulk_delete_emails'])) {
// Logging
logAction("Email", "Bulk Delete", "$session_name deleted $count email(s) from the mail queue");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Deleted $count email(s)";
+ flash_alert("Deleted $count email(s)", 'error');
}
diff --git a/admin/post/payment_method.php b/admin/post/payment_method.php
index 5fbf0b35..0df6e94c 100644
--- a/admin/post/payment_method.php
+++ b/admin/post/payment_method.php
@@ -18,7 +18,7 @@ if (isset($_POST['add_payment_method'])) {
// Logging
logAction("Payment Method", "Create", "$session_name created Payment Method $name");
- $_SESSION['alert_message'] = "Payment Method $name created";
+ flash_alert("Payment Method $name created");
redirect();
@@ -37,7 +37,7 @@ if (isset($_POST['edit_payment_method'])) {
// Logging
logAction("Payment Method", "Edit", "$session_name edited Payment Method $name");
- $_SESSION['alert_message'] = "Payment Method $name edited";
+ flash_alert("Payment Method $name edited");
redirect();
@@ -56,8 +56,7 @@ if (isset($_GET['delete_payment_method'])) {
// Logging
logAction("Payment Method", "Delete", "$session_name deleted Payment Method $payment_method_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Payment Method $payment_method_name deleted";
+ flash_alert("Payment Method $payment_method_name deleted", 'error');
redirect();
diff --git a/admin/post/payment_provider.php b/admin/post/payment_provider.php
index 09ec07b6..e84499e7 100644
--- a/admin/post/payment_provider.php
+++ b/admin/post/payment_provider.php
@@ -55,7 +55,7 @@ if (isset($_POST['add_payment_provider'])) {
// Logging
logAction("Payment Provider", "Create", "$session_name created AI Provider $provider");
- $_SESSION['alert_message'] = "AI Model $provider created";
+ flash_alert("Payment provider $provider created");
redirect();
@@ -79,7 +79,7 @@ if (isset($_POST['edit_payment_provider'])) {
// Logging
logAction("Payment Provider", "Edit", "$session_name edited Payment Provider $provider");
- $_SESSION['alert_message'] = "Payment Provider $provider edited";
+ flash_alert("Payment Provider $provider edited");
redirect();
@@ -98,8 +98,7 @@ if (isset($_GET['delete_payment_provider'])) {
// Logging
logAction("Payment Provider", "Delete", "$session_name deleted Payment Provider $provider_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Payment Provider $provider_name deleted";
+ flash_alert("Payment Provider $provider_name deleted", 'error');
redirect();
diff --git a/admin/post/project_template.php b/admin/post/project_template.php
index 78a6e4d8..b9ab35f9 100644
--- a/admin/post/project_template.php
+++ b/admin/post/project_template.php
@@ -14,7 +14,7 @@ if (isset($_POST['add_project_template'])) {
// Logging
logAction("Project Template", "Create", "$session_name created project template $name", 0, $project_template_id);
- $_SESSION['alert_message'] = "Project Template $name created";
+ flash_alert("Project Template $name created");
redirect();
@@ -31,7 +31,7 @@ if (isset($_POST['edit_project_template'])) {
// Logging
logAction("Project Template", "Edit", "$session_name edited project template $name", 0, $project_template_id);
- $_SESSION['alert_message'] = "Project Template $name edited";
+ flash_alert("Project Template $name edited");
redirect();
}
@@ -58,7 +58,7 @@ if (isset($_POST['add_ticket_template_to_project_template'])) {
// Logging
logAction("Project Template", "Edit", "$session_name added ticket template to project_template", 0, $project_template_id);
- $_SESSION['alert_message'] = "Ticket template added";
+ flash_alert("Ticket template added");
redirect();
}
@@ -74,8 +74,7 @@ if (isset($_POST['remove_ticket_template_from_project_template'])) {
// Logging
logAction("Project Template", "Edit", "$session_name removed ticket template from project template", 0, $project_template_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Ticket template removed";
+ flash_alert("Ticket template removed", 'error');
redirect();
}
@@ -97,8 +96,7 @@ if (isset($_GET['delete_project_template'])) {
// Logging
logAction("Project Template", "Delete", "$session_name deleted project template $project_template_name and its associated ticket templates and tasks");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Project Template $project_template_name and its associated ticket templates and tasks deleted";
+ flash_alert("Project Template $project_template_name and its associated ticket templates and tasks deleted", 'error');
redirect();
}
diff --git a/admin/post/roles.php b/admin/post/roles.php
index 356ce30f..48c74efe 100644
--- a/admin/post/roles.php
+++ b/admin/post/roles.php
@@ -21,7 +21,7 @@ if (isset($_POST['add_role'])) {
// Logging
logAction("User Role", "Create", "$session_name created user role $name", 0, $role_id);
- $_SESSION['alert_message'] = "User Role created";
+ flash_alert("User Role created");
redirect();
@@ -56,7 +56,7 @@ if (isset($_POST['edit_role'])) {
// Logging
logAction("User Role", "Edit", "$session_name edited user role $name", 0, $role_id);
- $_SESSION['alert_message'] = "User Role $name edited";
+ flash_alert("User Role $name edited");
redirect();
}
@@ -71,10 +71,9 @@ if (isset($_GET['archive_role'])) {
$sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(user_id) FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL");
$role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
if ($role_user_count != 0) {
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Role must not in use to archive it";
+ flash_alert("Role must not in use to archive it", 'error');
+
redirect();
- exit();
}
mysqli_query($mysqli, "UPDATE user_roles SET role_archived_at = NOW() WHERE role_id = $role_id");
@@ -84,6 +83,7 @@ if (isset($_GET['archive_role'])) {
$role_name = sanitizeInput($role_details['role_name']);
logAction("User Role", "Archive", "$session_name archived user role $role_name", 0, $role_id);
- $_SESSION['alert_message'] = "User Role archived";
+ flash_alert("User Role archived", 'error');
+
redirect();
}
\ No newline at end of file
diff --git a/admin/post/saved_payment_method.php b/admin/post/saved_payment_method.php
index 23839f16..bb8c6270 100644
--- a/admin/post/saved_payment_method.php
+++ b/admin/post/saved_payment_method.php
@@ -60,9 +60,10 @@ if (isset($_GET['delete_saved_payment'])) {
// SQL Cascade delete will Remove All Associated Auto Payment Methods on recurring invoices in the recurring payments table.
- // Logging & Redirect
logAction("Payment Provider", "Update", "$session_name deleted saved payment method $saved_payment_description (PM: $payment_method)", $client_id);
- $_SESSION['alert_message'] = "Payment method $saved_payment_description removed";
+
+ flash_alert("Payment method $saved_payment_description removed", 'error');
+
redirect();
}
diff --git a/admin/post/settings_ai.php b/admin/post/settings_ai.php
index ac33f5b0..7f9f7f60 100644
--- a/admin/post/settings_ai.php
+++ b/admin/post/settings_ai.php
@@ -18,10 +18,9 @@ if (isset($_POST['edit_ai_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_ai_enable = $ai_enable, config_ai_provider = '$provider', config_ai_model = '$model', config_ai_url = '$url', config_ai_api_key = '$api_key' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited AI settings");
- $_SESSION['alert_message'] = "AI Settings updated";
+ flash_alert("AI Settings updated");
redirect();
diff --git a/admin/post/settings_company.php b/admin/post/settings_company.php
index e058e9e5..160055a9 100644
--- a/admin/post/settings_company.php
+++ b/admin/post/settings_company.php
@@ -44,10 +44,9 @@ if (isset($_POST['edit_company'])) {
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website', company_tax_id = '$tax_id' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited company details");
- $_SESSION['alert_message'] = "Company $name edited";
+ flash_alert("Company $name edited");
redirect();
@@ -63,11 +62,9 @@ if (isset($_GET['remove_company_logo'])) {
mysqli_query($mysqli,"UPDATE companies SET company_logo = NULL WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name deleted company logo");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Removed company logo";
+ flash_alert("Removed company logo", 'error');
redirect();
diff --git a/admin/post/settings_default.php b/admin/post/settings_default.php
index 87dfef34..2775e528 100644
--- a/admin/post/settings_default.php
+++ b/admin/post/settings_default.php
@@ -19,10 +19,9 @@ if (isset($_POST['edit_default_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$start_page', config_default_expense_account = $expense_account, config_default_payment_account = $payment_account, config_default_payment_method = '$payment_method', config_default_expense_payment_method = '$expense_payment_method', config_default_transfer_from_account = $transfer_from_account, config_default_transfer_to_account = $transfer_to_account, config_default_calendar = $calendar, config_default_net_terms = $net_terms, config_default_hourly_rate = $hourly_rate WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited default settings");
- $_SESSION['alert_message'] = "Default settings edited";
+ flash_alert("Default settings edited");
redirect();
}
diff --git a/admin/post/settings_invoice.php b/admin/post/settings_invoice.php
index 36c42fd8..f37f4dda 100644
--- a/admin/post/settings_invoice.php
+++ b/admin/post/settings_invoice.php
@@ -21,10 +21,9 @@ if (isset($_POST['edit_invoice_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer', config_invoice_show_tax_id = $config_invoice_show_tax_id, config_invoice_late_fee_enable = $config_invoice_late_fee_enable, config_invoice_late_fee_percent = $config_invoice_late_fee_percent, config_invoice_paid_notification_email = '$config_invoice_paid_notification_email', config_recurring_invoice_prefix = '$config_recurring_invoice_prefix', config_recurring_invoice_next_number = $config_recurring_invoice_next_number WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited invoice settings");
- $_SESSION['alert_message'] = "Invoice Settings edited";
+ flash_alert("Invoice Settings edited");
redirect();
diff --git a/admin/post/settings_localization.php b/admin/post/settings_localization.php
index 9e8d831a..9d48ff71 100644
--- a/admin/post/settings_localization.php
+++ b/admin/post/settings_localization.php
@@ -14,10 +14,9 @@ if (isset($_POST['edit_localization'])) {
mysqli_query($mysqli,"UPDATE settings SET config_timezone = '$timezone' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited localization settings");
- $_SESSION['alert_message'] = "Company localization updated";
+ flash_alert("Company localization updated");
redirect();
diff --git a/admin/post/settings_mail.php b/admin/post/settings_mail.php
index ee4c68f9..e3c01668 100644
--- a/admin/post/settings_mail.php
+++ b/admin/post/settings_mail.php
@@ -14,10 +14,9 @@ if (isset($_POST['edit_mail_smtp_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_encryption = '$config_smtp_encryption', config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited SMTP mail settings");
- $_SESSION['alert_message'] = "SMTP Mail Settings updated";
+ flash_alert("SMTP Mail Settings updated");
redirect();
@@ -35,11 +34,9 @@ if (isset($_POST['edit_mail_imap_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_imap_host = '$config_imap_host', config_imap_port = $config_imap_port, config_imap_encryption = '$config_imap_encryption', config_imap_username = '$config_imap_username', config_imap_password = '$config_imap_password' WHERE company_id = 1");
-
- // Logging
logAction("Settings", "Edit", "$session_name edited IMAP mail settings");
- $_SESSION['alert_message'] = "IMAP Mail Settings updated";
+ flash_alert("IMAP Mail Settings updated");
redirect();
@@ -63,10 +60,9 @@ if (isset($_POST['edit_mail_from_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited mail from settings");
- $_SESSION['alert_message'] = "Mail From Settings updated";
+ flash_alert("Mail From Settings updated");
redirect();
@@ -77,6 +73,7 @@ if (isset($_POST['test_email_smtp'])) {
validateCSRFToken($_POST['csrf_token']);
$test_email = intval($_POST['test_email']);
+
if($test_email == 1) {
$email_from = sanitizeInput($config_mail_from_email);
$email_from_name = sanitizeInput($config_mail_from_name);
@@ -105,13 +102,13 @@ if (isset($_POST['test_email_smtp'])) {
'body' => $body
]
];
+
$mail = addToMailQueue($data);
if ($mail === true) {
- $_SESSION['alert_message'] = "Test email queued! Check Admin > Mail queue";
+ flash_alert("Test email queued! Check Admin > Mail queue");
} else {
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Failed to add test mail to queue";
+ flash_alert("Failed to add test mail to queue", 'error');
}
redirect();
@@ -130,13 +127,12 @@ if (isset($_POST['test_email_imap'])) {
if ($inbox) {
imap_close($inbox);
- $_SESSION['alert_message'] = "Connected successfully";
+ flash_alert("Connected successfully");
} else {
throw new Exception(imap_last_error());
}
} catch (Exception $e) {
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Test IMAP connection failed: " . $e->getMessage();
+ flash_alert("IMAP connection failed: " . $e->getMessage(), 'error');
}
redirect();
diff --git a/admin/post/settings_module.php b/admin/post/settings_module.php
index 67aa48b1..f00cc412 100644
--- a/admin/post/settings_module.php
+++ b/admin/post/settings_module.php
@@ -19,10 +19,9 @@ if (isset($_POST['edit_module_settings'])) {
mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1");
}
- // Logging
logAction("Settings", "Edit", "$session_name edited module settings");
- $_SESSION['alert_message'] = "Module Settings updated";
+ flash_alert("Module Settings updated");
redirect();
diff --git a/admin/post/settings_notification.php b/admin/post/settings_notification.php
index 8d5891cc..b21a57d5 100644
--- a/admin/post/settings_notification.php
+++ b/admin/post/settings_notification.php
@@ -14,10 +14,9 @@ if (isset($_POST['edit_notification_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_recurring_auto_send_invoice = $config_recurring_auto_send_invoice, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire, config_ticket_client_general_notifications = $config_ticket_client_general_notifications WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited notification settings");
- $_SESSION['alert_message'] = "Notification Settings updated";
+ flash_alert("Notification Settings updated");
redirect();
diff --git a/admin/post/settings_online_payment.php b/admin/post/settings_online_payment.php
index 3c31bb69..f14addf8 100644
--- a/admin/post/settings_online_payment.php
+++ b/admin/post/settings_online_payment.php
@@ -17,14 +17,12 @@ if (isset($_POST['edit_online_payment_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited online payment settings");
if ($config_stripe_enable && $config_stripe_account == 0) {
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Stripe payment account must be specified!";
+ flash_alert("Stripe payment account must be specified!", 'error');
} else {
- $_SESSION['alert_message'] = "Online Payment Settings updated";
+ flash_alert("Online Payment Settings updated");
}
redirect();
diff --git a/admin/post/settings_online_payment_clients.php b/admin/post/settings_online_payment_clients.php
index 8f7ab22a..1da51c3f 100644
--- a/admin/post/settings_online_payment_clients.php
+++ b/admin/post/settings_online_payment_clients.php
@@ -6,9 +6,8 @@ if (isset($_GET['stripe_remove_pm'])) {
validateCSRFToken($_GET['csrf_token']);
if (!$config_stripe_enable) {
- $_SESSION['alert_message'] = "Stripe not enabled";
+ flash_alert("Stripe not enabled", 'error');
redirect();
- exit();
}
$client_id = intval($_GET['client_id']);
@@ -39,9 +38,10 @@ if (isset($_GET['stripe_remove_pm'])) {
mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
}
- // Logging & Redirect
logAction("Stripe", "Update", "$session_name deleted saved Stripe payment method (PM: $payment_method)", $client_id);
- $_SESSION['alert_message'] = "Payment method removed";
+
+ flash_alert("Payment method removed", 'error');
+
redirect();
}
@@ -62,9 +62,10 @@ if (isset($_GET['stripe_reset_customer'])) {
mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
}
- // Logging
logAction("Stripe", "Delete", "$session_name reset Stripe settings for client", $client_id);
- $_SESSION['alert_message'] = "Reset client Stripe settings";
+ flash_alert("Reset client Stripe settings", 'error');
+
redirect();
-}
\ No newline at end of file
+
+}
diff --git a/admin/post/settings_project.php b/admin/post/settings_project.php
index b6bcf759..b65f4371 100644
--- a/admin/post/settings_project.php
+++ b/admin/post/settings_project.php
@@ -11,10 +11,9 @@ if (isset($_POST['edit_project_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_project_prefix = '$config_project_prefix', config_project_next_number = $config_project_next_number WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited project settings");
- $_SESSION['alert_message'] = "Project Settings updated";
+ flash_alert("Project Settings updated");
redirect();
diff --git a/admin/post/settings_quote.php b/admin/post/settings_quote.php
index 2c39a13b..3c28971c 100644
--- a/admin/post/settings_quote.php
+++ b/admin/post/settings_quote.php
@@ -16,10 +16,9 @@ if (isset($_POST['edit_quote_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer', config_quote_notification_email = '$config_quote_notification_email' WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited Quote settings");
- $_SESSION['alert_message'] = "Quote Settings updated";
+ flash_alert("Quote Settings updated");
redirect();
diff --git a/admin/post/settings_security.php b/admin/post/settings_security.php
index 08691b77..41c75474 100644
--- a/admin/post/settings_security.php
+++ b/admin/post/settings_security.php
@@ -19,10 +19,10 @@ if (isset($_POST['edit_security_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret', config_login_remember_me_expire = $config_login_remember_me_expire, config_log_retention = $config_log_retention WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited security settings");
- $_SESSION['alert_message'] = "Security settings updated";
+ flash_alert("Security settings updated");
redirect();
+
}
diff --git a/admin/post/settings_telemetry.php b/admin/post/settings_telemetry.php
index e388b508..0da611f0 100644
--- a/admin/post/settings_telemetry.php
+++ b/admin/post/settings_telemetry.php
@@ -10,10 +10,9 @@ if (isset($_POST['edit_telemetry_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_telemetry = $config_telemetry WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited telemetry settings");
- $_SESSION['alert_message'] = "Telemetry Settings updated";
+ flash_alert("Telemetry Settings updated");
redirect();
diff --git a/admin/post/settings_theme.php b/admin/post/settings_theme.php
index c8920c4b..ff0fadf0 100644
--- a/admin/post/settings_theme.php
+++ b/admin/post/settings_theme.php
@@ -12,12 +12,12 @@ if (isset($_POST['edit_theme_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_theme = '$theme', config_theme_dark = $dark_mode WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited theme settings $dark_mode");
- $_SESSION['alert_message'] = "Changed theme to $theme";
+ flash_alert("Changed theme to $theme");
redirect();
+
}
if (isset($_POST['edit_favicon_settings'])) {
@@ -44,10 +44,9 @@ if (isset($_POST['edit_favicon_settings'])) {
}
}
- // Logging
logAction("Settings", "Edit", "$session_name changed the favicon");
- $_SESSION['alert_message'] = "Favicon Updated";
+ flash_alert("Favicon Updated");
redirect();
diff --git a/admin/post/settings_ticket.php b/admin/post/settings_ticket.php
index 0e571fa4..c1a35679 100644
--- a/admin/post/settings_ticket.php
+++ b/admin/post/settings_ticket.php
@@ -21,11 +21,10 @@ if (isset($_POST['edit_ticket_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_email_parse = $config_ticket_email_parse, config_ticket_email_parse_unknown_senders = $config_ticket_email_parse_unknown_senders, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email', config_ticket_default_billable = $config_ticket_default_billable, config_ticket_default_view = $config_ticket_default_view, config_ticket_moving_columns = $config_ticket_moving_columns, config_ticket_ordering = $config_ticket_ordering, config_ticket_timer_autostart = $config_ticket_timer_autostart WHERE company_id = 1");
- // Logging
logAction("Settings", "Edit", "$session_name edited ticket settings");
- $_SESSION['alert_message'] = "Ticket Settings updated";
+ flash_alert("Ticket Settings updated");
redirect();
-}
\ No newline at end of file
+}
diff --git a/admin/post/software_template.php b/admin/post/software_template.php
index 288bbdab..9cc86371 100644
--- a/admin/post/software_template.php
+++ b/admin/post/software_template.php
@@ -17,10 +17,9 @@ if (isset($_POST['add_software_template'])) {
$software_template_id = mysqli_insert_id($mysqli);
- // Logging
logAction("Software Template", "Create", "$session_name created software template $name", 0, $software_template_id);
- $_SESSION['alert_message'] = "Software template $name created";
+ flash_alert("Software template $name created");
redirect();
@@ -38,10 +37,9 @@ if (isset($_POST['edit_software_template'])) {
mysqli_query($mysqli,"UPDATE software_templates SET software_template_name = '$name', software_template_version = '$version', software_template_description = '$description', software_template_type = '$type', software_template_license_type = '$license_type', software_template_notes = '$notes' WHERE software_template_id = $software_template_id");
- // Logging
logAction("Software Template", "Edit", "$session_name edited software template $name", 0, $software_template_id);
- $_SESSION['alert_message'] = "Software template $name edited";
+ flash_alert("Software template $name edited");
redirect();
@@ -58,11 +56,9 @@ if (isset($_GET['delete_software_template'])) {
mysqli_query($mysqli,"DELETE FROM software_templates WHERE software_template_id = $software_template_id");
- //Logging
logAction("Software Template", "Delete", "$session_name deleted software template $software_template_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Software Template $software_template_name deleted";
+ flash_alert("Software Template $software_template_name deleted", 'error');
redirect();
diff --git a/admin/post/tag.php b/admin/post/tag.php
index 7f93f366..4911b57e 100644
--- a/admin/post/tag.php
+++ b/admin/post/tag.php
@@ -14,10 +14,9 @@ if (isset($_POST['add_tag'])) {
$tag_id = mysqli_insert_id($mysqli);
- // Logging
logAction("Tag", "Create", "$session_name created tag $name", 0, $tag_id);
- $_SESSION['alert_message'] = "Tag $name created";
+ flash_alert("Tag $name created");
redirect();
@@ -31,30 +30,25 @@ if (isset($_POST['edit_tag'])) {
mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id");
- // Logging
logAction("Tag", "Edit", "$session_name edited tag $name", 0, $tag_id);
- $_SESSION['alert_message'] = "Tag $name edited";
+ flash_alert("Tag $name edited");
redirect();
}
if (isset($_GET['delete_tag'])) {
+
$tag_id = intval($_GET['delete_tag']);
-
- // Get Tag Name for logging
- $sql = mysqli_query($mysqli,"SELECT tag_name FROM tags WHERE tag_id = $tag_id");
- $row = mysqli_fetch_array($sql);
- $tag_name = sanitizeInput($row['tag_name']);
+
+ $tag_name = sanitizeInput(getFieldById('tags', $tag_id, 'tag_name'));
mysqli_query($mysqli,"DELETE FROM tags WHERE tag_id = $tag_id");
- // Logging
logAction("Tag", "Delete", "$session_name deleted tag $tag_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Tag $tag_name deleted";
+ flash_alert("Tag $tag_name deleted", 'error');
redirect();
diff --git a/admin/post/tax.php b/admin/post/tax.php
index be9ab4bf..53097516 100644
--- a/admin/post/tax.php
+++ b/admin/post/tax.php
@@ -16,10 +16,9 @@ if (isset($_POST['add_tax'])) {
$tax_id = mysqli_insert_id($mysqli);
- // Logging
logAction("Tax", "Create", "$session_name created tax $name - $percent%", 0, $tax_id);
- $_SESSION['alert_message'] = "Tax $name ($percent%) created";
+ flash_alert("Tax $name ($percent%) created");
redirect();
@@ -34,51 +33,42 @@ if (isset($_POST['edit_tax'])) {
mysqli_query($mysqli,"UPDATE taxes SET tax_name = '$name', tax_percent = $percent WHERE tax_id = $tax_id");
- // Logging
logAction("Tax", "Edit", "$session_name edited tax $name - $percent%", 0, $tax_id);
- $_SESSION['alert_message'] = "Tax $name ($percent%) edited";
+ flash_alert("Tax $name ($percent%) edited");
redirect();
}
if (isset($_GET['archive_tax'])) {
+
validateCSRFToken($_GET['csrf_token']);
$tax_id = intval($_GET['archive_tax']);
- // Get Tax Name for logging
- $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxes WHERE tax_id = $tax_id");
- $row = mysqli_fetch_array($sql);
- $tax_name = sanitizeInput($row['tax_name']);
+ $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name'));
mysqli_query($mysqli,"UPDATE taxes SET tax_archived_at = NOW() WHERE tax_id = $tax_id");
- // Logging
logAction("Tax", "Archive", "$session_name archived tax $tax_name", 0, $tax_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Tax $tax_name Archived";
+ flash_alert("Tax $tax_name Archived", 'error');
redirect();
}
if (isset($_GET['delete_tax'])) {
+
$tax_id = intval($_GET['delete_tax']);
- // Get Tax Name for logging
- $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxs WHERE tax_id = $tax_id");
- $row = mysqli_fetch_array($sql);
- $tax_name = sanitizeInput($row['tax_name']);
+ $tax_name = sanitizeInput(getFieldById('taxes', $tax_id, 'tax_name'));
mysqli_query($mysqli,"DELETE FROM taxes WHERE tax_id = $tax_id");
- // Logging
logAction("Tax", "Delete", "$session_name deleted tax $tax_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Tax $tax_name deleted";
+ flash_alert("Tax $tax_name deleted", 'error');
redirect();
diff --git a/admin/post/ticket_status.php b/admin/post/ticket_status.php
index c2b099ee..a5ea3efd 100644
--- a/admin/post/ticket_status.php
+++ b/admin/post/ticket_status.php
@@ -11,10 +11,9 @@ if (isset($_POST['add_ticket_status'])) {
$ticket_status_id = mysqli_insert_id($mysqli);
- // Logging
logAction("Ticket Status", "Create", "$session_name created custom ticket status $name", 0, $ticket_status_id);
- $_SESSION['alert_message'] = "Custom Ticket Status $name created";
+ flash_alert("Custom Ticket Status $name created");
redirect();
@@ -30,10 +29,9 @@ if (isset($_POST['edit_ticket_status'])) {
mysqli_query($mysqli, "UPDATE ticket_statuses SET ticket_status_name = '$name', ticket_status_color = '$color', ticket_status_order = $order, ticket_status_active = $status WHERE ticket_status_id = $ticket_status_id");
- // Logging
logAction("Ticket Status", "Edit", "$session_name edited custom ticket status $name", 0, $ticket_status_id);
- $_SESSION['alert_message'] = "Custom Ticket Status $name edited";
+ flash_alert("Custom Ticket Status $name edited");
redirect();
@@ -49,18 +47,14 @@ if (isset($_GET['delete_ticket_status'])) {
exit("Can't delete built-in statuses");
}
- // Get ticket status name for logging and notification
- $sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id");
- $row = mysqli_fetch_array($sql);
- $ticket_status_name = sanitizeInput($row['ticket_status_name']);
+ $ticlet_status_name = sanitizeInput(getFieldById('ticket_statuses', $ticket_status_id, 'ticket_status_name'));
mysqli_query($mysqli, "DELETE FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id");
- // Logging
logAction("Ticket Status", "Delete", "$session_name deleted custom ticket status $ticket_status_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Custom Ticket Status $ticket_status_name Deleted";
+ flash_alert("Custom Ticket Status $ticket_status_name Deleted", 'error');
redirect();
+
}
diff --git a/admin/post/ticket_template.php b/admin/post/ticket_template.php
index 30934990..a990bb48 100644
--- a/admin/post/ticket_template.php
+++ b/admin/post/ticket_template.php
@@ -24,10 +24,9 @@ if (isset($_POST['add_ticket_template'])) {
mysqli_query($mysqli, "INSERT INTO project_template_ticket_templates SET project_template_id = $project_template_id, ticket_template_id = $ticket_template_id");
}
- // Logging
logAction("Ticket Template", "Create", "$session_name created ticket template $name", 0, $ticket_template_id);
- $_SESSION['alert_message'] = "Ticket Template $name created";
+ flash_alert("Ticket Template $name created");
redirect();
@@ -43,10 +42,9 @@ if (isset($_POST['edit_ticket_template'])) {
mysqli_query($mysqli, "UPDATE ticket_templates SET ticket_template_name = '$name', ticket_template_description = '$description', ticket_template_subject = '$subject', ticket_template_details = '$details' WHERE ticket_template_id = $ticket_template_id");
- // Logging
logAction("Ticket Template", "Edit", "$session_name edited ticket template $name", 0, $ticket_template_id);
- $_SESSION['alert_message'] = "Ticket Template $name edited";
+ flash_alert("Ticket Template $name edited");
redirect();
}
@@ -55,26 +53,20 @@ if (isset($_GET['delete_ticket_template'])) {
$ticket_template_id = intval($_GET['delete_ticket_template']);
- // Get ticket template name
- $sql = mysqli_query($mysqli, "SELECT * FROM ticket_templates WHERE ticket_template_id = $ticket_template_id");
- $row = mysqli_fetch_array($sql);
- $ticket_template_name = sanitizeInput($row['ticket_template_name']);
+ $ticket_template_name = sanitizeInput(getFieldById('ticket_templates', $ticket_template_id, 'ticket_template_name'));
mysqli_query($mysqli, "DELETE FROM ticket_templates WHERE ticket_template_id = $ticket_template_id");
- // Delete Associated Tasks
+ // Delete Associations
mysqli_query($mysqli, "DELETE FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id");
-
- // Remove from Associated Project Templates
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE ticket_template_id = $ticket_template_id");
- // Logging
logAction("Ticket Template", "Delete", "$session_name deleted ticket template $ticket_template_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Ticket Template $ticket_template_name and its associated tasks deleted";
+ flash_alert("Ticket Template $ticket_template_name and its associated tasks deleted", 'error');
redirect();
+
}
if (isset($_POST['add_ticket_template_task'])) {
@@ -86,13 +78,9 @@ if (isset($_POST['add_ticket_template_task'])) {
$task_template_id = mysqli_insert_id($mysqli);
- // Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Task Template', log_action = 'Create', log_description = '$session_name created task template $task_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_template_id");
+ logAction("Ticket Template", "Create", "$session_name created task $task_name for ticket template", 0, $ticket_template_id);
- // Logging
- logAction("Ticket Template", "Edit", "$session_name added task $task_name to ticket template", 0, $ticket_template_id);
-
- $_SESSION['alert_message'] = "Added Task $task_name";
+ flash_alert("Added Task $task_name");
redirect();
@@ -102,18 +90,14 @@ if (isset($_GET['delete_task_template'])) {
$task_template_id = intval($_GET['delete_task_template']);
- // Get task template name
- $sql = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_id = $task_template_id");
- $row = mysqli_fetch_array($sql);
- $task_template_name = sanitizeInput($row['task_template_name']);
+ $task_template_name = sanitizeInput(getFieldById('tags', $task_template_id, 'task_template_name'));
mysqli_query($mysqli, "DELETE FROM task_templates WHERE task_template_id = $task_template_id");
- // Logging
logAction("Ticket Template", "Edit", "$session_name deleted task $task_template_name from ticket template");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Task $task_template_name deleted";
+ flash_alert("Task $task_template_name deleted", 'error');
redirect();
+
}
diff --git a/admin/post/update.php b/admin/post/update.php
index 9a3ec163..b618bc4a 100644
--- a/admin/post/update.php
+++ b/admin/post/update.php
@@ -272,10 +272,9 @@ if (isset($_GET['update'])) {
}
- // Logging
logAction("App", "Update", "$session_name ran updates");
- $_SESSION['alert_message'] = "Update successful";
+ flash_alert("Update successful");
sleep(1);
@@ -293,12 +292,12 @@ if (isset($_GET['update_db'])) {
// Perform upgrades, if required
require_once ('database_updates.php');
- // Logging
logAction("Database", "Update", "$session_name updated the database structure");
- $_SESSION['alert_message'] = "Database structure update successful";
+ flash_alert("Database structure update successful");
sleep(1);
redirect();
+
}
diff --git a/admin/post/users.php b/admin/post/users.php
index 5c2d2c3b..caab7aed 100644
--- a/admin/post/users.php
+++ b/admin/post/users.php
@@ -90,10 +90,9 @@ if (isset($_POST['add_user'])) {
}
- // Logging
logAction("User", "Create", "$session_name created user $name", 0, $user_id);
- $_SESSION['alert_message'] = "User $name created" . $extended_alert_description;
+ flash_alert("User $name created" . $extended_alert_description);
redirect();
@@ -171,10 +170,9 @@ if (isset($_POST['edit_user'])) {
//Update User Settings
mysqli_query($mysqli, "UPDATE user_settings SET user_config_force_mfa = $force_mfa WHERE user_id = $user_id");
- // Logging
logAction("User", "Edit", "$session_name edited user $name", 0, $user_id);
- $_SESSION['alert_message'] = "User $name updated" . $extended_alert_description;
+ flash_alert("User $name updated" . $extended_alert_description);
redirect();
@@ -186,17 +184,13 @@ if (isset($_GET['activate_user'])) {
$user_id = intval($_GET['activate_user']);
- // Get User Name
- $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id");
- $row = mysqli_fetch_array($sql);
- $user_name = sanitizeInput($row['user_name']);
+ $user_name = sanitizeInput(getFieldById('users', $user_id, 'user_name'));
mysqli_query($mysqli, "UPDATE users SET user_status = 1 WHERE user_id = $user_id");
- // Logging
logAction("User", "Activate", "$session_name activated user $user_name", 0, $user_id);
- $_SESSION['alert_message'] = "User $user_name activated";
+ flash_alert("User $user_name activated");
redirect();
@@ -208,10 +202,7 @@ if (isset($_GET['disable_user'])) {
$user_id = intval($_GET['disable_user']);
- // Get User Name
- $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id");
- $row = mysqli_fetch_array($sql);
- $user_name = sanitizeInput($row['user_name']);
+ $user_name = sanitizeInput(getFieldById('users', $user_id, 'user_name'));
mysqli_query($mysqli, "UPDATE users SET user_status = 0 WHERE user_id = $user_id");
@@ -219,11 +210,9 @@ if (isset($_GET['disable_user'])) {
mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL");
mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_assigned_to = 0 WHERE recurring_ticket_assigned_to = $user_id");
- // Logging
logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "User $user_name disabled";
+ flash_alert("User $user_name disabled", 'error');
redirect();
@@ -235,17 +224,13 @@ if (isset($_GET['revoke_remember_me'])) {
$user_id = intval($_GET['revoke_remember_me']);
- // Get User Name
- $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id"));
- $user_name = sanitizeInput($row['user_name']);
+ $user_name = sanitizeInput(getFieldById('users', $user_id, 'user_name'));
mysqli_query($mysqli, "DELETE FROM remember_tokens WHERE remember_token_user_id = $user_id");
- // Logging
logAction("User", "Edit", "$session_name revoked all remember me tokens for user $user_name", 0, $user_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "User $user_name remember me tokens revoked";
+ flash_alert("User $user_name remember me tokens revoked", 'error');
redirect();
@@ -259,19 +244,14 @@ if (isset($_GET['archive_user'])) {
$user_id = intval($_GET['archive_user']);
$password = password_hash(randomString(), PASSWORD_DEFAULT);
- // Get user details
- $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id");
- $row = mysqli_fetch_array($sql);
- $name = sanitizeInput($row['user_name']);
+ $user_name = sanitizeInput(getFieldById('users', $user_id, 'user_name'));
// Archive user query
- mysqli_query($mysqli, "UPDATE users SET user_name = '$name (archived)', user_password = '$password', user_status = 0, user_specific_encryption_ciphertext = '', user_archived_at = NOW() WHERE user_id = $user_id");
+ mysqli_query($mysqli, "UPDATE users SET user_name = '$user_name (archived)', user_password = '$password', user_status = 0, user_specific_encryption_ciphertext = '', user_archived_at = NOW() WHERE user_id = $user_id");
- // Logging
- logAction("User", "Archive", "$session_name archived user $name", 0, $user_id);
+ logAction("User", "Archive", "$session_name archived user $user_name", 0, $user_id);
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "User $name archived";
+ flash_alert("User $user_name archived", 'error');
redirect();
@@ -338,11 +318,10 @@ if (isset($_POST['ir_reset_user_password'])) {
$admin_password = $_POST['admin_password'];
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
$userRow = mysqli_fetch_array($sql);
+
if (!password_verify($admin_password, $userRow['user_password'])) {
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Incorrect password.";
+ flash_alert("Incorrect password.", 'error');
redirect();
- exit;
}
// Get agents/users, other than the current user
@@ -363,7 +342,6 @@ if (isset($_POST['ir_reset_user_password'])) {
echo "
";
}
- // Logging
logAction("User", "Edit", "$session_name reset ALL user passwords");
exit; // Stay on the plain text password page
diff --git a/admin/post/vendor_template.php b/admin/post/vendor_template.php
index 9a2697fe..747ee42a 100644
--- a/admin/post/vendor_template.php
+++ b/admin/post/vendor_template.php
@@ -27,12 +27,12 @@ if (isset($_POST['add_vendor_template'])) {
$vendor_template_id = mysqli_insert_id($mysqli);
- // Logging
logAction("Vendor Template", "Create", "$session_name created vendor template $name", 0, $vendor_template_id);
- $_SESSION['alert_message'] = "Vendor template $name created";
+ flash_alert("Vendor template $name created");
redirect();
+
}
if (isset($_POST['edit_vendor_template'])) {
@@ -131,32 +131,29 @@ if (isset($_POST['edit_vendor_template'])) {
mysqli_query($mysqli,"UPDATE vendors SET $sql WHERE vendor_template_id = $vendor_template_id");
}
- // Logging
logAction("Vendor Template", "Edit", "$session_name edited vendor template $name", 0, $vendor_template_id);
- $_SESSION['alert_message'] = "Vendor template $name edited";
+ flash_alert("Vendor template $name edited");
redirect();
+
}
if (isset($_GET['delete_vendor_template'])) {
+
$vendor_template_id = intval($_GET['delete_vendor_template']);
- //Get Vendor Template Name
- $sql = mysqli_query($mysqli,"SELECT vendor_template_name FROM vendor_templates WHERE vendor_template_id = $vendor_template_id");
- $row = mysqli_fetch_array($sql);
- $vendor_template_name = sanitizeInput($row['vendor_template_name']);
+ $vendor_template_name = sanitizeInput(getFieldById('vendor_templates', $vendor_template_id, 'vendor_template_name'));
// If its a template reset all vendors based off this template to no template base
mysqli_query($mysqli,"UPDATE vendors SET vendor_template_id = 0 WHERE vendor_template_id = $vendor_template_id");
mysqli_query($mysqli,"DELETE FROM vendor_templates WHERE vendor_template_id = $vendor_template_id");
- // Logging
logAction("Vendor Template", "Delete", "$session_name deleted vendor template $vendor_template_name");
- $_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "Vendor Template $vendor_template_name deleted";
+ flash_alert("Vendor Template $vendor_template_name deleted", 'error');
redirect();
+
}