AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-01 11:24:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Moved admin_ to /admin, user_ to user report_ to /reports each have their own post includes modals directories created seperate headers and footer. Also did the same for xcustom, more work to me done

Browse Source
This commit is contained in:
johnnyq
2025-07-28 13:32:28 -04:00
parent 4906e06bf1
commit 0494bfc1cf
178 changed files with 247 additions and 882 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
user/user_activity.php Normal file
View File

@@ -0,0 +1,99 @@
<?php
require_once "includes/inc_all_user.php";
$sql_recent_logins = mysqli_query($mysqli, "SELECT * FROM logs
WHERE log_type = 'Login' OR log_type = 'Login 2FA' AND log_action = 'Success' AND log_user_id = $session_user_id
ORDER BY log_id DESC LIMIT 3"
);
$sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
WHERE log_user_id = $session_user_id AND log_type NOT LIKE 'Login'
ORDER BY log_id DESC LIMIT 5"
);
?>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-fw fa-sign-in-alt mr-2"></i>Your Recent Sign ins</h3>
</div>
<table class="table table-borderless">
<tbody>
<?php
while ($row = mysqli_fetch_array($sql_recent_logins)) {
$log_id = intval($row['log_id']);
$log_ip = nullable_htmlentities($row['log_ip']);
$log_user_agent = nullable_htmlentities($row['log_user_agent']);
$log_user_os = getOS($log_user_agent);
$log_user_browser = getWebBrowser($log_user_agent);
$log_created_at = nullable_htmlentities($row['log_created_at']);
?>
<tr>
<td><i class="fa fa-fw fa-clock text-secondary mr-2"></i><?php echo $log_created_at; ?></td>
<td><?php echo $log_user_os; ?></td>
<td><?php echo $log_user_browser; ?></td>
<td><i class='fa fa-fw fa-globe text-secondary'></i> <?php echo $log_ip; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
<?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo "$session_name successfully logged in"; ?>">See More...</a>
</div>
<?php } ?>
</div>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>Your Recent Activity</h3>
</div>
<table class="table">
<tbody>
<?php
while ($row = mysqli_fetch_array($sql_recent_logs)) {
$log_id = intval($row['log_id']);
$log_type = nullable_htmlentities($row['log_type']);
$log_action = nullable_htmlentities($row['log_action']);
$log_description = nullable_htmlentities($row['log_description']);
$log_created_at = nullable_htmlentities($row['log_created_at']);
if ($log_action == 'Create') {
$log_icon = "plus text-success";
} elseif ($log_action == 'Modify') {
$log_icon = "edit text-info";
} elseif ($log_action == 'Delete') {
$log_icon = "trash-alt text-danger";
} else {
$log_icon = "pencil";
}
?>
<tr>
<td><i class="fa fa-fw fa-clock text-secondary mr-2"></i><?php echo $log_created_at; ?></td>
<td><strong><i class="fa fa-fw text-secondary fa-<?php echo $log_icon; ?>"></i> <?php echo $log_type; ?></strong></td>
<td><span class="text-secondary"><?php echo $log_description; ?></span></td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo nullable_htmlentities($session_name); ?>">See More...</a>
</div>
<?php } ?>
</div>
<?php
require_once "includes/footer.php";

81
user/user_details.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
require_once "includes/inc_all_user.php";
?>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-cog mr-2"></i>User Preferences</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="row">
<div class="col-md-3 text-center">
<?php if($session_avatar) { ?>
<img class="img-thumbnail" src="<?php echo "uploads/users/$session_user_id/" . nullable_htmlentities($session_avatar); ?>">
<a href="post.php?clear_your_user_avatar&csrf_token=<?= $_SESSION['csrf_token'] ?>" class="btn btn-outline-danger btn-block">Remove Avatar</a>
<hr>
<?php } ?>
<div class="form-group">
<label>Upload Avatar</label>
<input type="file" class="form-control-file" accept="image/*" name="avatar">
</div>
</div>
<div class="col-md-9">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Full Name" value="<?php echo stripslashes(nullable_htmlentities($session_name)); ?>" required>
</div>
</div>
<div class="form-group">
<label>Role</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo nullable_htmlentities($session_user_role_display); ?>" disabled>
</div>
</div>
<div class="form-group">
<label>Email <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<input type="email" class="form-control" name="email" placeholder="Email Address" value="<?php echo nullable_htmlentities($session_email); ?>" required>
</div>
</div>
<div class="form-group">
<label>Signature</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-pen"></i></span>
</div>
<textarea class="form-control" name="signature" rows="4" placeholder="Create a signature automatically appended to tickets, emails etc"><?php echo getFieldById('user_settings',$session_user_id,'user_config_signature','html'); ?></textarea>
</div>
</div>
<button type="submit" name="edit_your_user_details" class="btn btn-primary btn-responsive"><i class="fas fa-check mr-2"></i>Save</button>
</div>
</div>
</form>
</div>
</div>
<?php
require_once "includes/footer.php";

51
user/user_preferences.php Normal file
View File

@@ -0,0 +1,51 @@
<?php
require_once "includes/inc_all_user.php";
$row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT user_config_calendar_first_day FROM user_settings WHERE user_id = $session_user_id"));
$user_config_calendar_first_day = intval($row['user_config_calendar_first_day']);
?>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-fw fa-globe mr-2"></i>Preferences</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<label>Calendar starts on<strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar-day"></i></span>
</div>
<select class="form-control select2" name="calendar_first_day" required>
<option <?php if ($user_config_calendar_first_day == '0') { echo "selected"; } ?> value="0" >Sunday</option>
<option <?php if ($user_config_calendar_first_day == '1') { echo "selected"; } ?> value="1" >Monday</option>
</select>
</div>
</div>
<?php if ($session_user_role > 1) { ?>
<div class="form-group">
<div class="form-check">
<input disabled="disabled" type="checkbox" class="form-check-input" name="extension" id="extension" value="Yes" <?php if (isset($_COOKIE['user_extension_key'])) {echo "checked";} ?>>
<label class="form-check-label" for="extension">Enable Browser Extention?</label>
<p class="small">Not currently in use / Note: You must log out and back in again for these changes take effect.</p>
</div>
</div>
<?php } ?>
<button type="submit" name="edit_your_user_preferences" class="btn btn-primary"><i class="fas fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php
require_once "includes/footer.php";

100
user/user_security.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
require_once "includes/inc_all_user.php";
// User remember me tokens
$sql_remember_tokens = mysqli_query($mysqli, "SELECT * FROM remember_tokens WHERE remember_token_user_id = $session_user_id");
$remember_token_count = mysqli_num_rows($sql_remember_tokens);
?>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-shield-alt mr-2"></i>Your Password</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<label>Your New Password <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password" minlength="8" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
<button type="submit" name="edit_your_user_password" class="btn btn-primary"><i class="fas fa-check mr-2"></i>Change</button>
</form>
<div class="float-right">
<?php if (empty($session_token)) { ?>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#enableMFAModal">
<i class="fas fa-lock mr-2"></i>Enable MFA
</button>
<?php require_once "modals/user_mfa_modal.php"; ?>
<?php } else { ?>
<a href="post.php?disable_mfa&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-danger"><i class="fas fa-unlock mr-2"></i>Disable MFA</a>
<?php } ?>
</div>
</div>
</div>
<?php if ($remember_token_count > 0) { ?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-clock mr-2"></i>2FA Remember-Me Tokens</h3>
</div>
<div class="card-body">
<ul>
<?php while ($row = mysqli_fetch_array($sql_remember_tokens)) {
$token_id = intval($row['remember_token_id']);
$token_created = nullable_htmlentities($row['remember_token_created_at']);
echo "<li>ID: $token_id | Created: $token_created</li>";
} ?>
</ul>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<button type="submit" name="revoke_your_2fa_remember_tokens" class="btn btn-danger btn-block mt-3"><i class="fas fa-exclamation-triangle mr-2"></i>Revoke Remember-Me Tokens</button>
</form>
</div>
</div>
<?php } ?>
<?php
// Show the error alert if it exists:
if (!empty($_SESSION['alert_type']) && $_SESSION['alert_type'] == 'error') {
echo "<div class='alert alert-danger'>{$_SESSION['alert_message']}</div>";
// Clear it so it doesn't persist on refresh
unset($_SESSION['alert_type']);
unset($_SESSION['alert_message']);
}
// If the user just failed a TOTP verification, auto-open the modal:
if (!empty($_SESSION['show_mfa_modal'])) {
echo "
<script>
document.addEventListener('DOMContentLoaded', function() {
// jQuery or vanilla JS to open the modal
$('#enableMFAModal').modal('show');
});
</script>";
unset($_SESSION['show_mfa_modal']);
}
require_once "includes/footer.php";