Merge branch 'master' into misc-tidy-2

2023-02-05 08:17:26 +00:00 · 2023-02-05 08:17:26 +00:00 · 04e4ccb9cf
parent cb3430e4b4 f0f883d56f
commit 04e4ccb9cf
20 changed files with 429 additions and 144 deletions
--- a/guest_view_invoice.php
+++ b/guest_view_invoice.php
@ -1,4 +1,6 @@
-<?php include("guest_header.php");
+<?php
 require_once("guest_header.php");
 if (isset($_GET['invoice_id'], $_GET['url_key'])) {
@ -71,6 +73,8 @@ if (isset($_GET['invoice_id'], $_GET['url_key'])) {
        $os = strip_tags(mysqli_real_escape_string($mysqli,getOS($session_user_agent)));
        $browser = strip_tags(mysqli_real_escape_string($mysqli,getWebBrowser($session_user_agent)));
        $invoice_tally_total = 0; // Default
        //Set Badge color based off of invoice status
        $invoice_badge_color = getInvoiceBadgeColor($invoice_status);
@ -96,6 +100,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key'])) {
        $balance = $invoice_amount - $amount_paid;
        //check to see if overdue
        $invoice_color = $invoice_badge_color; // Default
        if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
            $unixtime_invoice_due = strtotime($invoice_due) + 86400;
            if ($unixtime_invoice_due < time()) {
--- a/portal/check_login.php
+++ b/portal/check_login.php
@ -20,17 +20,28 @@ if (!$_SESSION['client_logged_in']) {
    die;
 }
-// SESSION FINGERPRINT
+// User IP & UA
 $session_ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
 // Get user agent
 $session_user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
 // Get info from session
 $session_client_id = $_SESSION['client_id'];
 $session_contact_id = $_SESSION['contact_id'];
 $session_company_id = $_SESSION['company_id'];
 // Get company info from database
 $sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = $session_company_id");
 $row = mysqli_fetch_array($sql);
 $session_company_name = $row['company_name'];
 $session_company_country = $row['company_country'];
 $session_company_locale = $row['company_locale'];
 $session_company_currency = $row['company_currency'];
 $currency_format = numfmt_create($session_company_locale, NumberFormatter::CURRENCY);
 // Get contact info
 $contact_sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = '$session_contact_id' AND contact_client_id = '$session_client_id'");
 $contact = mysqli_fetch_array($contact_sql);
@ -41,6 +52,17 @@ $session_contact_title = strip_tags(mysqli_real_escape_string($mysqli, $contact[
 $session_contact_email = strip_tags(mysqli_real_escape_string($mysqli, $contact['contact_email']));
 $session_contact_photo = $contact['contact_photo'];
 $session_contact_is_technical_contact = false;
 $session_contact_is_billing_contact = false;
 if ($contact['contact_technical'] == 1) {
    $session_contact_is_technical_contact = true;
 }
 if ($contact['contact_billing'] == 1) {
    $session_contact_is_billing_contact = true;
 }
 // Get client info
 $client_sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = '$session_client_id'");
 $client = mysqli_fetch_array($client_sql);
--- a/portal/invoices.php
+++ b/portal/invoices.php
@ -4,21 +4,14 @@
 * Invoices for PTC
 */
 /*
 TODO:
    - Allow accounting contacts to see this page
    - Tidy styling and add currency codes
    - Add links to see the invoice in full (similar to invoice guest view)
 */
 require_once("inc_portal.php");
-if ($session_contact_id !== $session_client_primary_contact_id) {
+if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_billing_contact) {
    header("Location: portal_post.php?logout");
    exit();
 }
-$invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status = 'Paid' ORDER BY invoice_date DESC");
+$invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Paid') ORDER BY invoice_date DESC");
 ?>
    <div class="row">
@ -53,8 +46,10 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
                <tr>
                    <th>#</th>
                    <th>Scope</th>
                    <th>Date</th>
                    <th>Amount</th>
                    <th>Date</th>
                    <th>Due</th>
                    <th>Status</th>
                </tr>
                </thead>
                <tbody>
@ -65,15 +60,52 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
                    $invoice_prefix = htmlentities($row['invoice_prefix']);
                    $invoice_number = htmlentities($row['invoice_number']);
                    $invoice_scope = htmlentities($row['invoice_scope']);
                    $invoice_status = htmlentities($row['invoice_status']);
                    $invoice_date = $row['invoice_date'];
                    $invoice_due = $row['invoice_due'];
                    $invoice_amount = floatval($row['invoice_amount']);
                    $invoice_url_key = htmlentities($row['invoice_url_key']);
                    if (empty($invoice_scope)) {
                        $invoice_scope_display = "-";
                    } else {
                        $invoice_scope_display = $invoice_scope;
                    }
                    $now = time();
                    if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
                        $overdue_color = "text-danger font-weight-bold";
                    } else {
                        $overdue_color = "";
                    }
                    if ($invoice_status == "Sent") {
                        $invoice_badge_color = "warning text-white";
                    } elseif ($invoice_status == "Viewed") {
                        $invoice_badge_color = "info";
                    } elseif ($invoice_status == "Partial") {
                        $invoice_badge_color = "primary";
                    } elseif ($invoice_status == "Paid") {
                        $invoice_badge_color = "success";
                    } elseif ($invoice_status == "Cancelled") {
                        $invoice_badge_color = "danger";
                    } else{
                        $invoice_badge_color = "secondary";
                    }
                    ?>
                    <tr>
-                        <td><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
+                        <td><a target="_blank" href="\\<?php echo $config_base_url ?>/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
-                        <td><?php echo $invoice_scope; ?></td>
+                        <td><?php echo $invoice_scope_display; ?></td>
                        <td><?php echo numfmt_format_currency($currency_format, $invoice_amount, $session_company_currency); ?></td>
                        <td><?php echo $invoice_date; ?></td>
-                        <td><?php echo $invoice_amount; ?></td>
+                        <td class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></td>
                        <td>
                            <span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
                                <?php echo $invoice_status; ?>
                            </span>
                        </td>
                    </tr>
                    <?php
                }
--- a/portal/portal_functions.php
+++ b/portal/portal_functions.php
@ -7,17 +7,17 @@
 /*
 * Verifies a contact has access to a particular ticket ID, and that the ticket is in the correct state (open/closed) to perform an action
 */
-function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state) {
+function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
 {
    // Access the global variables
-    global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_client_id;
+    global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_contact_is_technical_contact, $session_client_id;
    // Setup
    if ($expected_ticket_state == "Closed") {
        // Closed tickets
        $ticket_state_snippet = "ticket_status = 'Closed'";
-    }
+    } else {
    else {
        // Open (working/hold) tickets
        $ticket_state_snippet = "ticket_status != 'Closed'";
    }
@ -27,12 +27,12 @@ function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
    $row = mysqli_fetch_array($sql);
    $ticket_id = $row['ticket_id'];
-    if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id)) {
+    if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact)) {
-        // Client is ticket owner, or primary contact
+        // Client is ticket owner, primary contact, or a technical contact
-        return TRUE;
+        return true;
    }
-    // Client is NOT ticket owner or primary contact
+    // Client is NOT ticket owner or primary/tech contact
-    return FALSE;
+    return false;
-}
+}
--- a/portal/portal_header.php
+++ b/portal/portal_header.php
@ -43,7 +43,7 @@
                    <li class="nav-item">
                        <a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "tickets.php" || basename($_SERVER['PHP_SELF']) == "ticket_add.php" || basename($_SERVER['PHP_SELF']) == "ticket.php") {echo "active";} ?>" href="tickets.php">Tickets</a>
                    </li>
-                <?php if ($session_contact_id == $session_client_primary_contact_id) { ?>
+                <?php if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_billing_contact) { ?>
                    <li class="nav-item">
                        <a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "invoices.php") {echo "active";} ?>" href="invoices.php">Invoices</a>
                    </li>
--- a/portal/profile.php
+++ b/portal/profile.php
@ -4,16 +4,21 @@
 * User profile
 */
-require('inc_portal.php');
+require_once('inc_portal.php');
 ?>
-<h2>Profile</h2>
+    <h2>Profile</h2>
-<p>Name: <?php echo $session_contact_name ?></p>
+    <p>Name: <?php echo $session_contact_name ?></p>
-<p>Email: <?php echo $session_contact_email ?></p>
+    <p>Email: <?php echo $session_contact_email ?></p>
-<p>Client: <?php echo $session_client_name ?></p>
+    <p>Client: <?php echo $session_client_name ?></p>
-<p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
+    <br>
-<p>Login via: <?php echo $_SESSION['login_method'] ?> </p>
+    <p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
    <p>Client Technical Contact: <?php if ($session_contact_is_technical_contact) {echo "Yes"; } else {echo "No";} ?></p>
    <p>Client Billing Contact: <?php if ($session_contact_is_billing_contact == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
    <p>Login via: <?php echo $_SESSION['login_method'] ?> </p>
    <!--  // Show option to change password if auth provider is local -->
@ -34,8 +39,7 @@ require('inc_portal.php');
            <button type="submit" name="edit_profile" class="btn btn-primary mt-3"><i class="fa fa-fw fa-check"></i> Save password</button>
        </form>
    </div>
 <?php endif ?>
 <?php
-require_once('portal_footer.php');
+require_once('portal_footer.php');
--- a/portal/ticket.php
+++ b/portal/ticket.php
@ -9,7 +9,7 @@ require_once("inc_portal.php");
 if (isset($_GET['id']) && intval($_GET['id'])) {
    $ticket_id = intval($_GET['id']);
-    if ($session_contact_id == $session_client_primary_contact_id) {
+    if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
        $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'");
    } else {
        $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'");
@ -42,14 +42,11 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
        <div class="card">
            <div class="card-header bg-dark text-center">
                <h4 class="mt-1">
-                    Ticket <?php echo $ticket_prefix, $ticket_number ?> 
+                    Ticket <?php echo $ticket_prefix, $ticket_number ?>
                    <?php
-                    if ($ticket_status !== "Closed") {
+                    if ($ticket_status !== "Closed") { ?>
-                    ?>
+                        <a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>" class="btn btn-sm btn-outline-success float-right text-white"><i class="fas fa-fw fa-check text-success"></i> Close ticket</a>
-                    <a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>" class="btn btn-sm btn-outline-success float-right text-white"><i class="fas fa-fw fa-check text-success"></i> Close ticket</a>
+                    <?php } ?>
                    <?php
                    }
                    ?>
                </h4>
            </div>
@ -61,7 +58,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
                    <br>
                    <strong>Priority:</strong> <?php echo $ticket_priority ?>
                </p>
-                <strong>Issue:</strong> <?php echo $ticket_details ?>
+                <?php echo $ticket_details ?>
            </div>
        </div>
@ -69,7 +66,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
        <!-- Either show the reply comments box, ticket smiley feedback, or thanks for feedback -->
        <?php if ($ticket_status !== "Closed") { ?>
-           
+
            <form action="portal_post.php" method="post">
                <input type="hidden" name="ticket_id" value="<?php echo $ticket_id ?>">
                <div class="form-group">
@ -77,7 +74,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
                </div>
                <button type="submit" class="btn btn-primary" name="add_ticket_comment">Save reply</button>
            </form>
-           
+
        <?php }
        elseif (empty($ticket_feedback)) { ?>
@ -138,18 +135,18 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
                <div class="card-header">
                    <h3 class="card-title">
                        <div class="media">
-                            <?php 
+                            <?php
-                            if (!empty($user_avatar)) { 
+                            if (!empty($user_avatar)) {
-                            ?>
+                                ?>
                                <img src="<?php echo $avatar_link ?>" alt="User Avatar" class="img-size-50 mr-3 img-circle">
-                            <?php 
+                                <?php
-                            } else { 
+                            } else {
-                            ?>
+                                ?>
                                <span class="fa-stack fa-2x">
                                    <i class="fa fa-circle fa-stack-2x text-secondary"></i>
                                    <span class="fa fa-stack-1x text-white"><?php echo $user_initials; ?></span>
                                </span>
-                            <?php
+                                <?php
                            }
                            ?>
--- a/portal/ticket_add.php
+++ b/portal/ticket_add.php
@ -4,57 +4,57 @@
 * New ticket form
 */
-require('inc_portal.php');
+require_once('inc_portal.php');
 ?>
-<ol class="breadcrumb d-print-none">
+    <ol class="breadcrumb d-print-none">
-    <li class="breadcrumb-item">
+        <li class="breadcrumb-item">
-        <a href="index.php">Home</a>
+            <a href="index.php">Home</a>
-    </li>
+        </li>
-    <li class="breadcrumb-item">
+        <li class="breadcrumb-item">
-        <a href="tickets.php">Tickets</a>
+            <a href="tickets.php">Tickets</a>
-    </li>
+        </li>
-    <li class="breadcrumb-item active">New Ticket</li>
+        <li class="breadcrumb-item active">New Ticket</li>
-</ol>
+    </ol>
-<h2>Raise a new ticket</h2>
+    <h2>Raise a new ticket</h2>
-<div class="col-md-8">
+    <div class="col-md-8">
-    <form action="portal_post.php" method="post">
+        <form action="portal_post.php" method="post">
-        <div class="form-group">
+            <div class="form-group">
-            <label>Subject <strong class="text-danger">*</strong></label>
+                <label>Subject <strong class="text-danger">*</strong></label>
-            <div class="input-group">
+                <div class="input-group">
-                <div class="input-group-prepend">
+                    <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
+                        <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
                    </div>
                    <input type="text" class="form-control" name="subject" placeholder="Subject" required>
                </div>
                <input type="text" class="form-control" name="subject" placeholder="Subject" required>
            </div>
        </div>
-        <div class="form-group">
+            <div class="form-group">
-            <label>Priority <strong class="text-danger">*</strong></label>
+                <label>Priority <strong class="text-danger">*</strong></label>
-            <div class="input-group">
+                <div class="input-group">
-                <div class="input-group-prepend">
+                    <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
+                        <span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
                    </div>
                    <select class="form-control select2" name="priority" required>
                        <option>Low</option>
                        <option>Medium</option>
                        <option>High</option>
                    </select>
                </div>
                <select class="form-control select2" name="priority" required>
                    <option>Low</option>
                    <option>Medium</option>
                    <option>High</option>
                </select>
            </div>
        </div>
-        <div class="form-group">
+            <div class="form-group">
-            <label>Details <strong class="text-danger">*</strong></label>
+                <label>Details <strong class="text-danger">*</strong></label>
-            <textarea class="form-control" rows="4" name="details" required></textarea>
+                <textarea class="form-control" rows="4" name="details" required></textarea>
-        </div>
+            </div>
-        <button class="btn btn-primary" name="add_ticket">Raise ticket</button>
+            <button class="btn btn-primary" name="add_ticket">Raise ticket</button>
-    </form>
+        </form>
-</div>
+    </div>
 <?php
 require_once('portal_footer.php');
--- a/portal/ticket_view_all.php
+++ b/portal/ticket_view_all.php
@ -6,7 +6,7 @@
 require_once('inc_portal.php');
-if ($session_contact_id !== $session_client_primary_contact_id) {
+if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_technical_contact) {
    header("Location: portal_post.php?logout");
    exit();
 }
--- a/portal/tickets.php
+++ b/portal/tickets.php
@ -34,7 +34,7 @@ $sql_total_tickets_open = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS tota
 $row = mysqli_fetch_array($sql_total_tickets_open);
 $total_tickets_open = $row['total_tickets_open'];
-//Get Total tickets 
+//Get Total tickets
 $sql_total_tickets = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS total_tickets FROM tickets WHERE  ticket_client_id = $session_client_id AND ticket_contact_id = $session_contact_id");
 $row = mysqli_fetch_array($sql_total_tickets);
 $total_tickets = $row['total_tickets'];
@ -68,7 +68,7 @@ $total_tickets = $row['total_tickets'];
 <div class="row">
    <div class="col-md-10">
-        
+
        <table class="table tabled-bordered border border-dark">
            <thead class="thead-dark">
                <tr>
@ -92,17 +92,17 @@ $total_tickets = $row['total_tickets'];
                    <td>
                        <a href="ticket.php?id=<?php echo $ticket_id; ?>"><?php echo "$ticket_prefix$ticket_number"; ?></a>
                    </td>
-                    <td> 
+                    <td>
                        <a href="ticket.php?id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a>
                    </td>
-                    <td><?php echo $ticket_status; ?></td> 
+                    <td><?php echo $ticket_status; ?></td>
                </tr>
            <?php
            }
            ?>
            </tbody>
        </table>
-        
+
    </div>
    <div class="col-md-2">
@ -117,11 +117,11 @@ $total_tickets = $row['total_tickets'];
        <a href="?status=%" class="btn btn-secondary btn-block p-3 mb-3 text-left">All my tickets | <strong><?php echo $total_tickets ?></strong></a>
        <?php
-        if ($session_contact_id == $session_client_primary_contact_id) {
+        if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
        ?>
-        
+
        <hr>
-        
+
        <a href="ticket_view_all.php" class="btn btn-dark btn-block p-2 mb-3">All Tickets</a>
        <?php
@ -131,4 +131,4 @@ $total_tickets = $row['total_tickets'];
    </div>
 </div>
-<?php require_once("portal_footer.php"); ?>
+<?php require_once("portal_footer.php"); ?>
--- a/post.php
+++ b/post.php
@ -4597,14 +4597,14 @@ if(isset($_POST['edit_contact'])){
    mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_department = '$department', contact_location_id = $location_id WHERE contact_id = $contact_id AND company_id = $session_company_id");
    // Update Primary contact in clients if primary contact is checked
-    if($primary_contact > 0){
+    if ($primary_contact > 0){
        mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id");
    }
    // Set password
    if(!empty($_POST['contact_password'])){
      $password_hash = mysqli_real_escape_string($mysqli,password_hash($_POST['contact_password'], PASSWORD_DEFAULT));
-      mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_client_id = '$client_id'");
+      mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_id = '$contact_id' AND contact_client_id = '$client_id'");
    }
    // Send contact a welcome e-mail, if specified
--- a/report_expense_by_vendor.php
+++ b/report_expense_by_vendor.php
@ -9,12 +9,6 @@ if (isset($_GET['year'])) {
    $year = date('Y');
 }
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
 $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $session_company_id");
--- a/report_expense_summary.php
+++ b/report_expense_summary.php
@ -9,12 +9,6 @@ if (isset($_GET['year'])) {
    $year = date('Y');
 }
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE expense_category_id > 0 AND company_id = $session_company_id ORDER BY expense_year DESC");
 $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
@ -140,7 +134,6 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
    Chart.defaults.global.defaultFontFamily = '-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif';
    Chart.defaults.global.defaultFontColor = '#292b2c';
    // Area Chart Example
    var ctx = document.getElementById("cashFlow");
    var myLineChart = new Chart(ctx, {
        type: 'line',
--- a/report_income_by_client.php
+++ b/report_income_by_client.php
@ -9,12 +9,6 @@ if (isset($_GET['year'])) {
    $year = date('Y');
 }
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
 $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
@ -59,7 +53,7 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
                    $client_id = $row['client_id'];
                    $client_name = htmlentities($row['client_name']);
-                    $sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND invoice_client_id = $client_id");
+                    $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND invoice_client_id = $client_id");
                    $row = mysqli_fetch_array($sql_amount_paid);
                    $amount_paid = floatval($row['amount_paid']);
--- a/report_income_summary.php
+++ b/report_income_summary.php
@ -9,12 +9,6 @@ if (isset($_GET['year'])) {
    $year = date('Y');
 }
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_payment_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
 $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND company_id = $session_company_id ORDER BY category_name ASC");
--- a/report_recurring_by_client.php
+++ b/report_recurring_by_client.php
@ -3,7 +3,7 @@
 require_once("inc_all_reports.php");
 validateAccountantRole();
-$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
+$sql_clients = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id");
 ?>
@ -31,13 +31,13 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
                    $client_name = htmlentities($row['client_name']);
                    //Get Monthly Recurring Total
-                    $sql_recurring_monthly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
+                    $sql_recurring_monthly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
                    $row = mysqli_fetch_array($sql_recurring_monthly_total);
                    $recurring_monthly_total = $row['recurring_monthly_total'];
                    //Get Yearly Recurring Total
-                    $sql_recurring_yearly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
+                    $sql_recurring_yearly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
                    $row = mysqli_fetch_array($sql_recurring_yearly_total);
                    $recurring_yearly_total = $row['recurring_yearly_total'] / 12;
--- a/report_tax_summary.php
+++ b/report_tax_summary.php
@ -10,9 +10,9 @@ if (isset($_GET['year'])) {
 }
 //GET unique years from expenses, payments and revenues
-$sql_all_years = mysqli_query($mysqli,"SELECT DISTINCT(YEAR(item_created_at)) AS all_years FROM invoice_items WHERE company_id = $session_company_id ORDER BY all_years DESC");
+$sql_all_years = mysqli_query($mysqli, "SELECT DISTINCT(YEAR(item_created_at)) AS all_years FROM invoice_items WHERE company_id = $session_company_id ORDER BY all_years DESC");
-$sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
+$sql_tax = mysqli_query($mysqli, "SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
 ?>
@ -67,7 +67,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                            for($month = 1; $month<=3; $month++) {
-                                $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                                $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                  FROM invoices, invoice_items 
                  WHERE item_invoice_id = invoice_id
                  AND invoice_status LIKE 'Paid' 
@ -91,7 +91,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                            for($month = 4; $month <= 6; $month ++) {
-                                $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                                $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                  FROM invoices, invoice_items 
                  WHERE item_invoice_id = invoice_id
                  AND invoice_status LIKE 'Paid' 
@ -115,7 +115,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                            for($month = 7; $month <= 9; $month ++) {
-                                $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                                $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                  FROM invoices, invoice_items 
                  WHERE item_invoice_id = invoice_id
                  AND invoice_status LIKE 'Paid' 
@ -139,7 +139,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                            for($month = 10; $month <= 12; $month ++) {
-                                $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                                $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                  FROM invoices, invoice_items 
                  WHERE item_invoice_id = invoice_id
                  AND invoice_status LIKE 'Paid' 
@ -176,7 +176,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                        for($month = 1; $month <= 3; $month ++) {
-                            $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                            $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                FROM invoices, invoice_items 
                WHERE item_invoice_id = invoice_id
                AND invoice_status LIKE 'Paid'  
@ -199,7 +199,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                        for($month = 4; $month <= 6; $month ++) {
-                            $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                            $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                FROM invoices, invoice_items 
                WHERE item_invoice_id = invoice_id
                AND invoice_status LIKE 'Paid'  
@ -222,7 +222,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                        for($month = 7; $month <= 9; $month ++) {
-                            $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month 
+                            $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month 
                FROM invoices, invoice_items 
                WHERE item_invoice_id = invoice_id
                AND invoice_status LIKE 'Paid'  
@ -245,7 +245,7 @@ $sql_tax = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session
                        for($month = 10; $month <= 12; $month ++) {
-                            $sql_tax_collected = mysqli_query($mysqli,"SELECT SUM(item_tax) AS tax_collected_for_month
+                            $sql_tax_collected = mysqli_query($mysqli, "SELECT SUM(item_tax) AS tax_collected_for_month
                FROM invoices, invoice_items 
                WHERE item_invoice_id = invoice_id
                AND invoice_status LIKE 'Paid'  
--- a/report_ticket_by_client.php
+++ b/report_ticket_by_client.php
@ -0,0 +1,74 @@
 <?php
 require_once("inc_all_reports.php");
 validateTechRole();
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_ticket_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(ticket_created_at) AS ticket_year FROM tickets WHERE company_id = $session_company_id ORDER BY ticket_year DESC");
 $sql_clients = mysqli_query($mysqli,"SELECT client_id, client_name FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
 ?>
    <div class="card card-dark">
        <div class="card-header py-2">
            <h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets By Client</h3>
            <div class="card-tools">
                <button type="button" class="btn btn-primary d-print-none" onclick="window.print();"><i class="fas fa-fw fa-print"></i> Print</button>
            </div>
        </div>
        <div class="card-body">
            <form class="mb-3">
                <select onchange="this.form.submit()" class="form-control" name="year">
                    <?php
                    while ($row = mysqli_fetch_array($sql_ticket_years)) {
                        $ticket_year = $row['ticket_year']; ?>
                        <option <?php if ($year == $ticket_year) { ?> selected <?php } ?> > <?php echo $ticket_year; ?></option>
                    <?php } ?>
                </select>
            </form>
            <div class="table-responsive">
                <table class="table table-striped">
                    <thead>
                    <tr>
                        <th>Client</th>
                        <th class="text-right">Ticket Count</th>
                    </tr>
                    </thead>
                    <tbody>
                    <?php
                    while ($row = mysqli_fetch_array($sql_clients)) {
                        $client_id = $row['client_id'];
                        $client_name = htmlentities($row['client_name']);
                        $sql_ticket_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_count FROM tickets WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = '$client_id'");
                        $row = mysqli_fetch_array($sql_ticket_count);
                        $ticket_count = intval($row['ticket_count']);
                        if ($ticket_count > 0) {
                            ?>
                            <tr>
                                <td><?php echo $client_name; ?></td>
                                <td class="text-right"><?php echo $ticket_count; ?></td>
                            </tr>
                            <?php
                        }
                    }
                    ?>
                    </tbody>
                </table>
            </div>
        </div>
    </div>
 <?php
 require_once("footer.php");
--- a/report_ticket_summary.php
+++ b/report_ticket_summary.php
@ -0,0 +1,159 @@
 <?php
 require_once("inc_all_reports.php");
 validateTechRole();
 if (isset($_GET['year'])) {
    $year = intval($_GET['year']);
 } else {
    $year = date('Y');
 }
 $sql_ticket_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(ticket_created_at) AS ticket_year FROM tickets WHERE company_id = $session_company_id ORDER BY ticket_year DESC");
 $sql_tickets = mysqli_query($mysqli, "SELECT ticket_id FROM tickets WHERE company_id = $session_company_id");
 ?>
 <div class="card card-dark">
    <div class="card-header py-2">
        <h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Ticket Summary</h3>
        <div class="card-tools">
            <button type="button" class="btn btn-primary d-print-none" onclick="window.print();"><i class="fas fa-fw fa-print"></i> Print</button>
        </div>
    </div>
    <div class="card-body p-0">
        <form class="p-3">
            <select onchange="this.form.submit()" class="form-control" name="year">
                <?php
                while ($row = mysqli_fetch_array($sql_ticket_years)) {
                    $ticket_year = $row['ticket_year']; ?>
                    <option <?php if ($year == $ticket_year) { ?> selected <?php } ?> > <?php echo $ticket_year; ?></option>
                <?php } ?>
            </select>
        </form>
        <canvas id="tickets" width="100%" height="20"></canvas>
        <div class="table-responsive">
            <table class="table table-striped">
                <thead>
                <tr>
                    <th class="text-right">January</th>
                    <th class="text-right">February</th>
                    <th class="text-right">March</th>
                    <th class="text-right">April</th>
                    <th class="text-right">May</th>
                    <th class="text-right">June</th>
                    <th class="text-right">July</th>
                    <th class="text-right">August</th>
                    <th class="text-right">September</th>
                    <th class="text-right">October</th>
                    <th class="text-right">November</th>
                    <th class="text-right">December</th>
                    <th class="text-right">Total</th>
                </tr>
                </thead>
                <tbody>
                <?php
                $total_tickets_for_all_months = 0;
                for ($month = 1; $month<=12; $month++) {
                    $sql_tickets = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS tickets_for_month FROM tickets WHERE YEAR(ticket_created_at) = $year AND MONTH(ticket_created_at) = $month");
                    $row = mysqli_fetch_array($sql_tickets);
                    $tickets_for_month = $row['tickets_for_month'];
                    $total_tickets_for_all_months = $tickets_for_month + $total_tickets_for_all_months;
                    ?>
                    <td class="text-right"><?php echo $tickets_for_month; ?></td>
                <?php } ?>
                <td class="text-right"><b><?php echo $total_tickets_for_all_months; ?></b></td>
                </tbody>
            </table>
        </div>
    </div>
 </div>
 <?php require_once("footer.php"); ?>
 <script>
    // Set new default font family and font color to mimic Bootstrap's default styling
    Chart.defaults.global.defaultFontFamily = '-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif';
    Chart.defaults.global.defaultFontColor = '#292b2c';
    // Area Chart Example
    var ctx = document.getElementById("tickets");
    var myLineChart = new Chart(ctx, {
        type: 'line',
        data: {
            labels: ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"],
            datasets: [{
                label: "Tickets Raised",
                fill: false,
                borderColor: "#007bff",
                pointBackgroundColor: "#007bff",
                pointBorderColor: "#007bff",
                pointHoverRadius: 5,
                pointHoverBackgroundColor: "#007bff",
                pointHitRadius: 50,
                pointBorderWidth: 2,
                data: [
                    <?php
                    $largest_ticket_month = 0;
                    for ($month = 1; $month<=12; $month++) {
                        $sql_tickets = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS tickets_for_month FROM tickets WHERE YEAR(ticket_created_at) = $year AND MONTH(ticket_created_at) = $month");
                        $row = mysqli_fetch_array($sql_tickets);
                        $tickets_for_month = $row['tickets_for_month'];
                        if ($tickets_for_month > 0 && $tickets_for_month > $largest_ticket_month) {
                            $largest_ticket_month = $tickets_for_month;
                        }
                        echo "$tickets_for_month,";
                    }
                    ?>
                ],
            }],
        },
        options: {
            scales: {
                xAxes: [{
                    time: {
                        unit: 'date'
                    },
                    gridLines: {
                        display: false
                    },
                    ticks: {
                        maxTicksLimit: 12
                    }
                }],
                yAxes: [{
                    ticks: {
                        min: 0,
                        max: <?php echo $largest_ticket_month ?>,
                        maxTicksLimit: 5
                    },
                    gridLines: {
                        color: "rgba(0, 0, 0, .125)",
                    }
                }],
            },
            legend: {
                display: false
            }
        }
    });
 </script>
--- a/reports_side_nav.php
+++ b/reports_side_nav.php
@ -63,6 +63,23 @@
                    </li>
                <?php } // End financial reports IF statement ?>
                <?php  if ($session_user_role == 2 || $session_user_role == 3) { ?>
                <li class="nav-header">TECHNICAL</li>
                    <li class="nav-item">
                        <a href="report_ticket_summary.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "report_ticket_summary.php") { echo "active"; } ?>">
                            <i class="nav-icon fas fa-life-ring"></i>
                            <p>Tickets</p>
                        </a>
                    </li>
                    <li class="nav-item">
                        <a href="report_ticket_by_client.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "report_ticket_by_client.php") { echo "active"; } ?>">
                            <i class="nav-icon fas fa-life-ring"></i>
                            <p>Tickets by Client</p>
                        </a>
                    </li>
                <?php } // End technical reports IF statement ?>
            </ul>
        </nav>