diff --git a/blank.php b/blank.php index 59f5fa50..f09e0d6d 100644 --- a/blank.php +++ b/blank.php @@ -16,7 +16,7 @@
- +
diff --git a/client_overview.php b/client_overview.php index ac3109f0..03ecf75c 100644 --- a/client_overview.php +++ b/client_overview.php @@ -2,7 +2,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id AND contact_archived_at IS NULL AND contacts.company_id = $session_company_id ORDER BY contact_updated_at, contact_created_at DESC LIMIT 5"); -$sql_important_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id AND contact_important = 1 AND contact_archived_at IS NULL AND contacts.company_id = $session_company_id ORDER BY contact_updated_at, contact_name DESC"); +$sql_important_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id AND (contact_important = 1 OR contact_billing = 1 OR contact_technical = 1 OR contact_id = $primary_contact) AND contact_archived_at IS NULL AND contacts.company_id = $session_company_id ORDER BY contact_name DESC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL AND company_id = $session_company_id ORDER BY vendor_updated_at DESC LIMIT 5"); @@ -138,55 +138,6 @@ $sql_domains_expiring = mysqli_query($mysqli, "SELECT * FROM domains - 0 || mysqli_num_rows($sql_vendors) > 0) { ?> - -
- -
-
-
Recently Viewed
-
-
- - -

- - -

- - - -

- - -

- - -
-
-
- - - - 0 || mysqli_num_rows($sql_asset_warranties_expiring) > 0 diff --git a/client_software.php b/client_software.php index c4aa8feb..ef165954 100644 --- a/client_software.php +++ b/client_software.php @@ -93,7 +93,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); // Get Login $login_id = $row['login_id']; - $login_username = htmlentities($row['login_username']); + $login_username = htmlentities(decryptLoginEntry($row['login_username'])); $login_password = htmlentities(decryptLoginEntry($row['login_password'])); $seat_count = 0; diff --git a/post.php b/post.php index a3e0cf2e..34abe8df 100644 --- a/post.php +++ b/post.php @@ -4299,17 +4299,17 @@ if(isset($_POST['add_contact'])){ mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id"); - $_SESSION['alert_message'] = 'File successfully uploaded.'; + $_SESSION['alert_message'] = 'Photo successfully uploaded. '; }else{ - $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; + $_SESSION['alert_message'] = 'There was an error moving the photo to the upload directory. Please make sure the upload directory is writable by web server.'; } } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Create', log_description = '$session_name created contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); - $_SESSION['alert_message'] .= "Contact added"; + $_SESSION['alert_message'] .= "Contact $name created"; header("Location: " . $_SERVER["HTTP_REFERER"]); @@ -4416,17 +4416,17 @@ if(isset($_POST['edit_contact'])){ mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id"); - $_SESSION['alert_message'] = 'File successfully uploaded.'; + $_SESSION['alert_message'] = 'Photo successfully uploaded. '; }else{ - $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; + $_SESSION['alert_message'] = 'There was an error moving the photo to the upload directory. Please make sure the upload directory is writable by web server. '; } } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); - $_SESSION['alert_message'] .= "Contact updated"; + $_SESSION['alert_message'] .= "Contact $name updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); @@ -4450,7 +4450,7 @@ if(isset($_GET['archive_contact'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Archive', log_description = '$session_name archived contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_type'] = "error"; - $_SESSION['alert_message'] = "Contact ".htmlentities($contact_name)." archived. Undo"; + $_SESSION['alert_message'] = "Contact $contact_name archived.
Undo"; header("Location: " . $_SERVER["HTTP_REFERER"]); @@ -4466,7 +4466,7 @@ if(isset($_GET['delete_contact'])){ $sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); $contact_name = strip_tags(mysqli_real_escape_string($mysqli, $row['contact_name'])); - $client_id = $row['contact_client_id']; + $client_id = intval($row['contact_client_id']); mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id"); @@ -4474,7 +4474,7 @@ if(isset($_GET['delete_contact'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Delete', log_description = '$session_name deleted contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_type'] = "error"; - $_SESSION['alert_message'] = "Contact deleted"; + $_SESSION['alert_message'] = "Contact $contact_name deleted."; header("Location: " . $_SERVER["HTTP_REFERER"]);