AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-06 05:44:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #486 from wrongecho/contact-api

Browse Source 
Contact API fix
This commit is contained in:
Johnny
2022-09-11 10:25:50 -04:00
committed by GitHub
parent f2f1949ff8 b23359ff38
commit 1ed88f7b56
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1/contacts/contact_model.php
View File

@@ -3,7 +3,7 @@ define('number_regex', '/[^0-9]/');
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_name']))); $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_name'])));
$title = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_title']))); $title = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_title'])));
$department = intval($_POST['contact_department']); $department = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_department'])));
$phone = preg_replace(number_regex, '', $_POST['contact_phone']); $phone = preg_replace(number_regex, '', $_POST['contact_phone']);
$extension = preg_replace(number_regex, '', $_POST['contact_extension']); $extension = preg_replace(number_regex, '', $_POST['contact_extension']);
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']); $mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);

2
api/v1/contacts/create.php
View File

@@ -17,7 +17,7 @@ if(!empty($name) && !empty($email) && !empty($client_id)){
if(mysqli_num_rows($email_duplication_sql) == 0){ if(mysqli_num_rows($email_duplication_sql) == 0){
// Insert contact // Insert contact
$insert_sql = mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department_id = $department, contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id"); $insert_sql = mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
// Check insert & get insert ID // Check insert & get insert ID
if($insert_sql){ if($insert_sql){