diff --git a/api/v1/credentials/create.php b/api/v1/credentials/create.php index 5fb2b224..44618610 100644 --- a/api/v1/credentials/create.php +++ b/api/v1/credentials/create.php @@ -13,7 +13,7 @@ $insert_id = false; if (!empty($api_key_decrypt_password) && !empty($name) && !(empty($password))) { // Add credential - $insert_sql = mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_vendor_id = $vendor_id, credential_asset_id = $asset_id, credential_software_id = $software_id, credential_client_id = $client_id"); + $insert_sql = mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_favorite = $favorite, credential_contact_id = $contact_id, credential_asset_id = $asset_id, credential_client_id = $client_id"); // Check insert & get insert ID if ($insert_sql) { diff --git a/api/v1/credentials/credential_model.php b/api/v1/credentials/credential_model.php index f4243082..04531727 100644 --- a/api/v1/credentials/credential_model.php +++ b/api/v1/credentials/credential_model.php @@ -61,8 +61,6 @@ if (isset($_POST['credential_password'])) { $password_changed = false; } - - if (isset($_POST['credential_otp_secret'])) { $otp_secret = sanitizeInput($_POST['credential_otp_secret']); } elseif (isset($credential_row) && isset($credential_row['credential_otp_secret'])) { @@ -79,12 +77,12 @@ if (isset($_POST['credential_note'])) { $note = ''; } -if (isset($_POST['credential_important'])) { - $important = intval($_POST['credential_important']); -} elseif (isset($credential_row) && isset($credential_row['credential_important'])) { - $important = $credential_row['credential_important']; +if (isset($_POST['credential_favorite'])) { + $favorite = intval($_POST['credential_favorite']); +} elseif (isset($credential_row) && isset($credential_row['credential_favorite'])) { + $favorite = $credential_row['credential_favorite']; } else { - $important = ''; + $favorite = 0; } if (isset($_POST['credential_contact_id'])) { @@ -92,7 +90,7 @@ if (isset($_POST['credential_contact_id'])) { } elseif (isset($credential_row) && isset($credential_row['credential_contact_id'])) { $contact_id = $credential_row['credential_contact_id']; } else { - $contact_id = ''; + $contact_id = 0; } if (isset($_POST['credential_vendor_id'])) { @@ -100,7 +98,7 @@ if (isset($_POST['credential_vendor_id'])) { } elseif (isset($credential_row) && isset($credential_row['credential_vendor_id'])) { $vendor_id = $credential_row['credential_vendor_id']; } else { - $vendor_id = ''; + $vendor_id = 0; } if (isset($_POST['credential_asset_id'])) { @@ -108,7 +106,7 @@ if (isset($_POST['credential_asset_id'])) { } elseif (isset($credential_row) && isset($credential_row['credential_asset_id'])) { $asset_id = $credential_row['credential_asset_id']; } else { - $asset_id = ''; + $asset_id = 0; } if (isset($_POST['credential_software_id'])) { @@ -116,5 +114,5 @@ if (isset($_POST['credential_software_id'])) { } elseif (isset($credential_row) && isset($credential_row['credential_software_id'])) { $software_id = $credential_row['credential_software_id']; } else { - $software_id = ''; + $software_id = 0; } diff --git a/api/v1/credentials/update.php b/api/v1/credentials/update.php index 78c4f296..2aff7a6b 100644 --- a/api/v1/credentials/update.php +++ b/api/v1/credentials/update.php @@ -17,7 +17,7 @@ if (!empty($_POST['api_key_decrypt_password']) && !empty($credential_id)) { // Variable assignment from POST - assigning the current database value if a value is not provided require_once 'credential_model.php'; - $update_sql = mysqli_query($mysqli,"UPDATE credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_vendor_id = $vendor_id, credential_asset_id = $asset_id, credential_software_id = $software_id, credential_client_id = $client_id WHERE credential_id = '$credential_id' AND credential_client_id = $client_id LIMIT 1"); + $update_sql = mysqli_query($mysqli,"UPDATE credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_favorite = $favorite, credential_contact_id = $contact_id, credential_asset_id = $asset_id, credential_client_id = $client_id WHERE credential_id = '$credential_id' AND credential_client_id = $client_id LIMIT 1"); // Check insert & get insert ID if ($update_sql) { diff --git a/api/v1/domains/read.php b/api/v1/domains/read.php index b65aab99..6bbd96a2 100644 --- a/api/v1/domains/read.php +++ b/api/v1/domains/read.php @@ -13,7 +13,7 @@ if (isset($_GET['domain_id'])) { } elseif (isset($_GET['domain_name'])) { // Domain by name $name = mysqli_real_escape_string($mysqli, $_GET['domain_name']); - $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$name' AND domain_client_id LIKE '$client_id' ORDER BY asset_id LIMIT $limit OFFSET $offset"); + $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$name' AND domain_client_id LIKE '$client_id' ORDER BY domain_id LIMIT $limit OFFSET $offset"); } else { // All domains (by client ID or all in general if key permits)