mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
Merge branch 'develop' into ticket-redaction
This commit is contained in:
wrongecho
GitHub
@@ -39,19 +39,19 @@ if (isset($_POST['add_asset'])) {
|
||||
}
|
||||
|
||||
// Add Primary Interface
|
||||
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '1', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
|
||||
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '01', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
|
||||
|
||||
|
||||
if (!empty($_POST['username'])) {
|
||||
$username = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['username'])));
|
||||
$password = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['password'])));
|
||||
$username = trim(mysqli_real_escape_string($mysqli, encryptCredentialEntry($_POST['username'])));
|
||||
$password = trim(mysqli_real_escape_string($mysqli, encryptCredentialEntry($_POST['password'])));
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_username = '$username', credential_password = '$password', credential_asset_id = $asset_id, credential_client_id = $client_id");
|
||||
|
||||
$login_id = mysqli_insert_id($mysqli);
|
||||
$credential_id = mysqli_insert_id($mysqli);
|
||||
|
||||
//Logging
|
||||
logAction("Credential", "Create", "$session_name created login credential for asset $asset_name", $client_id, $login_id);
|
||||
logAction("Credential", "Create", "$session_name created login credential for asset $asset_name", $client_id, $credential_id);
|
||||
|
||||
$alert_extended = " along with login credentials";
|
||||
|
||||
@@ -89,7 +89,7 @@ if (isset($_POST['edit_asset'])) {
|
||||
|
||||
if(mysqli_num_rows($sql_interfaces) == 0 ) {
|
||||
// Add Primary Interface
|
||||
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '1', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
|
||||
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '01', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
|
||||
} else {
|
||||
// Update Primary Interface
|
||||
mysqli_query($mysqli,"UPDATE asset_interfaces SET interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_network_id = $network WHERE interface_asset_id = $asset_id AND interface_primary = 1");
|
||||
@@ -187,12 +187,6 @@ if (isset($_GET['delete_asset'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM assets WHERE asset_id = $asset_id");
|
||||
|
||||
// Delete Interfaces
|
||||
mysqli_query($mysqli,"DELETE FROM asset_interfaces WHERE interface_asset_id = $asset_id");
|
||||
|
||||
// Delete History
|
||||
mysqli_query($mysqli,"DELETE FROM asset_history WHERE asset_history_asset_id = $asset_id");
|
||||
|
||||
// Logging
|
||||
logAction("Asset", "Delete", "$session_name deleted asset $asset_name", $client_id);
|
||||
|
||||
@@ -486,7 +480,7 @@ if (isset($_POST['bulk_unarchive_assets'])) {
|
||||
}
|
||||
|
||||
// Bulk Logging
|
||||
logAction("Asset", "Bulk Unarchive", "$session_name unarchived $count assets", $client_id);
|
||||
logAction("Asset", "Bulk Unarchive", "$session_name unarchived $count assets");
|
||||
|
||||
$_SESSION['alert_message'] = "Unarchived $count asset(s)";
|
||||
|
||||
@@ -495,6 +489,44 @@ if (isset($_POST['bulk_unarchive_assets'])) {
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_delete_assets'])) {
|
||||
|
||||
enforceUserPermission('module_support', 3);
|
||||
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
if (isset($_POST['asset_ids'])) {
|
||||
|
||||
// Get Count
|
||||
$count = count($_POST['asset_ids']);
|
||||
|
||||
foreach ($_POST['asset_ids'] as $asset_id) {
|
||||
|
||||
$asset_id = intval($asset_id);
|
||||
|
||||
// Get Asset Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
$client_id = intval($row['asset_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM assets WHERE asset_id = $asset_id");
|
||||
|
||||
// Individual Asset logging
|
||||
logAction("Asset", "Delete", "$session_name deleted asset $asset_name", $client_id, $asset_id);
|
||||
}
|
||||
|
||||
// Bulk Logging
|
||||
logAction("Asset", "Bulk Delete", "$session_name deleted $count assets");
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Deleted <strong>$count</strong> asset(s)";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
// BEGIN LINKING
|
||||
|
||||
if (isset($_POST['link_software_to_asset'])) {
|
||||
@@ -560,26 +592,26 @@ if (isset($_POST['link_asset_to_credential'])) {
|
||||
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$login_id = intval($_POST['login_id']);
|
||||
$credential_id = intval($_POST['credential_id']);
|
||||
$asset_id = intval($_POST['asset_id']);
|
||||
|
||||
// Get login Name and Client ID for logging
|
||||
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$row = mysqli_fetch_array($sql_login);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
// Get credential Name and Client ID for logging
|
||||
$sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql_credential);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
// Get Asset Name for logging
|
||||
$sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql_asset);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_asset_id = $asset_id WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_asset_id = $asset_id WHERE credential_id = $credential_id");
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Link", "$session_name linked credential $login_name to asset $asset_name", $client_id, $login_id);
|
||||
logAction("Credential", "Link", "$session_name linked credential $credential_name to asset $asset_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Asset <strong>$asset_name</strong> linked with credential <strong>$login_name</strong>";
|
||||
$_SESSION['alert_message'] = "Asset <strong>$asset_name</strong> linked with credential <strong>$crdential_name</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
@@ -590,26 +622,26 @@ if (isset($_GET['unlink_credential_from_asset'])) {
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$asset_id = intval($_GET['asset_id']);
|
||||
$login_id = intval($_GET['login_id']);
|
||||
$credential_id = intval($_GET['credential_id']);
|
||||
|
||||
// Get login Name and Client ID for logging
|
||||
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$row = mysqli_fetch_array($sql_login);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
// Get credential Name and Client ID for logging
|
||||
$sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql_credential);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
// Get Asset Name for logging
|
||||
$sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql_asset);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_asset_id = 0 WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_asset_id = 0 WHERE credential_id = $credential_id");
|
||||
|
||||
//Logging
|
||||
logAction("Credential", "Unlink", "$session_name unlinked asset $asset_name from credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Unlink", "$session_name unlinked asset $asset_name from credential $credential_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> unlinked from Asset <strong>$asset_name</strong>";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> unlinked from Asset <strong>$asset_name</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
||||
@@ -217,36 +217,16 @@ if (isset($_GET['delete_client'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM certificates WHERE certificate_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM documents WHERE document_client_id = $client_id");
|
||||
|
||||
// Delete Contacts including contact tags, notes
|
||||
$sql = mysqli_query($mysqli, "SELECT contact_id FROM contacts WHERE contact_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$contact_id = $row['contact_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM contact_tags WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_logins WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id");
|
||||
}
|
||||
// Delete Contacts
|
||||
mysqli_query($mysqli, "DELETE FROM contacts WHERE contact_client_id = $client_id");
|
||||
|
||||
// Delete Assets and Interfaces
|
||||
$sql = mysqli_query($mysqli, "SELECT asset_id FROM assets WHERE asset_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$asset_id = $row['asset_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM asset_interfaces WHERE interface_asset_id = $asset_id");
|
||||
}
|
||||
// Delete Assets
|
||||
mysqli_query($mysqli, "DELETE FROM assets WHERE asset_client_id = $client_id");
|
||||
|
||||
// Delete Domains and associated records
|
||||
$sql = mysqli_query($mysqli, "SELECT domain_id FROM domains WHERE domain_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$domain_id = $row['domain_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM records WHERE record_domain_id = $domain_id");
|
||||
}
|
||||
mysqli_query($mysqli, "DELETE FROM domains WHERE domain_client_id = $client_id");
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM events WHERE event_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM calendar_events WHERE event_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM files WHERE file_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM folders WHERE folder_client_id = $client_id");
|
||||
|
||||
@@ -261,14 +241,9 @@ if (isset($_GET['delete_client'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM invoices WHERE invoice_client_id = $client_id");
|
||||
|
||||
// Delete Locations and location tags
|
||||
$sql = mysqli_query($mysqli, "SELECT location_id FROM locations WHERE location_client_id = location_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$location_id = $row['location_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM location_tags WHERE location_id = $location_id");
|
||||
}
|
||||
mysqli_query($mysqli, "DELETE FROM locations WHERE location_client_id = $client_id");
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM logins WHERE login_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM credentials WHERE credential_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM logs WHERE log_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM networks WHERE network_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM notifications WHERE notification_client_id = $client_id");
|
||||
@@ -283,38 +258,23 @@ if (isset($_GET['delete_client'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM quotes WHERE quote_client_id = $client_id");
|
||||
|
||||
// Delete Recurring Invoices and associated items
|
||||
$sql = mysqli_query($mysqli, "SELECT recurring_id FROM recurring WHERE recurring_client_id = $client_id");
|
||||
$sql = mysqli_query($mysqli, "SELECT recurring_invoice_id FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$recurring_id = $row['recurring_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$recurring_invoice_id = $row['recurring_invoice_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
}
|
||||
mysqli_query($mysqli, "DELETE FROM recurring WHERE recurring_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM revenues WHERE revenue_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM scheduled_tickets WHERE scheduled_ticket_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM recurring_tickets WHERE recurring_ticket_client_id = $client_id");
|
||||
|
||||
// Delete Services and items associated with services
|
||||
$sql = mysqli_query($mysqli, "SELECT service_id FROM services WHERE service_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$service_id = $row['service_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM service_assets WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_certificates WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_contacts WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_documents WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_domains WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_logins WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_vendors WHERE service_id = $service_id");
|
||||
}
|
||||
// Delete Services
|
||||
mysqli_query($mysqli, "DELETE FROM services WHERE service_client_id = $client_id");
|
||||
|
||||
// Delete Shared Items
|
||||
mysqli_query($mysqli, "DELETE FROM shared_items WHERE item_client_id = $client_id");
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT software_id FROM software WHERE software_client_id = $client_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$software_id = $row['software_id'];
|
||||
mysqli_query($mysqli, "DELETE FROM software_assets WHERE software_id = $software_id");
|
||||
mysqli_query($mysqli, "DELETE FROM software_contacts WHERE software_id = $software_id");
|
||||
}
|
||||
// Delete Software
|
||||
mysqli_query($mysqli, "DELETE FROM software WHERE software_client_id = $client_id");
|
||||
|
||||
// Delete tickets and related data
|
||||
@@ -328,9 +288,6 @@ if (isset($_GET['delete_client'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM trips WHERE trip_client_id = $client_id");
|
||||
mysqli_query($mysqli, "DELETE FROM vendors WHERE vendor_client_id = $client_id");
|
||||
|
||||
// Delete tags
|
||||
mysqli_query($mysqli, "DELETE FROM client_tags WHERE client_id = $client_id");
|
||||
|
||||
//Delete Client Files
|
||||
removeDirectory('uploads/clients/$client_id');
|
||||
|
||||
@@ -640,18 +597,18 @@ if (isset($_POST['export_client_pdf'])) {
|
||||
$export_locations = intval($_POST['export_locations']);
|
||||
$export_assets = intval($_POST['export_assets']);
|
||||
$export_software = intval($_POST['export_software']);
|
||||
$export_logins = 0;
|
||||
$export_credentials = 0;
|
||||
if (lookupUserPermission("module_credential") >= 1) {
|
||||
$export_logins = intval($_POST['export_logins']);
|
||||
$export_credentials = intval($_POST['export_credentials']);
|
||||
}
|
||||
$export_networks = intval($_POST['export_networks']);
|
||||
$export_certificates = intval($_POST['export_certificates']);
|
||||
$export_domains = intval($_POST['export_domains']);
|
||||
$export_tickets = intval($_POST['export_tickets']);
|
||||
$export_scheduled_tickets = intval($_POST['export_scheduled_tickets']);
|
||||
$export_recurring_tickets = intval($_POST['export_recurring_tickets']);
|
||||
$export_vendors = intval($_POST['export_vendors']);
|
||||
$export_invoices = intval($_POST['export_invoices']);
|
||||
$export_recurring = intval($_POST['export_recurring']);
|
||||
$export_recurring_invoices = intval($_POST['export_recurring_invoices']);
|
||||
$export_quotes = intval($_POST['export_quotes']);
|
||||
$export_payments = intval($_POST['export_payments']);
|
||||
$export_trips = intval($_POST['export_trips']);
|
||||
@@ -682,7 +639,7 @@ if (isset($_POST['export_client_pdf'])) {
|
||||
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id AND contact_archived_at IS NULL ORDER BY contact_name ASC");
|
||||
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL ORDER BY location_name ASC");
|
||||
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
|
||||
$sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_client_id = $client_id ORDER BY login_name ASC");
|
||||
$sql_credentials = mysqli_query($mysqli,"SELECT * FROM credentials WHERE credential_client_id = $client_id ORDER BY credential_name ASC");
|
||||
$sql_assets = mysqli_query($mysqli,"SELECT * FROM assets
|
||||
LEFT JOIN contacts ON asset_contact_id = contact_id
|
||||
LEFT JOIN locations ON asset_location_id = location_id
|
||||
@@ -1013,8 +970,8 @@ if (isset($_POST['export_client_pdf'])) {
|
||||
<?php } ?>
|
||||
//Vendors END
|
||||
|
||||
//Logins Start
|
||||
<?php if(mysqli_num_rows($sql_logins) > 0 && $export_logins == 1){ ?>
|
||||
//Credentials Start
|
||||
<?php if(mysqli_num_rows($sql_credentials) > 0 && $export_credentials == 1){ ?>
|
||||
{
|
||||
text: 'Credentials',
|
||||
style: 'title'
|
||||
@@ -1047,33 +1004,33 @@ if (isset($_POST['export_client_pdf'])) {
|
||||
],
|
||||
|
||||
<?php
|
||||
while($row = mysqli_fetch_array($sql_logins)){
|
||||
$login_name = $row['login_name'];
|
||||
$login_description = $row['login_description'];
|
||||
$login_username = decryptLoginEntry($row['login_username']);
|
||||
$login_password = decryptLoginEntry($row['login_password']);
|
||||
$login_uri = $row['login_uri'];
|
||||
while($row = mysqli_fetch_array($sql_credentials)){
|
||||
$credential_name = $row['credential_name'];
|
||||
$credential_description = $row['credential_description'];
|
||||
$credential_username = decryptCredentialEntry($row['credential_username']);
|
||||
$credential_password = decryptCredentialEntry($row['credential_password']);
|
||||
$credential_uri = $row['credential_uri'];
|
||||
?>
|
||||
|
||||
[
|
||||
{
|
||||
text: <?php echo json_encode($login_name); ?>,
|
||||
text: <?php echo json_encode($credential_name); ?>,
|
||||
style: 'item'
|
||||
},
|
||||
{
|
||||
text: <?php echo json_encode($login_description); ?>,
|
||||
text: <?php echo json_encode($credential_description); ?>,
|
||||
style: 'item'
|
||||
},
|
||||
{
|
||||
text: <?php echo json_encode($login_username); ?>,
|
||||
text: <?php echo json_encode($credential_username); ?>,
|
||||
style: 'item'
|
||||
},
|
||||
{
|
||||
text: <?php echo json_encode($login_password); ?>,
|
||||
text: <?php echo json_encode($credential_password); ?>,
|
||||
style: 'item'
|
||||
},
|
||||
{
|
||||
text: <?php echo json_encode($login_uri); ?>,
|
||||
text: <?php echo json_encode($credential_uri); ?>,
|
||||
style: 'item'
|
||||
}
|
||||
],
|
||||
@@ -1945,8 +1902,6 @@ if (isset($_POST['export_client_pdf'])) {
|
||||
|
||||
</script>
|
||||
|
||||
|
||||
|
||||
<?php
|
||||
|
||||
}
|
||||
|
||||
@@ -704,14 +704,6 @@ if (isset($_POST['bulk_delete_contacts'])) {
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli, "DELETE FROM contact_tags WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_logins WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id");
|
||||
|
||||
// Individual Logging
|
||||
logAction("Contact", "Delete", "$session_name deleted $contact_name", $client_id);
|
||||
|
||||
@@ -909,14 +901,6 @@ if (isset($_GET['delete_contact'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_id = $contact_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli, "DELETE FROM contact_tags WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_logins WHERE contact_id = $contact_id");
|
||||
mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id");
|
||||
|
||||
//Logging
|
||||
logAction("Contact", "Delete", "$session_name deleted contact $contact_name", $client_id);
|
||||
|
||||
@@ -1049,26 +1033,26 @@ if (isset($_POST['link_contact_to_credential'])) {
|
||||
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$login_id = intval($_POST['login_id']);
|
||||
$credential_id = intval($_POST['credential_id']);
|
||||
$contact_id = intval($_POST['contact_id']);
|
||||
|
||||
// Get login Name and Client ID for logging
|
||||
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$row = mysqli_fetch_array($sql_login);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
// Get credential Name and Client ID for logging
|
||||
$sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql_credential);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
// Get Contact Name for logging
|
||||
$sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql_contact);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_contact_id = $contact_id WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_contact_id = $contact_id WHERE credential_id = $credential_id");
|
||||
|
||||
// Logging
|
||||
logAction("Asset", "Link", "$session_name linked credential $login_name to contact $contact_name", $client_id, $login_id);
|
||||
logAction("Asset", "Link", "$session_name linked credential $credential_name to contact $contact_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Contact <strong>$contact_name</strong> linked with credential <strong>$login_name</strong>";
|
||||
$_SESSION['alert_message'] = "Contact <strong>$contact_name</strong> linked with credential <strong>$credential_name</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
@@ -1079,26 +1063,26 @@ if (isset($_GET['unlink_credential_from_contact'])) {
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$contact_id = intval($_GET['contact_id']);
|
||||
$login_id = intval($_GET['login_id']);
|
||||
$credential_id = intval($_GET['credential_id']);
|
||||
|
||||
// Get login Name and Client ID for logging
|
||||
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$row = mysqli_fetch_array($sql_login);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
// Get credential Name and Client ID for logging
|
||||
$sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql_credential);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
// Get Contact Name for logging
|
||||
$sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql_contact);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_contact_id = 0 WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_contact_id = 0 WHERE credential_id = $credential_id");
|
||||
|
||||
//Logging
|
||||
logAction("Credential", "Unlink", "$session_name unlinked contact $contact_name from credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Unlink", "$session_name unlinked contact $contact_name from credential $credential_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> unlinked from Contact <strong>$contact_name</strong>";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> unlinked from Contact <strong>$contact_name</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
||||
@@ -1,31 +1,31 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* ITFlow - GET/POST request handler for client credentials (formerly logins)
|
||||
* ITFlow - GET/POST request handler for client credentials
|
||||
*/
|
||||
|
||||
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
if (isset($_POST['add_login'])) {
|
||||
if (isset($_POST['add_credential'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
require_once 'post/user/credential_model.php';
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_uri_2 = '$uri_2', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_asset_id = $asset_id, login_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_asset_id = $asset_id, credential_client_id = $client_id");
|
||||
|
||||
$login_id = mysqli_insert_id($mysqli);
|
||||
$credential_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Add Tags
|
||||
if (isset($_POST['tags'])) {
|
||||
foreach($_POST['tags'] as $tag) {
|
||||
$tag = intval($tag);
|
||||
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
|
||||
mysqli_query($mysqli, "INSERT INTO credential_tags SET credential_id = $credential_id, tag_id = $tag");
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Create", "$session_name created credential $name", $client_id, $login_id);
|
||||
logAction("Credential", "Create", "$session_name created credential $name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Credential <strong>$name</strong> created";
|
||||
|
||||
@@ -33,146 +33,139 @@ if (isset($_POST['add_login'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['edit_login'])) {
|
||||
if (isset($_POST['edit_credential'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
require_once 'post/user/credential_model.php';
|
||||
|
||||
$login_id = intval($_POST['login_id']);
|
||||
$credential_id = intval($_POST['credential_id']);
|
||||
|
||||
// Determine if the password has actually changed (salt is rotated on all updates, so have to dencrypt both and compare)
|
||||
$current_password = decryptLoginEntry(mysqli_fetch_row(mysqli_query($mysqli, "SELECT login_password FROM logins WHERE login_id = $login_id"))[0]); // Get current login password
|
||||
$new_password = decryptLoginEntry($password); // Get the new password being set (already encrypted by the login model)
|
||||
$current_password = decryptCredentialEntry(mysqli_fetch_row(mysqli_query($mysqli, "SELECT credential_password FROM credentials WHERE credential_id = $credential_id"))[0]); // Get current credential password
|
||||
$new_password = decryptCredentialEntry($password); // Get the new password being set (already encrypted by the credential model)
|
||||
if ($current_password !== $new_password) {
|
||||
// The password has been changed - update the DB to track
|
||||
mysqli_query($mysqli, "UPDATE logins SET login_password_changed_at = NOW() WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli, "UPDATE credentials SET credential_password_changed_at = NOW() WHERE credential_id = $credential_id");
|
||||
}
|
||||
|
||||
// Update the login entry with the new details
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_uri_2 = '$uri_2', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_asset_id = $asset_id WHERE login_id = $login_id");
|
||||
// Update the credential entry with the new details
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_asset_id = $asset_id WHERE credential_id = $credential_id");
|
||||
|
||||
// Tags
|
||||
// Delete existing tags
|
||||
mysqli_query($mysqli, "DELETE FROM login_tags WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli, "DELETE FROM credential_tags WHERE credential_id = $credential_id");
|
||||
|
||||
// Add new tags
|
||||
if(isset($_POST['tags'])) {
|
||||
foreach($_POST['tags'] as $tag) {
|
||||
$tag = intval($tag);
|
||||
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
|
||||
mysqli_query($mysqli, "INSERT INTO credential_tags SET credential_id = $credential_id, tag_id = $tag");
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Edit", "$session_name edited credential $name", $client_id, $login_id);
|
||||
logAction("Credential", "Edit", "$session_name edited credential $name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Login <strong>$name</strong> edited";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$name</strong> edited";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if(isset($_GET['archive_login'])){
|
||||
if(isset($_GET['archive_credential'])){
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
$login_id = intval($_GET['archive_login']);
|
||||
$credential_id = intval($_GET['archive_credential']);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NOW() WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_archived_at = NOW() WHERE credential_id = $credential_id");
|
||||
|
||||
//logging
|
||||
logAction("Credential", "Archive", "$session_name archived credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Archive", "$session_name archived credential $credential_name", $client_id, $credential_id);
|
||||
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> archived";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> archived";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if(isset($_GET['unarchive_login'])){
|
||||
if(isset($_GET['unarchive_credential'])){
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
$login_id = intval($_GET['unarchive_login']);
|
||||
$credential_id = intval($_GET['unarchive_credential']);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NULL WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_archived_at = NULL WHERE credential_id = $credential_id");
|
||||
|
||||
//Logging
|
||||
logAction("Credential", "Unarchive", "$session_name unarchived credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Unarchive", "$session_name unarchived credential $credential_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> restored";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> restored";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_GET['delete_login'])) {
|
||||
if (isset($_GET['delete_credential'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 3);
|
||||
|
||||
$login_id = intval($_GET['delete_login']);
|
||||
$credential_id = intval($_GET['delete_credential']);
|
||||
|
||||
// Get Login Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
// Get Credential Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM logins WHERE login_id = $login_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli,"DELETE FROM contact_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM service_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM software_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_logins WHERE login_id = $login_id");
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM credentials WHERE credential_id = $credential_id");
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Delete", "$session_name deleted credential $login_name", $client_id);
|
||||
logAction("Credential", "Delete", "$session_name deleted credential $credential_name", $client_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> deleted";
|
||||
$_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> deleted";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_assign_login_tags'])) {
|
||||
if (isset($_POST['bulk_assign_credential_tags'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
// Assign tags to Selected Credentials
|
||||
if (isset($_POST['login_ids'])) {
|
||||
if (isset($_POST['credential_ids'])) {
|
||||
|
||||
// Get Selected Credential Count
|
||||
$count = count($_POST['login_ids']);
|
||||
$count = count($_POST['credential_ids']);
|
||||
|
||||
foreach($_POST['login_ids'] as $login_id) {
|
||||
$login_id = intval($login_id);
|
||||
foreach($_POST['credential_ids'] as $credential_id) {
|
||||
$credential_id = intval($credential_id);
|
||||
|
||||
// Get Contact Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
if($_POST['bulk_remove_tags']) {
|
||||
// Delete tags if chosed to do so
|
||||
mysqli_query($mysqli, "DELETE FROM login_tags WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli, "DELETE FROM credential_tags WHERE credential_id = $credential_id");
|
||||
}
|
||||
|
||||
// Add new tags
|
||||
@@ -180,15 +173,15 @@ if (isset($_POST['bulk_assign_login_tags'])) {
|
||||
foreach($_POST['bulk_tags'] as $tag) {
|
||||
$tag = intval($tag);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM login_tags WHERE login_id = $login_id AND tag_id = $tag");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM credential_tags WHERE credential_id = $credential_id AND tag_id = $tag");
|
||||
if (mysqli_num_rows($sql) == 0) {
|
||||
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
|
||||
mysqli_query($mysqli, "INSERT INTO credential_tags SET credential_id = $credential_id, tag_id = $tag");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Edit", "$session_name added tags to $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Edit", "$session_name added tags to $credential_name", $client_id, $credential_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Assigned tags for <strong>$count</strong> credentials";
|
||||
|
||||
@@ -202,31 +195,31 @@ if (isset($_POST['bulk_assign_login_tags'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_archive_logins'])) {
|
||||
if (isset($_POST['bulk_archive_credentials'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
if (isset($_POST['login_ids'])) {
|
||||
if (isset($_POST['credential_ids'])) {
|
||||
|
||||
// Get Selected Credential Count
|
||||
$count = count($_POST['login_ids']);
|
||||
$count = count($_POST['credential_ids']);
|
||||
|
||||
// Cycle through array and archive each record
|
||||
foreach ($_POST['login_ids'] as $login_id) {
|
||||
foreach ($_POST['credential_ids'] as $credential_id) {
|
||||
|
||||
$login_id = intval($login_id);
|
||||
$credential_id = intval($credential_id);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NOW() WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_archived_at = NOW() WHERE credential_id = $credential_id");
|
||||
|
||||
// Individual Contact logging
|
||||
logAction("Credential", "Archive", "$session_name archived credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Archive", "$session_name archived credential $credential_name", $client_id, $credential_id);
|
||||
}
|
||||
|
||||
// Bulk Logging
|
||||
@@ -240,32 +233,32 @@ if (isset($_POST['bulk_archive_logins'])) {
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_unarchive_logins'])) {
|
||||
if (isset($_POST['bulk_unarchive_credentials'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 2);
|
||||
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
if (isset($_POST['login_ids'])) {
|
||||
if (isset($_POST['credential_ids'])) {
|
||||
|
||||
// Get Selected Credential Count
|
||||
$count = count($_POST['login_ids']);
|
||||
$count = count($_POST['credential_ids']);
|
||||
|
||||
// Cycle through array and unarchive
|
||||
foreach ($_POST['login_ids'] as $login_id) {
|
||||
foreach ($_POST['credential_ids'] as $credential_id) {
|
||||
|
||||
$login_id = intval($login_id);
|
||||
$credential_id = intval($credential_id);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NULL WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"UPDATE credentials SET credential_archived_at = NULL WHERE credential_id = $credential_id");
|
||||
|
||||
// Individual logging
|
||||
logAction("Credential", "Unarchive", "$session_name unarchived credential $login_name", $client_id, $login_id);
|
||||
logAction("Credential", "Unarchive", "$session_name unarchived credential $credential_name", $client_id, $credential_id);
|
||||
|
||||
}
|
||||
|
||||
@@ -279,38 +272,32 @@ if (isset($_POST['bulk_unarchive_logins'])) {
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_delete_logins'])) {
|
||||
if (isset($_POST['bulk_delete_credentials'])) {
|
||||
|
||||
enforceUserPermission('module_credential', 3);
|
||||
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
if (isset($_POST['login_ids'])) {
|
||||
if (isset($_POST['credential_ids'])) {
|
||||
|
||||
// Get Selected Credential Count
|
||||
$count = count($_POST['login_ids']);
|
||||
$count = count($_POST['credential_ids']);
|
||||
|
||||
// Cycle through array and delete each record
|
||||
foreach ($_POST['login_ids'] as $login_id) {
|
||||
foreach ($_POST['credential_ids'] as $credential_id) {
|
||||
|
||||
$login_id = intval($login_id);
|
||||
$credential_id = intval($credential_id);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$login_name = sanitizeInput($row['login_name']);
|
||||
$client_id = intval($row['login_client_id']);
|
||||
$credential_name = sanitizeInput($row['credential_name']);
|
||||
$client_id = intval($row['credential_client_id']);
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM logins WHERE login_id = $login_id AND login_client_id = $client_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli,"DELETE FROM contact_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM service_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM software_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_logins WHERE login_id = $login_id");
|
||||
mysqli_query($mysqli, "DELETE FROM credentials WHERE credential_id = $credential_id AND credential_client_id = $client_id");
|
||||
|
||||
// Logging
|
||||
logAction("Credential", "Delete", "$session_name deleted credential $login_name", $client_id);
|
||||
logAction("Credential", "Delete", "$session_name deleted credential $credential_name", $client_id);
|
||||
|
||||
}
|
||||
|
||||
@@ -331,13 +318,13 @@ if (isset($_POST['export_credentials_csv'])) {
|
||||
|
||||
if (isset($_POST['client_id'])) {
|
||||
$client_id = intval($_POST['client_id']);
|
||||
$client_query = "AND login_client_id = $client_id";
|
||||
$client_query = "AND credential_client_id = $client_id";
|
||||
} else {
|
||||
$client_query = '';
|
||||
}
|
||||
|
||||
//get records from database
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM logins LEFT JOIN clients ON client_id = login_client_id WHERE login_archived_at IS NULL $client_query ORDER BY login_name ASC");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM credentials LEFT JOIN clients ON client_id = credential_client_id WHERE credential_archived_at IS NULL $client_query ORDER BY credential_name ASC");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$num_rows = mysqli_num_rows($sql);
|
||||
@@ -355,9 +342,9 @@ if (isset($_POST['export_credentials_csv'])) {
|
||||
|
||||
//output each row of the data, format line as csv and write to file pointer
|
||||
while($row = mysqli_fetch_assoc($sql)){
|
||||
$login_username = decryptLoginEntry($row['login_username']);
|
||||
$login_password = decryptLoginEntry($row['login_password']);
|
||||
$lineData = array($row['login_name'], $row['login_description'], $login_username, $login_password, $row['login_uri']);
|
||||
$credential_username = decryptCredentialEntry($row['credential_username']);
|
||||
$credential_password = decryptCredentialEntry($row['credential_password']);
|
||||
$lineData = array($row['credential_name'], $row['credential_description'], $credential_username, $credential_password, $row['credential_uri']);
|
||||
fputcsv($f, $lineData, $delimiter);
|
||||
}
|
||||
|
||||
@@ -427,7 +414,7 @@ if (isset($_POST["import_credentials_csv"])) {
|
||||
$duplicate_detect = 0;
|
||||
if (isset($column[0])) {
|
||||
$name = sanitizeInput($column[0]);
|
||||
if (mysqli_num_rows(mysqli_query($mysqli,"SELECT * FROM logins WHERE login_name = '$name' AND login_client_id = $client_id")) > 0){
|
||||
if (mysqli_num_rows(mysqli_query($mysqli,"SELECT * FROM credentials WHERE credential_name = '$name' AND credential_client_id = $client_id")) > 0){
|
||||
$duplicate_detect = 1;
|
||||
}
|
||||
}
|
||||
@@ -435,10 +422,10 @@ if (isset($_POST["import_credentials_csv"])) {
|
||||
$description = sanitizeInput($column[1]);
|
||||
}
|
||||
if (isset($column[2])) {
|
||||
$username = sanitizeInput(encryptLoginEntry($column[2]));
|
||||
$username = sanitizeInput(encryptCredentialEntry($column[2]));
|
||||
}
|
||||
if (isset($column[3])) {
|
||||
$password = sanitizeInput(encryptLoginEntry($column[3]));
|
||||
$password = sanitizeInput(encryptCredentialEntry($column[3]));
|
||||
}
|
||||
if (isset($column[4])) {
|
||||
$uri = sanitizeInput($column[4]);
|
||||
@@ -447,7 +434,7 @@ if (isset($_POST["import_credentials_csv"])) {
|
||||
// Check if duplicate was detected
|
||||
if ($duplicate_detect == 0){
|
||||
//Add
|
||||
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_username = '$username', login_password = '$password', login_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_username = '$username', credential_password = '$password', credential_client_id = $client_id");
|
||||
$row_count = $row_count + 1;
|
||||
}else{
|
||||
$duplicate_count = $duplicate_count + 1;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
// Model of reusable variables for client credentials/logins - not to be confused with the ITFLow login process
|
||||
// Model of reusable variables for client credentials - not to be confused with the ITFLow login process
|
||||
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
$client_id = intval($_POST['client_id']);
|
||||
@@ -7,8 +7,8 @@ $name = sanitizeInput($_POST['name']);
|
||||
$description = sanitizeInput($_POST['description']);
|
||||
$uri = sanitizeInput($_POST['uri']);
|
||||
$uri_2 = sanitizeInput($_POST['uri_2']);
|
||||
$username = encryptLoginEntry(trim($_POST['username']));
|
||||
$password = encryptLoginEntry(trim($_POST['password']));
|
||||
$username = encryptCredentialEntry(trim($_POST['username']));
|
||||
$password = encryptCredentialEntry(trim($_POST['password']));
|
||||
$otp_secret = sanitizeInput($_POST['otp_secret']);
|
||||
$note = sanitizeInput($_POST['note']);
|
||||
$important = intval($_POST['important'] ?? 0);
|
||||
|
||||
@@ -622,25 +622,6 @@ if (isset($_GET['delete_document_version'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM documents WHERE document_id = $document_id");
|
||||
|
||||
// Remove Associations
|
||||
// File Association
|
||||
mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
|
||||
|
||||
// Contact Associations
|
||||
mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
|
||||
|
||||
// Asset Associations
|
||||
mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
|
||||
|
||||
// Software Associations
|
||||
mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
|
||||
|
||||
// Vendor Associations
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
|
||||
|
||||
// Service Associations
|
||||
mysqli_query($mysqli,"DELETE FROM service_documents WHERE document_id = $document_id");
|
||||
|
||||
//Logging
|
||||
logAction("Document Version", "Delete", "$session_name deleted document version $document_name", $client_id);
|
||||
|
||||
@@ -668,25 +649,6 @@ if (isset($_GET['delete_document'])) {
|
||||
// Delete all versions associated with the master document
|
||||
mysqli_query($mysqli,"DELETE FROM documents WHERE document_parent = $document_id");
|
||||
|
||||
// Remove Associations
|
||||
// File Association
|
||||
mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
|
||||
|
||||
// Contact Associations
|
||||
mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
|
||||
|
||||
// Asset Associations
|
||||
mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
|
||||
|
||||
// Software Associations
|
||||
mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
|
||||
|
||||
// Vendor Associations
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
|
||||
|
||||
// Service Associations
|
||||
mysqli_query($mysqli,"DELETE FROM service_documents WHERE document_id = $document_id");
|
||||
|
||||
//Logging
|
||||
logAction("Document", "Delete", "$session_name deleted document $document_name and all versions", $client_id);
|
||||
|
||||
@@ -722,25 +684,6 @@ if (isset($_POST['bulk_delete_documents'])) {
|
||||
// Delete all versions associated with the master document
|
||||
mysqli_query($mysqli,"DELETE FROM documents WHERE document_parent = $document_id");
|
||||
|
||||
// Remove Associations
|
||||
// File Association
|
||||
mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
|
||||
|
||||
// Contact Associations
|
||||
mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
|
||||
|
||||
// Asset Associations
|
||||
mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
|
||||
|
||||
// Software Associations
|
||||
mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
|
||||
|
||||
// Vendor Associations
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
|
||||
|
||||
// Service Associations
|
||||
mysqli_query($mysqli,"DELETE FROM service_documents WHERE document_id = $document_id");
|
||||
|
||||
//Logging
|
||||
logAction("Document", "Delete", "$session_name deleted document $document_name and all versions", $client_id);
|
||||
|
||||
@@ -756,5 +699,3 @@ if (isset($_POST['bulk_delete_documents'])) {
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -206,8 +206,6 @@ if (isset($_GET['delete_domain'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM domains WHERE domain_id = $domain_id");
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM domain_history WHERE domain_history_domain_id = $domain_id");#
|
||||
|
||||
// Logging
|
||||
logAction("Domain", "Delete", "$session_name deleted domain $domain_name", $client_id);
|
||||
|
||||
|
||||
@@ -46,7 +46,7 @@ if (isset($_POST['add_event'])) {
|
||||
require_once 'post/user/event_model.php';
|
||||
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO events SET event_title = '$title', event_location = '$location', event_description = '$description', event_start = '$start', event_end = '$end', event_repeat = '$repeat', event_calendar_id = $calendar_id, event_client_id = $client");
|
||||
mysqli_query($mysqli,"INSERT INTO calendar_events SET event_title = '$title', event_location = '$location', event_description = '$description', event_start = '$start', event_end = '$end', event_repeat = '$repeat', event_calendar_id = $calendar_id, event_client_id = $client");
|
||||
|
||||
$event_id = mysqli_insert_id($mysqli);
|
||||
|
||||
@@ -121,7 +121,7 @@ if (isset($_POST['edit_event'])) {
|
||||
|
||||
$event_id = intval($_POST['event_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE events SET event_title = '$title', event_location = '$location', event_description = '$description', event_start = '$start', event_end = '$end', event_repeat = '$repeat', event_calendar_id = $calendar_id, event_client_id = $client WHERE event_id = $event_id");
|
||||
mysqli_query($mysqli,"UPDATE calendar_events SET event_title = '$title', event_location = '$location', event_description = '$description', event_start = '$start', event_end = '$end', event_repeat = '$repeat', event_calendar_id = $calendar_id, event_client_id = $client WHERE event_id = $event_id");
|
||||
|
||||
//If email is checked
|
||||
if ($email_event == 1) {
|
||||
@@ -187,12 +187,12 @@ if (isset($_GET['delete_event'])) {
|
||||
$event_id = intval($_GET['delete_event']);
|
||||
|
||||
// Get Event Title
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM events WHERE event_id = $event_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM calendar_events WHERE event_id = $event_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$event_title = sanitizeInput($row['event_title']);
|
||||
$client_id = intval($row['event_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM events WHERE event_id = $event_id");
|
||||
mysqli_query($mysqli,"DELETE FROM calendar_events WHERE event_id = $event_id");
|
||||
|
||||
// Logging
|
||||
logAction("Calendar Event", "Delete", "$session_name deleted calendar event $event_title", $client_id);
|
||||
|
||||
@@ -70,8 +70,7 @@ if (isset($_POST['upload_files'])) {
|
||||
file_reference_name = '$file_reference_name',
|
||||
file_name = '$file_name',
|
||||
file_description = '$description',
|
||||
file_ext = '$file_extension',
|
||||
file_hash = '$file_hash',
|
||||
file_ext = '$file_extension',
|
||||
file_mime_type = '$file_mime_type',
|
||||
file_size = $file_size,
|
||||
file_created_by = $session_user_id,
|
||||
@@ -316,8 +315,6 @@ if (isset($_POST['delete_file'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM files WHERE file_id = $file_id");
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM quote_files WHERE file_id = $file_id");
|
||||
|
||||
//Logging
|
||||
logAction("File", "Delete", "$session_name deleted file $file_name", $client_id);
|
||||
|
||||
|
||||
@@ -141,7 +141,7 @@ if (isset($_POST['add_invoice_copy'])) {
|
||||
if (isset($_POST['add_invoice_recurring'])) {
|
||||
|
||||
$invoice_id = intval($_POST['invoice_id']);
|
||||
$recurring_frequency = sanitizeInput($_POST['frequency']);
|
||||
$recurring_invoice_frequency = sanitizeInput($_POST['frequency']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
@@ -155,16 +155,16 @@ if (isset($_POST['add_invoice_recurring'])) {
|
||||
$client_id = intval($row['invoice_client_id']);
|
||||
$category_id = intval($row['invoice_category_id']);
|
||||
|
||||
//Get the last Recurring Number and add 1 for the new Recurring number
|
||||
$recurring_number = $config_recurring_next_number;
|
||||
$new_config_recurring_next_number = $config_recurring_next_number + 1;
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_recurring_next_number = $new_config_recurring_next_number WHERE company_id = 1");
|
||||
//Get the last Recurring Invoice Number and add 1 for the new Recurring Invoice number
|
||||
$recurring_invoice_number = $config_recurring_invoice_next_number;
|
||||
$new_config_recurring_invoice_next_number = $config_recurring_invoice_next_number + 1;
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_recurring_invoice_next_number = $new_config_recurring_invoice_next_number WHERE company_id = 1");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO recurring SET recurring_prefix = '$config_recurring_prefix', recurring_number = $recurring_number, recurring_scope = '$invoice_scope', recurring_frequency = '$recurring_frequency', recurring_next_date = DATE_ADD('$invoice_date', INTERVAL 1 $recurring_frequency), recurring_status = 1, recurring_amount = $invoice_amount, recurring_currency_code = '$invoice_currency_code', recurring_note = '$invoice_note', recurring_category_id = $category_id, recurring_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO recurring_invoices SET recurring_invoice_prefix = '$config_recurring_invoice_prefix', recurring_invoice_number = $recurring_invoice_number, recurring_invoice_scope = '$invoice_scope', recurring_invoice_frequency = '$recurring_invoice_frequency', recurring_invoice_next_date = DATE_ADD('$invoice_date', INTERVAL 1 $recurring_invoice_frequency), recurring_invoice_status = 1, recurring_invoice_amount = $invoice_amount, recurring_invoice_currency_code = '$invoice_currency_code', recurring_invoice_note = '$invoice_note', recurring_invoice_category_id = $category_id, recurring_invoice_client_id = $client_id");
|
||||
|
||||
$recurring_id = mysqli_insert_id($mysqli);
|
||||
$recurring_invoice_id = mysqli_insert_id($mysqli);
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Recurring Created from INVOICE!', history_recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Recurring Invoice Created from INVOICE!', history_recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
$sql_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id");
|
||||
while($row = mysqli_fetch_array($sql_items)) {
|
||||
@@ -179,19 +179,19 @@ if (isset($_POST['add_invoice_recurring'])) {
|
||||
$item_order = intval($row['item_order']);
|
||||
$tax_id = intval($row['item_tax_id']);
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = $item_price, item_subtotal = $item_subtotal, item_tax = $item_tax, item_total = $item_total, item_order = $item_order, item_tax_id = $tax_id, item_recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = $item_price, item_subtotal = $item_subtotal, item_tax = $item_tax, item_total = $item_total, item_order = $item_order, item_tax_id = $tax_id, item_recurring_invoice_id = $recurring_invoice_id");
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Create", "$session_name created recurring Invoice from Invoice $invoice_prefix$invoice_number", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Create", "$session_name created recurring Invoice from Invoice $invoice_prefix$invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Created recurring Invoice from Invoice <strong>$invoice_prefix$invoice_number</strong>";
|
||||
|
||||
header("Location: recurring_invoice.php?recurring_id=$recurring_id");
|
||||
header("Location: recurring_invoice.php?recurring_invoice_id=$recurring_invoice_id");
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['add_recurring'])) {
|
||||
if (isset($_POST['add_recurring_invoice'])) {
|
||||
|
||||
$client_id = intval($_POST['client']);
|
||||
$frequency = sanitizeInput($_POST['frequency']);
|
||||
@@ -200,57 +200,57 @@ if (isset($_POST['add_recurring'])) {
|
||||
$scope = sanitizeInput($_POST['scope']);
|
||||
|
||||
//Get the last Recurring Number and add 1 for the new Recurring number
|
||||
$recurring_number = $config_recurring_next_number;
|
||||
$new_config_recurring_next_number = $config_recurring_next_number + 1;
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_recurring_next_number = $new_config_recurring_next_number WHERE company_id = 1");
|
||||
$recurring_invoice_number = $config_recurring_invoice_next_number;
|
||||
$new_config_recurring_invoice_next_number = $config_recurring_invoice_next_number + 1;
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_recurring_invoice_next_number = $new_config_recurring_invoice_next_number WHERE company_id = 1");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO recurring SET recurring_prefix = '$config_recurring_prefix', recurring_number = $recurring_number, recurring_scope = '$scope', recurring_frequency = '$frequency', recurring_next_date = '$start_date', recurring_category_id = $category, recurring_status = 1, recurring_currency_code = '$session_company_currency', recurring_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO recurring_invoices SET recurring_invoice_prefix = '$config_recurring_invoice_prefix', recurring_invoice_number = $recurring_invoice_number, recurring_invoice_scope = '$scope', recurring_invoice_frequency = '$frequency', recurring_invoice_next_date = '$start_date', recurring_invoice_category_id = $category, recurring_invoice_status = 1, recurring_invoice_currency_code = '$session_company_currency', recurring_invoice_client_id = $client_id");
|
||||
|
||||
$recurring_id = mysqli_insert_id($mysqli);
|
||||
$recurring_invoice_id = mysqli_insert_id($mysqli);
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Active', history_description = 'Recurring Invoice created', history_recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Active', history_description = 'Recurring Invoice created', history_recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
//Logging
|
||||
logAction("Recurring Invoice", "Create", "$session_name created recurring invoice $config_recurring_prefix$recurring_number - $scope", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Create", "$session_name created recurring invoice $config_recurring_invoice_prefix$recurring_invoice_number - $scope", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Recurring Invoice <strong>$config_recurring_prefix$recurring_number</strong> created";
|
||||
$_SESSION['alert_message'] = "Recurring Invoice <strong>$config_recurring_invoice_prefix$recurring_invoice_number</strong> created";
|
||||
|
||||
header("Location: recurring_invoice.php?recurring_id=$recurring_id");
|
||||
header("Location: recurring_invoice.php?recurring_invoice_id=$recurring_invoice_id");
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['edit_recurring'])) {
|
||||
if (isset($_POST['edit_recurring_invoice'])) {
|
||||
|
||||
$recurring_id = intval($_POST['recurring_id']);
|
||||
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
|
||||
$frequency = sanitizeInput($_POST['frequency']);
|
||||
$next_date = sanitizeInput($_POST['next_date']);
|
||||
$category = intval($_POST['category']);
|
||||
$scope = sanitizeInput($_POST['scope']);
|
||||
$status = intval($_POST['status']);
|
||||
$recurring_discount = floatval($_POST['recurring_discount']);
|
||||
$recurring_invoice_discount = floatval($_POST['recurring_invoice_discount']);
|
||||
|
||||
// Get Recurring Invoice Details and Client ID for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_prefix, recurring_number, recurring_client_id FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_invoice_prefix, recurring_invoice_number, recurring_invoice_client_id FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
//Calculate new total
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$recurring_amount = 0;
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
$recurring_invoice_amount = 0;
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$item_total = floatval($row['item_total']);
|
||||
$recurring_amount = $recurring_amount + $item_total;
|
||||
$recurring_invoice_amount = $recurring_invoice_amount + $item_total;
|
||||
}
|
||||
$recurring_amount = $recurring_amount - $recurring_discount;
|
||||
$recurring_invoice_amount = $recurring_invoice_amount - $recurring_invoice_discount;
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_scope = '$scope', recurring_frequency = '$frequency', recurring_next_date = '$next_date', recurring_category_id = $category, recurring_discount_amount = $recurring_discount, recurring_amount = $recurring_amount, recurring_status = $status WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_scope = '$scope', recurring_invoice_frequency = '$frequency', recurring_invoice_next_date = '$next_date', recurring_invoice_category_id = $category, recurring_invoice_discount_amount = $recurring_invoice_discount, recurring_invoice_amount = $recurring_invoice_amount, recurring_invoice_status = $status WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = '$status', history_description = 'Recurring Invoice edited', history_recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = '$status', history_description = 'Recurring Invoice edited', history_recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Edit", "$session_name edited recurring invoice $recurring_invoice_prefix$recurring_invoice_number - $scope", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Edit", "$session_name edited recurring invoice $recurring_invoice_prefix$recurring_invoice_number - $scope", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Recurring Invoice <strong>$recurring_invoice_prefix$recurring_invoice_number</strong> edited";
|
||||
|
||||
@@ -258,28 +258,28 @@ if (isset($_POST['edit_recurring'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_GET['delete_recurring'])) {
|
||||
$recurring_id = intval($_GET['delete_recurring']);
|
||||
if (isset($_GET['delete_recurring_invoice'])) {
|
||||
$recurring_invoice_id = intval($_GET['delete_recurring_invoice']);
|
||||
|
||||
// Get Recurring Invoice Details and Client ID for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_prefix, recurring_number, recurring_scope, recurring_client_id FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_invoice_prefix, recurring_invoice_number, recurring_invoice_scope, recurring_invoice_client_id FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$recurring_invoice_scope = sanitizeInput($row['recurring_scope']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$recurring_invoice_scope = sanitizeInput($row['recurring_invoice_scope']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM recurring WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"DELETE FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
//Delete Items Associated with the Recurring
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$item_id = intval($row['item_id']);
|
||||
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_id = $item_id");
|
||||
}
|
||||
|
||||
//Delete History Associated with the Invoice
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM history WHERE history_recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM history WHERE history_recurring_invoice_id = $recurring_invoice_id");
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$history_id = intval($row['history_id']);
|
||||
mysqli_query($mysqli,"DELETE FROM history WHERE history_id = $history_id");
|
||||
@@ -295,9 +295,9 @@ if (isset($_GET['delete_recurring'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['add_recurring_item'])) {
|
||||
if (isset($_POST['add_recurring_invoice_item'])) {
|
||||
|
||||
$recurring_id = intval($_POST['recurring_id']);
|
||||
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
|
||||
$name = sanitizeInput($_POST['name']);
|
||||
$description = sanitizeInput($_POST['description']);
|
||||
$qty = floatval($_POST['qty']);
|
||||
@@ -318,29 +318,29 @@ if (isset($_POST['add_recurring_item'])) {
|
||||
|
||||
$total = $subtotal + $tax_amount;
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id, item_order = $item_order, item_recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id, item_order = $item_order, item_recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_discount = floatval($row['recurring_discount_amount']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_discount = floatval($row['recurring_invoice_discount_amount']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
//add up all the items
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$recurring_amount = 0;
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
$recurring_invoice_amount = 0;
|
||||
while($row = mysqli_fetch_array($sql)) {
|
||||
$item_total = floatval($row['item_total']);
|
||||
$recurring_amount = $recurring_amount + $item_total;
|
||||
$recurring_invoice_amount = $recurring_invoice_amount + $item_total;
|
||||
}
|
||||
$recurring_amount = $recurring_amount - $recurring_discount;
|
||||
$recurring_invoice_amount = $recurring_invoice_amount - $recurring_invoice_discount;
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = $recurring_amount WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $recurring_invoice_amount WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Edit", "$session_name added item $name to recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Edit", "$session_name added item $name to recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Item <srrong>$name</strong> added to Recurring Invoice";
|
||||
|
||||
@@ -348,22 +348,22 @@ if (isset($_POST['add_recurring_item'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['recurring_note'])) {
|
||||
if (isset($_POST['recurring_invoice_note'])) {
|
||||
|
||||
$recurring_id = intval($_POST['recurring_id']);
|
||||
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
|
||||
$note = sanitizeInput($_POST['note']);
|
||||
|
||||
// Get Recurring details for logging
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_prefix, recurring_number, recurring_client_id FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT recurring_invoice_prefix, recurring_invoice_number, recurring_invoice_client_id FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_note = '$note' WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_note = '$note' WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Edit", "$session_name added note to recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Edit", "$session_name added note to recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Notes added";
|
||||
|
||||
@@ -371,26 +371,26 @@ if (isset($_POST['recurring_note'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_GET['delete_recurring_item'])) {
|
||||
$item_id = intval($_GET['delete_recurring_item']);
|
||||
if (isset($_GET['delete_recurring_invoice_item'])) {
|
||||
$item_id = intval($_GET['delete_recurring_invoice_item']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_id = $item_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_id = intval($row['item_recurring_id']);
|
||||
$recurring_invoice_id = intval($row['item_recurring_invoice_id']);
|
||||
$item_name = sanitizeInput($row['item_name']);
|
||||
$item_subtotal = floatval($row['item_subtotal']);
|
||||
$item_tax = floatval($row['item_tax']);
|
||||
$item_total = floatval($row['item_total']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
$new_recurring_amount = floatval($row['recurring_amount']) - $item_total;
|
||||
$new_recurring_invoice_amount = floatval($row['recurring_invoice_amount']) - $item_total;
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = $new_recurring_amount WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $new_recurring_invoice_amount WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_id = $item_id");
|
||||
|
||||
@@ -622,11 +622,11 @@ if (isset($_POST['edit_item'])) {
|
||||
mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = $price, item_subtotal = $subtotal, item_tax = $tax_amount, item_total = $total, item_tax_id = $tax_id WHERE item_id = $item_id");
|
||||
|
||||
// Determine what type of line item
|
||||
$sql = mysqli_query($mysqli,"SELECT item_invoice_id, item_quote_id, item_recurring_id FROM invoice_items WHERE item_id = $item_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT item_invoice_id, item_quote_id, item_recurring_invoice_id FROM invoice_items WHERE item_id = $item_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$invoice_id = intval($row['item_invoice_id']);
|
||||
$quote_id = intval($row['item_quote_id']);
|
||||
$recurring_id = intval($row['item_recurring_id']);
|
||||
$recurring_invoice_id = intval($row['item_recurring_invoice_id']);
|
||||
|
||||
if ($invoice_id > 0) {
|
||||
//Get Discount Amount
|
||||
@@ -668,22 +668,22 @@ if (isset($_POST['edit_item'])) {
|
||||
|
||||
} else {
|
||||
//Get Discount Amount
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_discount = floatval($row['recurring_discount_amount']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
$recurring_invoice_discount = floatval($row['recurring_invoice_discount_amount']);
|
||||
|
||||
//Update Invoice Balances by tallying up invoice items
|
||||
$sql_recurring_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_total FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$row = mysqli_fetch_array($sql_recurring_total);
|
||||
$new_recurring_amount = floatval($row['recurring_total']) - $recurring_discount;
|
||||
$sql_recurring_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_invoice_total FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql_recurring_invoice_total);
|
||||
$new_recurring_invoice_amount = floatval($row['recurring_invoice_total']) - $recurring_invoice_discount;
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = $new_recurring_amount WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $new_recurring_invoice_amount WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Edit", "$session_name edited item $name on recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Edit", "$session_name edited item $name on recurring invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
}
|
||||
|
||||
@@ -1386,29 +1386,29 @@ if (isset($_GET['email_invoice'])) {
|
||||
|
||||
if (isset($_POST['add_recurring_payment'])) {
|
||||
|
||||
$recurring_id = intval($_POST['recurring_id']);
|
||||
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
|
||||
$account = intval($_POST['account']);
|
||||
$currency_code = sanitizeInput($_POST['currency_code']);
|
||||
$payment_method = sanitizeInput($_POST['payment_method']);
|
||||
|
||||
// Get Recurring Info for logging and alerting
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_number = intval($row['recurring_number']);
|
||||
$recurring_amount = floatval($row['recurring_amount']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$recurring_invoice_amount = floatval($row['recurring_invoice_amount']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO recurring_payments SET recurring_payment_currency_code = '$currency_code', recurring_payment_account_id = $account, recurring_payment_method = '$payment_method', recurring_payment_recurring_invoice_id = $recurring_id");
|
||||
mysqli_query($mysqli,"INSERT INTO recurring_payments SET recurring_payment_currency_code = '$currency_code', recurring_payment_account_id = $account, recurring_payment_method = '$payment_method', recurring_payment_recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Get Payment ID for reference
|
||||
$recurring_payment_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Auto Payment", "$session_name created Auto Pay for Recurring Invoice $recurring_prefix$recurring_number in the amount of " . numfmt_format_currency($currency_format, $recurring_amount, $currency_code), $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Auto Payment", "$session_name created Auto Pay for Recurring Invoice $recurring_invoice_prefix$recurring_invoice_number in the amount of " . numfmt_format_currency($currency_format, $recurring_invoice_amount, $currency_code), $client_id, $recurring_invoice_id);
|
||||
|
||||
|
||||
$_SESSION['alert_message'] = "Automatic Payment created for <strong>$recurring_prefix$recurring_number</strong>";
|
||||
$_SESSION['alert_message'] = "Automatic Payment created for <strong>$recurring_invoice_prefix$recurring_invoice_number</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
@@ -1421,42 +1421,42 @@ if (isset($_GET['delete_recurring_payment'])) {
|
||||
$recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']);
|
||||
|
||||
// Get the invoice total and details
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_invoice_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM recurring_payments WHERE recurring_payment_id = $recurring_payment_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Auto Payment", "$session_name removed auto Pay from Recurring Invoice $recurring_prefix$recurring_number", $client_id, $recurring_invoice_id);
|
||||
logAction("Recurring Invoice", "Auto Payment", "$session_name removed auto Pay from Recurring Invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Auto Payment Removed for Recurring Invoice <strong>$recurring_prefix$recurring_number</strong>";
|
||||
$_SESSION['alert_message'] = "Auto Payment Removed for Recurring Invoice <strong>$recurring_invoice_prefix$recurring_invoice_number</strong>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_GET['force_recurring'])) {
|
||||
$recurring_id = intval($_GET['force_recurring']);
|
||||
$recurring_invoice_id = intval($_GET['force_recurring']);
|
||||
|
||||
$sql_recurring = mysqli_query($mysqli,"SELECT * FROM recurring, clients WHERE client_id = recurring_client_id AND recurring_id = $recurring_id");
|
||||
$sql_recurring_invoices = mysqli_query($mysqli,"SELECT * FROM recurring_invoices, clients WHERE client_id = recurring_invoice_client_id AND recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
$row = mysqli_fetch_array($sql_recurring);
|
||||
$recurring_id = intval($row['recurring_id']);
|
||||
$recurring_scope = sanitizeInput($row['recurring_scope']);
|
||||
$recurring_frequency = sanitizeInput($row['recurring_frequency']);
|
||||
$recurring_status = sanitizeInput($row['recurring_status']);
|
||||
$recurring_last_sent = sanitizeInput($row['recurring_last_sent']);
|
||||
$recurring_next_date = sanitizeInput($row['recurring_next_date']);
|
||||
$recurring_discount_amount = floatval($row['recurring_discount_amount']);
|
||||
$recurring_amount = floatval($row['recurring_amount']);
|
||||
$recurring_currency_code = sanitizeInput($row['recurring_currency_code']);
|
||||
$recurring_note = sanitizeInput($row['recurring_note']);
|
||||
$category_id = intval($row['recurring_category_id']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$row = mysqli_fetch_array($sql_recurring_invoices);
|
||||
$recurring_invoice_id = intval($row['recurring_invoice_id']);
|
||||
$recurring_invoice_scope = sanitizeInput($row['recurring_invoice_scope']);
|
||||
$recurring_invoice_frequency = sanitizeInput($row['recurring_invoice_frequency']);
|
||||
$recurring_invoice_status = sanitizeInput($row['recurring_invoice_status']);
|
||||
$recurring_invoice_last_sent = sanitizeInput($row['recurring_invoice_last_sent']);
|
||||
$recurring_invoice_next_date = sanitizeInput($row['recurring_invoice_next_date']);
|
||||
$recurring_invoice_discount_amount = floatval($row['recurring_invoice_discount_amount']);
|
||||
$recurring_invoice_amount = floatval($row['recurring_invoice_amount']);
|
||||
$recurring_invoice_currency_code = sanitizeInput($row['recurring_invoice_currency_code']);
|
||||
$recurring_invoice_note = sanitizeInput($row['recurring_invoice_note']);
|
||||
$category_id = intval($row['recurring_invoice_category_id']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
$client_net_terms = intval($row['client_net_terms']);
|
||||
|
||||
//Get the last Invoice Number and add 1 for the new invoice number
|
||||
@@ -1467,12 +1467,12 @@ if (isset($_GET['force_recurring'])) {
|
||||
//Generate a unique URL key for clients to access
|
||||
$url_key = randomString(156);
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_discount_amount = $recurring_discount_amount, invoice_amount = $recurring_amount, invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_client_id = $client_id");
|
||||
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_invoice_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_discount_amount = $recurring_invoice_discount_amount, invoice_amount = $recurring_invoice_amount, invoice_currency_code = '$recurring_invoice_currency_code', invoice_note = '$recurring_invoice_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_recurring_invoice_id = $recurring_invoice_id, invoice_client_id = $client_id");
|
||||
|
||||
$new_invoice_id = mysqli_insert_id($mysqli);
|
||||
|
||||
//Copy Items from original invoice to new invoice
|
||||
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC");
|
||||
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id ORDER BY item_id ASC");
|
||||
|
||||
while($row = mysqli_fetch_array($sql_invoice_items)) {
|
||||
$item_id = intval($row['item_id']);
|
||||
@@ -1505,16 +1505,16 @@ if (isset($_GET['force_recurring'])) {
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_invoice_id = $new_invoice_id");
|
||||
|
||||
//Update Recurring Balances by tallying up recurring items also update recurring dates
|
||||
$sql_recurring_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_total FROM invoice_items WHERE item_recurring_id = $recurring_id");
|
||||
$row = mysqli_fetch_array($sql_recurring_total);
|
||||
$new_recurring_amount = floatval($row['recurring_total']) - $recurring_discount_amount;
|
||||
$sql_recurring_invoice_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS recurring_invoice_total FROM invoice_items WHERE item_recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql_recurring_invoice_total);
|
||||
$new_recurring_invoice_amount = floatval($row['recurring_invoice_total']) - $recurring_invoice_discount_amount;
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = $new_recurring_amount, recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency) WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_amount = $new_recurring_invoice_amount, recurring_invoice_last_sent = CURDATE(), recurring_invoice_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_invoice_frequency) WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
//Also update the newly created invoice with the new amounts
|
||||
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = $new_recurring_amount WHERE invoice_id = $new_invoice_id");
|
||||
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = $new_recurring_invoice_amount WHERE invoice_id = $new_invoice_id");
|
||||
|
||||
if ($config_recurring_auto_send_invoice == 1) {
|
||||
if ($config_recurring_invoice_auto_send_invoice == 1) {
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM invoices
|
||||
LEFT JOIN clients ON invoice_client_id = client_id
|
||||
LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1
|
||||
@@ -1654,7 +1654,7 @@ if (isset($_POST['export_invoices_csv'])) {
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['export_client_recurring_csv'])) {
|
||||
if (isset($_POST['export_client_recurring_invoice_csv'])) {
|
||||
$client_id = intval($_POST['client_id']);
|
||||
|
||||
//get records from database
|
||||
@@ -1663,7 +1663,7 @@ if (isset($_POST['export_client_recurring_csv'])) {
|
||||
|
||||
$client_name = $row['client_name'];
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_client_id = $client_id ORDER BY recurring_number ASC");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id ORDER BY recurring_invoice_number ASC");
|
||||
|
||||
$num_rows = mysqli_num_rows($sql);
|
||||
|
||||
@@ -1680,7 +1680,7 @@ if (isset($_POST['export_client_recurring_csv'])) {
|
||||
|
||||
//output each row of the data, format line as csv and write to file pointer
|
||||
while($row = $sql->fetch_assoc()) {
|
||||
$lineData = array($row['recurring_prefix'] . $row['recurring_number'], $row['recurring_scope'], $row['recurring_amount'], ucwords($row['recurring_frequency'] . "ly"), $row['recurring_created_at']);
|
||||
$lineData = array($row['recurring_invoice_prefix'] . $row['recurring_invoice_number'], $row['recurring_invoice_scope'], $row['recurring_invoice_amount'], ucwords($row['recurring_invoice_frequency'] . "ly"), $row['recurring_invoice_created_at']);
|
||||
fputcsv($f, $lineData, $delimiter);
|
||||
}
|
||||
|
||||
@@ -1751,15 +1751,15 @@ if (isset($_POST['export_payments_csv'])) {
|
||||
|
||||
if (isset($_GET['recurring_invoice_email_notify'])) {
|
||||
$recurring_invoice_email_notify = intval($_GET['recurring_invoice_email_notify']);
|
||||
$recurring_id = intval($_GET['recurring_id']);
|
||||
$recurring_invoice_id = intval($_GET['recurring_invoice_id']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_number']);
|
||||
$client_id = intval($row['recurring_client_id']);
|
||||
$recurring_invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
|
||||
$recurring_invoice_number = intval($row['recurring_invoice_number']);
|
||||
$client_id = intval($row['recurring_invoice_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE recurring SET recurring_invoice_email_notify = $recurring_invoice_email_notify WHERE recurring_id = $recurring_id");
|
||||
mysqli_query($mysqli,"UPDATE recurring_invoices SET recurring_invoice_email_notify = $recurring_invoice_email_notify WHERE recurring_invoice_id = $recurring_invoice_id");
|
||||
|
||||
// Wording
|
||||
if ($recurring_invoice_email_notify) {
|
||||
@@ -1769,7 +1769,7 @@ if (isset($_GET['recurring_invoice_email_notify'])) {
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Invoice", "Edit", "$session_name turned $notify_wording Email Notifications for Recurring Invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_id);
|
||||
logAction("Recurring Invoice", "Edit", "$session_name turned $notify_wording Email Notifications for Recurring Invoice $recurring_invoice_prefix$recurring_invoice_number", $client_id, $recurring_invoice_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Email Notifications <strong>$notify_wording</strong>";
|
||||
|
||||
@@ -185,10 +185,6 @@ if(isset($_GET['delete_location'])){
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM locations WHERE location_id = $location_id");
|
||||
|
||||
// Tags
|
||||
// Delete existing tags
|
||||
mysqli_query($mysqli, "DELETE FROM location_tags WHERE location_id = $location_id");
|
||||
|
||||
// Logging
|
||||
logAction("Location", "Delete", "$session_name deleted location $location_name", $client_id);
|
||||
|
||||
@@ -416,7 +412,7 @@ if(isset($_POST['export_locations_csv'])){
|
||||
|
||||
}
|
||||
|
||||
if(isset($_POST["import_locations_csv"])){
|
||||
if (isset($_POST["import_locations_csv"])) {
|
||||
|
||||
enforceUserPermission('module_client', 2);
|
||||
|
||||
|
||||
@@ -53,10 +53,10 @@ if (isset($_POST['add_service'])) {
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST['logins'])) {
|
||||
foreach($_POST['logins'] as $login_id) {
|
||||
$login_id = intval($login_id);
|
||||
mysqli_query($mysqli, "INSERT INTO service_logins SET service_id = $service_id, login_id = $login_id");
|
||||
if (isset($_POST['credentials'])) {
|
||||
foreach($_POST['credentials'] as $credential_id) {
|
||||
$credential_id = intval($credential_id);
|
||||
mysqli_query($mysqli, "INSERT INTO service_credentials SET service_id = $service_id, credential_id = $credential_id");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -104,7 +104,7 @@ if (isset($_POST['edit_service'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM service_vendors WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_documents WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_assets WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_logins WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_credentials WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_domains WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_certificates WHERE service_id = $service_id");
|
||||
|
||||
@@ -137,10 +137,10 @@ if (isset($_POST['edit_service'])) {
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST['logins'])) {
|
||||
foreach($_POST['logins'] as $login_id) {
|
||||
$login_id = intval($login_id);
|
||||
mysqli_query($mysqli, "INSERT INTO service_logins SET service_id = $service_id, login_id = $login_id");
|
||||
if (isset($_POST['credentials'])) {
|
||||
foreach($_POST['credentials'] as $credential_id) {
|
||||
$credential_id = intval($credential_id);
|
||||
mysqli_query($mysqli, "INSERT INTO service_credentials SET service_id = $service_id, credential_id = $credential_id");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -183,16 +183,6 @@ if (isset($_GET['delete_service'])) {
|
||||
// Delete service
|
||||
mysqli_query($mysqli, "DELETE FROM services WHERE service_id = $service_id");
|
||||
|
||||
// Delete relations
|
||||
// TODO: Convert this to a join delete
|
||||
mysqli_query($mysqli, "DELETE FROM service_contacts WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_vendors WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_documents WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_assets WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_logins WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_domains WHERE service_id = $service_id");
|
||||
mysqli_query($mysqli, "DELETE FROM service_certificates WHERE service_id = $service_id");
|
||||
|
||||
// Logging
|
||||
logAction("Service", "Delete", "$session_name deleted service $service_name", $client_id);
|
||||
|
||||
|
||||
@@ -201,10 +201,6 @@ if (isset($_GET['delete_software'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM software WHERE software_id = $software_id");
|
||||
|
||||
// Remove Software Relations
|
||||
mysqli_query($mysqli,"DELETE FROM software_contacts WHERE software_id = $software_id");
|
||||
mysqli_query($mysqli,"DELETE FROM software_assets WHERE software_id = $software_id");
|
||||
|
||||
//Logging
|
||||
logAction("Software", "Delete", "$session_name deleted software $software_name and removed all device/user license associations", $client_id);
|
||||
|
||||
|
||||
@@ -81,6 +81,14 @@ if (isset($_POST['add_ticket'])) {
|
||||
}
|
||||
}
|
||||
|
||||
// Add Additional Assets
|
||||
if (isset($_POST['additional_assets'])) {
|
||||
foreach ($_POST['additional_assets'] as $additional_asset) {
|
||||
$additional_asset_id = intval($additional_asset);
|
||||
mysqli_query($mysqli, "INSERT INTO ticket_assets SET ticket_id = $ticket_id, asset_id = $additional_asset_id");
|
||||
}
|
||||
}
|
||||
|
||||
// E-mail client
|
||||
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) {
|
||||
|
||||
@@ -188,6 +196,15 @@ if (isset($_POST['edit_ticket'])) {
|
||||
|
||||
mysqli_query($mysqli, "UPDATE tickets SET ticket_category = $category_id, ticket_subject = '$ticket_subject', ticket_priority = '$ticket_priority', ticket_billable = $billable, ticket_details = '$details', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_contact_id = $contact_id, ticket_vendor_id = $vendor_id, ticket_location_id = $location_id, ticket_asset_id = $asset_id, ticket_project_id = $project_id WHERE ticket_id = $ticket_id");
|
||||
|
||||
// Add Additional Assets
|
||||
if (isset($_POST['additional_assets'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM ticket_assets WHERE ticket_id = $ticket_id");
|
||||
foreach ($_POST['additional_assets'] as $additional_asset) {
|
||||
$additional_asset_id = intval($additional_asset);
|
||||
mysqli_query($mysqli, "INSERT INTO ticket_assets SET ticket_id = $ticket_id, asset_id = $additional_asset_id");
|
||||
}
|
||||
}
|
||||
|
||||
// Get contact/ticket details after update for logging / email purposes
|
||||
$sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_category, ticket_details, ticket_status_name, ticket_created_by, ticket_assigned_to, ticket_client_id FROM tickets
|
||||
LEFT JOIN clients ON ticket_client_id = client_id
|
||||
@@ -2049,12 +2066,20 @@ if (isset($_POST['add_recurring_ticket'])) {
|
||||
|
||||
$start_date = sanitizeInput($_POST['start_date']);
|
||||
|
||||
mysqli_query($mysqli, "INSERT INTO scheduled_tickets SET scheduled_ticket_subject = '$subject', scheduled_ticket_details = '$details', scheduled_ticket_priority = '$priority', scheduled_ticket_frequency = '$frequency', scheduled_ticket_billable = $billable, scheduled_ticket_start_date = '$start_date', scheduled_ticket_next_run = '$start_date', scheduled_ticket_assigned_to = $assigned_to, scheduled_ticket_created_by = $session_user_id, scheduled_ticket_client_id = $client_id, scheduled_ticket_contact_id = $contact_id, scheduled_ticket_asset_id = $asset_id");
|
||||
mysqli_query($mysqli, "INSERT INTO recurring_tickets SET recurring_ticket_subject = '$subject', recurring_ticket_details = '$details', recurring_ticket_priority = '$priority', recurring_ticket_frequency = '$frequency', recurring_ticket_billable = $billable, recurring_ticket_start_date = '$start_date', recurring_ticket_next_run = '$start_date', recurring_ticket_assigned_to = $assigned_to, recurring_ticket_created_by = $session_user_id, recurring_ticket_client_id = $client_id, recurring_ticket_contact_id = $contact_id, recurring_ticket_asset_id = $asset_id");
|
||||
|
||||
$scheduled_ticket_id = mysqli_insert_id($mysqli);
|
||||
$recurring_ticket_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Add Additional Assets
|
||||
if (isset($_POST['additional_assets'])) {
|
||||
foreach ($_POST['additional_assets'] as $additional_asset) {
|
||||
$additional_asset_id = intval($additional_asset);
|
||||
mysqli_query($mysqli, "INSERT INTO recurring_ticket_assets SET recurring_ticket_id = $recurring_ticket_id, asset_id = $additional_asset_id");
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Ticket", "Create", "$session_name created recurring ticket for $subject - $frequency", $client_id, $scheduled_ticket_id);
|
||||
logAction("Recurring Ticket", "Create", "$session_name created recurring ticket for $subject - $frequency", $client_id, $recurring_ticket_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Recurring ticket <strong>$subject - $frequency</strong> created";
|
||||
|
||||
@@ -2067,13 +2092,22 @@ if (isset($_POST['edit_recurring_ticket'])) {
|
||||
|
||||
require_once 'post/user/ticket_recurring_model.php';
|
||||
|
||||
$scheduled_ticket_id = intval($_POST['scheduled_ticket_id']);
|
||||
$recurring_ticket_id = intval($_POST['recurring_ticket_id']);
|
||||
$next_run_date = sanitizeInput($_POST['next_date']);
|
||||
|
||||
mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_subject = '$subject', scheduled_ticket_details = '$details', scheduled_ticket_priority = '$priority', scheduled_ticket_frequency = '$frequency', scheduled_ticket_billable = $billable, scheduled_ticket_next_run = '$next_run_date', scheduled_ticket_assigned_to = $assigned_to, scheduled_ticket_asset_id = $asset_id, scheduled_ticket_contact_id = $contact_id WHERE scheduled_ticket_id = $scheduled_ticket_id");
|
||||
mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_subject = '$subject', recurring_ticket_details = '$details', recurring_ticket_priority = '$priority', recurring_ticket_frequency = '$frequency', recurring_ticket_billable = $billable, recurring_ticket_next_run = '$next_run_date', recurring_ticket_assigned_to = $assigned_to, recurring_ticket_asset_id = $asset_id, recurring_ticket_contact_id = $contact_id WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
// Add Additional Assets
|
||||
if (isset($_POST['additional_assets'])) {
|
||||
mysqli_query($mysqli, "DELETE FROM recurring_ticket_assets WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
foreach ($_POST['additional_assets'] as $additional_asset) {
|
||||
$additional_asset_id = intval($additional_asset);
|
||||
mysqli_query($mysqli, "INSERT INTO recurring_ticket_assets SET recurring_ticket_id = $recurring_ticket_id, asset_id = $additional_asset_id");
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Ticket", "Edit", "$session_name edited recurring ticket $subject", $client_id, $scheduled_ticket_id);
|
||||
logAction("Recurring Ticket", "Edit", "$session_name edited recurring ticket $subject", $client_id, $recurring_ticket_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Recurring ticket <strong>$subject - $frequency</strong> updated";
|
||||
|
||||
@@ -2085,24 +2119,23 @@ if (isset($_GET['force_recurring_ticket'])) {
|
||||
enforceUserPermission('module_support', 2);
|
||||
validateCSRFToken($_GET['csrf_token']);
|
||||
|
||||
$scheduled_ticket_id = intval($_GET['force_recurring_ticket']);
|
||||
$recurring_ticket_id = intval($_GET['force_recurring_ticket']);
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets WHERE scheduled_ticket_id = $scheduled_ticket_id");
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM recurring_tickets WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
if (mysqli_num_rows($sql) > 0) {
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$schedule_id = intval($row['scheduled_ticket_id']);
|
||||
$subject = sanitizeInput($row['scheduled_ticket_subject']);
|
||||
$details = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_details']);
|
||||
$priority = sanitizeInput($row['scheduled_ticket_priority']);
|
||||
$frequency = sanitizeInput(strtolower($row['scheduled_ticket_frequency']));
|
||||
$billable = intval($row['scheduled_ticket_billable']);
|
||||
$old_next_scheduled_date = sanitizeInput($row['scheduled_ticket_next_run']);
|
||||
$created_id = intval($row['scheduled_ticket_created_by']);
|
||||
$assigned_id = intval($row['scheduled_ticket_assigned_to']);
|
||||
$contact_id = intval($row['scheduled_ticket_contact_id']);
|
||||
$client_id = intval($row['scheduled_ticket_client_id']);
|
||||
$asset_id = intval($row['scheduled_ticket_asset_id']);
|
||||
$subject = sanitizeInput($row['recurring_ticket_subject']);
|
||||
$details = mysqli_real_escape_string($mysqli, $row['recurring_ticket_details']);
|
||||
$priority = sanitizeInput($row['recurring_ticket_priority']);
|
||||
$frequency = sanitizeInput(strtolower($row['recurring_ticket_frequency']));
|
||||
$billable = intval($row['recurring_ticket_billable']);
|
||||
$old_next_recurring_date = sanitizeInput($row['recurring_ticket_next_run']);
|
||||
$created_id = intval($row['recurring_ticket_created_by']);
|
||||
$assigned_id = intval($row['recurring_ticket_assigned_to']);
|
||||
$contact_id = intval($row['recurring_ticket_contact_id']);
|
||||
$client_id = intval($row['recurring_ticket_client_id']);
|
||||
$asset_id = intval($row['recurring_ticket_asset_id']);
|
||||
$url_key = randomString(156);
|
||||
|
||||
$ticket_status = 1; // Default
|
||||
@@ -2122,9 +2155,15 @@ if (isset($_GET['force_recurring_ticket'])) {
|
||||
mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
|
||||
|
||||
// Raise the ticket
|
||||
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = '$ticket_status', ticket_billable = $billable, ticket_url_key = '$url_key', ticket_created_by = $created_id, ticket_assigned_to = $assigned_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id");
|
||||
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = '$ticket_status', ticket_billable = $billable, ticket_url_key = '$url_key', ticket_created_by = $created_id, ticket_assigned_to = $assigned_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id, ticket_recurring_ticket_id = $recurring_ticket_id");
|
||||
$id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Copy Additional Assets from Recurring ticket to new ticket
|
||||
mysqli_query($mysqli, "INSERT INTO ticket_assets (ticket_id, asset_id)
|
||||
SELECT $id, asset_id
|
||||
FROM recurring_ticket_assets
|
||||
WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
// Notifications
|
||||
|
||||
customAction('ticket_create', $id);
|
||||
@@ -2175,22 +2214,22 @@ if (isset($_GET['force_recurring_ticket'])) {
|
||||
addToMailQueue($data);
|
||||
|
||||
// Set the next run date (based on the scheduled date, rather than now, so things keep their schedule)
|
||||
$dt_old_next_scheduled_date = new DateTime($old_next_scheduled_date);
|
||||
$dt_old_next_recurring_date = new DateTime($old_next_recurring_date);
|
||||
if ($frequency == "weekly") {
|
||||
$next_run = date_add($dt_old_next_scheduled_date, date_interval_create_from_date_string('1 week'));
|
||||
$next_run = date_add($dt_old_next_recurring_date, date_interval_create_from_date_string('1 week'));
|
||||
} elseif ($frequency == "monthly") {
|
||||
$next_run = date_add($dt_old_next_scheduled_date, date_interval_create_from_date_string('1 month'));
|
||||
$next_run = date_add($dt_old_next_recurring_date, date_interval_create_from_date_string('1 month'));
|
||||
} elseif ($frequency == "quarterly") {
|
||||
$next_run = date_add($dt_old_next_scheduled_date, date_interval_create_from_date_string('3 months'));
|
||||
$next_run = date_add($dt_old_next_recurring_date, date_interval_create_from_date_string('3 months'));
|
||||
} elseif ($frequency == "biannually") {
|
||||
$next_run = date_add($dt_old_next_scheduled_date, date_interval_create_from_date_string('6 months'));
|
||||
$next_run = date_add($dt_old_next_recurring_date, date_interval_create_from_date_string('6 months'));
|
||||
} elseif ($frequency == "annually") {
|
||||
$next_run = date_add($dt_old_next_scheduled_date, date_interval_create_from_date_string('12 months'));
|
||||
$next_run = date_add($dt_old_next_recurring_date, date_interval_create_from_date_string('12 months'));
|
||||
}
|
||||
|
||||
// Update the run date
|
||||
$next_run = $next_run->format('Y-m-d');
|
||||
mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_next_run = '$next_run' WHERE scheduled_ticket_id = $schedule_id");
|
||||
mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_next_run = '$next_run' WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
// Logging
|
||||
logAction("Ticket", "Create", "$session_name force created recurring scheduled $frequency ticket - $config_ticket_prefix$ticket_number - $subject", $client_id, $id);
|
||||
@@ -2212,21 +2251,21 @@ if (isset($_GET['delete_recurring_ticket'])) {
|
||||
enforceUserPermission('module_support', 3);
|
||||
validateCSRFToken($_GET['csrf_token']);
|
||||
|
||||
$scheduled_ticket_id = intval($_GET['delete_recurring_ticket']);
|
||||
$recurring_ticket_id = intval($_GET['delete_recurring_ticket']);
|
||||
|
||||
// Get Scheduled Ticket Subject Ticket Prefix, Number and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets WHERE scheduled_ticket_id = $scheduled_ticket_id");
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM recurring_tickets WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$subject = sanitizeInput($row['scheduled_ticket_subject']);
|
||||
$frequency = sanitizeInput($row['scheduled_ticket_frequency']);
|
||||
$subject = sanitizeInput($row['recurring_ticket_subject']);
|
||||
$frequency = sanitizeInput($row['recurring_ticket_frequency']);
|
||||
|
||||
$client_id = intval($row['scheduled_ticket_client_id']);
|
||||
$client_id = intval($row['recurring_ticket_client_id']);
|
||||
|
||||
// Delete
|
||||
mysqli_query($mysqli, "DELETE FROM scheduled_tickets WHERE scheduled_ticket_id = $scheduled_ticket_id");
|
||||
mysqli_query($mysqli, "DELETE FROM recurring_tickets WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Ticket", "Delete", "$session_name deleted recurring ticket $subject", $client_id, $scheduled_ticket_id);
|
||||
logAction("Recurring Ticket", "Delete", "$session_name deleted recurring ticket $subject", $client_id, $recurring_ticket_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Recurring ticket <strong>$subject - $frequency</strong> deleted";
|
||||
@@ -2234,23 +2273,23 @@ if (isset($_GET['delete_recurring_ticket'])) {
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_delete_scheduled_tickets']) || isset($_POST['bulk_delete_recurring_tickets'])) {
|
||||
if (isset($_POST['bulk_delete_recurring_tickets'])) {
|
||||
|
||||
enforceUserPermission('module_support', 3);
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
if (isset($_POST['scheduled_ticket_ids'])) {
|
||||
if (isset($_POST['recurring_ticket_ids'])) {
|
||||
|
||||
$count = count($_POST['scheduled_ticket_ids']);
|
||||
$count = count($_POST['recurring_ticket_ids']);
|
||||
|
||||
// Cycle through array and delete each recurring scheduled ticket
|
||||
foreach ($scheduled_ticket_ids as $scheduled_ticket_id) {
|
||||
foreach ($recurring_ticket_ids as $recurring_ticket_id) {
|
||||
|
||||
$scheduled_ticket_id = intval($scheduled_ticket_id);
|
||||
mysqli_query($mysqli, "DELETE FROM scheduled_tickets WHERE scheduled_ticket_id = $scheduled_ticket_id");
|
||||
$recurring_ticket_id = intval($recurring_ticket_id);
|
||||
mysqli_query($mysqli, "DELETE FROM recurring_tickets WHERE recurring_ticket_id = $recurring_ticket_id");
|
||||
|
||||
// Logging
|
||||
logAction("Recurring Ticket", "Delete", "$session_name deleted recurring ticket", 0, $scheduled_ticket_id);
|
||||
logAction("Recurring Ticket", "Delete", "$session_name deleted recurring ticket", 0, $recurring_ticket_id);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -143,12 +143,6 @@ if (isset($_GET['delete_vendor'])) {
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM vendors WHERE vendor_id = $vendor_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_files WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_logins WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM service_vendors WHERE vendor_id = $vendor_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Delete', log_description = '$session_name deleted vendor $vendor_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
|
||||
|
||||
@@ -263,12 +257,6 @@ if (isset($_POST['bulk_delete_vendors'])) {
|
||||
|
||||
mysqli_query($mysqli, "DELETE FROM vendors WHERE vendor_id = $vendor_id AND vendor_client_id = $client_id");
|
||||
|
||||
// Remove Relations
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_files WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM vendor_logins WHERE vendor_id = $vendor_id");
|
||||
mysqli_query($mysqli,"DELETE FROM service_vendors WHERE vendor_id = $vendor_id");
|
||||
|
||||
// Logging
|
||||
logAction("Vendor", "Delete", "$session_name deleted vendor $vendor_name", $client_id);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user