diff --git a/client_asset_add_modal.php b/client_asset_add_modal.php index eb1d1f03..e90d26bb 100644 --- a/client_asset_add_modal.php +++ b/client_asset_add_modal.php @@ -44,7 +44,17 @@
- + + + + +
+ +
+
+ +
+
diff --git a/client_asset_copy_modal.php b/client_asset_copy_modal.php index e68ccdac..f7083a12 100644 --- a/client_asset_copy_modal.php +++ b/client_asset_copy_modal.php @@ -46,6 +46,16 @@ +
+ +
+
+ +
+ +
+
+
diff --git a/client_asset_edit_modal.php b/client_asset_edit_modal.php index 949b7b77..51133ce6 100644 --- a/client_asset_edit_modal.php +++ b/client_asset_edit_modal.php @@ -48,6 +48,16 @@
+
+ +
+
+ +
+ +
+
+
diff --git a/client_asset_import_modal.php b/client_asset_import_modal.php index 55fb1d6a..85a3cf1e 100644 --- a/client_asset_import_modal.php +++ b/client_asset_import_modal.php @@ -10,7 +10,7 @@
-

Format csv file with headings & data:
Name, Type, Make, Model, Serial, OS, Assigned To, Location

+

Format csv file with headings & data:
Name, Description, Type, Make, Model, Serial, OS, Assigned To, Location

diff --git a/client_assets.php b/client_assets.php index cdc7885b..46e4af37 100644 --- a/client_assets.php +++ b/client_assets.php @@ -62,7 +62,7 @@ $sql = mysqli_query( LEFT JOIN logins ON login_asset_id = asset_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL - AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%') + AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%') AND ($type_query) ORDER BY $sb $o LIMIT $record_from, $record_to" ); @@ -134,6 +134,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); "> Name + Description Type + diff --git a/client_contact_add_modal.php b/client_contact_add_modal.php index c3e8ba31..5864447b 100644 --- a/client_contact_add_modal.php +++ b/client_contact_add_modal.php @@ -25,7 +25,7 @@ Photo
  • - Portal + Secure
  • Notes @@ -172,7 +172,17 @@
    • -
    +
    + +
    + +
    +
    + +
    + +
    +
    diff --git a/client_contact_details.php b/client_contact_details.php index 44eab863..3a24adc0 100644 --- a/client_contact_details.php +++ b/client_contact_details.php @@ -19,6 +19,7 @@ if (isset($_GET['contact_id'])) { $contact_mobile = formatPhoneNumber($row['contact_mobile']); $contact_email = nullable_htmlentities($row['contact_email']); $contact_photo = nullable_htmlentities($row['contact_photo']); + $contact_pin = nullable_htmlentities($row['contact_pin']); $contact_initials = initials($contact_name); $contact_notes = nullable_htmlentities($row['contact_notes']); $contact_important = intval($row['contact_important']); @@ -99,6 +100,9 @@ if (isset($_GET['contact_id'])) {
    + +
    diff --git a/client_contact_edit_modal.php b/client_contact_edit_modal.php index 6aa09f57..0b2f14a3 100644 --- a/client_contact_edit_modal.php +++ b/client_contact_edit_modal.php @@ -26,7 +26,7 @@ Photo
  • - Portal + Secure
  • Notes @@ -164,7 +164,17 @@
    • -
    +
    + +
    + +
    +
    + +
    + +
    +
    diff --git a/client_contacts.php b/client_contacts.php index f02bae9b..89d48ed3 100644 --- a/client_contacts.php +++ b/client_contacts.php @@ -112,6 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); if (empty($contact_info_display)) { $contact_info_display = "-"; } + $contact_pin = nullable_htmlentities($row['contact_pin']); $contact_photo = nullable_htmlentities($row['contact_photo']); $contact_initials = initials($contact_name); $contact_notes = nullable_htmlentities($row['contact_notes']); diff --git a/client_login_add_modal.php b/client_login_add_modal.php index ce6831d7..48bc6132 100644 --- a/client_login_add_modal.php +++ b/client_login_add_modal.php @@ -44,6 +44,16 @@
    +
    + +
    +
    + +
    + +
    +
    +
    diff --git a/client_login_edit_modal.php b/client_login_edit_modal.php index 2629c872..6cfeef11 100644 --- a/client_login_edit_modal.php +++ b/client_login_edit_modal.php @@ -45,6 +45,16 @@
    +
    + +
    +
    + +
    + +
    +
    +
    diff --git a/client_login_import_modal.php b/client_login_import_modal.php index a7aeb4c6..57d9b685 100644 --- a/client_login_import_modal.php +++ b/client_login_import_modal.php @@ -10,7 +10,7 @@
    -

    Format csv file with headings & data:
    Name, Username, Password, URL

    +

    Format csv file with headings & data:
    Name, Description, Username, Password, URL

    diff --git a/client_logins.php b/client_logins.php index 7cceaa21..ac6c0e01 100644 --- a/client_logins.php +++ b/client_logins.php @@ -13,7 +13,7 @@ $sql = mysqli_query( $mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM logins WHERE login_client_id = $client_id - AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%') + AND (login_name LIKE '%$q%' OR login_description LIKE '%$q%' OR login_uri LIKE '%$q%') ORDER BY $sb $o LIMIT $record_from, $record_to" ); @@ -25,7 +25,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

    Passwords

    - +
    @@ -57,6 +57,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); "> Name + Description Username Password OTP @@ -70,6 +71,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $login_id = intval($row['login_id']); $login_name = nullable_htmlentities($row['login_name']); + $login_description = nullable_htmlentities($row['login_description']); + if (empty($login_description)) { + $login_description_display = "-"; + } else { + $login_description_display = $login_description; + } $login_uri = nullable_htmlentities($row['login_uri']); if (empty($login_uri)) { $login_uri_display = "-"; @@ -105,6 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + diff --git a/client_tickets.php b/client_tickets.php index 8a2480d2..fa9377e9 100644 --- a/client_tickets.php +++ b/client_tickets.php @@ -18,7 +18,7 @@ $sql = mysqli_query( LEFT JOIN locations ON ticket_location_id = location_id LEFT JOIN vendors ON ticket_vendor_id = vendor_id WHERE ticket_client_id = $client_id - AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%') + AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%' OR ticket_vendor_ticket_number LIKE '%q%') ORDER BY $sb $o LIMIT $record_from, $record_to" ); @@ -85,6 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $ticket_details = nullable_htmlentities($row['ticket_details']); $ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_status = nullable_htmlentities($row['ticket_status']); + $ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at_time_ago = timeAgo($row['ticket_created_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); diff --git a/global_search.php b/global_search.php index 5d718eed..167751f5 100644 --- a/global_search.php +++ b/global_search.php @@ -19,7 +19,7 @@ if (isset($_GET['query'])) { $sql_products = mysqli_query($mysqli, "SELECT * FROM products WHERE product_name LIKE '%$query%' ORDER BY product_id DESC LIMIT 5"); $sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') ORDER BY document_id DESC LIMIT 5"); $sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') ORDER BY ticket_id DESC LIMIT 5"); - $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_name LIKE '%$query%' ORDER BY login_id DESC LIMIT 5"); + $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_name LIKE '%$query%' OR login_description LIKE '%$query%') ORDER BY login_id DESC LIMIT 5"); $q = nullable_htmlentities($_GET['query']); ?> @@ -313,6 +313,7 @@ if (isset($_GET['query'])) { + @@ -323,6 +324,7 @@ if (isset($_GET['query'])) { while ($row = mysqli_fetch_array($sql_logins)) { $login_name = nullable_htmlentities($row['login_name']); + $login_description = nullable_htmlentities($row['login_description']); $login_client_id = intval($row['login_client_id']); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); @@ -330,6 +332,7 @@ if (isset($_GET['query'])) { ?> + diff --git a/models/client_logins.php b/models/client_logins.php index 355f7f9d..0652008a 100644 --- a/models/client_logins.php +++ b/models/client_logins.php @@ -1,6 +1,7 @@ 0){ @@ -4927,6 +4927,7 @@ if(isset($_POST['add_asset'])){ $client_id = intval($_POST['client_id']); $name = sanitizeInput($_POST['name']); + $description = sanitizeInput($_POST['description']); $type = sanitizeInput($_POST['type']); $make = sanitizeInput($_POST['make']); $model = sanitizeInput($_POST['model']); @@ -4961,7 +4962,7 @@ if(isset($_POST['add_asset'])){ $alert_extended = ""; - mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network, asset_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network, asset_client_id = $client_id"); $asset_id = mysqli_insert_id($mysqli); @@ -4997,6 +4998,7 @@ if(isset($_POST['edit_asset'])){ $login_id = intval($_POST['login_id']); $client_id = intval($_POST['client_id']); $name = sanitizeInput($_POST['name']); + $description = sanitizeInput($_POST['description']); $type = sanitizeInput($_POST['type']); $make = sanitizeInput($_POST['make']); $model = sanitizeInput($_POST['model']); @@ -5033,7 +5035,7 @@ if(isset($_POST['edit_asset'])){ $alert_extended = ""; - mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id"); + mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id"); //If login exists then update the login if($login_id > 0 && !empty($_POST['username'])){ @@ -5169,28 +5171,34 @@ if(isset($_POST["import_client_assets_csv"])){ } } if(isset($column[1])){ - $type = sanitizeInput($column[1]); + $description = sanitizeInput($column[1]); } if(isset($column[2])){ - $make = sanitizeInput($column[2]); + $type = sanitizeInput($column[2]); } if(isset($column[3])){ - $model = sanitizeInput($column[3]); + $make = sanitizeInput($column[3]); } if(isset($column[4])){ - $serial = sanitizeInput($column[4]); + $model = sanitizeInput($column[4]); } if(isset($column[5])){ - $os = sanitizeInput(column[5]); + $serial = sanitizeInput($column[5]); } if(isset($column[6])){ - $contact = sanitizeInput($column[6]); + $os = sanitizeInput($column[6]); + } + if(isset($column[7])){ + $os = sanitizeInput($column[7]); + } + if(isset($column[8])){ + $contact = sanitizeInput($column[8]); $sql_contact = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_name = '$contact' AND contact_client_id = $client_id"); $row = mysqli_fetch_assoc($sql_contact); $contact_id = intval($row['contact_id']); } - if(isset($column[7])){ - $location = sanitizeInput($column[7]); + if(isset($column[9])){ + $location = sanitizeInput($column[9]); $sql_location = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_name = '$location' AND location_client_id = $client_id"); $row = mysqli_fetch_assoc($sql_location); $location_id = intval($row['location_id']); @@ -5199,7 +5207,7 @@ if(isset($_POST["import_client_assets_csv"])){ // Check if duplicate was detected if($duplicate_detect == 0){ //Add - mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_contact_id = $contact_id, asset_location_id = $location_id, asset_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_contact_id = $contact_id, asset_location_id = $location_id, asset_client_id = $client_id"); $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; @@ -5236,7 +5244,7 @@ if(isset($_GET['download_client_assets_csv_template'])){ $f = fopen('php://memory', 'w'); //set column headers - $fields = array('Name', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location'); + $fields = array('Name', 'Description', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location'); fputcsv($f, $fields, $delimiter); //move back to beginning of file @@ -5274,12 +5282,12 @@ if(isset($_POST['export_client_assets_csv'])){ $f = fopen('php://memory', 'w'); //set column headers - $fields = array('Name', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes'); + $fields = array('Name', 'Description', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes'); fputcsv($f, $fields, $delimiter); //output each row of the data, format line as csv and write to file pointer while($row = mysqli_fetch_array($sql)){ - $lineData = array($row['asset_name'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']); + $lineData = array($row['asset_name'], $row['asset_description'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']); fputcsv($f, $lineData, $delimiter); } @@ -5652,7 +5660,7 @@ if(isset($_POST['add_login'])){ require_once('models/client_logins.php'); - mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id"); $login_id = mysqli_insert_id($mysqli); @@ -5673,7 +5681,7 @@ if(isset($_POST['edit_login'])){ $login_id = intval($_POST['login_id']); - mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id WHERE login_id = $login_id"); + mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id WHERE login_id = $login_id"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$session_name modified login $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id"); @@ -5729,14 +5737,14 @@ if(isset($_POST['export_client_logins_csv'])){ $f = fopen('php://memory', 'w'); //set column headers - $fields = array('Name', 'Username', 'Password', 'URL'); + $fields = array('Name', 'Description', 'Username', 'Password', 'URL'); fputcsv($f, $fields, $delimiter); //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $login_username = decryptLoginEntry($row['login_username']); $login_password = decryptLoginEntry($row['login_password']); - $lineData = array($row['login_name'], $login_username, $login_password, $row['login_uri']); + $lineData = array($row['login_name'], $row['login_description'], $login_username, $login_password, $row['login_uri']); fputcsv($f, $lineData, $delimiter); } @@ -5803,19 +5811,22 @@ if(isset($_POST["import_client_logins_csv"])){ } } if(isset($column[1])){ - $username = sanitizeInput(encryptLoginEntry($column[1])); + $description = sanitizeInput($column[1]); } if(isset($column[2])){ - $password = sanitizeInput(encryptLoginEntry($column[2])); + $username = sanitizeInput(encryptLoginEntry($column[2])); } if(isset($column[3])){ - $url = sanitizeInput($column[3]); + $password = sanitizeInput(encryptLoginEntry($column[3])); + } + if(isset($column[4])){ + $url = sanitizeInput($column[4]); } // Check if duplicate was detected if($duplicate_detect == 0){ //Add - mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_username = '$username', login_password = '$password', login_client_id = $client_id"); $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; @@ -5852,7 +5863,7 @@ if(isset($_GET['download_client_logins_csv_template'])){ $f = fopen('php://memory', 'w'); //set column headers - $fields = array('Name', 'Username', 'Password', 'URL'); + $fields = array('Name', 'Description', 'Username', 'Password', 'URL'); fputcsv($f, $fields, $delimiter); //move back to beginning of file @@ -6356,6 +6367,7 @@ if(isset($_POST['add_ticket'])){ $subject = sanitizeInput($_POST['subject']); $priority = sanitizeInput($_POST['priority']); $details = mysqli_real_escape_string($mysqli,$_POST['details']); + $vendor_ticket_number = sanitizeInput($_POST['vendor_ticket_number']); $vendor_id = intval($_POST['vendor']); $asset_id = intval($_POST['asset']); @@ -6371,7 +6383,7 @@ if(isset($_POST['add_ticket'])){ $new_config_ticket_next_number = $config_ticket_next_number + 1; mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); - mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id"); $ticket_id = mysqli_insert_id($mysqli); @@ -6433,12 +6445,13 @@ if(isset($_POST['edit_ticket'])){ $subject = sanitizeInput($_POST['subject']); $priority = sanitizeInput($_POST['priority']); $details = mysqli_real_escape_string($mysqli,$_POST['details']); + $vendor_ticket_number = sanitizeInput($_POST['vendor_ticket_number']); $vendor_id = intval($_POST['vendor']); $asset_id = intval($_POST['asset']); $client_id = intval($_POST['client_id']); $ticket_number = intval($_POST['ticket_number']); - mysqli_query($mysqli,"UPDATE tickets SET ticket_subject = '$subject', ticket_priority = '$priority', ticket_details = '$details', ticket_assigned_to = $assigned_to, ticket_contact_id = $contact_id, ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id WHERE ticket_id = $ticket_id"); + mysqli_query($mysqli,"UPDATE tickets SET ticket_subject = '$subject', ticket_priority = '$priority', ticket_details = '$details', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_assigned_to = $assigned_to, ticket_contact_id = $contact_id, ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id WHERE ticket_id = $ticket_id"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$session_name modified ticket $ticket_number - $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id"); diff --git a/ticket.php b/ticket.php index ee3fe336..930101f9 100644 --- a/ticket.php +++ b/ticket.php @@ -67,6 +67,7 @@ if (isset($_GET['ticket_id'])) { $ticket_status_display = "$ticket_status"; } + $ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_date = date('Y-m-d', strtotime($ticket_created_at)); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); @@ -656,6 +657,7 @@ if (isset($_GET['ticket_id'])) {

    Vendor

    +
    @@ -663,6 +665,11 @@ if (isset($_GET['ticket_id'])) {
    + +
    +
    diff --git a/ticket_add_modal.php b/ticket_add_modal.php index 7b489dad..c6c63e27 100644 --- a/ticket_add_modal.php +++ b/ticket_add_modal.php @@ -188,6 +188,16 @@
    +
    + +
    +
    + +
    + +
    +
    + diff --git a/ticket_edit_modal.php b/ticket_edit_modal.php index e0134114..e4d2b88b 100644 --- a/ticket_edit_modal.php +++ b/ticket_edit_modal.php @@ -175,6 +175,16 @@ +
    + +
    +
    + +
    + +
    +
    + diff --git a/ticket_invoice_add_modal.php b/ticket_invoice_add_modal.php index 10bdc40c..df92d9b7 100644 --- a/ticket_invoice_add_modal.php +++ b/ticket_invoice_add_modal.php @@ -8,87 +8,109 @@ - +
    + + - +
    -
    - -
    -
    - +
    + +
    + +
    + +
    +
    + +
    + " required> +
    - + + + + + + +
    + +
    +
    +
    + +
    + +
    +
    + +
    + "> +
    +
    - ?> - - -
    -
    -
    - -
    -
    - +
    + +
    + +
    +
    + +
    + +
    - " required> +
    -
    -
    - -
    -
    - -
    - -
    - -
    -
    -
    - -
    - -
    -
    - -
    - "> -
    @@ -169,7 +191,7 @@
    - +
    diff --git a/tickets.php b/tickets.php index 28f8c5af..618709b3 100644 --- a/tickets.php +++ b/tickets.php @@ -50,7 +50,7 @@ $sql = mysqli_query( WHERE ticket_assigned_to LIKE '%$ticket_assigned_filter%' AND $ticket_status_snippet AND DATE(ticket_created_at) BETWEEN '$dtf' AND '$dtt' - AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR user_name LIKE '%$q%') + AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR user_name LIKE '%$q%' OR ticket_vendor_ticket_number LIKE '%q%') ORDER BY $sb $o LIMIT $record_from, $record_to" ); @@ -264,6 +264,7 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']); $ticket_details = nullable_htmlentities($row['ticket_details']); $ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_status = nullable_htmlentities($row['ticket_status']); + $ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at_time_ago = timeAgo($row['ticket_created_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
    Name Description Username Password