diff --git a/api_key_add_modal.php b/api_key_add_modal.php index 0887420a..903e8ea6 100644 --- a/api_key_add_modal.php +++ b/api_key_add_modal.php @@ -64,7 +64,7 @@ $key = randomString(156); $sql = mysqli_query($mysqli, "SELECT * FROM clients ORDER BY client_name ASC"); while ($row = mysqli_fetch_array($sql)) { $client_id = intval($row['client_id']); - $client_name = htmlentities($row['client_name']); ?> + $client_name = nullable_htmlentities($row['client_name']); ?> diff --git a/calendar_event_add_modal.php b/calendar_event_add_modal.php index 6d2cb82f..a372f4a2 100644 --- a/calendar_event_add_modal.php +++ b/calendar_event_add_modal.php @@ -51,8 +51,8 @@ $sql = mysqli_query($mysqli, "SELECT * FROM calendars ORDER BY calendar_name ASC"); while ($row = mysqli_fetch_array($sql)) { $calendar_id = intval($row['calendar_id']); - $calendar_name = htmlentities($row['calendar_name']); - $calendar_color = htmlentities($row['calendar_color']); + $calendar_name = nullable_htmlentities($row['calendar_name']); + $calendar_color = nullable_htmlentities($row['calendar_color']); ?> @@ -120,8 +120,8 @@ $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id ORDER BY client_name ASC"); while ($row = mysqli_fetch_array($sql)) { $client_id = intval($row['client_id']); - $client_name = htmlentities($row['client_name']); - $contact_email = htmlentities($row['contact_email']); + $client_name = nullable_htmlentities($row['client_name']); + $contact_email = nullable_htmlentities($row['contact_email']); ?> diff --git a/calendar_event_edit_modal.php b/calendar_event_edit_modal.php index d4993e70..0c279df5 100644 --- a/calendar_event_edit_modal.php +++ b/calendar_event_edit_modal.php @@ -53,8 +53,8 @@ $sql_calendars_select = mysqli_query($mysqli, "SELECT * FROM calendars ORDER BY calendar_name ASC"); while ($row = mysqli_fetch_array($sql_calendars_select)) { $calendar_id_select = intval($row['calendar_id']); - $calendar_name_select = htmlentities($row['calendar_name']); - $calendar_color_select = htmlentities($row['calendar_color']); + $calendar_name_select = nullable_htmlentities($row['calendar_name']); + $calendar_color_select = nullable_htmlentities($row['calendar_color']); ?> @@ -119,8 +119,8 @@ $sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id ORDER BY client_name ASC"); while ($row = mysqli_fetch_array($sql_clients)) { $client_id_select = intval($row['client_id']); - $client_name_select = htmlentities($row['client_name']); - $contact_email_select = htmlentities($row['contact_email']); + $client_name_select = nullable_htmlentities($row['client_name']); + $contact_email_select = nullable_htmlentities($row['contact_email']); ?> diff --git a/calendar_events.php b/calendar_events.php index b1728483..cc8a80c8 100644 --- a/calendar_events.php +++ b/calendar_events.php @@ -21,14 +21,14 @@ require_once("category_quick_add_modal.php"); $sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id"); while ($row = mysqli_fetch_array($sql)) { $event_id = intval($row['event_id']); - $event_title = htmlentities($row['event_title']); - $event_description = htmlentities($row['event_description']); - $event_start = htmlentities($row['event_start']); - $event_end = htmlentities($row['event_end']); - $event_repeat = htmlentities($row['event_repeat']); + $event_title = nullable_htmlentities($row['event_title']); + $event_description = nullable_htmlentities($row['event_description']); + $event_start = nullable_htmlentities($row['event_start']); + $event_end = nullable_htmlentities($row['event_end']); + $event_repeat = nullable_htmlentities($row['event_repeat']); $calendar_id = intval($row['calendar_id']); - $calendar_name = htmlentities($row['calendar_name']); - $calendar_color = htmlentities($row['calendar_color']); + $calendar_name = nullable_htmlentities($row['calendar_name']); + $calendar_color = nullable_htmlentities($row['calendar_color']); $client_id = intval($row['event_client_id']); require("calendar_event_edit_modal.php"); diff --git a/categories.php b/categories.php index 83575ba5..d0c2851a 100644 --- a/categories.php +++ b/categories.php @@ -46,18 +46,18 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
-

Categories

+

Categories

- +
- +
@@ -88,8 +88,8 @@ $colors_diff = array_diff($colors_array, $colors_used_array); while ($row = mysqli_fetch_array($sql)) { $category_id = intval($row['category_id']); - $category_name = htmlentities($row['category_name']); - $category_color = htmlentities($row['category_color']); + $category_name = nullable_htmlentities($row['category_name']); + $category_color = nullable_htmlentities($row['category_color']); //$colors_used_array[] = $row['category_color']; ?> diff --git a/category_add_modal.php b/category_add_modal.php index d99eb0b4..811175e7 100644 --- a/category_add_modal.php +++ b/category_add_modal.php @@ -2,13 +2,13 @@
-
New Category
+
New Category
- +
diff --git a/category_edit_modal.php b/category_edit_modal.php index 5a8fd17e..0e1f8494 100644 --- a/category_edit_modal.php +++ b/category_edit_modal.php @@ -9,7 +9,7 @@
- +
diff --git a/client_add_modal.php b/client_add_modal.php index c2547b2b..6f9dcb2f 100644 --- a/client_add_modal.php +++ b/client_add_modal.php @@ -66,7 +66,7 @@ $referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL ORDER BY category_name ASC"); while ($row = mysqli_fetch_array($referral_sql)) { - $referral = htmlentities($row['category_name']); ?> + $referral = nullable_htmlentities($row['category_name']); ?> @@ -296,9 +296,9 @@ while ($row = mysqli_fetch_array($sql_tags_select)) { $tag_id_select = intval($row['tag_id']); - $tag_name_select = htmlentities($row['tag_name']); - $tag_color_select = htmlentities($row['tag_color']); - $tag_icon_select = htmlentities($row['tag_icon']); + $tag_name_select = nullable_htmlentities($row['tag_name']); + $tag_color_select = nullable_htmlentities($row['tag_color']); + $tag_icon_select = nullable_htmlentities($row['tag_icon']); ?>
  • diff --git a/client_asset_add_modal.php b/client_asset_add_modal.php index 39b7d455..eb1d1f03 100644 --- a/client_asset_add_modal.php +++ b/client_asset_add_modal.php @@ -125,7 +125,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql)) { $location_id = intval($row['location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); ?> @@ -148,7 +148,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); ?> @@ -187,8 +187,8 @@ $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC"); while ($row = mysqli_fetch_array($sql)) { $network_id = intval($row['network_id']); - $network_name = htmlentities($row['network_name']); - $network = htmlentities($row['network']); + $network_name = nullable_htmlentities($row['network_name']); + $network = nullable_htmlentities($row['network']); ?> @@ -235,7 +235,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); + $vendor_name = nullable_htmlentities($row['vendor_name']); ?> diff --git a/client_asset_copy_modal.php b/client_asset_copy_modal.php index 7f322248..e68ccdac 100644 --- a/client_asset_copy_modal.php +++ b/client_asset_copy_modal.php @@ -122,7 +122,7 @@ $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql_locations)) { $location_id_select = intval($row['location_id']); - $location_name_select = htmlentities($row['location_name']); + $location_name_select = nullable_htmlentities($row['location_name']); ?> @@ -145,7 +145,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); ?> @@ -182,8 +182,8 @@ $sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC"); while ($row = mysqli_fetch_array($sql_networks)) { $network_id_select = intval($row['network_id']); - $network_name_select = htmlentities($row['network_name']); - $network_select = htmlentities($row['network']); + $network_name_select = nullable_htmlentities($row['network_name']); + $network_select = nullable_htmlentities($row['network']); ?> @@ -230,7 +230,7 @@ $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql_vendors)) { $vendor_id_select = intval($row['vendor_id']); - $vendor_name_select = htmlentities($row['vendor_name']); + $vendor_name_select = nullable_htmlentities($row['vendor_name']); ?> diff --git a/client_asset_documents_modal.php b/client_asset_documents_modal.php index 1c6e5829..bf7e7234 100644 --- a/client_asset_documents_modal.php +++ b/client_asset_documents_modal.php @@ -12,7 +12,7 @@

    diff --git a/client_asset_edit_modal.php b/client_asset_edit_modal.php index ee575ba9..949b7b77 100644 --- a/client_asset_edit_modal.php +++ b/client_asset_edit_modal.php @@ -124,7 +124,7 @@ $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql_locations)) { $location_id_select = intval($row['location_id']); - $location_name_select = htmlentities($row['location_name']); + $location_name_select = nullable_htmlentities($row['location_name']); ?> @@ -146,7 +146,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id_select = intval($row['contact_id']); - $contact_name_select = htmlentities($row['contact_name']); + $contact_name_select = nullable_htmlentities($row['contact_name']); ?> @@ -232,7 +232,7 @@ $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql_vendors)) { $vendor_id_select = intval($row['vendor_id']); - $vendor_name_select = htmlentities($row['vendor_name']); + $vendor_name_select = nullable_htmlentities($row['vendor_name']); ?> diff --git a/client_asset_interface_add_modal.php b/client_asset_interface_add_modal.php index 6a36cc0b..0f82900f 100644 --- a/client_asset_interface_add_modal.php +++ b/client_asset_interface_add_modal.php @@ -78,8 +78,8 @@ $sql_network_select = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC"); while ($row = mysqli_fetch_array($sql_network_select)) { $network_id = $row['network_id']; - $network_name = htmlentities($row['network_name']); - $network = htmlentities($row['network']); + $network_name = nullable_htmlentities($row['network_name']); + $network = nullable_htmlentities($row['network']); ?> diff --git a/client_asset_tickets_modal.php b/client_asset_tickets_modal.php index d35f515f..70ce1b9b 100644 --- a/client_asset_tickets_modal.php +++ b/client_asset_tickets_modal.php @@ -13,12 +13,12 @@ // Query is run from client_assets.php while ($row = mysqli_fetch_array($sql_tickets)) { $ticket_id = intval($row['ticket_id']); - $ticket_prefix = htmlentities($row['ticket_prefix']); + $ticket_prefix = nullable_htmlentities($row['ticket_prefix']); $ticket_number = intval($row['ticket_number']); - $ticket_subject = htmlentities($row['ticket_subject']); - $ticket_status = htmlentities($row['ticket_status']); - $ticket_created_at = htmlentities($row['ticket_created_at']); - $ticket_updated_at = htmlentities($row['ticket_updated_at']); + $ticket_subject = nullable_htmlentities($row['ticket_subject']); + $ticket_status = nullable_htmlentities($row['ticket_status']); + $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); + $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); ?>

    diff --git a/client_assets.php b/client_assets.php index 78ccef72..f2f39e4d 100644 --- a/client_assets.php +++ b/client_assets.php @@ -75,18 +75,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

    Assets

    - +
    - +
    - s"> + s">
    @@ -161,40 +161,40 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $asset_id = intval($row['asset_id']); - $asset_type = htmlentities($row['asset_type']); - $asset_name = htmlentities($row['asset_name']); - $asset_make = htmlentities($row['asset_make']); - $asset_model = htmlentities($row['asset_model']); - $asset_serial = htmlentities($row['asset_serial']); + $asset_type = nullable_htmlentities($row['asset_type']); + $asset_name = nullable_htmlentities($row['asset_name']); + $asset_make = nullable_htmlentities($row['asset_make']); + $asset_model = nullable_htmlentities($row['asset_model']); + $asset_serial = nullable_htmlentities($row['asset_serial']); if (empty($asset_serial)) { $asset_serial_display = "-"; } else { $asset_serial_display = $asset_serial; } - $asset_os = htmlentities($row['asset_os']); + $asset_os = nullable_htmlentities($row['asset_os']); if (empty($asset_os)) { $asset_os_display = "-"; } else { $asset_os_display = $asset_os; } - $asset_ip = htmlentities($row['asset_ip']); + $asset_ip = nullable_htmlentities($row['asset_ip']); if (empty($asset_ip)) { $asset_ip_display = "-"; } else { $asset_ip_display = "$asset_ip"; } - $asset_mac = htmlentities($row['asset_mac']); - $asset_status = htmlentities($row['asset_status']); - $asset_purchase_date = htmlentities($row['asset_purchase_date']); - $asset_warranty_expire = htmlentities($row['asset_warranty_expire']); - $asset_install_date = htmlentities($row['asset_install_date']); + $asset_mac = nullable_htmlentities($row['asset_mac']); + $asset_status = nullable_htmlentities($row['asset_status']); + $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); + $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); + $asset_install_date = nullable_htmlentities($row['asset_install_date']); if (empty($asset_install_date)) { $asset_install_date_display = "-"; } else { $asset_install_date_display = $asset_install_date; } - $asset_notes = htmlentities($row['asset_notes']); - $asset_created_at = htmlentities($row['asset_created_at']); + $asset_notes = nullable_htmlentities($row['asset_notes']); + $asset_created_at = nullable_htmlentities($row['asset_created_at']); $asset_vendor_id = intval($row['asset_vendor_id']); $asset_location_id = intval($row['asset_location_id']); $asset_contact_id = intval($row['asset_contact_id']); @@ -202,19 +202,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $device_icon = getAssetIcon($asset_type); - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); if (empty($contact_name)) { $contact_name = "-"; } - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); if (empty($location_name)) { $location_name = "-"; } $login_id = intval($row['login_id']); - $login_username = htmlentities(decryptLoginEntry($row['login_username'])); - $login_password = htmlentities(decryptLoginEntry($row['login_password'])); + $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); // Related tickets $sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_asset_id = $asset_id ORDER BY ticket_number DESC"); diff --git a/client_certificate_add_modal.php b/client_certificate_add_modal.php index 1a15124a..3e36d9de 100644 --- a/client_certificate_add_modal.php +++ b/client_certificate_add_modal.php @@ -76,7 +76,7 @@ $domains_sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'"); while ($domain_row = mysqli_fetch_array($domains_sql)) { $domain_id = intval($domain_row['domain_id']); - $domain_name = htmlentities($domain_row['domain_name']); + $domain_name = nullable_htmlentities($domain_row['domain_name']); echo ""; } ?> diff --git a/client_certificates.php b/client_certificates.php index 99404fc2..5b420ea1 100644 --- a/client_certificates.php +++ b/client_certificates.php @@ -31,7 +31,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -86,10 +86,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $certificate_id = intval($row['certificate_id']); - $certificate_name = htmlentities($row['certificate_name']); - $certificate_domain = htmlentities($row['certificate_domain']); - $certificate_issued_by = htmlentities($row['certificate_issued_by']); - $certificate_expire = htmlentities($row['certificate_expire']); + $certificate_name = nullable_htmlentities($row['certificate_name']); + $certificate_domain = nullable_htmlentities($row['certificate_domain']); + $certificate_issued_by = nullable_htmlentities($row['certificate_issued_by']); + $certificate_expire = nullable_htmlentities($row['certificate_expire']); ?> diff --git a/client_contact_add_modal.php b/client_contact_add_modal.php index 011e5326..c3e8ba31 100644 --- a/client_contact_add_modal.php +++ b/client_contact_add_modal.php @@ -123,7 +123,7 @@ $sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql)) { $location_id = intval($row['location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); ?> diff --git a/client_contact_details.php b/client_contact_details.php index a3213bef..44eab863 100644 --- a/client_contact_details.php +++ b/client_contact_details.php @@ -11,33 +11,33 @@ if (isset($_GET['contact_id'])) { "); $row = mysqli_fetch_array($sql); - $contact_name = htmlentities($row['contact_name']); - $contact_title = htmlentities($row['contact_title']); - $contact_department =htmlentities($row['contact_department']); + $contact_name = nullable_htmlentities($row['contact_name']); + $contact_title = nullable_htmlentities($row['contact_title']); + $contact_department =nullable_htmlentities($row['contact_department']); $contact_phone = formatPhoneNumber($row['contact_phone']); - $contact_extension = htmlentities($row['contact_extension']); + $contact_extension = nullable_htmlentities($row['contact_extension']); $contact_mobile = formatPhoneNumber($row['contact_mobile']); - $contact_email = htmlentities($row['contact_email']); - $contact_photo = htmlentities($row['contact_photo']); + $contact_email = nullable_htmlentities($row['contact_email']); + $contact_photo = nullable_htmlentities($row['contact_photo']); $contact_initials = initials($contact_name); - $contact_notes = htmlentities($row['contact_notes']); + $contact_notes = nullable_htmlentities($row['contact_notes']); $contact_important = intval($row['contact_important']); $contact_billing = intval($row['contact_billing']); $contact_technical = intval($row['contact_technical']); - $contact_created_at = htmlentities($row['contact_created_at']); + $contact_created_at = nullable_htmlentities($row['contact_created_at']); if ($contact_id == $primary_contact) { $primary_contact_display = "Primary Contact"; } else { $primary_contact_display = false; } $contact_location_id = intval($row['contact_location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); if (empty($location_name)) { $location_name_display = "-"; } else { $location_name_display = $location_name; } - $auth_method = htmlentities($row['contact_auth_method']); + $auth_method = nullable_htmlentities($row['contact_auth_method']); // Related Assets Query $sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN logins ON logins.login_asset_id = assets.asset_id WHERE asset_contact_id = $contact_id ORDER BY asset_name DESC"); @@ -165,48 +165,48 @@ if (isset($_GET['contact_id'])) { while ($row = mysqli_fetch_array($sql_related_assets)) { $asset_id = intval($row['asset_id']); - $asset_type = htmlentities($row['asset_type']); - $asset_name = htmlentities($row['asset_name']); - $asset_make = htmlentities($row['asset_make']); - $asset_model = htmlentities($row['asset_model']); - $asset_serial = htmlentities($row['asset_serial']); + $asset_type = nullable_htmlentities($row['asset_type']); + $asset_name = nullable_htmlentities($row['asset_name']); + $asset_make = nullable_htmlentities($row['asset_make']); + $asset_model = nullable_htmlentities($row['asset_model']); + $asset_serial = nullable_htmlentities($row['asset_serial']); if (empty($asset_serial)) { $asset_serial_display = "-"; } else { $asset_serial_display = $asset_serial; } - $asset_os = htmlentities($row['asset_os']); + $asset_os = nullable_htmlentities($row['asset_os']); if (empty($asset_os)) { $asset_os_display = "-"; } else { $asset_os_display = $asset_os; } - $asset_ip = htmlentities($row['asset_ip']); + $asset_ip = nullable_htmlentities($row['asset_ip']); if (empty($asset_ip)) { $asset_ip_display = "-"; } else { $asset_ip_display = "$asset_ip"; } - $asset_mac = htmlentities($row['asset_mac']); - $asset_status = htmlentities($row['asset_status']); - $asset_purchase_date = htmlentities($row['asset_purchase_date']); - $asset_warranty_expire = htmlentities($row['asset_warranty_expire']); - $asset_install_date = htmlentities($row['asset_install_date']); + $asset_mac = nullable_htmlentities($row['asset_mac']); + $asset_status = nullable_htmlentities($row['asset_status']); + $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); + $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); + $asset_install_date = nullable_htmlentities($row['asset_install_date']); if (empty($asset_install_date)) { $asset_install_date_display = "-"; } else { $asset_install_date_display = $asset_install_date; } - $asset_notes = htmlentities($row['asset_notes']); - $asset_created_at = htmlentities($row['asset_created_at']); + $asset_notes = nullable_htmlentities($row['asset_notes']); + $asset_created_at = nullable_htmlentities($row['asset_created_at']); $asset_vendor_id = intval($row['asset_vendor_id']); $asset_location_id = intval($row['asset_location_id']); $asset_network_id = intval($row['asset_network_id']); $asset_contact_id = intval($row['asset_contact_id']); $login_id = $row['login_id']; - $login_username = htmlentities(decryptLoginEntry($row['login_username'])); - $login_password = htmlentities(decryptLoginEntry($row['login_password'])); + $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); $device_icon = getAssetIcon($asset_type); @@ -286,28 +286,28 @@ if (isset($_GET['contact_id'])) { while ($row = mysqli_fetch_array($sql_related_logins)) { $login_id = intval($row['login_id']); - $login_name = htmlentities($row['login_name']); - $login_uri = htmlentities($row['login_uri']); + $login_name = nullable_htmlentities($row['login_name']); + $login_uri = nullable_htmlentities($row['login_uri']); if (empty($login_uri)) { $login_uri_display = "-"; } else { $login_uri_display = "$login_uri"; } - $login_username = htmlentities(decryptLoginEntry($row['login_username'])); + $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); if (empty($login_username)) { $login_username_display = "-"; } else { $login_username_display = "$login_username"; } - $login_password = htmlentities(decryptLoginEntry($row['login_password'])); - $login_otp_secret = htmlentities($row['login_otp_secret']); + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); + $login_otp_secret = nullable_htmlentities($row['login_otp_secret']); $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"'; if (empty($login_otp_secret)) { $otp_display = "-"; } else { $otp_display = " Hover.."; } - $login_note = htmlentities($row['login_note']); + $login_note = nullable_htmlentities($row['login_note']); $login_important = intval($row['login_important']); $login_contact_id = intval($row['login_contact_id']); $login_vendor_id = intval($row['login_vendor_id']); @@ -386,22 +386,22 @@ if (isset($_GET['contact_id'])) { while ($row = mysqli_fetch_array($sql_related_software)) { $software_id = intval($row['software_id']); - $software_name = htmlentities($row['software_name']); - $software_version = htmlentities($row['software_version']); - $software_type = htmlentities($row['software_type']); - $software_license_type = htmlentities($row['software_license_type']); - $software_key = htmlentities($row['software_key']); - $software_seats = htmlentities($row['software_seats']); - $software_purchase = htmlentities($row['software_purchase']); - $software_expire = htmlentities($row['software_expire']); - $software_notes = htmlentities($row['software_notes']); + $software_name = nullable_htmlentities($row['software_name']); + $software_version = nullable_htmlentities($row['software_version']); + $software_type = nullable_htmlentities($row['software_type']); + $software_license_type = nullable_htmlentities($row['software_license_type']); + $software_key = nullable_htmlentities($row['software_key']); + $software_seats = nullable_htmlentities($row['software_seats']); + $software_purchase = nullable_htmlentities($row['software_purchase']); + $software_expire = nullable_htmlentities($row['software_expire']); + $software_notes = nullable_htmlentities($row['software_notes']); $seat_count = 0; // Get Login $login_id = intval($row['login_id']); - $login_username = htmlentities(decryptLoginEntry($row['login_username'])); - $login_password = htmlentities(decryptLoginEntry($row['login_password'])); + $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); // Asset Licenses $asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id"); @@ -483,13 +483,13 @@ if (isset($_GET['contact_id'])) { while ($row = mysqli_fetch_array($sql_related_tickets)) { $ticket_id = intval($row['ticket_id']); - $ticket_prefix = htmlentities($row['ticket_prefix']); + $ticket_prefix = nullable_htmlentities($row['ticket_prefix']); $ticket_number = intval($row['ticket_number']); - $ticket_subject = htmlentities($row['ticket_subject']); - $ticket_priority = htmlentities($row['ticket_priority']); - $ticket_status = htmlentities($row['ticket_status']); - $ticket_created_at = htmlentities($row['ticket_created_at']); - $ticket_updated_at = htmlentities($row['ticket_updated_at']); + $ticket_subject = nullable_htmlentities($row['ticket_subject']); + $ticket_priority = nullable_htmlentities($row['ticket_priority']); + $ticket_status = nullable_htmlentities($row['ticket_status']); + $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); + $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); if (empty($ticket_updated_at)) { if ($ticket_status == "Closed") { $ticket_updated_at_display = "

    Never

    "; @@ -499,7 +499,7 @@ if (isset($_GET['contact_id'])) { } else { $ticket_updated_at_display = $ticket_updated_at; } - $ticket_closed_at = htmlentities($row['ticket_closed_at']); + $ticket_closed_at = nullable_htmlentities($row['ticket_closed_at']); if ($ticket_status == "Open") { $ticket_status_display = "$ticket_status"; @@ -526,7 +526,7 @@ if (isset($_GET['contact_id'])) { $ticket_assigned_to_display = "

    Not Assigned

    "; } } else { - $ticket_assigned_to_display = htmlentities($row['user_name']); + $ticket_assigned_to_display = nullable_htmlentities($row['user_name']); } ?> diff --git a/client_contact_edit_modal.php b/client_contact_edit_modal.php index 332ba949..86e799a5 100644 --- a/client_contact_edit_modal.php +++ b/client_contact_edit_modal.php @@ -125,7 +125,7 @@ $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql_locations)) { $location_id_select = intval($row['location_id']); - $location_name_select = htmlentities($row['location_name']); + $location_name_select = nullable_htmlentities($row['location_name']); ?> diff --git a/client_contacts.php b/client_contacts.php index 0d27e266..5c0833a7 100644 --- a/client_contacts.php +++ b/client_contacts.php @@ -43,7 +43,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -78,14 +78,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); - $contact_title = htmlentities($row['contact_title']); + $contact_name = nullable_htmlentities($row['contact_name']); + $contact_title = nullable_htmlentities($row['contact_title']); if (empty($contact_title)) { $contact_title_display = "-"; } else { $contact_title_display = "$contact_title"; } - $contact_department = htmlentities($row['contact_department']); + $contact_department = nullable_htmlentities($row['contact_department']); if (empty($contact_department)) { $contact_department_display = "-"; } else { @@ -97,39 +97,39 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); } else { $contact_phone_display = "$contact_phone"; } - $contact_extension = htmlentities($row['contact_extension']); + $contact_extension = nullable_htmlentities($row['contact_extension']); $contact_mobile = formatPhoneNumber($row['contact_mobile']); if (empty($contact_mobile)) { $contact_mobile_display = "-"; } else { $contact_mobile_display = "$contact_mobile"; } - $contact_email = htmlentities($row['contact_email']); + $contact_email = nullable_htmlentities($row['contact_email']); if (empty($contact_email)) { $contact_email_display = "-"; } else { $contact_email_display = "$contact_email"; } - $contact_photo = htmlentities($row['contact_photo']); + $contact_photo = nullable_htmlentities($row['contact_photo']); $contact_initials = initials($contact_name); - $contact_notes = htmlentities($row['contact_notes']); + $contact_notes = nullable_htmlentities($row['contact_notes']); $contact_important = intval($row['contact_important']); $contact_billing = intval($row['contact_billing']); $contact_technical = intval($row['contact_technical']); - $contact_created_at = htmlentities($row['contact_created_at']); + $contact_created_at = nullable_htmlentities($row['contact_created_at']); if ($contact_id == $primary_contact) { $primary_contact_display = "Primary Contact"; } else { $primary_contact_display = false; } $contact_location_id = intval($row['contact_location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); if (empty($location_name)) { $location_name_display = "-"; } else { $location_name_display = $location_name; } - $auth_method = htmlentities($row['contact_auth_method']); + $auth_method = nullable_htmlentities($row['contact_auth_method']); // Related Assets Query $sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id ORDER BY asset_id DESC"); diff --git a/client_document_add_from_template_modal.php b/client_document_add_from_template_modal.php index bd07dbf3..a5084a1a 100644 --- a/client_document_add_from_template_modal.php +++ b/client_document_add_from_template_modal.php @@ -23,7 +23,7 @@ $sql_document_templates = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_archived_at IS NULL ORDER BY document_name ASC"); while ($row = mysqli_fetch_array($sql_document_templates)) { $document_template_id = intval($row['document_id']); - $document_template_name = htmlentities($row['document_name']); + $document_template_name = nullable_htmlentities($row['document_name']); ?> @@ -57,7 +57,7 @@ $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); while ($row = mysqli_fetch_array($sql_folders)) { $folder_id = intval($row['folder_id']); - $folder_name = htmlentities($row['folder_name']); + $folder_name = nullable_htmlentities($row['folder_name']); ?> diff --git a/client_document_add_modal.php b/client_document_add_modal.php index b210e4c9..b634055e 100644 --- a/client_document_add_modal.php +++ b/client_document_add_modal.php @@ -30,7 +30,7 @@ $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); while ($row = mysqli_fetch_array($sql_folders)) { $folder_id = intval($row['folder_id']); - $folder_name = htmlentities($row['folder_name']); + $folder_name = nullable_htmlentities($row['folder_name']); ?> diff --git a/client_document_details.php b/client_document_details.php index d37fc951..1c0b7f6d 100644 --- a/client_document_details.php +++ b/client_document_details.php @@ -17,11 +17,11 @@ $sql_document = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN folders $row = mysqli_fetch_array($sql_document); -$folder_name = htmlentities($row['folder_name']); -$document_name = htmlentities($row['document_name']); +$folder_name = nullable_htmlentities($row['folder_name']); +$document_name = nullable_htmlentities($row['document_name']); $document_content = $purifier->purify($row['document_content']); -$document_created_at = htmlentities($row['document_created_at']); -$document_updated_at = htmlentities($row['document_updated_at']); +$document_created_at = nullable_htmlentities($row['document_created_at']); +$document_updated_at = nullable_htmlentities($row['document_updated_at']); $document_folder_id = intval($row['document_folder_id']); ?> diff --git a/client_document_edit_modal.php b/client_document_edit_modal.php index 6b3ab3ef..43f5e29d 100644 --- a/client_document_edit_modal.php +++ b/client_document_edit_modal.php @@ -31,7 +31,7 @@ $sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); while ($row = mysqli_fetch_array($sql_folders_select)) { $folder_id_select = intval($row['folder_id']); - $folder_name_select = htmlentities($row['folder_name']); + $folder_name_select = nullable_htmlentities($row['folder_name']); ?> purify($row['document_content']); //$document_content = $row['document_content']; -$document_created_at = htmlentities($row['document_created_at']); -$document_updated_at = htmlentities($row['document_updated_at']); +$document_created_at = nullable_htmlentities($row['document_created_at']); +$document_updated_at = nullable_htmlentities($row['document_updated_at']); ?> diff --git a/client_document_templates.php b/client_document_templates.php index dd048fd7..acfbce60 100644 --- a/client_document_templates.php +++ b/client_document_templates.php @@ -49,7 +49,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -80,10 +80,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $document_id = intval($row['document_id']); - $document_name = htmlentities($row['document_name']); - $document_content = htmlentities($row['document_content']); - $document_created_at = htmlentities($row['document_created_at']); - $document_updated_at = htmlentities($row['document_updated_at']); + $document_name = nullable_htmlentities($row['document_name']); + $document_content = nullable_htmlentities($row['document_content']); + $document_created_at = nullable_htmlentities($row['document_created_at']); + $document_updated_at = nullable_htmlentities($row['document_updated_at']); $document_folder_id = intval($row['document_folder_id']); ?> diff --git a/client_documents.php b/client_documents.php index bab42bd9..7e3eaea3 100644 --- a/client_documents.php +++ b/client_documents.php @@ -85,7 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); while ($row = mysqli_fetch_array($sql_folders)) { $folder_id = intval($row['folder_id']); - $folder_name = htmlentities($row['folder_name']); + $folder_name = nullable_htmlentities($row['folder_name']); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id")); $num_documents = intval($row['num']); @@ -141,7 +141,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -172,10 +172,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $document_id = intval($row['document_id']); - $document_name = htmlentities($row['document_name']); - $document_content = htmlentities($row['document_content']); - $document_created_at = htmlentities($row['document_created_at']); - $document_updated_at = htmlentities($row['document_updated_at']); + $document_name = nullable_htmlentities($row['document_name']); + $document_content = nullable_htmlentities($row['document_content']); + $document_created_at = nullable_htmlentities($row['document_created_at']); + $document_updated_at = nullable_htmlentities($row['document_updated_at']); $document_folder_id = intval($row['document_folder_id']); ?> diff --git a/client_domain_add_modal.php b/client_domain_add_modal.php index 329feb08..59824ece 100644 --- a/client_domain_add_modal.php +++ b/client_domain_add_modal.php @@ -34,7 +34,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); + $vendor_name = nullable_htmlentities($row['vendor_name']); ?> @@ -55,7 +55,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); + $vendor_name = nullable_htmlentities($row['vendor_name']); ?> diff --git a/client_domains.php b/client_domains.php index 7d917bd8..5b524ae2 100644 --- a/client_domains.php +++ b/client_domains.php @@ -32,7 +32,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -64,18 +64,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $domain_id = intval($row['domain_id']); - $domain_name = htmlentities($row['domain_name']); + $domain_name = nullable_htmlentities($row['domain_name']); $domain_registrar = intval($row['domain_registrar']); $domain_webhost = intval($row['domain_webhost']); - $domain_expire = htmlentities($row['domain_expire']); - $domain_registrar_name = htmlentities($row['vendor_name']); + $domain_expire = nullable_htmlentities($row['domain_expire']); + $domain_registrar_name = nullable_htmlentities($row['vendor_name']); if (empty($domain_registrar_name)) { $domain_registrar_name = "-"; } $sql_domain_webhost = mysqli_query($mysqli, "SELECT vendor_name FROM vendors WHERE vendor_id = $domain_webhost"); $row = mysqli_fetch_array($sql_domain_webhost); - $domain_webhost_name = htmlentities($row['vendor_name']); + $domain_webhost_name = nullable_htmlentities($row['vendor_name']); if (empty($domain_webhost_name)) { $domain_webhost_name = "-"; } diff --git a/client_edit_modal.php b/client_edit_modal.php index caf8c56a..aebfc140 100644 --- a/client_edit_modal.php +++ b/client_edit_modal.php @@ -61,7 +61,7 @@ $referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND (category_archived_at > '$client_created_at' OR category_archived_at IS NULL) ORDER BY category_name ASC"); while ($row = mysqli_fetch_array($referral_sql)) { - $referral = htmlentities($row['category_name']); + $referral = nullable_htmlentities($row['category_name']); ?> @@ -162,9 +162,9 @@ while ($row = mysqli_fetch_array($sql_tags_select)) { $tag_id_select = intval($row['tag_id']); - $tag_name_select = htmlentities($row['tag_name']); - $tag_color_select = htmlentities($row['tag_color']); - $tag_icon_select = htmlentities($row['tag_icon']); + $tag_name_select = nullable_htmlentities($row['tag_name']); + $tag_color_select = nullable_htmlentities($row['tag_color']); + $tag_icon_select = nullable_htmlentities($row['tag_icon']); ?>
  • diff --git a/client_events.php b/client_events.php index 6bef2adc..8a89924a 100644 --- a/client_events.php +++ b/client_events.php @@ -22,14 +22,14 @@ include("calendar_add_modal.php"); $sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id"); while ($row = mysqli_fetch_array($sql)) { $event_id = intval($row['event_id']); - $event_title = htmlentities($row['event_title']); - $event_description = htmlentities($row['event_description']); - $event_start = htmlentities($row['event_start']); - $event_end = htmlentities($row['event_end']); - $event_repeat = htmlentities($row['event_repeat']); + $event_title = nullable_htmlentities($row['event_title']); + $event_description = nullable_htmlentities($row['event_description']); + $event_start = nullable_htmlentities($row['event_start']); + $event_end = nullable_htmlentities($row['event_end']); + $event_repeat = nullable_htmlentities($row['event_repeat']); $calendar_id = intval($row['calendar_id']); - $calendar_name = htmlentities($row['calendar_name']); - $calendar_color = htmlentities($row['calendar_color']); + $calendar_name = nullable_htmlentities($row['calendar_name']); + $calendar_color = nullable_htmlentities($row['calendar_color']); require("calendar_event_edit_modal.php"); diff --git a/client_files.php b/client_files.php index fa019b80..fdd0e5b2 100644 --- a/client_files.php +++ b/client_files.php @@ -30,9 +30,9 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_ while ($row = mysqli_fetch_array($sql_files_images)) { $file_id = intval($row['file_id']); - $file_name = htmlentities($row['file_name']); - $file_reference_name = htmlentities($row['file_reference_name']); - $file_ext = htmlentities($row['file_ext']); + $file_name = nullable_htmlentities($row['file_name']); + $file_reference_name = nullable_htmlentities($row['file_reference_name']); + $file_ext = nullable_htmlentities($row['file_ext']); ?> @@ -65,9 +65,9 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_
    - +
    @@ -71,22 +71,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $invoice_id = intval($row['invoice_id']); - $invoice_prefix = htmlentities($row['invoice_prefix']); - $invoice_number = htmlentities($row['invoice_number']); - $invoice_scope = htmlentities($row['invoice_scope']); + $invoice_prefix = nullable_htmlentities($row['invoice_prefix']); + $invoice_number = nullable_htmlentities($row['invoice_number']); + $invoice_scope = nullable_htmlentities($row['invoice_scope']); if (empty($invoice_scope)) { $invoice_scope_display = "-"; } else { $invoice_scope_display = $invoice_scope; } - $invoice_status = htmlentities($row['invoice_status']); - $invoice_date = htmlentities($row['invoice_date']); - $invoice_due = htmlentities($row['invoice_due']); + $invoice_status = nullable_htmlentities($row['invoice_status']); + $invoice_date = nullable_htmlentities($row['invoice_date']); + $invoice_due = nullable_htmlentities($row['invoice_due']); $invoice_amount = floatval($row['invoice_amount']); - $invoice_currency_code = htmlentities($row['invoice_currency_code']); - $invoice_created_at = htmlentities($row['invoice_created_at']); + $invoice_currency_code = nullable_htmlentities($row['invoice_currency_code']); + $invoice_created_at = nullable_htmlentities($row['invoice_created_at']); $category_id = intval($row['category_id']); - $category_name = htmlentities($row['category_name']); + $category_name = nullable_htmlentities($row['category_name']); if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time()) { $overdue_color = "text-danger font-weight-bold"; diff --git a/client_location_add_modal.php b/client_location_add_modal.php index 40eaefe6..20cd893b 100644 --- a/client_location_add_modal.php +++ b/client_location_add_modal.php @@ -116,7 +116,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id = $row['contact_id']; - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); ?> diff --git a/client_location_edit_modal.php b/client_location_edit_modal.php index 7462c001..c919e5c6 100644 --- a/client_location_edit_modal.php +++ b/client_location_edit_modal.php @@ -118,7 +118,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id_select = intval($row['contact_id']); - $contact_name_select = htmlentities($row['contact_name']); + $contact_name_select = nullable_htmlentities($row['contact_name']); ?> diff --git a/client_locations.php b/client_locations.php index bd386e65..da0046c5 100644 --- a/client_locations.php +++ b/client_locations.php @@ -36,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -69,27 +69,27 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $location_id = intval($row['location_id']); - $location_name = htmlentities($row['location_name']); - $location_country = htmlentities($row['location_country']); - $location_address = htmlentities($row['location_address']); - $location_city = htmlentities($row['location_city']); - $location_state = htmlentities($row['location_state']); - $location_zip = htmlentities($row['location_zip']); + $location_name = nullable_htmlentities($row['location_name']); + $location_country = nullable_htmlentities($row['location_country']); + $location_address = nullable_htmlentities($row['location_address']); + $location_city = nullable_htmlentities($row['location_city']); + $location_state = nullable_htmlentities($row['location_state']); + $location_zip = nullable_htmlentities($row['location_zip']); $location_phone = formatPhoneNumber($row['location_phone']); if (empty($location_phone)) { $location_phone_display = "-"; } else { $location_phone_display = $location_phone; } - $location_hours = htmlentities($row['location_hours']); + $location_hours = nullable_htmlentities($row['location_hours']); if (empty($location_hours)) { $location_hours_display = "-"; } else { $location_hours_display = $location_hours; } - $location_photo = htmlentities($row['location_photo']); - $location_notes = htmlentities($row['location_notes']); - $location_created_at = htmlentities($row['location_created_at']); + $location_photo = nullable_htmlentities($row['location_photo']); + $location_notes = nullable_htmlentities($row['location_notes']); + $location_created_at = nullable_htmlentities($row['location_created_at']); $location_contact_id = intval($row['location_contact_id']); if ($location_id == $primary_location) { $primary_location_display = "

    Primary Location

    "; diff --git a/client_login_add_modal.php b/client_login_add_modal.php index dc571a73..36e47bf3 100644 --- a/client_login_add_modal.php +++ b/client_login_add_modal.php @@ -110,7 +110,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); ?> @@ -134,7 +134,7 @@ $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql_vendors)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); + $vendor_name = nullable_htmlentities($row['vendor_name']); ?> @@ -158,7 +158,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); while ($row = mysqli_fetch_array($sql)) { $asset_id = intval($row['asset_id']); - $asset_name = htmlentities($row['asset_name']); + $asset_name = nullable_htmlentities($row['asset_name']); ?> @@ -182,7 +182,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); while ($row = mysqli_fetch_array($sql)) { $software_id = intval($row['software_id']); - $software_name = htmlentities($row['software_name']); + $software_name = nullable_htmlentities($row['software_name']); ?> diff --git a/client_login_edit_modal.php b/client_login_edit_modal.php index 6f53206c..41aae5cb 100644 --- a/client_login_edit_modal.php +++ b/client_login_edit_modal.php @@ -118,7 +118,7 @@ $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id_select = intval($row['contact_id']); - $contact_name_select = htmlentities($row['contact_name']); + $contact_name_select = nullable_htmlentities($row['contact_name']); ?> @@ -139,7 +139,7 @@ $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); while ($row = mysqli_fetch_array($sql_vendors)) { $vendor_id_select = intval($row['vendor_id']); - $vendor_name_select = htmlentities($row['vendor_name']); + $vendor_name_select = nullable_htmlentities($row['vendor_name']); ?> @@ -161,7 +161,7 @@ $sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); while ($row = mysqli_fetch_array($sql_assets)) { $asset_id_select = intval($row['asset_id']); - $asset_name_select = htmlentities($row['asset_name']); + $asset_name_select = nullable_htmlentities($row['asset_name']); ?> @@ -183,7 +183,7 @@ $sql_software = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); while ($row = mysqli_fetch_array($sql_software)) { $software_id_select = intval($row['software_id']); - $software_name_select = htmlentities($row['software_name']); + $software_name_select = nullable_htmlentities($row['software_name']); ?> diff --git a/client_logins.php b/client_logins.php index 90fab3ca..b4b3ac13 100644 --- a/client_logins.php +++ b/client_logins.php @@ -35,7 +35,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -69,28 +69,28 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $login_id = intval($row['login_id']); - $login_name = htmlentities($row['login_name']); - $login_uri = htmlentities($row['login_uri']); + $login_name = nullable_htmlentities($row['login_name']); + $login_uri = nullable_htmlentities($row['login_uri']); if (empty($login_uri)) { $login_uri_display = "-"; } else { $login_uri_display = "$login_uri"; } - $login_username = htmlentities(decryptLoginEntry($row['login_username'])); + $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); if (empty($login_username)) { $login_username_display = "-"; } else { $login_username_display = "$login_username"; } - $login_password = htmlentities(decryptLoginEntry($row['login_password'])); - $login_otp_secret = htmlentities($row['login_otp_secret']); + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); + $login_otp_secret = nullable_htmlentities($row['login_otp_secret']); $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"'; if (empty($login_otp_secret)) { $otp_display = "-"; } else { $otp_display = " Hover.."; } - $login_note = htmlentities($row['login_note']); + $login_note = nullable_htmlentities($row['login_note']); $login_important = intval($row['login_important']); $login_contact_id = intval($row['login_contact_id']); $login_vendor_id = intval($row['login_vendor_id']); diff --git a/client_logs.php b/client_logs.php index 54b944b7..66f48508 100644 --- a/client_logs.php +++ b/client_logs.php @@ -34,7 +34,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -66,16 +66,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $log_id = intval($row['log_id']); - $log_type = htmlentities($row['log_type']); - $log_action = htmlentities($row['log_action']); - $log_description = htmlentities($row['log_description']); - $log_ip = htmlentities($row['log_ip']); - $log_user_agent = htmlentities($row['log_user_agent']); + $log_type = nullable_htmlentities($row['log_type']); + $log_action = nullable_htmlentities($row['log_action']); + $log_description = nullable_htmlentities($row['log_description']); + $log_ip = nullable_htmlentities($row['log_ip']); + $log_user_agent = nullable_htmlentities($row['log_user_agent']); $log_user_os = getOS($log_user_agent); $log_user_browser = getWebBrowser($log_user_agent); - $log_created_at = htmlentities($row['log_created_at']); + $log_created_at = nullable_htmlentities($row['log_created_at']); $user_id = intval($row['user_id']); - $user_name = htmlentities($row['user_name']); + $user_name = nullable_htmlentities($row['user_name']); if (empty($user_name)) { $user_name_display = "-"; } else { diff --git a/client_network_add_modal.php b/client_network_add_modal.php index a2bfeb38..3f55cad6 100644 --- a/client_network_add_modal.php +++ b/client_network_add_modal.php @@ -74,7 +74,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); while ($row = mysqli_fetch_array($sql)) { $location_id = intval($row['location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); ?> diff --git a/client_networks.php b/client_networks.php index 782387f3..3d546cdc 100644 --- a/client_networks.php +++ b/client_networks.php @@ -36,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -70,23 +70,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $network_id = intval($row['network_id']); - $network_name = htmlentities($row['network_name']); + $network_name = nullable_htmlentities($row['network_name']); $network_vlan = intval($row['network_vlan']); if (empty($network_vlan)) { $network_vlan_display = "-"; } else { $network_vlan_display = $network_vlan; } - $network = htmlentities($row['network']); - $network_gateway = htmlentities($row['network_gateway']); - $network_dhcp_range = htmlentities($row['network_dhcp_range']); + $network = nullable_htmlentities($row['network']); + $network_gateway = nullable_htmlentities($row['network_gateway']); + $network_dhcp_range = nullable_htmlentities($row['network_dhcp_range']); if (empty($network_dhcp_range)) { $network_dhcp_range_display = "-"; } else { $network_dhcp_range_display = $network_dhcp_range; } $network_location_id = intval($row['network_location_id']); - $location_name = htmlentities($row['location_name']); + $location_name = nullable_htmlentities($row['location_name']); if (empty($location_name)) { $location_name_display = "-"; } else { diff --git a/client_overview.php b/client_overview.php index 0cd443ad..30646314 100644 --- a/client_overview.php +++ b/client_overview.php @@ -61,11 +61,11 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_important_contacts)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); - $contact_title = htmlentities($row['contact_title']); - $contact_email = htmlentities($row['contact_email']); + $contact_name = nullable_htmlentities($row['contact_name']); + $contact_title = nullable_htmlentities($row['contact_title']); + $contact_email = nullable_htmlentities($row['contact_email']); $contact_phone = formatPhoneNumber($row['contact_phone']); - $contact_extension = htmlentities($row['contact_extension']); + $contact_extension = nullable_htmlentities($row['contact_extension']); $contact_mobile = formatPhoneNumber($row['contact_mobile']); ?> @@ -109,8 +109,8 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_contacts)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); - $contact_updated_at = htmlentities($row['contact_updated_at']); + $contact_name = nullable_htmlentities($row['contact_name']); + $contact_updated_at = nullable_htmlentities($row['contact_updated_at']); ?>

    @@ -125,8 +125,8 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_vendors)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); - $vendor_updated_at = htmlentities($row['vendor_updated_at']); + $vendor_name = nullable_htmlentities($row['vendor_name']); + $vendor_updated_at = nullable_htmlentities($row['vendor_updated_at']); ?>

    @@ -160,8 +160,8 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_domains_expiring)) { $domain_id = intval($row['domain_id']); - $domain_name = htmlentities($row['domain_name']); - $domain_expire = htmlentities($row['domain_expire']); + $domain_name = nullable_htmlentities($row['domain_name']); + $domain_expire = nullable_htmlentities($row['domain_expire']); ?>

    @@ -177,8 +177,8 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_asset_warranties_expiring)) { $asset_id = intval($row['asset_id']); - $asset_name = htmlentities($row['asset_name']); - $asset_warranty_expire = htmlentities($row['asset_warranty_expire']); + $asset_name = nullable_htmlentities($row['asset_name']); + $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); ?>

    @@ -196,8 +196,8 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_asset_retire)) { $asset_id = intval($row['asset_id']); - $asset_name = htmlentities($row['asset_name']); - $asset_install_date = htmlentities($row['asset_install_date']); + $asset_name = nullable_htmlentities($row['asset_name']); + $asset_install_date = nullable_htmlentities($row['asset_install_date']); ?>

    @@ -234,10 +234,10 @@ $sql_domains_expiring = mysqli_query( while ($row = mysqli_fetch_array($sql_tickets_stale)) { $ticket_id = intval($row['ticket_id']); - $ticket_prefix = htmlentities($row['ticket_prefix']); + $ticket_prefix = nullable_htmlentities($row['ticket_prefix']); $ticket_number = intval($row['ticket_number']); - $ticket_subject = htmlentities($row['ticket_subject']); - $ticket_created_at = htmlentities($row['ticket_created_at']); + $ticket_subject = nullable_htmlentities($row['ticket_subject']); + $ticket_created_at = nullable_htmlentities($row['ticket_created_at']); ?> diff --git a/client_payments.php b/client_payments.php index 5e3eab62..ceb9760f 100644 --- a/client_payments.php +++ b/client_payments.php @@ -34,7 +34,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

    - +
    @@ -69,23 +69,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $invoice_id = intval($row['invoice_id']); - $invoice_prefix = htmlentities($row['invoice_prefix']); + $invoice_prefix = nullable_htmlentities($row['invoice_prefix']); $invoice_number = intval($row['invoice_number']); - $invoice_status = htmlentities($row['invoice_status']); + $invoice_status = nullable_htmlentities($row['invoice_status']); $invoice_amount = floatval($row['invoice_amount']); - $invoice_currency_code = htmlentities($row['invoice_currency_code']); - $invoice_date = htmlentities($row['invoice_date']); - $payment_date = htmlentities($row['payment_date']); - $payment_method = htmlentities($row['payment_method']); - $payment_reference = htmlentities($row['payment_reference']); + $invoice_currency_code = nullable_htmlentities($row['invoice_currency_code']); + $invoice_date = nullable_htmlentities($row['invoice_date']); + $payment_date = nullable_htmlentities($row['payment_date']); + $payment_method = nullable_htmlentities($row['payment_method']); + $payment_reference = nullable_htmlentities($row['payment_reference']); if (empty($payment_reference)) { $payment_reference_display = "-"; } else { $payment_reference_display = $payment_reference; } $payment_amount = floatval($row['payment_amount']); - $payment_currency_code = htmlentities($row['payment_currency_code']); - $account_name = htmlentities($row['account_name']); + $payment_currency_code = nullable_htmlentities($row['payment_currency_code']); + $account_name = nullable_htmlentities($row['account_name']); ?> diff --git a/client_quotes.php b/client_quotes.php index d21685ec..2e3b5c27 100644 --- a/client_quotes.php +++ b/client_quotes.php @@ -36,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -70,21 +70,21 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $quote_id = intval($row['quote_id']); - $quote_prefix = htmlentities($row['quote_prefix']); - $quote_number = htmlentities($row['quote_number']); - $quote_scope = htmlentities($row['quote_scope']); + $quote_prefix = nullable_htmlentities($row['quote_prefix']); + $quote_number = nullable_htmlentities($row['quote_number']); + $quote_scope = nullable_htmlentities($row['quote_scope']); if (empty($quote_scope)) { $quote_scope_display = "-"; } else { $quote_scope_display = $quote_scope; } - $quote_status = htmlentities($row['quote_status']); - $quote_date = htmlentities($row['quote_date']); + $quote_status = nullable_htmlentities($row['quote_status']); + $quote_date = nullable_htmlentities($row['quote_date']); $quote_amount = floatval($row['quote_amount']); - $quote_currency_code = htmlentities($row['quote_currency_code']); - $quote_created_at = htmlentities($row['quote_created_at']); + $quote_currency_code = nullable_htmlentities($row['quote_currency_code']); + $quote_created_at = nullable_htmlentities($row['quote_created_at']); $category_id = intval($row['category_id']); - $category_name = htmlentities($row['category_name']); + $category_name = nullable_htmlentities($row['category_name']); //Set Badge color based off of quote status if ($quote_status == "Sent") { diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index 45650a8d..399ec595 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -35,7 +35,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -71,21 +71,21 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $recurring_id = intval($row['recurring_id']); - $recurring_prefix = htmlentities($row['recurring_prefix']); + $recurring_prefix = nullable_htmlentities($row['recurring_prefix']); $recurring_number = intval($row['recurring_number']); - $recurring_scope = htmlentities($row['recurring_scope']); - $recurring_frequency = htmlentities($row['recurring_frequency']); - $recurring_status = htmlentities($row['recurring_status']); - $recurring_last_sent = htmlentities($row['recurring_last_sent']); + $recurring_scope = nullable_htmlentities($row['recurring_scope']); + $recurring_frequency = nullable_htmlentities($row['recurring_frequency']); + $recurring_status = nullable_htmlentities($row['recurring_status']); + $recurring_last_sent = nullable_htmlentities($row['recurring_last_sent']); if ($recurring_last_sent == 0) { $recurring_last_sent = "-"; } - $recurring_next_date = htmlentities($row['recurring_next_date']); + $recurring_next_date = nullable_htmlentities($row['recurring_next_date']); $recurring_amount = floatval($row['recurring_amount']); - $recurring_currency_code = htmlentities($row['recurring_currency_code']); - $recurring_created_at = htmlentities($row['recurring_created_at']); + $recurring_currency_code = nullable_htmlentities($row['recurring_currency_code']); + $recurring_created_at = nullable_htmlentities($row['recurring_created_at']); $category_id = intval($row['category_id']); - $category_name = htmlentities($row['category_name']); + $category_name = nullable_htmlentities($row['category_name']); if ($recurring_status == 1) { $status = "Active"; $status_badge_color = "success"; diff --git a/client_scheduled_tickets.php b/client_scheduled_tickets.php index 2e8c7dd8..22bd0b22 100644 --- a/client_scheduled_tickets.php +++ b/client_scheduled_tickets.php @@ -41,7 +41,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -75,10 +75,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $scheduled_ticket_id = intval($row['scheduled_ticket_id']); - $scheduled_ticket_subject = htmlentities($row['scheduled_ticket_subject']); - $scheduled_ticket_priority = htmlentities($row['scheduled_ticket_priority']); - $scheduled_ticket_frequency = htmlentities($row['scheduled_ticket_frequency']); - $scheduled_ticket_next_run = htmlentities($row['scheduled_ticket_next_run']); + $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']); + $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']); + $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']); + $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']); ?> diff --git a/client_service_add_modal.php b/client_service_add_modal.php index 118286d2..7d91cf4d 100644 --- a/client_service_add_modal.php +++ b/client_service_add_modal.php @@ -102,7 +102,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $contact_id = intval($row['contact_id']); - $contact_name = htmlentities($row['contact_name']); + $contact_name = nullable_htmlentities($row['contact_name']); echo ""; } ?> @@ -116,7 +116,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $vendor_id = intval($row['vendor_id']); - $vendor_name = htmlentities($row['vendor_name']); + $vendor_name = nullable_htmlentities($row['vendor_name']); echo ""; } ?> @@ -130,7 +130,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $document_id = intval($row['document_id']); - $document_name = htmlentities($row['document_name']); + $document_name = nullable_htmlentities($row['document_name']); echo ""; } ?> @@ -154,7 +154,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $asset_id = intval($row['asset_id']); - $asset_name = htmlentities($row['asset_name']); + $asset_name = nullable_htmlentities($row['asset_name']); echo ""; } ?> @@ -170,7 +170,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $login_id = intval($row['login_id']); - $login_name = htmlentities($row['login_name']); + $login_name = nullable_htmlentities($row['login_name']); echo ""; } ?> @@ -191,7 +191,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $domain_id = intval($row['domain_id']); - $domain_name = htmlentities($row['domain_name']); + $domain_name = nullable_htmlentities($row['domain_name']); echo ""; } ?> @@ -207,8 +207,8 @@ $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id'"); while ($row = mysqli_fetch_array($sql)) { $cert_id = intval($row['certificate_id']); - $cert_name = htmlentities($row['certificate_name']); - $cert_domain = htmlentities($row['certificate_domain']); + $cert_name = nullable_htmlentities($row['certificate_name']); + $cert_domain = nullable_htmlentities($row['certificate_domain']); echo ""; } ?> diff --git a/client_service_edit_modal.php b/client_service_edit_modal.php index 8a2b76ed..e7e18847 100644 --- a/client_service_edit_modal.php +++ b/client_service_edit_modal.php @@ -109,7 +109,7 @@ while ($row_all = mysqli_fetch_array($sql_all)) { $contact_id = intval($row_all['contact_id']); - $contact_name = htmlentities($row_all['contact_name']); + $contact_name = nullable_htmlentities($row_all['contact_name']); if (in_array($contact_id, $selected_ids)) { echo ""; @@ -131,7 +131,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $vendor_id = intval($row_all['vendor_id']); - $vendor_name = htmlentities($row_all['vendor_name']); + $vendor_name = nullable_htmlentities($row_all['vendor_name']); if (in_array($vendor_id, $selected_ids)) { echo ""; @@ -153,7 +153,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $document_id = intval($row_all['document_id']); - $document_name = htmlentities($row_all['document_name']); + $document_name = nullable_htmlentities($row_all['document_name']); if (in_array($document_id, $selected_ids)) { echo ""; @@ -186,7 +186,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $asset_id = intval($row_all['asset_id']); - $asset_name = htmlentities($row_all['asset_name']); + $asset_name = nullable_htmlentities($row_all['asset_name']); if (in_array($asset_id, $selected_ids)) { echo ""; @@ -210,7 +210,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $login_id = intval($row_all['login_id']); - $login_name = htmlentities($row_all['login_name']); + $login_name = nullable_htmlentities($row_all['login_name']); if (in_array($login_id, $selected_ids)) { echo ""; @@ -239,7 +239,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $domain_id = intval($row_all['domain_id']); - $domain_name = htmlentities($row_all['domain_name']); + $domain_name = nullable_htmlentities($row_all['domain_name']); if (in_array($domain_id, $selected_ids)) { echo ""; @@ -263,7 +263,7 @@ $sql_all = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id'"); while ($row_all = mysqli_fetch_array($sql_all)) { $cert_id = intval($row_all['certificate_id']); - $cert_name = htmlentities($row_all['certificate_name']); + $cert_name = nullable_htmlentities($row_all['certificate_name']); if (in_array($cert_id, $selected_ids)) { echo ""; diff --git a/client_service_view_modal.php b/client_service_view_modal.php index bedb5536..18912a7c 100644 --- a/client_service_view_modal.php +++ b/client_service_view_modal.php @@ -32,7 +32,7 @@ while ($row = mysqli_fetch_array($sql_assets)) { if (!empty($row['asset_ip'])) { - $ip = '('.htmlentities($row["asset_ip"]).')'; + $ip = '('.nullable_htmlentities($row["asset_ip"]).')'; } else { $ip = ''; } @@ -56,7 +56,7 @@ // Get networks linked to assets - push name to array while ($row = mysqli_fetch_array($sql_assets)) { if (!empty($row['network_name'])) { - $network_data = htmlentities("$row[network_name]:$row[network_vlan]"); + $network_data = nullable_htmlentities("$row[network_name]:$row[network_vlan]"); array_push($networks, $network_data); } } diff --git a/client_services.php b/client_services.php index 4eaed93e..4ad61ac1 100644 --- a/client_services.php +++ b/client_services.php @@ -34,7 +34,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -58,14 +58,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $service_id = intval($row['service_id']); - $service_name = htmlentities($row['service_name']); - $service_description = htmlentities($row['service_description']); - $service_category = htmlentities($row['service_category']); - $service_importance = htmlentities($row['service_importance']); - $service_backup = htmlentities($row['service_backup']); - $service_notes = htmlentities($row['service_notes']); - $service_updated_at = htmlentities($row['service_updated_at']); - $service_review_due = htmlentities($row['service_review_due']); + $service_name = nullable_htmlentities($row['service_name']); + $service_description = nullable_htmlentities($row['service_description']); + $service_category = nullable_htmlentities($row['service_category']); + $service_importance = nullable_htmlentities($row['service_importance']); + $service_backup = nullable_htmlentities($row['service_backup']); + $service_notes = nullable_htmlentities($row['service_notes']); + $service_updated_at = nullable_htmlentities($row['service_updated_at']); + $service_review_due = nullable_htmlentities($row['service_review_due']); // Service Importance if ($service_importance == "High") { diff --git a/client_shared_items.php b/client_shared_items.php index 13fff759..888166cc 100644 --- a/client_shared_items.php +++ b/client_shared_items.php @@ -34,7 +34,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -61,28 +61,28 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $item_id = intval($row['item_id']); - $item_active = htmlentities($row['item_active']); - $item_key = htmlentities($row['item_key']); - $item_type = htmlentities($row['item_type']); + $item_active = nullable_htmlentities($row['item_active']); + $item_key = nullable_htmlentities($row['item_key']); + $item_type = nullable_htmlentities($row['item_type']); $item_related_id = intval($row['item_related_id']); - $item_note = htmlentities($row['item_note']); - $item_views = htmlentities($row['item_views']); - $item_view_limit = htmlentities($row['item_view_limit']); - $item_created_at = htmlentities($row['item_created_at']); - $item_expire_at = htmlentities($row['item_expire_at']); + $item_note = nullable_htmlentities($row['item_note']); + $item_views = nullable_htmlentities($row['item_views']); + $item_view_limit = nullable_htmlentities($row['item_view_limit']); + $item_created_at = nullable_htmlentities($row['item_created_at']); + $item_expire_at = nullable_htmlentities($row['item_expire_at']); if ($item_type == 'Login') { $share_item_sql = mysqli_query($mysqli, "SELECT login_name FROM logins WHERE login_id = '$item_related_id' AND login_client_id = '$client_id'"); $share_item = mysqli_fetch_array($share_item_sql); - $item_name = htmlentities($share_item['login_name']); + $item_name = nullable_htmlentities($share_item['login_name']); } elseif ($item_type == 'Document') { $share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_related_id' AND document_client_id = '$client_id'"); $share_item = mysqli_fetch_array($share_item_sql); - $item_name = htmlentities($share_item['document_name']); + $item_name = nullable_htmlentities($share_item['document_name']); } elseif ($item_type == 'File') { $share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id'"); $share_item = mysqli_fetch_array($share_item_sql); - $item_name = htmlentities($share_item['file_name']); + $item_name = nullable_htmlentities($share_item['file_name']); } diff --git a/client_side_nav.php b/client_side_nav.php index 9ae8c018..c876664f 100644 --- a/client_side_nav.php +++ b/client_side_nav.php @@ -1,5 +1,5 @@ -