diff --git a/ajax.php b/ajax.php
index 856e4402..52c5d5c6 100644
--- a/ajax.php
+++ b/ajax.php
@@ -6,161 +6,159 @@
  * Always returns data in JSON format, unless otherwise specified
  */
 
-include("config.php");
-include("functions.php");
-include("check_login.php");
+require_once("config.php");
+require_once("functions.php");
+require_once("check_login.php");
 require_once("rfc6238.php");
 
 /*
  * Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
  */
-if(isset($_GET['certificate_fetch_parse_json_details'])){
-  // PHP doesn't appreciate attempting SSL sockets to non-existent domains
-  if(empty($_GET['domain'])){
-    exit();
-  }
-  $domain = $_GET['domain'];
+if (isset($_GET['certificate_fetch_parse_json_details'])) {
+    // PHP doesn't appreciate attempting SSL sockets to non-existent domains
+    if (empty($_GET['domain'])) {
+        exit();
+    }
+    $domain = $_GET['domain'];
 
-  // FQDNs in database shouldn't have a URL scheme, adding one
-  $domain = "https://".$domain;
+    // FQDNs in database shouldn't have a URL scheme, adding one
+    $domain = "https://".$domain;
 
-  // Parse host and port
-  $url = parse_url($domain, PHP_URL_HOST);
-  $port = parse_url($domain, PHP_URL_PORT);
-  // Default port
-  if(!$port){
-    $port = "443";
-  }
+    // Parse host and port
+    $url = parse_url($domain, PHP_URL_HOST);
+    $port = parse_url($domain, PHP_URL_PORT);
+    // Default port
+    if (!$port) {
+        $port = "443";
+    }
 
-  // Get certificate (using verify peer false to allow for self-signed certs)
-  $socket = "ssl://$url:$port";
-  $get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
-  $read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
-  $cert = stream_context_get_params($read);
-  $cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
-  openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
+    // Get certificate (using verify peer false to allow for self-signed certs)
+    $socket = "ssl://$url:$port";
+    $get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
+    $read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
+    $cert = stream_context_get_params($read);
+    $cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
+    openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
 
-  // Process data
-  if($cert_public_key_obj){
-    $response['success'] = "TRUE";
-    $response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
-    $response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
-    $response['public_key'] = $export; //nl2br
-  }
-  else{
-    $response['success'] = "FALSE";
-  }
+    // Process data
+    if ($cert_public_key_obj) {
+        $response['success'] = "TRUE";
+        $response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
+        $response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
+        $response['public_key'] = $export; //nl2br
+    } else {
+        $response['success'] = "FALSE";
+    }
 
-  echo json_encode($response);
+    echo json_encode($response);
 
 }
 
 /*
  * Looks up info for a given certificate ID from the database, used to dynamically populate modal fields
  */
-if(isset($_GET['certificate_get_json_details'])){
-  validateTechRole();
+if (isset($_GET['certificate_get_json_details'])) {
+    validateTechRole();
 
-  $certificate_id = intval($_GET['certificate_id']);
-  $client_id = intval($_GET['client_id']);
+    $certificate_id = intval($_GET['certificate_id']);
+    $client_id = intval($_GET['client_id']);
 
-  // Individual certificate lookup
-  $cert_sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_id = $certificate_id AND certificate_client_id = $client_id");
-  while($row = mysqli_fetch_array($cert_sql)){
-    $response['certificate'][] = $row;
-  }
+    // Individual certificate lookup
+    $cert_sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_id = $certificate_id AND certificate_client_id = $client_id");
+    while ($row = mysqli_fetch_array($cert_sql)) {
+        $response['certificate'][] = $row;
+    }
 
-  // Get all domains for this client that could be linked to this certificate
-  $domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name FROM domains WHERE domain_client_id = '$client_id' AND company_id = '$session_company_id'");
-  while($row = mysqli_fetch_array($domains_sql)){
-    $response['domains'][] = $row;
-  }
+    // Get all domains for this client that could be linked to this certificate
+    $domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name FROM domains WHERE domain_client_id = '$client_id' AND company_id = '$session_company_id'");
+    while ($row = mysqli_fetch_array($domains_sql)) {
+        $response['domains'][] = $row;
+    }
 
-  echo json_encode($response);
+    echo json_encode($response);
 }
 
 /*
  * Looks up info for a given domain ID from the database, used to dynamically populate modal fields
  */
-if(isset($_GET['domain_get_json_details'])){
-  validateTechRole();
+if (isset($_GET['domain_get_json_details'])) {
+    validateTechRole();
 
-  $domain_id = intval($_GET['domain_id']);
-  $client_id = intval($_GET['client_id']);
+    $domain_id = intval($_GET['domain_id']);
+    $client_id = intval($_GET['client_id']);
 
-  // Individual domain lookup
-  $cert_sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_id = $domain_id AND domain_client_id = $client_id");
-  while($row = mysqli_fetch_array($cert_sql)){
-    $response['domain'][] = $row;
-  }
+    // Individual domain lookup
+    $cert_sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_id = $domain_id AND domain_client_id = $client_id");
+    while ($row = mysqli_fetch_array($cert_sql)) {
+        $response['domain'][] = $row;
+    }
 
-  // Get all registrars/webhosts (vendors) for this client that could be linked to this domain
-  $vendor_sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id");
-  while($row = mysqli_fetch_array($vendor_sql)){
-    $response['vendors'][] = $row;
-  }
+    // Get all registrars/webhosts (vendors) for this client that could be linked to this domain
+    $vendor_sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id");
+    while ($row = mysqli_fetch_array($vendor_sql)) {
+        $response['vendors'][] = $row;
+    }
 
-  echo json_encode($response);
+    echo json_encode($response);
 }
 
 /*
  * Looks up info on the ticket number provided, used to populate the ticket merge modal
  */
-if(isset($_GET['merge_ticket_get_json_details'])){
-  validateTechRole();
+if (isset($_GET['merge_ticket_get_json_details'])) {
+    validateTechRole();
 
-  $merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
+    $merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
 
-  $sql = mysqli_query($mysqli,"SELECT * FROM tickets
+    $sql = mysqli_query($mysqli, "SELECT * FROM tickets
       LEFT JOIN clients ON ticket_client_id = client_id 
       LEFT JOIN contacts ON ticket_contact_id = contact_id
       WHERE ticket_number = '$merge_into_ticket_number' AND tickets.company_id = '$session_company_id'");
 
-  if(mysqli_num_rows($sql) == 0){
-    //Do nothing.
-  }
-  else {
-    //Return ticket, client and contact details for the given ticket number
-    $response = mysqli_fetch_array($sql);
-    echo json_encode($response);
-  }
+    if (mysqli_num_rows($sql) == 0) {
+        //Do nothing.
+    } else {
+        //Return ticket, client and contact details for the given ticket number
+        $response = mysqli_fetch_array($sql);
+        echo json_encode($response);
+    }
 }
 
 /*
  * Looks up info for a given network ID from the database, used to dynamically populate modal fields
  */
-if(isset($_GET['network_get_json_details'])){
-  validateTechRole();
+if (isset($_GET['network_get_json_details'])) {
+    validateTechRole();
 
-  $network_id = intval($_GET['network_id']);
-  $client_id = intval($_GET['client_id']);
+    $network_id = intval($_GET['network_id']);
+    $client_id = intval($_GET['client_id']);
 
-  // Individual network lookup
-  $network_sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_id = $network_id AND network_client_id = $client_id");
-  while($row = mysqli_fetch_array($network_sql)){
-    $response['network'][] = $row;
-  }
+    // Individual network lookup
+    $network_sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_id = $network_id AND network_client_id = $client_id");
+    while ($row = mysqli_fetch_array($network_sql)) {
+        $response['network'][] = $row;
+    }
 
-  // Lookup all client locations, as networks can be associated with any client location
-  $locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations 
+    // Lookup all client locations, as networks can be associated with any client location
+    $locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations 
         WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
-  );
-  while($row = mysqli_fetch_array($locations_sql)){
-    $response['locations'][] = $row;
-  }
+    );
+    while ($row = mysqli_fetch_array($locations_sql)) {
+        $response['locations'][] = $row;
+    }
 
-  echo json_encode($response);
+    echo json_encode($response);
 }
 
-if(isset($_POST['client_set_notes'])){
-  $client_id = intval($_POST['client_id']);
-  $notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
+if (isset($_POST['client_set_notes'])) {
+    $client_id = intval($_POST['client_id']);
+    $notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
 
-  // Update notes
-  mysqli_query($mysqli, "UPDATE clients SET client_notes = '$notes' WHERE client_id = '$client_id'");
+    // Update notes
+    mysqli_query($mysqli, "UPDATE clients SET client_notes = '$notes' WHERE client_id = '$client_id'");
 
-  // Logging
-  mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client notes', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
+    // Logging
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client notes', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
 
 }
 
@@ -169,10 +167,10 @@ if(isset($_POST['client_set_notes'])){
  * Called upon loading a ticket, and every 2 mins thereafter
  * Is used in conjunction with ticket_query_views to show who is currently viewing a ticket
  */
-if(isset($_GET['ticket_add_view'])){
-  $ticket_id = intval($_GET['ticket_id']);
+if (isset($_GET['ticket_add_view'])) {
+    $ticket_id = intval($_GET['ticket_id']);
 
-  mysqli_query($mysqli, "INSERT INTO ticket_views SET view_ticket_id = '$ticket_id', view_user_id = '$session_user_id', view_timestamp = NOW()");
+    mysqli_query($mysqli, "INSERT INTO ticket_views SET view_ticket_id = '$ticket_id', view_user_id = '$session_user_id', view_timestamp = NOW()");
 }
 
 /*
@@ -180,112 +178,112 @@ if(isset($_GET['ticket_add_view'])){
  * Returns formatted text of the agents currently viewing a ticket
  * Called upon loading a ticket, and every 2 mins thereafter
  */
-if(isset($_GET['ticket_query_views'])){
-  $ticket_id = intval($_GET['ticket_id']);
+if (isset($_GET['ticket_query_views'])) {
+    $ticket_id = intval($_GET['ticket_id']);
 
-  $query = mysqli_query($mysqli, "SELECT user_name FROM ticket_views LEFT JOIN users ON view_user_id = user_id WHERE view_ticket_id = '$ticket_id' AND view_user_id != '$session_user_id' AND view_timestamp > DATE_SUB(NOW(), INTERVAL 2 MINUTE)");
-  while($row = mysqli_fetch_array($query)){
-    $users[] = $row['user_name'];
-  }
-  if(!empty($users)){
-    $users = array_unique($users);
-    if(count($users) > 1){
-      // Multiple viewers
-      $response['message'] = implode(", ", $users) . " are viewing this ticket.";
+    $query = mysqli_query($mysqli, "SELECT user_name FROM ticket_views LEFT JOIN users ON view_user_id = user_id WHERE view_ticket_id = '$ticket_id' AND view_user_id != '$session_user_id' AND view_timestamp > DATE_SUB(NOW(), INTERVAL 2 MINUTE)");
+    while ($row = mysqli_fetch_array($query)) {
+        $users[] = $row['user_name'];
     }
-    else{
-      // Single viewer
-      $response['message'] = implode("", $users) . " is viewing this ticket.";
+
+    if (!empty($users)) {
+        $users = array_unique($users);
+        if (count($users) > 1) {
+            // Multiple viewers
+            $response['message'] = implode(", ", $users) . " are viewing this ticket.";
+        } else {
+            // Single viewer
+            $response['message'] = implode("", $users) . " is viewing this ticket.";
+        }
+    } else {
+        // No viewers
+        $response['message'] = "";
     }
-  }
-  else{
-    // No viewers
-    $response['message'] = "";
-  }
-  echo json_encode($response);
+
+    echo json_encode($response);
 }
 
 /*
  * Generates public/guest links for sharing logins/docs
  */
-if(isset($_GET['share_generate_link'])){
-  validateTechRole();
+if (isset($_GET['share_generate_link'])) {
+    validateTechRole();
 
-  $item_encrypted_credential = '';  // Default empty
+    $item_encrypted_credential = '';  // Default empty
 
-  $client_id = intval($_GET['client_id']);
-  $item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type'])));
-  $item_id = intval($_GET['id']);
-  $item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note'])));
-  $item_view_limit = intval($_GET['views']);
-  $item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires'])));
-  $item_key = bin2hex(random_bytes(78));
+    $client_id = intval($_GET['client_id']);
+    $item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type'])));
+    $item_id = intval($_GET['id']);
+    $item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note'])));
+    $item_view_limit = intval($_GET['views']);
+    $item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires'])));
+    $item_key = bin2hex(random_bytes(78));
 
-  if($item_type == "Document"){
-    $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_id' AND document_client_id = '$client_id' LIMIT 1"));
-    $item_name = $row['document_name'];
-  }
+    if ($item_type == "Document") {
+        $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_id' AND document_client_id = '$client_id' LIMIT 1"));
+        $item_name = $row['document_name'];
+    }
 
-  if($item_type == "File"){
-    $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_id' AND file_client_id = '$client_id' LIMIT 1"));
-    $item_name = $row['file_name'];
-  }
+    if ($item_type == "File") {
+        $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_id' AND file_client_id = '$client_id' LIMIT 1"));
+        $item_name = $row['file_name'];
+    }
 
-  if($item_type == "Login"){
-    $login = mysqli_query($mysqli, "SELECT login_name, login_password FROM logins WHERE login_id = '$item_id' AND login_client_id = '$client_id' LIMIT 1");
-    $row = mysqli_fetch_array($login);
+    if ($item_type == "Login") {
+        $login = mysqli_query($mysqli, "SELECT login_name, login_password FROM logins WHERE login_id = '$item_id' AND login_client_id = '$client_id' LIMIT 1");
+        $row = mysqli_fetch_array($login);
 
-    $item_name = $row['login_name'];
+        $item_name = $row['login_name'];
 
-    // Decrypt & re-encrypt password for sharing
-    $login_password_cleartext = decryptLoginEntry($row['login_password']);
-    $login_encryption_key = bin2hex(random_bytes(8));
-    $iv = bin2hex(random_bytes(8));
-    $ciphertext = openssl_encrypt($login_password_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
+        // Decrypt & re-encrypt password for sharing
+        $login_password_cleartext = decryptLoginEntry($row['login_password']);
+        $login_encryption_key = bin2hex(random_bytes(8));
+        $iv = bin2hex(random_bytes(8));
+        $ciphertext = openssl_encrypt($login_password_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
 
-    $item_encrypted_credential = $iv . $ciphertext;
-  }
+        $item_encrypted_credential = $iv . $ciphertext;
+    }
 
-  // Insert entry into DB
-  $sql = mysqli_query($mysqli, "INSERT INTO shared_items SET item_active = '1', item_key = '$item_key', item_type = '$item_type', item_related_id = '$item_id', item_encrypted_credential = '$item_encrypted_credential', item_note = '$item_note', item_views = 0, item_view_limit = '$item_view_limit', item_created_at = NOW(), item_expire_at = '$item_expires', item_client_id = '$client_id'");
-  $share_id = $mysqli->insert_id;
+    // Insert entry into DB
+    $sql = mysqli_query($mysqli, "INSERT INTO shared_items SET item_active = '1', item_key = '$item_key', item_type = '$item_type', item_related_id = '$item_id', item_encrypted_credential = '$item_encrypted_credential', item_note = '$item_note', item_views = 0, item_view_limit = '$item_view_limit', item_created_at = NOW(), item_expire_at = '$item_expires', item_client_id = '$client_id'");
+    $share_id = $mysqli->insert_id;
 
-  // Return URL
-  if($item_type == "Login"){
-    $url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
-  }
-  else{
-    $url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
-  }
-  echo json_encode($url);
+    // Return URL
+    if ($item_type == "Login") {
+        $url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
+    }
+    else {
+        $url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
+    }
+    echo json_encode($url);
 
-  // Logging
-  mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'Create', log_description = '$session_name created shared link for $item_type - $item_name', log_client_id = '$client_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
+    // Logging
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'Create', log_description = '$session_name created shared link for $item_type - $item_name', log_client_id = '$client_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
 
 }
 
 /*
  *  Looks up info for a given scheduled ticket ID from the database, used to dynamically populate modal edit fields
  */
-if(isset($_GET['scheduled_ticket_get_json_details'])){
-  validateTechRole();
+if (isset($_GET['scheduled_ticket_get_json_details'])) {
+    validateTechRole();
 
-  $client_id = intval($_GET['client_id']);
-  $ticket_id = intval($_GET['ticket_id']);
+    $client_id = intval($_GET['client_id']);
+    $ticket_id = intval($_GET['ticket_id']);
 
-  $ticket_sql = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
+    $ticket_sql = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
     WHERE scheduled_ticket_id = $ticket_id
     AND scheduled_ticket_client_id = $client_id LIMIT 1");
-  while($row = mysqli_fetch_array($ticket_sql)){
-    $response['ticket'][] = $row;
-  }
+    while ($row = mysqli_fetch_array($ticket_sql)) {
+        $response['ticket'][] = $row;
+    }
 
-  $asset_sql = mysqli_query($mysqli, "SELECT asset_id, asset_name FROM assets WHERE asset_client_id = $client_id AND asset_archived_at IS NULL");
-  while($row = mysqli_fetch_array($asset_sql)){
-    $response['assets'][] = $row;
-  }
+    $asset_sql = mysqli_query($mysqli, "SELECT asset_id, asset_name FROM assets WHERE asset_client_id = $client_id AND asset_archived_at IS NULL");
+    while ($row = mysqli_fetch_array($asset_sql)) {
+        $response['assets'][] = $row;
+    }
 
-  echo json_encode($response);
+    echo json_encode($response);
 
 }
 
@@ -293,8 +291,8 @@ if(isset($_GET['scheduled_ticket_get_json_details'])){
  * Dynamic TOTP for client login page
  * When provided with a TOTP secret, returns a 6-digit code
  */
-if(isset($_GET['get_totp_token'])){
-  $otp = TokenAuth6238::getTokenCode($_GET['totp_secret']);
+if (isset($_GET['get_totp_token'])) {
+    $otp = TokenAuth6238::getTokenCode($_GET['totp_secret']);
 
-  echo json_encode($otp);
+    echo json_encode($otp);
 }
\ No newline at end of file
diff --git a/api/v1/assets/create.php b/api/v1/assets/create.php
index 1d79b843..7a63d58b 100644
--- a/api/v1/assets/create.php
+++ b/api/v1/assets/create.php
@@ -1,107 +1,107 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_post_method.php');
 
 // Parse info
 
 // Variable assignment - assigning blank if a value is not provided
-if(isset($_POST['asset_name'])){
-  $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_name'])));
-} else{
-  $name = '';
+if (isset($_POST['asset_name'])) {
+    $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_name'])));
+} else {
+    $name = '';
 }
-if(isset($_POST['asset_type'])){
-  $type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_type'])));
-} else{
-  $type = '';
+if (isset($_POST['asset_type'])) {
+    $type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_type'])));
+} else {
+    $type = '';
 }
-if(isset($_POST['asset_make'])){
-  $make = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_make'])));
-} else{
-  $make = '';
+if (isset($_POST['asset_make'])) {
+    $make = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_make'])));
+} else {
+    $make = '';
 }
-if(isset($_POST['asset_model'])){
-  $model = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_model'])));
-} else{
-  $model = '';
+if (isset($_POST['asset_model'])) {
+    $model = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_model'])));
+} else {
+    $model = '';
 }
-if(isset($_POST['asset_serial'])){
-  $serial = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_serial'])));
-} else{
-  $serial = '';
+if (isset($_POST['asset_serial'])) {
+    $serial = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_serial'])));
+} else {
+    $serial = '';
 }
-if(isset($_POST['asset_os'])){
-  $os = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_os'])));
-} else{
-  $os = '';
+if (isset($_POST['asset_os'])) {
+    $os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
+} else {
+    $os = '';
 }
-if(isset($_POST['asset_ip'])){
-  $aip = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_ip'])));
-} else{
-  $aip = '';
+if (isset($_POST['asset_ip'])) {
+    $aip = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_ip'])));
+} else {
+    $aip = '';
 }
-if(isset($_POST['asset_mac'])){
-  $mac = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_mac'])));
-} else{
-  $mac = '';
+if (isset($_POST['asset_mac'])) {
+    $mac = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_mac'])));
+} else {
+    $mac = '';
 }
-if(isset($_POST['asset_purchase_date'])){
-  $purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_purchase_date'])));
-} else{
-  $purchase_date = "0000-00-00";
+if (isset($_POST['asset_purchase_date'])) {
+    $purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_purchase_date'])));
+} else {
+    $purchase_date = "0000-00-00";
 }
-if(isset($_POST['asset_warranty_expire'])){
-  $warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_warranty_expire'])));
-} else{
-  $warranty_expire = "0000-00-00";
+if (isset($_POST['asset_warranty_expire'])) {
+    $warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_warranty_expire'])));
+} else {
+    $warranty_expire = "0000-00-00";
 }
-if(isset($_POST['asset_install_date'])){
-  $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_install_date'])));
-} else{
-  $install_date = "0000-00-00";
+if (isset($_POST['asset_install_date'])) {
+    $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_install_date'])));
+} else {
+    $install_date = "0000-00-00";
 }
-if(isset($_POST['asset_notes'])){
-  $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_notes'])));
-} else{
-  $notes = '';
+if (isset($_POST['asset_notes'])) {
+    $notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_notes'])));
+} else {
+    $notes = '';
 }
-if(isset($_POST['asset_vendor_id'])){
-  $vendor = intval($_POST['asset_vendor_id']);
-} else{
-  $vendor = '0';
+if (isset($_POST['asset_vendor_id'])) {
+    $vendor = intval($_POST['asset_vendor_id']);
+} else {
+    $vendor = '0';
 }
-if(isset($_POST['asset_location_id'])){
-  $location = intval($_POST['asset_location_id']);
-} else{
-  $location = '0';
+if (isset($_POST['asset_location_id'])) {
+    $location = intval($_POST['asset_location_id']);
+} else {
+    $location = '0';
 }
-if(isset($_POST['asset_contact_id'])){
-  $contact = intval($_POST['asset_contact_id']);
-} else{
-  $contact = '0';
+if (isset($_POST['asset_contact_id'])) {
+    $contact = intval($_POST['asset_contact_id']);
+} else {
+    $contact = '0';
 }
-if(isset($_POST['asset_network_id'])){
-  $network = intval($_POST['asset_network_id']);
-} else{
-  $network = '0';
+if (isset($_POST['asset_network_id'])) {
+    $network = intval($_POST['asset_network_id']);
+} else {
+    $network = '0';
 }
 
 // Default
-$insert_id = FALSE;
+$insert_id = false;
 
-if(!empty($name) && !empty($client_id)){
-  // Insert into Database
-  $insert_sql = mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = '$company_id'");
+if (!empty($name) && !empty($client_id)) {
+    // Insert into Database
+    $insert_sql = mysqli_query($mysqli, "INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = '$company_id'");
 
-  if($insert_sql){
-    $insert_id = mysqli_insert_id($mysqli);
+    if ($insert_sql) {
+        $insert_id = mysqli_insert_id($mysqli);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created asset $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
-  }
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created asset $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
+    }
 }
 
 // Output
-include('../create_output.php');
\ No newline at end of file
+require_once('../create_output.php');
diff --git a/api/v1/assets/delete.php b/api/v1/assets/delete.php
index 2ad4fc51..7228e027 100644
--- a/api/v1/assets/delete.php
+++ b/api/v1/assets/delete.php
@@ -1,28 +1,28 @@
 <?php
-require('../validate_api_key.php');
+require_once('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../require_post_method.php');
 
 // Parse ID
 $asset_id = intval($_POST['asset_id']);
 
 // Default
-$delete_count = FALSE;
+$delete_count = false;
 
-if(!empty($asset_id)){
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
-  $asset_name = $row['asset_name'];
+if (!empty($asset_id)) {
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
+    $asset_name = $row['asset_name'];
 
-  $delete_sql = mysqli_query($mysqli, "DELETE FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
+    $delete_sql = mysqli_query($mysqli, "DELETE FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
 
-  // Check delete & get affected rows
-  if($delete_sql && !empty($asset_name)){
-    $delete_count = mysqli_affected_rows($mysqli);
+    // Check delete & get affected rows
+    if ($delete_sql && !empty($asset_name)) {
+        $delete_count = mysqli_affected_rows($mysqli);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
-  }
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
+    }
 }
 
 // Output
-include('../delete_output.php');
\ No newline at end of file
+require_once('../delete_output.php');
\ No newline at end of file
diff --git a/api/v1/assets/read.php b/api/v1/assets/read.php
index 5102f32b..3ff4f0a8 100644
--- a/api/v1/assets/read.php
+++ b/api/v1/assets/read.php
@@ -1,42 +1,42 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Asset via ID (single)
-if(isset($_GET['asset_id'])){
-  $id = intval($_GET['asset_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$id' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['asset_id'])) {
+    $id = intval($_GET['asset_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$id' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Asset query via type
-elseif(isset($_GET['asset_type'])){
-  $type = mysqli_real_escape_string($mysqli,ucfirst($_GET['asset_type']));
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['asset_type'])) {
+    $type = mysqli_real_escape_string($mysqli,ucfirst($_GET['asset_type']));
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Asset query via name
-elseif(isset($_GET['asset_name'])){
-  $name = mysqli_real_escape_string($mysqli,$_GET['asset_name']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['asset_name'])) {
+    $name = mysqli_real_escape_string($mysqli, $_GET['asset_name']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Asset query via serial
-elseif(isset($_GET['asset_serial'])){
-  $serial = mysqli_real_escape_string($mysqli,$_GET['asset_serial']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['asset_serial'])) {
+    $serial = mysqli_real_escape_string($mysqli, $_GET['asset_serial']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Asset query via client ID
-elseif(isset($_GET['client_id']) && $client_id == "%"){
-  $client_id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['client_id']) && $client_id == "%") {
+    $client_id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // All assets
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/assets/update.php b/api/v1/assets/update.php
index f741ee47..b12f6551 100644
--- a/api/v1/assets/update.php
+++ b/api/v1/assets/update.php
@@ -1,116 +1,116 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_post_method.php');
 
 // Parse ID
 $asset_id = intval($_POST['asset_id']);
 
 // Default
-$update_count = FALSE;
+$update_count = false;
 
-if(!empty($asset_id)){
+if (!empty($asset_id)) {
 
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$asset_id' AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$asset_id' AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
 
-  // Variable assignment - assigning the current database value if a value is not provided
-  if(isset($_POST['asset_name'])){
-    $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_name'])));
-  } else{
-    $name = $row['asset_name'];
-  }
-  if(isset($_POST['asset_type'])){
-    $type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_type'])));
-  } else{
-    $type = $row['asset_type'];
-  }
-  if(isset($_POST['asset_make'])){
-    $make = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_make'])));
-  } else{
-    $make = $row['asset_make'];
-  }
-  if(isset($_POST['asset_model'])){
-    $model = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_model'])));
-  } else{
-    $model = $row['asset_model'];
-  }
-  if(isset($_POST['asset_serial'])){
-    $serial = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_serial'])));
-  } else{
-    $serial = $row['asset_serial'];
-  }
-  if(isset($_POST['asset_os'])){
-    $os = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_os'])));
-  } else{
-    $os = $row['asset_os'];
-  }
-  if(isset($_POST['asset_os'])){
-    $os = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_os'])));
-  } else{
-    $os = $row['asset_os'];
-  }
-  if(isset($_POST['asset_ip'])){
-    $aip = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_ip'])));
-  } else{
-    $aip = $row['asset_ip'];
-  }
-  if(isset($_POST['asset_mac'])){
-    $mac = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_mac'])));
-  } else{
-    $mac = $row['asset_mac'];
-  }
-  if(isset($_POST['asset_purchase_date'])){
-    $purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_purchase_date'])));
-  } else{
-    $purchase_date = $row['asset_purchase_date'];
-  }
-  if(isset($_POST['asset_warranty_expire'])){
-    $warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_warranty_expire'])));
-  } else{
-    $warranty_expire = $row['asset_warranty_expire'];
-  }
-  if(isset($_POST['asset_install_date'])){
-    $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_install_date'])));
-  } else{
-    $install_date = $row['asset_install_date'];
-  }
-  if(isset($_POST['asset_notes'])){
-    $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['asset_notes'])));
-  } else{
-    $notes = $row['asset_notes'];
-  }
-  if(isset($_POST['asset_vendor_id'])){
-    $vendor = intval($_POST['asset_vendor_id']);
-  } else{
-    $vendor = $row['asset_vendor_id'];
-  }
-  if(isset($_POST['asset_location_id'])){
-    $location = intval($_POST['asset_location_id']);
-  } else{
-    $location = $row['asset_location_id'];
-  }
-  if(isset($_POST['asset_contact_id'])){
-    $contact = intval($_POST['asset_contact_id']);
-  } else{
-    $contact = $row['asset_contact_id'];
-  }
-  if(isset($_POST['asset_network_id'])){
-    $network = intval($_POST['asset_network_id']);
-  } else{
-    $network = $row['asset_network_id'];
-  }
+    // Variable assignment - assigning the current database value if a value is not provided
+    if (isset($_POST['asset_name'])) {
+        $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_name'])));
+    } else {
+        $name = $row['asset_name'];
+    }
+    if (isset($_POST['asset_type'])) {
+        $type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_type'])));
+    } else {
+        $type = $row['asset_type'];
+    }
+    if (isset($_POST['asset_make'])) {
+        $make = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_make'])));
+    } else {
+        $make = $row['asset_make'];
+    }
+    if (isset($_POST['asset_model'])) {
+        $model = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_model'])));
+    } else {
+        $model = $row['asset_model'];
+    }
+    if (isset($_POST['asset_serial'])) {
+        $serial = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_serial'])));
+    } else {
+        $serial = $row['asset_serial'];
+    }
+    if (isset($_POST['asset_os'])) {
+        $os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
+    } else {
+        $os = $row['asset_os'];
+    }
+    if (isset($_POST['asset_os'])) {
+        $os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
+    } else {
+        $os = $row['asset_os'];
+    }
+    if (isset($_POST['asset_ip'])) {
+        $aip = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_ip'])));
+    } else {
+        $aip = $row['asset_ip'];
+    }
+    if (isset($_POST['asset_mac'])) {
+        $mac = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_mac'])));
+    } else {
+        $mac = $row['asset_mac'];
+    }
+    if (isset($_POST['asset_purchase_date'])) {
+        $purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_purchase_date'])));
+    } else {
+        $purchase_date = $row['asset_purchase_date'];
+    }
+    if (isset($_POST['asset_warranty_expire'])) {
+        $warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_warranty_expire'])));
+    } else {
+        $warranty_expire = $row['asset_warranty_expire'];
+    }
+    if (isset($_POST['asset_install_date'])) {
+        $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_install_date'])));
+    } else {
+        $install_date = $row['asset_install_date'];
+    }
+    if (isset($_POST['asset_notes'])) {
+        $notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_notes'])));
+    } else {
+        $notes = $row['asset_notes'];
+    }
+    if (isset($_POST['asset_vendor_id'])) {
+        $vendor = intval($_POST['asset_vendor_id']);
+    } else {
+        $vendor = $row['asset_vendor_id'];
+    }
+    if (isset($_POST['asset_location_id'])) {
+        $location = intval($_POST['asset_location_id']);
+    } else {
+        $location = $row['asset_location_id'];
+    }
+    if (isset($_POST['asset_contact_id'])) {
+        $contact = intval($_POST['asset_contact_id']);
+    } else {
+        $contact = $row['asset_contact_id'];
+    }
+    if (isset($_POST['asset_network_id'])) {
+        $network = intval($_POST['asset_network_id']);
+    } else {
+        $network = $row['asset_network_id'];
+    }
 
-  $update_sql = mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
+    $update_sql = mysqli_query($mysqli, "UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
 
-  // Check insert & get insert ID
-  if($update_sql){
-    $update_count = mysqli_affected_rows($mysqli);
+    // Check insert & get insert ID
+    if ($update_sql) {
+        $update_count = mysqli_affected_rows($mysqli);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated asset $name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
-  }
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated asset $name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
+    }
 }
 
 // Output
-include('../update_output.php');
\ No newline at end of file
+require_once('../update_output.php');
\ No newline at end of file
diff --git a/api/v1/certificates/read.php b/api/v1/certificates/read.php
index 25b9b343..a968eecf 100644
--- a/api/v1/certificates/read.php
+++ b/api/v1/certificates/read.php
@@ -1,30 +1,30 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific certificate via ID (single)
-if(isset($_GET['certificate_id'])){
-  $id = intval($_GET['certificate_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_id = '$id' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['certificate_id'])) {
+    $id = intval($_GET['certificate_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_id = '$id' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Certificate by name
-elseif(isset($_GET['certificate_name'])){
-  $name = mysqli_real_escape_string($mysqli,$_GET['certificate_name']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_name = '$name' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['certificate_name'])) {
+    $name = mysqli_real_escape_string($mysqli, $_GET['certificate_name']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_name = '$name' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
 }
 
 // Certificate via client ID (if allowed)
-elseif(isset($_GET['client_id']) && $client_id == "%"){
-  $client_id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['client_id']) && $client_id == "%") {
+    $client_id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
 }
 
 // All certificates
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/clients/read.php b/api/v1/clients/read.php
index 4fb5713a..c77b82ea 100644
--- a/api/v1/clients/read.php
+++ b/api/v1/clients/read.php
@@ -1,24 +1,24 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific client via ID (single)
-if(isset($_GET['client_id'])){
-  $id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = '$id' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['client_id'])) {
+    $id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = '$id' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Specific client via name (single)
-elseif(isset($_GET['client_name'])){
-  $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['client_name'])));
-  $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_name = '$name' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
+elseif (isset($_GET['client_name'])) {
+    $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['client_name'])));
+    $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_name = '$name' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // All clients
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY client_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY client_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/contacts/contact_model.php b/api/v1/contacts/contact_model.php
index 312555c7..dc3ecdda 100644
--- a/api/v1/contacts/contact_model.php
+++ b/api/v1/contacts/contact_model.php
@@ -1,13 +1,13 @@
 <?php
 define('number_regex', '/[^0-9]/');
 
-$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_name'])));
-$title = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_title'])));
-$department = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_department'])));
+$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
+$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_title'])));
+$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_department'])));
 $phone = preg_replace(number_regex, '', $_POST['contact_phone']);
 $extension = preg_replace(number_regex, '', $_POST['contact_extension']);
 $mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
-$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_email'])));
-$notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_notes'])));
-$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['contact_auth_method'])));
+$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
+$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_notes'])));
+$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_auth_method'])));
 $location_id = intval($_POST['contact_location_id']);
\ No newline at end of file
diff --git a/api/v1/contacts/create.php b/api/v1/contacts/create.php
index 7ba620d5..0764fc74 100644
--- a/api/v1/contacts/create.php
+++ b/api/v1/contacts/create.php
@@ -1,34 +1,34 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_post_method.php');
 
 // Parse Info
-include('contact_model.php');
+require_once('contact_model.php');
 
 // Default
 $insert_id = FALSE;
 
-if(!empty($name) && !empty($email) && !empty($client_id)){
+if (!empty($name) && !empty($email) && !empty($client_id)) {
 
-  // Check contact with $email doesn't already exist
-  $email_duplication_sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_client_id = '$client_id'");
+    // Check contact with $email doesn't already exist
+    $email_duplication_sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_client_id = '$client_id'");
 
-  if(mysqli_num_rows($email_duplication_sql) == 0){
+    if (mysqli_num_rows($email_duplication_sql) == 0) {
 
-    // Insert contact
-    $insert_sql = mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
+        // Insert contact
+        $insert_sql = mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
+
+        // Check insert & get insert ID
+        if ($insert_sql) {
+            $insert_id = mysqli_insert_id($mysqli);
+            //Logging
+            mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
+            mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
+        }
 
-    // Check insert & get insert ID
-    if($insert_sql){
-      $insert_id = mysqli_insert_id($mysqli);
-      //Logging
-      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
-      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
     }
-
-  }
 }
 
 // Output
-include('../create_output.php');
\ No newline at end of file
+require_once('../create_output.php');
\ No newline at end of file
diff --git a/api/v1/contacts/delete.php b/api/v1/contacts/delete.php
index 8eeef9d5..64602ce6 100644
--- a/api/v1/contacts/delete.php
+++ b/api/v1/contacts/delete.php
@@ -1,7 +1,7 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_post_method.php');
 
 // Parse ID
 $contact_id = intval($_POST['contact_id']);
@@ -9,20 +9,20 @@ $contact_id = intval($_POST['contact_id']);
 // Default
 $delete_count = FALSE;
 
-if(!empty($contact_id)){
-  $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
-  $contact_name = $row['contact_name'];
+if (!empty($contact_id)) {
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
+    $contact_name = $row['contact_name'];
 
-  $delete_sql = mysqli_query($mysqli, "DELETE FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
+    $delete_sql = mysqli_query($mysqli, "DELETE FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
 
-  // Check delete & get affected rows
-  if($delete_sql && !empty($contact_name)){
-    $delete_count = mysqli_affected_rows($mysqli);
+    // Check delete & get affected rows
+    if ($delete_sql && !empty($contact_name)) {
+        $delete_count = mysqli_affected_rows($mysqli);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Deleted', log_description = '$contact_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
-  }
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Deleted', log_description = '$contact_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
+    }
 }
 
 // Output
-include('../delete_output.php');
\ No newline at end of file
+require_once('../delete_output.php');
\ No newline at end of file
diff --git a/api/v1/contacts/read.php b/api/v1/contacts/read.php
index 2de010b5..c15b1493 100644
--- a/api/v1/contacts/read.php
+++ b/api/v1/contacts/read.php
@@ -1,24 +1,24 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific contact via ID (single)
-if(isset($_GET['contact_id'])){
+if (isset($_GET['contact_id'])) {
     $id = intval($_GET['contact_id']);
     $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = '$id' AND contact_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Specific contact via email (single)
-elseif(isset($_GET['contact_email'])){
-    $email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['contact_email'])));
+elseif (isset($_GET['contact_email'])) {
+    $email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['contact_email'])));
     $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // All contacts
-else{
+else {
     $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY contact_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/contacts/update.php b/api/v1/contacts/update.php
index 31a42271..eeac3407 100644
--- a/api/v1/contacts/update.php
+++ b/api/v1/contacts/update.php
@@ -1,28 +1,28 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_post_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_post_method.php');
 
 // Parse Info
 $contact_id = intval($_POST['contact_id']);
-include('contact_model.php');
+require_once('contact_model.php');
 
 // Default
 $update_count = FALSE;
 
-if(!empty($name) && !empty($email)){
+if (!empty($name) && !empty($email)) {
 
-  $update_sql = mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_updated_at = NOW(), contact_department_id = $department, contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
+    $update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_updated_at = NOW(), contact_department_id = $department, contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
 
-  // Check insert & get insert ID
-  if($update_sql){
-    $update_count = mysqli_affected_rows($mysqli);
+    // Check insert & get insert ID
+    if ($update_sql) {
+        $update_count = mysqli_affected_rows($mysqli);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
-  }
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
+    }
 }
 
 // Output
-include('../update_output.php');
\ No newline at end of file
+require_once('../update_output.php');
\ No newline at end of file
diff --git a/api/v1/create_output.php b/api/v1/create_output.php
index 83253a79..d4ef9615 100644
--- a/api/v1/create_output.php
+++ b/api/v1/create_output.php
@@ -7,19 +7,19 @@
  */
 
 // Check if the insert query was successful
-if(isset($insert_id) && is_numeric($insert_id)){
-  // Insert successful
-  $return_arr['success'] = "True";
-  $return_arr['count'] = '1';
-  $return_arr['data'][] = [
-    'insert_id' => $insert_id
-  ];
+if (isset($insert_id) && is_numeric($insert_id)) {
+    // Insert successful
+    $return_arr['success'] = "True";
+    $return_arr['count'] = '1';
+    $return_arr['data'][] = [
+        'insert_id' => $insert_id
+    ];
 }
 
 // Query returned false: something went wrong, or it was declined due to required variables missing
-else{
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "Auth success but insert query failed, ensure ALL required variables are provided (and aren't duplicates where applicable) and database schema is up-to-date. Turn on error logging and look for 'undefined index'.";
+else {
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "Auth success but insert query failed, ensure ALL required variables are provided (and aren't duplicates where applicable) and database schema is up-to-date. Turn on error logging and look for 'undefined index'.";
 }
 
 echo json_encode($return_arr);
diff --git a/api/v1/delete_output.php b/api/v1/delete_output.php
index d1ffe44c..c8139d92 100644
--- a/api/v1/delete_output.php
+++ b/api/v1/delete_output.php
@@ -7,16 +7,16 @@
  */
 
 // Check if delete query was successful
-if(isset($delete_count) && is_numeric($delete_count) && $delete_count > 0){
-  // Delete was successful
-  $return_arr['success'] = "True";
-  $return_arr['count'] = $delete_count;
+if (isset($delete_count) && is_numeric($delete_count) && $delete_count > 0) {
+    // Delete was successful
+    $return_arr['success'] = "True";
+    $return_arr['count'] = $delete_count;
 }
 
 // Delete query returned false: something went wrong, or it was declined due to required variables missing
-else{
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "Auth success but delete query failed. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: asset/client/company ID mismatch.";
+else {
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "Auth success but delete query failed. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: asset/client/company ID mismatch.";
 }
 
 echo json_encode($return_arr);
diff --git a/api/v1/domains/read.php b/api/v1/domains/read.php
index 423dc778..f0cf2b7a 100644
--- a/api/v1/domains/read.php
+++ b/api/v1/domains/read.php
@@ -1,30 +1,30 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific domain via ID (single)
-if(isset($_GET['domain_id'])){
-  $id = intval($_GET['domain_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_id = '$id' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['domain_id'])) {
+    $id = intval($_GET['domain_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_id = '$id' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Domain by name
-elseif(isset($_GET['domain_name'])){
-  $name = mysqli_real_escape_string($mysqli,$_GET['domain_name']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$name' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['domain_name'])) {
+    $name = mysqli_real_escape_string($mysqli, $_GET['domain_name']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$name' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Domain via client ID (if allowed)
-elseif(isset($_GET['client_id']) && $client_id == "%"){
-  $client_id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['client_id']) && $client_id == "%") {
+    $client_id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
 }
 
 // All domains
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/networks/read.php b/api/v1/networks/read.php
index fe02ed22..e76cfaa1 100644
--- a/api/v1/networks/read.php
+++ b/api/v1/networks/read.php
@@ -1,30 +1,30 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific network via ID (single)
-if(isset($_GET['network_id'])){
-  $id = intval($_GET['network_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_id = '$id' AND network_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['network_id'])) {
+    $id = intval($_GET['network_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_id = '$id' AND network_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Network by name
-elseif(isset($_GET['network_name'])){
-  $name = mysqli_real_escape_string($mysqli,$_GET['network_name']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_name = '$name' AND network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['network_name'])) {
+    $name = mysqli_real_escape_string($mysqli, $_GET['network_name']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_name = '$name' AND network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
 }
 
 // Network via client ID (if allowed)
-elseif(isset($_GET['client_id']) && $client_id == "%"){
-  $client_id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['client_id']) && $client_id == "%") {
+    $client_id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
 }
 
 // All networks
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/read_output.php b/api/v1/read_output.php
index e078994d..42c6cde9 100644
--- a/api/v1/read_output.php
+++ b/api/v1/read_output.php
@@ -6,21 +6,21 @@
  * Returns success & data messages
  */
 
-if($sql && mysqli_num_rows($sql) > 0){
-  $return_arr['success'] = "True";
-  $return_arr['count'] = mysqli_num_rows($sql);
+if ($sql && mysqli_num_rows($sql) > 0) {
+    $return_arr['success'] = "True";
+    $return_arr['count'] = mysqli_num_rows($sql);
 
-  $row = array();
-  while($row = mysqli_fetch_array($sql)){
-    $return_arr['data'][] = $row;
-  }
+    $row = array();
+    while ($row = mysqli_fetch_array($sql)) {
+        $return_arr['data'][] = $row;
+    }
 
-  echo json_encode($return_arr);
-  exit();
+    echo json_encode($return_arr);
+    exit();
 }
-else{
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "No resource (for this client and company) with the specified parameter(s).";
-  echo json_encode($return_arr);
-  exit();
+else {
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "No resource (for this client and company) with the specified parameter(s).";
+    echo json_encode($return_arr);
+    exit();
 }
\ No newline at end of file
diff --git a/api/v1/require_get_method.php b/api/v1/require_get_method.php
index 4667bed7..4ce0b1f9 100644
--- a/api/v1/require_get_method.php
+++ b/api/v1/require_get_method.php
@@ -1,13 +1,13 @@
 <?php
-if($_SERVER['REQUEST_METHOD'] !== "GET"){
-  header("HTTP/1.1 405 Method Not Allowed");
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "Can only send GET requests to this endpoint.";
-  echo json_encode($return_arr);
-  exit();
+if ($_SERVER['REQUEST_METHOD'] !== "GET") {
+    header("HTTP/1.1 405 Method Not Allowed");
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "Can only send GET requests to this endpoint.";
+    echo json_encode($return_arr);
+    exit();
 }
 
 // Wildcard client ID for most SELECT queries
-if($client_id == 0){
-  $client_id = "%";
+if ($client_id == 0) {
+    $client_id = "%";
 }
\ No newline at end of file
diff --git a/api/v1/require_post_method.php b/api/v1/require_post_method.php
index 45686e3a..c72efe2d 100644
--- a/api/v1/require_post_method.php
+++ b/api/v1/require_post_method.php
@@ -1,14 +1,14 @@
 <?php
-if($_SERVER['REQUEST_METHOD'] !== "POST"){
-  header("HTTP/1.1 405 Method Not Allowed");
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "Can only send POST requests to this endpoint.";
-  echo json_encode($return_arr);
-  exit();
+if ($_SERVER['REQUEST_METHOD'] !== "POST") {
+    header("HTTP/1.1 405 Method Not Allowed");
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "Can only send POST requests to this endpoint.";
+    echo json_encode($return_arr);
+    exit();
 }
 
 // Client ID must be specific for INSERT/UPDATE/DELETE queries
 // If this API key allows any client, set $client_id to the one specified, else leave it
-if($client_id == 0){
-  $client_id = intval($_POST['client_id']);
+if ($client_id == 0) {
+    $client_id = intval($_POST['client_id']);
 }
\ No newline at end of file
diff --git a/api/v1/software/read.php b/api/v1/software/read.php
index df229a48..ca26185d 100644
--- a/api/v1/software/read.php
+++ b/api/v1/software/read.php
@@ -1,42 +1,42 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific software via ID (single)
-if(isset($_GET['software_id'])){
-  $id = intval($_GET['software_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = '$id' AND software_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['software_id'])) {
+    $id = intval($_GET['software_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = '$id' AND software_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // Specific software via License ID
-if(isset($_GET['software_license'])){
-  $license = mysqli_real_escape_string($mysqli,$_GET['software_license']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_license_type = '$license' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
+if (isset($_GET['software_license'])) {
+    $license = mysqli_real_escape_string($mysqli, $_GET['software_license']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_license_type = '$license' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
 }
 
 // Software by name
-elseif(isset($_GET['software_name'])){
-  $name = mysqli_real_escape_string($mysqli,$_GET['software_name']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_name = '$name' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['software_name'])) {
+    $name = mysqli_real_escape_string($mysqli, $_GET['software_name']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_name = '$name' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
 }
 
 // Software via type
-elseif(isset($_GET['software_type'])){
-  $type = intval($_GET['software_type']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_type = '$type' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['software_type'])) {
+    $type = intval($_GET['software_type']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_type = '$type' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
 }
 
 // Software via client ID (if allowed)
-elseif(isset($_GET['client_id']) && $client_id == "%"){
-  $client_id = intval($_GET['client_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
+elseif (isset($_GET['client_id']) && $client_id == "%") {
+    $client_id = intval($_GET['client_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
 }
 
 // All software(s)
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/tickets/read.php b/api/v1/tickets/read.php
index 4fa7247a..b0ee19e6 100644
--- a/api/v1/tickets/read.php
+++ b/api/v1/tickets/read.php
@@ -1,18 +1,18 @@
 <?php
-require('../validate_api_key.php');
 
-require('../require_get_method.php');
+require_once('../validate_api_key.php');
+require_once('../require_get_method.php');
 
 // Specific ticket via ID (single)
-if(isset($_GET['ticket_id'])){
-  $id = intval($_GET['ticket_id']);
-  $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$id' AND ticket_client_id LIKE '$client_id' AND company_id = '$company_id'");
+if (isset($_GET['ticket_id'])) {
+    $id = intval($_GET['ticket_id']);
+    $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$id' AND ticket_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }
 
 // All tickets
-else{
-  $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY ticket_id LIMIT $limit OFFSET $offset");
+else {
+    $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY ticket_id LIMIT $limit OFFSET $offset");
 }
 
 // Output
-include("../read_output.php");
\ No newline at end of file
+require_once("../read_output.php");
\ No newline at end of file
diff --git a/api/v1/update_output.php b/api/v1/update_output.php
index 942b71fa..59e7c13c 100644
--- a/api/v1/update_output.php
+++ b/api/v1/update_output.php
@@ -7,16 +7,16 @@
  */
 
 // Check if the insert query was successful
-if(isset($update_count) && is_numeric($update_count) && $update_count > 0){
-  // Insert successful
-  $return_arr['success'] = "True";
-  $return_arr['count'] = $update_count;
+if (isset($update_count) && is_numeric($update_count) && $update_count > 0) {
+    // Insert successful
+    $return_arr['success'] = "True";
+    $return_arr['count'] = $update_count;
 }
 
 // Query returned false: something went wrong, or it was declined due to required variables missing
-else{
-  $return_arr['success'] = "False";
-  $return_arr['message'] = "Auth success but update query failed/returned no results. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: non-existent module ID (contact ID/ticket ID/etc)";
+else {
+    $return_arr['success'] = "False";
+    $return_arr['message'] = "Auth success but update query failed/returned no results. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: non-existent module ID (contact ID/ticket ID/etc)";
 }
 
 echo json_encode($return_arr);
diff --git a/api/v1/validate_api_key.php b/api/v1/validate_api_key.php
index a026e42b..5b85055e 100644
--- a/api/v1/validate_api_key.php
+++ b/api/v1/validate_api_key.php
@@ -7,8 +7,8 @@
  */
 
 // Includes
-include( __DIR__ . '../../../functions.php');
-include(__DIR__ . "../../../config.php");
+require_once( __DIR__ . '../../../functions.php');
+require_once(__DIR__ . "../../../config.php");
 
 // JSON header
 header('Content-Type: application/json');
@@ -17,9 +17,9 @@ header('Content-Type: application/json');
 $_POST = json_decode(file_get_contents('php://input'), true);
 
 // Get user IP
-$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
+$ip = strip_tags(mysqli_real_escape_string($mysqli, get_ip()));
 // Get user agent
-$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
+$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
 
 // Setup return array
 $return_arr = array();
@@ -43,75 +43,75 @@ DEFINE("WORDING_UNAUTHORIZED", "HTTP/1.1 401 Unauthorized");
  */
 
 // Decline methods other than GET/POST
-if($_SERVER['REQUEST_METHOD'] !== "GET" && $_SERVER['REQUEST_METHOD'] !== "POST"){
-  header("HTTP/1.1 405 Method Not Allowed");
-  var_dump($_SERVER['REQUEST_METHOD']);
-  exit();
+if ($_SERVER['REQUEST_METHOD'] !== "GET" && $_SERVER['REQUEST_METHOD'] !== "POST") {
+    header("HTTP/1.1 405 Method Not Allowed");
+    var_dump($_SERVER['REQUEST_METHOD']);
+    exit();
 }
 
 // Check API key is provided
-if(!isset($_GET['api_key']) && !isset($_POST['api_key'])){
-  header(WORDING_UNAUTHORIZED);
-  exit();
+if (!isset($_GET['api_key']) && !isset($_POST['api_key'])) {
+    header(WORDING_UNAUTHORIZED);
+    exit();
 }
 
 // Set API key variable
-if(isset($_GET['api_key'])){
-  $api_key = $_GET['api_key'];
+if (isset($_GET['api_key'])) {
+    $api_key = $_GET['api_key'];
 }
-if(isset($_POST['api_key'])){
-  $api_key = $_POST['api_key'];
+if (isset($_POST['api_key'])) {
+    $api_key = $_POST['api_key'];
 }
 
 // Validate API key
-if(isset($api_key)){
-  $api_key = mysqli_real_escape_string($mysqli,$api_key);
+if (isset($api_key)) {
+    $api_key = mysqli_real_escape_string($mysqli, $api_key);
 
-  $sql = mysqli_query($mysqli,"SELECT * FROM api_keys WHERE api_key_secret = '$api_key' AND api_key_expire > NOW() LIMIT 1");
+    $sql = mysqli_query($mysqli, "SELECT * FROM api_keys WHERE api_key_secret = '$api_key' AND api_key_expire > NOW() LIMIT 1");
 
-  // Failed
-  if(mysqli_num_rows($sql) !== 1){
-    // Invalid Key
-    header(WORDING_UNAUTHORIZED);
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Failed', log_description = 'Incorrect or expired Key', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
+    // Failed
+    if (mysqli_num_rows($sql) !== 1) {
+        // Invalid Key
+        header(WORDING_UNAUTHORIZED);
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Failed', log_description = 'Incorrect or expired Key', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
 
-    $return_arr['success'] = "False";
-    $return_arr['message'] = "API Key authentication failure or expired.";
+        $return_arr['success'] = "False";
+        $return_arr['message'] = "API Key authentication failure or expired.";
 
-    header(WORDING_UNAUTHORIZED);
-    echo json_encode($return_arr);
-    exit();
-  }
-
-  // Success
-  else{
-
-    // Set client ID, company ID & key name
-    $row = mysqli_fetch_array($sql);
-    $api_key_name = $row['api_key_name'];
-    $client_id = $row['api_key_client_id'];
-    $company_id = $row['company_id'];
-
-    // Set limit & offset for queries
-    if(isset($_GET['limit'])){
-      $limit = intval($_GET['limit']);
-    }
-    elseif(isset($_POST['limit'])){
-      $limit = intval($_POST['limit']);
-    }
-    else{
-      $limit = 50;
+        header(WORDING_UNAUTHORIZED);
+        echo json_encode($return_arr);
+        exit();
     }
 
-    if(isset($_GET['offset'])){
-      $offset = intval($_GET['offset']);
-    }
-    elseif(isset($_POST['offset'])){
-      $offset = intval($_POST['offset']);
-    }
-    else{
-      $offset = 0;
-    }
+    // Success
+    else {
 
-  }
+        // Set client ID, company ID & key name
+        $row = mysqli_fetch_array($sql);
+        $api_key_name = $row['api_key_name'];
+        $client_id = $row['api_key_client_id'];
+        $company_id = $row['company_id'];
+
+        // Set limit & offset for queries
+        if (isset($_GET['limit'])) {
+            $limit = intval($_GET['limit']);
+        }
+        elseif (isset($_POST['limit'])) {
+            $limit = intval($_POST['limit']);
+        }
+        else {
+            $limit = 50;
+        }
+
+        if (isset($_GET['offset'])) {
+            $offset = intval($_GET['offset']);
+        }
+        elseif (isset($_POST['offset'])) {
+            $offset = intval($_POST['offset']);
+        }
+        else {
+            $offset = 0;
+        }
+
+    }
 }
\ No newline at end of file
diff --git a/get_credential.php b/get_credential.php
index b928197a..39f41fda 100644
--- a/get_credential.php
+++ b/get_credential.php
@@ -18,17 +18,16 @@
 
 // Headers to allow extensions access (CORS)
 $chrome_id = "chrome-extension://afgpakhonllnmnomchjhidealcpmnegc";
-//$firefox_id = "moz-extension://857479e9-3992-4e99-9a5e-b514d2ad0a82"; // Firefox rejected the extension. They are still using manifest v2 so will just focus on Chrome/Edge with v3 for now until Mozilla catches up
 
 if (isset($_SERVER['HTTP_ORIGIN'])) {
-    if($_SERVER['HTTP_ORIGIN'] == $chrome_id){
+    if ($_SERVER['HTTP_ORIGIN'] == $chrome_id) {
         header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
         header('Access-Control-Allow-Credentials: true');
     }
 }
 
-include("config.php");
-include("functions.php");
+include_once("config.php");
+include_once("functions.php");
 
 // IP & User Agent for logging
 $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
@@ -41,13 +40,13 @@ DEFINE("WORDING_BAD_EXT_COOKIE_KEY", "ITFlow - You are not logged into ITFlow, d
 
 // Check user is logged in & has extension access
 // We're not using the PHP session as we don't want to potentially expose the session cookie with SameSite None
-if(!isset($_COOKIE['user_extension_key'])){
+if (!isset($_COOKIE['user_extension_key'])) {
     $data['found'] = "FALSE";
     $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
-    echo(json_encode($data));
+    echo json_encode($data);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
+    // Logging
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
 
     exit();
 }
@@ -56,13 +55,13 @@ if(!isset($_COOKIE['user_extension_key'])){
 $user_extension_key = $_COOKIE['user_extension_key'];
 
 // Check the key isn't empty, less than 17 characters or the word "disabled".
-if(empty($user_extension_key) || strlen($user_extension_key) < 16 || strtolower($user_extension_key) == "disabled"){
+if (empty($user_extension_key) || strlen($user_extension_key) < 16 || strtolower($user_extension_key) == "disabled") {
     $data['found'] = "FALSE";
     $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
-    echo(json_encode($data));
+    echo json_encode($data);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
+    // Logging
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
 
     exit();
 }
@@ -74,25 +73,25 @@ $auth_user = mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings
 $row = mysqli_fetch_array($auth_user);
 
 // Check SQL query state
-if(mysqli_num_rows($auth_user) < 1 || !$auth_user){
+if (mysqli_num_rows($auth_user) < 1 || !$auth_user) {
     $data['found'] = "FALSE";
     $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
-    echo(json_encode($data));
+    echo json_encode($data);
 
     //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
 
     exit();
 }
 
 // Sanity check
-if(hash('sha256', $row['user_extension_key']) !== hash('sha256', $_COOKIE['user_extension_key'])){
+if (hash('sha256', $row['user_extension_key']) !== hash('sha256', $_COOKIE['user_extension_key'])) {
     $data['found'] = "FALSE";
     $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
-    echo(json_encode($data));
+    echo json_encode($data);
 
     //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
 
     exit();
 }
@@ -110,28 +109,28 @@ $session_company_id = $row['user_default_company'];
 $session_user_role = $row['user_role'];
 
 // Check user access level is correct (not an accountant)
-if($session_user_role < 1){
+if ($session_user_role < 1) {
     $data['found'] = "FALSE";
     $data['message'] = WORDING_ROLECHECK_FAILED;
-    echo(json_encode($data));
+    echo json_encode($data);
 
     //Logging
     $user_name = mysqli_real_escape_string($mysqli, $session_name);
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = '$user_name not authorised to use extension', log_ip = '$ip', log_user_agent = '$user_agent', log_user_id = $session_user_id");
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = '$user_name not authorised to use extension', log_ip = '$ip', log_user_agent = '$user_agent', log_user_id = $session_user_id");
 
     exit();
 }
 
 // Lets go!
 
-if(isset($_GET['host'])){
+if (isset($_GET['host'])) {
 
-    if(!empty($_GET['host'])){
-        $url = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['host'])));
+    if (!empty($_GET['host'])) {
+        $url = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['host'])));
 
         $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_uri = '$url' AND company_id = '$session_company_id') LIMIT 1");
 
-        if(mysqli_num_rows($sql_logins) > 0){
+        if (mysqli_num_rows($sql_logins) > 0) {
             $row = mysqli_fetch_array($sql_logins);
             $data['found'] = "TRUE";
             $data['username'] = htmlentities($row['login_username']);
diff --git a/portal/check_login.php b/portal/check_login.php
index 8b82da8a..e0a6cfe1 100644
--- a/portal/check_login.php
+++ b/portal/check_login.php
@@ -5,27 +5,27 @@
  * Checks if the client is logged in or not
  */
 
-if(!isset($_SESSION)){
-  // HTTP Only cookies
-  ini_set("session.cookie_httponly", True);
-  if($config_https_only){
-    // Tell client to only send cookie(s) over HTTPS
-    ini_set("session.cookie_secure", True);
-  }
-  session_start();
+if (!isset($_SESSION)) {
+    // HTTP Only cookies
+    ini_set("session.cookie_httponly", True);
+    if ($config_https_only) {
+        // Tell client to only send cookie(s) over HTTPS
+        ini_set("session.cookie_secure", True);
+    }
+    session_start();
 }
 
-if(!$_SESSION['client_logged_in']){
-  header("Location: login.php");
-  die;
+if (!$_SESSION['client_logged_in']) {
+    header("Location: login.php");
+    die;
 }
 
 // SESSION FINGERPRINT
-$session_ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
-$session_os = strip_tags(mysqli_real_escape_string($mysqli,get_os()));
+$session_ip = strip_tags(mysqli_real_escape_string($mysqli, get_ip()));
+$session_os = strip_tags(mysqli_real_escape_string($mysqli, get_os()));
 
 // Get user agent
-$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
+$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
 
 // Get info from session
 $session_client_id = $_SESSION['client_id'];
diff --git a/portal/inc_portal.php b/portal/inc_portal.php
index bcabab29..36f5f3ee 100644
--- a/portal/inc_portal.php
+++ b/portal/inc_portal.php
@@ -4,19 +4,19 @@
  * Includes for all pages (except login)
  */
 
-include('../config.php');
-include('../functions.php');
-include('check_login.php');
-include('portal_functions.php');
+require_once('../config.php');
+require_once('../functions.php');
+require_once('check_login.php');
+require_once('portal_functions.php');
 
-if(!isset($_SESSION)){
-  // HTTP Only cookies
-  ini_set("session.cookie_httponly", True);
-  if($config_https_only){
-    // Tell client to only send cookie(s) over HTTPS
-    ini_set("session.cookie_secure", True);
-  }
-  session_start();
+if (!isset($_SESSION)) {
+    // HTTP Only cookies
+    ini_set("session.cookie_httponly", True);
+    if ($config_https_only) {
+        // Tell client to only send cookie(s) over HTTPS
+        ini_set("session.cookie_secure", True);
+    }
+    session_start();
 }
 
-include("portal_header.php");
\ No newline at end of file
+require_once("portal_header.php");
\ No newline at end of file
diff --git a/portal/index.php b/portal/index.php
index 60e49b6c..50f5858c 100644
--- a/portal/index.php
+++ b/portal/index.php
@@ -8,18 +8,18 @@ require_once("inc_portal.php");
 
 // Ticket status from GET
 if (!isset($_GET['status'])) {
-  // If nothing is set, assume we only want to see open tickets
-  $status = 'Open';
-  $ticket_status_snippet = "ticket_status != 'Closed'";
+    // If nothing is set, assume we only want to see open tickets
+    $status = 'Open';
+    $ticket_status_snippet = "ticket_status != 'Closed'";
 } elseif (isset($_GET['status']) && ($_GET['status']) == 'Open') {
-  $status = 'Open';
-  $ticket_status_snippet = "ticket_status != 'Closed'";
+    $status = 'Open';
+    $ticket_status_snippet = "ticket_status != 'Closed'";
 } elseif (isset($_GET['status']) && ($_GET['status']) == 'Closed') {
-  $status = 'Closed';
-  $ticket_status_snippet = "ticket_status = 'Closed'";
+    $status = 'Closed';
+    $ticket_status_snippet = "ticket_status = 'Closed'";
 } else {
-  $status = '%';
-  $ticket_status_snippet = "ticket_status LIKE '%'";
+    $status = '%';
+    $ticket_status_snippet = "ticket_status LIKE '%'";
 }
 
 $contact_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN contacts ON ticket_contact_id = contact_id WHERE $ticket_status_snippet AND ticket_contact_id = '$session_contact_id' AND ticket_client_id = '$session_client_id' ORDER BY ticket_id DESC");
@@ -41,39 +41,39 @@ $total_tickets = $row['total_tickets'];
 
 
 ?>
-<table>
-  <tr>
-    <th class="text-center">
-      <?php if(!empty($session_contact_photo)){ ?>
-      <img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." class=" img-size-50 img-circle">
-              
-      <?php }else{ ?>
-  
-      <span class="fa-stack fa-2x rounded-left">
+    <table>
+        <tr>
+            <th class="text-center">
+                <?php if (!empty($session_contact_photo)) { ?>
+                    <img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." class=" img-size-50 img-circle">
+
+                <?php } else { ?>
+
+                    <span class="fa-stack fa-2x rounded-left">
         <i class="fa fa-circle fa-stack-2x text-secondary"></i>
         <span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
       </span>
-      <br>
-              
-      <?php } ?>
-      <div class="text-dark"><?php echo $session_contact_name; ?></div>
-      <div><?php echo $session_contact_title; ?></div>
-    </th>
-    <th>
-      <div class="">
-        <h4 class="">Welcome, <b><?php echo $session_contact_name ?></b>!</h4>
-        <hr>           
-      </div>
-    </th> 
-  </tr>
-</table>
+                    <br>
 
-<br>
+                <?php } ?>
+                <div class="text-dark"><?php echo $session_contact_name; ?></div>
+                <div><?php echo $session_contact_title; ?></div>
+            </th>
+            <th>
+                <div class="">
+                    <h4 class="">Welcome, <b><?php echo $session_contact_name ?></b>!</h4>
+                    <hr>
+                </div>
+            </th>
+        </tr>
+    </table>
 
-<div class="row">
-        
-  <div class="col-10">
-    <div class="card">
+    <br>
+
+    <div class="row">
+
+        <div class="col-10">
+            <div class="card">
       <span class="border border-secondary">
         <table class="table">
           <thead class="thead-dark">
@@ -86,46 +86,46 @@ $total_tickets = $row['total_tickets'];
           <tbody>
 
             <?php
-            while($ticket = mysqli_fetch_array($contact_tickets)){
-              echo "<tr>";
-              echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_prefix]$ticket[ticket_number]</a></td>";
-              echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_subject]</a></td>";
-              echo "<td>$ticket[ticket_status]</td>";
-              echo "</tr>";
+            while ($ticket = mysqli_fetch_array($contact_tickets)) {
+                echo "<tr>";
+                echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_prefix]$ticket[ticket_number]</a></td>";
+                echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_subject]</a></td>";
+                echo "<td>$ticket[ticket_status]</td>";
+                echo "</tr>";
             }
             ?>
           </tbody>
         </table>
       </span>
+            </div>
+        </div>
+        <div class="col-2">
+
+            <div class="card">
+                <a href="ticket_add.php" class="btn btn-primary">New ticket</a>
+            </div>
+
+            <hr>
+
+            <a href="?status=Open">
+                <div class="card text-white bg-danger mb-3" style="max-width: 18rem;">
+                    <div class="card-header">My Open tickets | <b><?php echo $total_tickets_open ?></b></div>
+                </div>
+            </a>
+
+            <a href="?status=Closed">
+                <div class="card text-white bg-success mb-3" style="max-width: 18rem;">
+                    <div class="card-header">Resolved tickets | <b><?php echo $total_tickets_closed ?></b></div>
+                </div>
+            </a>
+
+            <a href="?status=%">
+                <div class="card text-white bg-secondary mb-3"  style="max-width: 18rem;">
+                    <div class="card-header">All my tickets | <b><?php echo $total_tickets ?></b></div>
+                </div>
+            </a>
+
+        </div>
     </div>
-  </div>
-  <div class="col-2">
-   
-    <div class="card">
-      <a href="ticket_add.php" class="btn btn-primary">New ticket</a>     
-    </div>    
-    
-    <hr>
-    
-    <a href="?status=Open">
-      <div class="card text-white bg-danger mb-3" style="max-width: 18rem;">
-        <div class="card-header">My Open tickets | <b><?php echo $total_tickets_open ?></b></div>
-      </div>
-    </a>
 
-    <a href="?status=Closed">
-      <div class="card text-white bg-success mb-3" style="max-width: 18rem;">
-        <div class="card-header">Resolved tickets | <b><?php echo $total_tickets_closed ?></b></div>
-      </div>
-    </a> 
-
-    <a href="?status=%">
-      <div class="card text-white bg-secondary mb-3"  style="max-width: 18rem;">
-        <div class="card-header">All my tickets | <b><?php echo $total_tickets ?></b></div>
-      </div>
-    </a>       
-
-  </div>
-</div>
-
-<?php include("portal_footer.php"); ?>
\ No newline at end of file
+<?php require_once("portal_footer.php"); ?>
\ No newline at end of file
diff --git a/portal/login.php b/portal/login.php
index ff10e1ce..bf25864b 100644
--- a/portal/login.php
+++ b/portal/login.php
@@ -9,20 +9,20 @@ require_once('../config.php');
 require_once('../functions.php');
 require_once ('../get_settings.php');
 
-if(!isset($_SESSION)){
-  // HTTP Only cookies
-  ini_set("session.cookie_httponly", True);
-  if($config_https_only){
-    // Tell client to only send cookie(s) over HTTPS
-    ini_set("session.cookie_secure", True);
-  }
-  session_start();
+if (!isset($_SESSION)) {
+    // HTTP Only cookies
+    ini_set("session.cookie_httponly", True);
+    if ($config_https_only) {
+        // Tell client to only send cookie(s) over HTTPS
+        ini_set("session.cookie_secure", True);
+    }
+    session_start();
 }
 
 $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
-$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
+$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
 
-$sql_settings = mysqli_query($mysqli,"SELECT config_azure_client_id FROM settings WHERE company_id = '1'");
+$sql_settings = mysqli_query($mysqli, "SELECT config_azure_client_id FROM settings WHERE company_id = '1'");
 $settings = mysqli_fetch_array($sql_settings);
 $client_id = $settings['config_azure_client_id'];
 
@@ -30,119 +30,119 @@ $company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE c
 $company_results = mysqli_fetch_array($company_sql);
 $company_name = $company_results['company_name'];
 
-if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])){
+if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
 
-  $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
-  $password = $_POST['password'];
-
-  if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
-    $_SESSION['login_message'] = 'Invalid e-mail';
-  }
-  else{
-    $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' LIMIT 1");
-    $row = mysqli_fetch_array($sql);
-    if($row['contact_auth_method'] == 'local'){
-      if(password_verify($password, $row['contact_password_hash'])){
-
-        $_SESSION['client_logged_in'] = TRUE;
-        $_SESSION['client_id'] = $row['contact_client_id'];
-        $_SESSION['contact_id'] = $row['contact_id'];
-        $_SESSION['company_id'] = $row['company_id'];
-        $_SESSION['login_method'] = "local";
-
-        header("Location: index.php");
-
-        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $row[contact_email] successfully logged in locally', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $row[contact_client_id]");
-
-      }
-      else{
-        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
-        $_SESSION['login_message'] = 'Incorrect username or password.';
-      }
+    $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
+    $password = $_POST['password'];
 
+    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+        $_SESSION['login_message'] = 'Invalid e-mail';
     }
-    else{
-      mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
-      $_SESSION['login_message'] = 'Incorrect username or password.';
+    else {
+        $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' LIMIT 1");
+        $row = mysqli_fetch_array($sql);
+        if ($row['contact_auth_method'] == 'local') {
+            if (password_verify($password, $row['contact_password_hash'])) {
+
+                $_SESSION['client_logged_in'] = TRUE;
+                $_SESSION['client_id'] = $row['contact_client_id'];
+                $_SESSION['contact_id'] = $row['contact_id'];
+                $_SESSION['company_id'] = $row['company_id'];
+                $_SESSION['login_method'] = "local";
+
+                header("Location: index.php");
+
+                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $row[contact_email] successfully logged in locally', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $row[contact_client_id]");
+
+            }
+            else {
+                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
+                $_SESSION['login_message'] = 'Incorrect username or password.';
+            }
+
+        }
+        else {
+            mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
+            $_SESSION['login_message'] = 'Incorrect username or password.';
+        }
     }
-  }
 }
 
 ?>
 <!DOCTYPE html>
 <html>
 <head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title><?php echo $company_name; ?> | Client Portal Login</title>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title><?php echo $company_name; ?> | Client Portal Login</title>
 
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <meta name="robots" content="noindex">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="robots" content="noindex">
 
-  <!-- Font Awesome -->
-  <link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
+    <!-- Font Awesome -->
+    <link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
 
-  <!-- Theme style -->
-  <link rel="stylesheet" href="../dist/css/adminlte.min.css">
+    <!-- Theme style -->
+    <link rel="stylesheet" href="../dist/css/adminlte.min.css">
 
-  <!-- Google Font: Source Sans Pro -->
-  <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
+    <!-- Google Font: Source Sans Pro -->
+    <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
 </head>
 
 <body class="hold-transition login-page">
 <div class="login-box">
-  <div class="login-logo"><b><?=$company_name?></b> <br>Client Portal Login</h2></div>
-  <div class="card">
-    <div class="card-body login-card-body">
-      <p class="login-box-msg text-danger">
-        <?php
-        if(!empty($_SESSION['login_message'])){
-          echo $_SESSION['login_message'];
-          unset($_SESSION['login_message']);
-        }
-        ?>
-      </p>
-      <form method="post">
-        <div class="input-group mb-3">
-          <input type="text" class="form-control" placeholder="Client Email" name="email" required autofocus>
-          <div class="input-group-append">
-            <div class="input-group-text">
-              <span class="fas fa-envelope"></span>
-            </div>
-          </div>
+    <div class="login-logo"><b><?=$company_name?></b> <br>Client Portal Login</h2></div>
+    <div class="card">
+        <div class="card-body login-card-body">
+            <p class="login-box-msg text-danger">
+                <?php
+                if (!empty($_SESSION['login_message'])) {
+                    echo $_SESSION['login_message'];
+                    unset($_SESSION['login_message']);
+                }
+                ?>
+            </p>
+            <form method="post">
+                <div class="input-group mb-3">
+                    <input type="text" class="form-control" placeholder="Client Email" name="email" required autofocus>
+                    <div class="input-group-append">
+                        <div class="input-group-text">
+                            <span class="fas fa-envelope"></span>
+                        </div>
+                    </div>
+                </div>
+                <div class="input-group mb-3">
+                    <input type="password" class="form-control" placeholder="Client Password" name="password" required>
+                    <div class="input-group-append">
+                        <div class="input-group-text">
+                            <span class="fas fa-lock"></span>
+                        </div>
+                    </div>
+                </div>
+
+                <button type="submit" class="btn btn-success btn-block mb-3" name="login">Login</button>
+
+                <?php
+                if (!empty($config_smtp_host)) { ?>
+                    <a href="login_reset.php">Forgotten password?</a>
+                <?php } ?>
+
+            </form>
+
+            <?php
+            if (!empty($client_id)) { ?>
+                <hr>
+                <div class="col text-center">
+                    <button type="button" class="btn btn-secondary" onclick="location.href = 'login_microsoft.php';">Login with Microsoft Azure AD</button>
+                </div>
+            <?php } ?>
+
         </div>
-        <div class="input-group mb-3">
-          <input type="password" class="form-control" placeholder="Client Password" name="password" required>
-          <div class="input-group-append">
-            <div class="input-group-text">
-              <span class="fas fa-lock"></span>
-            </div>
-          </div>
-        </div>
-
-        <button type="submit" class="btn btn-success btn-block mb-3" name="login">Login</button>
-
-        <?php
-          if (!empty($config_smtp_host)) { ?>
-            <a href="login_reset.php">Forgotten password?</a>
-          <?php } ?>
-
-      </form>
-
-      <?php
-      if(!empty($client_id)){ ?>
-        <hr>
-        <div class="col text-center">
-          <button type="button" class="btn btn-secondary" onclick="location.href = 'login_microsoft.php';">Login with Microsoft Azure AD</button>
-        </div>
-      <?php } ?>
+        <!-- /.login-card-body -->
 
     </div>
-    <!-- /.login-card-body -->
-
-  </div>
-  <!-- /.div.card -->
+    <!-- /.div.card -->
 
 </div>
 <!-- /.login-box -->
@@ -158,7 +158,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])){
 
 <!-- Prevents resubmit on refresh or back -->
 <script>
-    if(window.history.replaceState){
+    if (window.history.replaceState) {
         window.history.replaceState(null,null,window.location.href);
     }
 </script>
diff --git a/portal/login_microsoft.php b/portal/login_microsoft.php
index 3de64f77..6e7703e7 100644
--- a/portal/login_microsoft.php
+++ b/portal/login_microsoft.php
@@ -4,20 +4,20 @@
  * OAuth Login via Microsoft IDP
  */
 
-include('../config.php');
-include('../functions.php');
+require_once('../config.php');
+require_once('../functions.php');
 
-if(!isset($_SESSION)){
-  // HTTP Only cookies
-  ini_set("session.cookie_httponly", True);
-  if($config_https_only){
-    // Tell client to only send cookie(s) over HTTPS
-    ini_set("session.cookie_secure", True);
-  }
-  session_start();
+if (!isset($_SESSION)) {
+    // HTTP Only cookies
+    ini_set("session.cookie_httponly", true);
+    if ($config_https_only) {
+        // Tell client to only send cookie(s) over HTTPS
+        ini_set("session.cookie_secure", true);
+    }
+    session_start();
 }
 
-$sql_settings = mysqli_query($mysqli,"SELECT config_azure_client_id, config_azure_client_secret FROM settings WHERE company_id = '1'");
+$sql_settings = mysqli_query($mysqli, "SELECT config_azure_client_id, config_azure_client_secret FROM settings WHERE company_id = '1'");
 $settings = mysqli_fetch_array($sql_settings);
 
 $client_id = $settings['config_azure_client_id'];
@@ -31,96 +31,93 @@ $token_grant_url = "https://login.microsoftonline.com/organizations/oauth2/v2.0/
 
 // Initial Login Request, via Microsoft
 // Returns a authorization code if login was successful
-if ($_SERVER['REQUEST_METHOD'] == "GET"){
+if ($_SERVER['REQUEST_METHOD'] == "GET") {
 
-  $params = array (
-    'client_id' => $client_id,
-    'redirect_uri' => $redirect_uri,
-    'response_type' => 'code',
-    'response_mode' =>'form_post',
-    'scope' => 'https://graph.microsoft.com/User.Read',
-    'state' => session_id());
+    $params = array (
+        'client_id' => $client_id,
+        'redirect_uri' => $redirect_uri,
+        'response_type' => 'code',
+        'response_mode' =>'form_post',
+        'scope' => 'https://graph.microsoft.com/User.Read',
+        'state' => session_id());
 
-  header ('Location: '.$auth_code_url.'?'.http_build_query ($params));
+    header('Location: '.$auth_code_url.'?'.http_build_query($params));
 
 }
 
 // Login was successful, Microsoft has returned us a authorization code via POST
 // Request an access token using authorization code (& client secret) (server side)
-if (isset($_POST['code']) && $_POST['state'] == session_id()){
+if (isset($_POST['code']) && $_POST['state'] == session_id()) {
 
-  $params = array (
-    'client_id' =>$client_id,
-    'code' => $_POST['code'],
-    'redirect_uri' => $redirect_uri,
-    'grant_type' => 'authorization_code',
-    'client_secret' => $client_secret
-  );
-
-  // Send request via CURL (server side) so user cannot see the client secret
-  $ch = curl_init();
-  curl_setopt($ch, CURLOPT_URL,$token_grant_url);
-  curl_setopt($ch, CURLOPT_POST, 1);
-  curl_setopt($ch, CURLOPT_POSTFIELDS,
-  http_build_query($params));
-  curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
-  #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP
-
-  $access_token_response = json_decode(curl_exec($ch),1);
-
-  // Check if we have an access token
-  // If we do, send a request to Microsoft Graph API to get user info
-  if (isset($access_token_response['access_token'])){
+    $params = array (
+        'client_id' =>$client_id,
+        'code' => $_POST['code'],
+        'redirect_uri' => $redirect_uri,
+        'grant_type' => 'authorization_code',
+        'client_secret' => $client_secret
+    );
 
+    // Send request via CURL (server side) so user cannot see the client secret
     $ch = curl_init();
-    curl_setopt ($ch, CURLOPT_HTTPHEADER, array ('Authorization: Bearer '.$access_token_response['access_token'],
-      'Content-type: application/json'));
-    curl_setopt ($ch, CURLOPT_URL, "https://graph.microsoft.com/v1.0/me/");
-    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_URL, $token_grant_url);
+    curl_setopt($ch, CURLOPT_POST,  1);
+    curl_setopt($ch, CURLOPT_POSTFIELDS,
+        http_build_query($params));
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP
 
-    $msgraph_response = json_decode (curl_exec ($ch), 1);
+    $access_token_response = json_decode(curl_exec($ch), 1);
 
-    if (isset($msgraph_response['error'])){
-      // Something went wrong verifying the token/using the Graph API - quit
-      echo "Error with MS Graph API. Details:";
-      var_dump ($msgraph_response['error']);
-      exit();
+    // Check if we have an access token
+    // If we do, send a request to Microsoft Graph API to get user info
+    if (isset($access_token_response['access_token'])) {
+
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_HTTPHEADER, array ('Authorization: Bearer '.$access_token_response['access_token'],
+            'Content-type: application/json'));
+        curl_setopt($ch, CURLOPT_URL, "https://graph.microsoft.com/v1.0/me/");
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+        #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP
+
+        $msgraph_response = json_decode(curl_exec($ch), 1);
+
+        if (isset($msgraph_response['error'])) {
+            // Something went wrong verifying the token/using the Graph API - quit
+            echo "Error with MS Graph API. Details:";
+            var_dump($msgraph_response['error']);
+            exit();
+
+        } elseif (isset($msgraph_response['id'])) {
+
+            $upn = mysqli_real_escape_string($mysqli, $msgraph_response["userPrincipalName"]);
+
+            $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$upn' LIMIT 1");
+            $row = mysqli_fetch_array($sql);
+            if ($row['contact_auth_method'] == 'azure') {
+
+                $_SESSION['client_logged_in'] = TRUE;
+                $_SESSION['client_id'] = $row['contact_client_id'];
+                $_SESSION['contact_id'] = $row['contact_id'];
+                $_SESSION['company_id'] = $row['company_id'];
+                $_SESSION['login_method'] = "azure";
+
+                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $upn successfully logged in via Azure', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $row[contact_client_id]");
+
+                header("Location: index.php");
+
+            } else {
+                $_SESSION['login_message'] = 'Something went wrong with login. Ensure you are setup for SSO.';
+                header("Location: index.php");
+            }
+        }
+        header('Location: index.php');
+    } else {
+        echo "Error getting access_token";
     }
 
-    elseif(isset($msgraph_response['id'])){
-
-      $upn = mysqli_real_escape_string($mysqli, $msgraph_response["userPrincipalName"]);
-
-      $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$upn' LIMIT 1");
-      $row = mysqli_fetch_array($sql);
-      if($row['contact_auth_method'] == 'azure'){
-
-        $_SESSION['client_logged_in'] = TRUE;
-        $_SESSION['client_id'] = $row['contact_client_id'];
-        $_SESSION['contact_id'] = $row['contact_id'];
-        $_SESSION['company_id'] = $row['company_id'];
-        $_SESSION['login_method'] = "azure";
-
-        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $upn successfully logged in via Azure', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $row[contact_client_id]");
-
-        header("Location: index.php");
-
-      }
-      else{
-        $_SESSION['login_message'] = 'Something went wrong with login. Ensure you are setup for SSO.';
-        header("Location: index.php");
-      }
-    }
-    header ('Location: index.php');
-  }
-  else{
-    echo "Error getting access_token";
-  }
-
 }
 
 // If the user is just sat on the page, redirect them to login to try again
-if(empty($_GET)){
-  echo "<script> setTimeout(function(){ window.location = \"login.php\"; },1000);</script>";
+if (empty($_GET)) {
+    echo "<script> setTimeout(function() { window.location = \"login.php\"; },1000);</script>";
 }
\ No newline at end of file
diff --git a/portal/login_reset.php b/portal/login_reset.php
index 6351f6e6..d78cdec3 100644
--- a/portal/login_reset.php
+++ b/portal/login_reset.php
@@ -7,25 +7,25 @@
 $session_company_id = 1;
 require_once('../config.php');
 require_once('../functions.php');
-require_once ('../get_settings.php');
+require_once('../get_settings.php');
 
 if (empty($config_smtp_host)) {
-  header("Location: login.php");
-  exit();
+    header("Location: login.php");
+    exit();
 }
 
-if(!isset($_SESSION)){
-  // HTTP Only cookies
-  ini_set("session.cookie_httponly", True);
-  if($config_https_only){
-    // Tell client to only send cookie(s) over HTTPS
-    ini_set("session.cookie_secure", True);
-  }
-  session_start();
+if (!isset($_SESSION)) {
+    // HTTP Only cookies
+    ini_set("session.cookie_httponly", true);
+    if ($config_https_only) {
+        // Tell client to only send cookie(s) over HTTPS
+        ini_set("session.cookie_secure", true);
+    }
+    session_start();
 }
 
 $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
-$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
+$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
 
 $company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = '1'");
 $company_results = mysqli_fetch_array($company_sql);
@@ -35,107 +35,106 @@ DEFINE("WORDING_ERROR", "Something went wrong! Your link may have expired. Pleas
 
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
 
-  /*
-   * Send password reset email
-   */
-  if(isset($_POST['password_reset_email_request'])){
-
-    $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
-
-    $sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_client_id, company_id FROM contacts WHERE contact_email = '$email' AND contact_auth_method = 'local' LIMIT 1");
-    $row = mysqli_fetch_assoc($sql);
-
-    $id = $row['contact_id'];
-    $name = $row['contact_name'];
-    $client = $row['contact_client_id'];
-    $company = $row['company_id'];
-
-    if ($row['contact_email'] == $email) {
-      $token = key32gen();
-      $url = "https://$config_base_url/portal/login_reset.php?email=$email&token=$token&client=$client";
-      mysqli_query($mysqli, "UPDATE contacts SET contact_password_reset_token = '$token' WHERE contact_id = $id LIMIT 1");
-      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Sent a portal password reset e-mail for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client, company_id = $company");
-
-
-      // Send reset email
-      $subject = "Password reset for $company_name ITFlow Portal";
-      $body    = "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser: $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
-
-      $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
-        $config_mail_from_email, $config_mail_from_name,
-        $email, $name,
-        $subject, $body);
-
-      // Error handling
-      if ($mail !== true) {
-          mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $email', notification_timestamp = NOW(), company_id = $company");
-          mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $email regarding $subject. $mail', company_id = $company");
-      }
-
-      //End Mail IF
-    } else {
-      sleep(rand(2, 4)); // Mimic the e-mail send delay even if email is invalid to help prevent user enumeration
-    }
-
-    $_SESSION['login_message'] = "If your account exists, a reset link is on it's way!";
-
     /*
-     * Do password reset
+     * Send password reset email
      */
-  }
-  elseif(isset($_POST['password_reset_set_password'])){
+    if (isset($_POST['password_reset_email_request'])) {
+
+        $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
+
+        $sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_client_id, company_id FROM contacts WHERE contact_email = '$email' AND contact_auth_method = 'local' LIMIT 1");
+        $row = mysqli_fetch_assoc($sql);
+
+        $id = $row['contact_id'];
+        $name = $row['contact_name'];
+        $client = $row['contact_client_id'];
+        $company = $row['company_id'];
+
+        if ($row['contact_email'] == $email) {
+            $token = key32gen();
+            $url = "https://$config_base_url/portal/login_reset.php?email=$email&token=$token&client=$client";
+            mysqli_query($mysqli, "UPDATE contacts SET contact_password_reset_token = '$token' WHERE contact_id = $id LIMIT 1");
+            mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Sent a portal password reset e-mail for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client, company_id = $company");
+
+
+            // Send reset email
+            $subject = "Password reset for $company_name ITFlow Portal";
+            $body    = "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser: $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
+
+            $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
+                $config_mail_from_email, $config_mail_from_name,
+                $email, $name,
+                $subject, $body);
+
+            // Error handling
+            if ($mail !== true) {
+                mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $email', notification_timestamp = NOW(), company_id = $company");
+                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $email regarding $subject. $mail', company_id = $company");
+            }
+
+            //End Mail IF
+        } else {
+            sleep(rand(2, 4)); // Mimic the e-mail send delay even if email is invalid to help prevent user enumeration
+        }
+
+        $_SESSION['login_message'] = "If your account exists, a reset link is on it's way!";
+
+        /*
+         * Do password reset
+         */
+    } elseif (isset($_POST['password_reset_set_password'])) {
+
+        if (!isset($_POST['new_password']) || !isset($_POST['email']) || !isset($_POST['token']) || !isset($_POST['client'])) {
+            $_SESSION['login_message'] = WORDING_ERROR;
+        }
+
+        $token = strip_tags(mysqli_real_escape_string($mysqli, $_POST['token']));
+        $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
+        $client = intval(strip_tags(mysqli_real_escape_string($mysqli, $_POST['client'])));
+
+        // Query user
+        $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client AND contact_auth_method = 'local' LIMIT 1");
+        $contact_row = mysqli_fetch_array($sql);
+        $contact_id = $contact_row['contact_id'];
+        $name = $contact_row['contact_name'];
+        $company = $contact_row['company_id'];
+
+        // Ensure the token is correct
+        if (sha1($contact_row['contact_password_reset_token']) == sha1($token)) {
+
+            // Set password, invalidate token, logging
+            $password = mysqli_real_escape_string($mysqli, password_hash($_POST['new_password'], PASSWORD_DEFAULT));
+            mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password', contact_password_reset_token = NULL WHERE contact_id = $contact_id LIMIT 1");
+            mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Reset portal password for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client, company_id = $company");
+
+            // Send confirmation email
+            $subject = "Password reset confirmation for $company_name ITFlow Portal";
+            $body    = "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
+
+
+            $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
+                $config_mail_from_email, $config_mail_from_name,
+                $email, $name,
+                $subject, $body);
+
+            // Error handling
+            if ($mail !== true) {
+                mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $email', notification_timestamp = NOW(), company_id = $company");
+                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $email regarding $subject. $mail', company_id = $company");
+            }
+
+            // Redirect to login page
+            $_SESSION['login_message'] = "Password reset successfully!";
+            header("Location: login.php");
+            exit();
+
+        } else {
+            $_SESSION['login_message'] = WORDING_ERROR;
+        }
+
 
-    if(!isset($_POST['new_password']) || !isset($_POST['email']) || !isset($_POST['token']) || !isset($_POST['client'])) {
-      $_SESSION['login_message'] = WORDING_ERROR;
     }
 
-    $token = strip_tags(mysqli_real_escape_string($mysqli, $_POST['token']));
-    $email = strip_tags(mysqli_real_escape_string($mysqli, $_POST['email']));
-    $client = intval(strip_tags(mysqli_real_escape_string($mysqli, $_POST['client'])));
-
-    // Query user
-    $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client AND contact_auth_method = 'local' LIMIT 1");
-    $contact_row = mysqli_fetch_array($sql);
-    $contact_id = $contact_row['contact_id'];
-    $name = $contact_row['contact_name'];
-    $company = $contact_row['company_id'];
-
-    // Ensure the token is correct
-    if (sha1($contact_row['contact_password_reset_token']) == sha1($token)) {
-
-      // Set password, invalidate token, logging
-      $password = mysqli_real_escape_string($mysqli, password_hash($_POST['new_password'], PASSWORD_DEFAULT));
-      mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password', contact_password_reset_token = NULL WHERE contact_id = $contact_id LIMIT 1");
-      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Reset portal password for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client, company_id = $company");
-
-      // Send confirmation email
-      $subject = "Password reset confirmation for $company_name ITFlow Portal";
-      $body    = "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
-
-
-      $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
-        $config_mail_from_email, $config_mail_from_name,
-        $email, $name,
-        $subject, $body);
-
-      // Error handling
-      if ($mail !== true) {
-          mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $email', notification_timestamp = NOW(), company_id = $company");
-          mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $email regarding $subject. $mail', company_id = $company");
-      }
-
-      // Redirect to login page
-      $_SESSION['login_message'] = "Password reset successfully!";
-      header("Location: login.php");
-      exit();
-
-    } else {
-      $_SESSION['login_message'] = WORDING_ERROR;
-    }
-
-
-  }
-
 
 }
 
@@ -143,110 +142,110 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
 <!DOCTYPE html>
 <html>
 <head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title><?php echo $company_name; ?> | Password Reset</title>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title><?php echo $company_name; ?> | Password Reset</title>
 
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <meta name="robots" content="noindex">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="robots" content="noindex">
 
-  <!-- Font Awesome -->
-  <link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
+    <!-- Font Awesome -->
+    <link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
 
-  <!-- Theme style -->
-  <link rel="stylesheet" href="../dist/css/adminlte.min.css">
+    <!-- Theme style -->
+    <link rel="stylesheet" href="../dist/css/adminlte.min.css">
 
-  <!-- Google Font: Source Sans Pro -->
-  <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
+    <!-- Google Font: Source Sans Pro -->
+    <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
 </head>
 
 <body class="hold-transition login-page">
 <div class="login-box">
-  <div class="login-logo"><b><?=$company_name?></b> <br>Password Reset</h2></div>
-  <div class="card">
-    <div class="card-body login-card-body">
+    <div class="login-logo"><b><?=$company_name?></b> <br>Password Reset</h2></div>
+    <div class="card">
+        <div class="card-body login-card-body">
 
-      <form method="post">
+            <form method="post">
 
-        <?php
-        /*
-         * Password reset form
-         */
-        if (isset($_GET['token']) && isset($_GET['email']) && isset($_GET['client'])) {
+                <?php
+                /*
+                 * Password reset form
+                 */
+                if (isset($_GET['token']) && isset($_GET['email']) && isset($_GET['client'])) {
 
-          $token = strip_tags(mysqli_real_escape_string($mysqli, $_GET['token']));
-          $email = strip_tags(mysqli_real_escape_string($mysqli, $_GET['email']));
-          $client = intval(strip_tags(mysqli_real_escape_string($mysqli, $_GET['client'])));
+                    $token = strip_tags(mysqli_real_escape_string($mysqli, $_GET['token']));
+                    $email = strip_tags(mysqli_real_escape_string($mysqli, $_GET['email']));
+                    $client = intval(strip_tags(mysqli_real_escape_string($mysqli, $_GET['client'])));
 
-          $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client LIMIT 1");
-          $contact_row = mysqli_fetch_array($sql);
+                    $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client LIMIT 1");
+                    $contact_row = mysqli_fetch_array($sql);
 
-          // Sanity check
-          if (sha1($contact_row['contact_password_reset_token']) == sha1($token)) { ?>
+                    // Sanity check
+                    if (sha1($contact_row['contact_password_reset_token']) == sha1($token)) { ?>
 
-            <div class="input-group mb-3">
-              <input type="password" class="form-control" placeholder="New Password" name="new_password" required minlength="8">
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-lock"></span>
-                </div>
-              </div>
-            </div>
+                        <div class="input-group mb-3">
+                            <input type="password" class="form-control" placeholder="New Password" name="new_password" required minlength="8">
+                            <div class="input-group-append">
+                                <div class="input-group-text">
+                                    <span class="fas fa-lock"></span>
+                                </div>
+                            </div>
+                        </div>
 
-            <input type="hidden" name="token" value="<?=$token?>">
-            <input type="hidden" name="email" value="<?=$email?>">
-            <input type="hidden" name="client" value="<?=$client?>">
+                        <input type="hidden" name="token" value="<?=$token?>">
+                        <input type="hidden" name="email" value="<?=$email?>">
+                        <input type="hidden" name="client" value="<?=$client?>">
 
-            <button type="submit" class="btn btn-success btn-block mb-3" name="password_reset_set_password">Reset password</button>
+                        <button type="submit" class="btn btn-success btn-block mb-3" name="password_reset_set_password">Reset password</button>
 
 
-          <?php } else {
+                    <?php } else {
 
-            $_SESSION['login_message'] = WORDING_ERROR;
+                        $_SESSION['login_message'] = WORDING_ERROR;
 
-          }
+                    }
 
 
-          /*
-           * Else: Just show the form to request a reset token email
-           */
-        } else { ?>
+                    /*
+                     * Else: Just show the form to request a reset token email
+                     */
+                } else { ?>
 
-          <div class="input-group mb-3">
-            <input type="text" class="form-control" placeholder="Registered Client Email" name="email" required autofocus>
-            <div class="input-group-append">
-              <div class="input-group-text">
-                <span class="fas fa-envelope"></span>
-              </div>
-            </div>
-          </div>
+                    <div class="input-group mb-3">
+                        <input type="text" class="form-control" placeholder="Registered Client Email" name="email" required autofocus>
+                        <div class="input-group-append">
+                            <div class="input-group-text">
+                                <span class="fas fa-envelope"></span>
+                            </div>
+                        </div>
+                    </div>
 
-          <button type="submit" class="btn btn-success btn-block mb-3" name="password_reset_email_request">Reset my password</button>
+                    <button type="submit" class="btn btn-success btn-block mb-3" name="password_reset_email_request">Reset my password</button>
 
-        <?php }
-        ?>
+                <?php }
+                ?>
 
-      </form>
+            </form>
 
-      <p class="login-box-msg text-danger">
-        <?php
-        // Show feedback from session
-        if(!empty($_SESSION['login_message'])){
-          echo $_SESSION['login_message'];
-          unset($_SESSION['login_message']);
-        }
-        ?>
-      </p>
+            <p class="login-box-msg text-danger">
+                <?php
+                // Show feedback from session
+                if (!empty($_SESSION['login_message'])) {
+                    echo $_SESSION['login_message'];
+                    unset($_SESSION['login_message']);
+                }
+                ?>
+            </p>
 
-      <a href="login.php">Back to login</a>
+            <a href="login.php">Back to login</a>
 
 
+        </div>
+        <!-- /.login-card-body -->
+
     </div>
-    <!-- /.login-card-body -->
-
-  </div>
-  <!-- /.div.card -->
+    <!-- /.div.card -->
 
 </div>
 <!-- /.login-box -->
@@ -262,10 +261,10 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
 
 <!-- Prevents resubmit on refresh or back -->
 <script>
-    if(window.history.replaceState){
+    if (window.history.replaceState) {
         window.history.replaceState(null,null,window.location.href);
     }
 </script>
 
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/portal/portal_functions.php b/portal/portal_functions.php
index 56fcbbf7..f4b8cca4 100644
--- a/portal/portal_functions.php
+++ b/portal/portal_functions.php
@@ -7,32 +7,32 @@
 /*
  * Verifies a contact has access to a particular ticket ID, and that the ticket is in the correct state (open/closed) to perform an action
  */
-function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state){
+function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state) {
 
-  // Access the global variables
-  global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_client_id;
+    // Access the global variables
+    global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_client_id;
 
-  // Setup
-  if($expected_ticket_state == "Closed"){
-    // Closed tickets
-    $ticket_state_snippet = "ticket_status = 'Closed'";
-  }
-  else{
-    // Open (working/hold) tickets
-    $ticket_state_snippet = "ticket_status != 'Closed'";
-  }
+    // Setup
+    if ($expected_ticket_state == "Closed") {
+        // Closed tickets
+        $ticket_state_snippet = "ticket_status = 'Closed'";
+    }
+    else {
+        // Open (working/hold) tickets
+        $ticket_state_snippet = "ticket_status != 'Closed'";
+    }
 
-  // Verify the contact has access to the provided ticket ID
-  $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$requested_ticket_id' AND $ticket_state_snippet AND ticket_client_id = '$session_client_id' LIMIT 1");
-  $row = mysqli_fetch_array($sql);
-  $ticket_id = $row['ticket_id'];
+    // Verify the contact has access to the provided ticket ID
+    $sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$requested_ticket_id' AND $ticket_state_snippet AND ticket_client_id = '$session_client_id' LIMIT 1");
+    $row = mysqli_fetch_array($sql);
+    $ticket_id = $row['ticket_id'];
 
-  if(intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id)) {
-    // Client is ticket owner, or primary contact
-    return TRUE;
-  }
+    if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id)) {
+        // Client is ticket owner, or primary contact
+        return TRUE;
+    }
 
-  // Client is NOT ticket owner or primary contact
-  return FALSE;
+    // Client is NOT ticket owner or primary contact
+    return FALSE;
 
 }
\ No newline at end of file
diff --git a/portal/portal_header.php b/portal/portal_header.php
index a45efa6a..ede24c9f 100644
--- a/portal/portal_header.php
+++ b/portal/portal_header.php
@@ -8,61 +8,61 @@
 <!DOCTYPE html>
 <html>
 <head>
-<meta charset="utf-8">
-<meta http-equiv="X-UA-Compatible" content="IE=edge">
-<title><?php echo $config_app_name; ?> | Client Portal - Tickets</title>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title><?php echo $config_app_name; ?> | Client Portal - Tickets</title>
 
-<!-- Tell the browser to be responsive to screen width -->
-<meta name="viewport" content="width=device-width, initial-scale=1">
-<meta name="robots" content="noindex">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="robots" content="noindex">
 
-<!-- Font Awesome -->
-<link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
+    <!-- Font Awesome -->
+    <link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
 
-<!-- Theme style -->
-<link rel="stylesheet" href="../dist/css/adminlte.min.css">
+    <!-- Theme style -->
+    <link rel="stylesheet" href="../dist/css/adminlte.min.css">
 
-<!-- Google Font: Source Sans Pro -->
-<link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
+    <!-- Google Font: Source Sans Pro -->
+    <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
 </head>
 
 <!-- Navbar -->
 
 <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
-  <div class="container">
-    <a class="navbar-brand" href="index.php"><?php echo $config_app_name ?></a>
-    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
-      <span class="navbar-toggler-icon"></span>
-    </button>
+    <div class="container">
+        <a class="navbar-brand" href="index.php"><?php echo $config_app_name ?></a>
+        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
+            <span class="navbar-toggler-icon"></span>
+        </button>
 
-    <div class="collapse navbar-collapse" id="navbarSupportedContent">
-      <ul class="navbar-nav mr-auto">
-        <li class="nav-item <?php if(basename($_SERVER['PHP_SELF']) == "index.php") {echo "active";} ?>">
-          <a class="nav-link" href="index.php">Home</a>
-        </li>
-        <?php if($session_contact_id == $session_client_primary_contact_id) { ?>
-          <li class="nav-item">
-            <a class="nav-link" href="ticket_view_all.php">All Tickets</a>
-          </li>
-        <?php } ?>
-        <li class="nav-item">
-          <a class="nav-link" href="ticket_add.php">New Ticket</a>
-        </li>
-      </ul>
-      <ul class="nav navbar-nav pull-right">
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-            <?php echo $session_contact_name ?>
-          </a>
-          <div class="dropdown-menu" aria-labelledby="navbarDropdown">
-            <a class="dropdown-item" href="profile.php">Profile</a>
-            <div class="dropdown-divider"></div>
-            <a class="dropdown-item" href="portal_post.php?logout">Logout</a>
-          </div>
-        </li>
-      </ul>
+        <div class="collapse navbar-collapse" id="navbarSupportedContent">
+            <ul class="navbar-nav mr-auto">
+                <li class="nav-item <?php if (basename($_SERVER['PHP_SELF']) == "index.php") {echo "active";} ?>">
+                    <a class="nav-link" href="index.php">Home</a>
+                </li>
+                <?php if ($session_contact_id == $session_client_primary_contact_id) { ?>
+                    <li class="nav-item">
+                        <a class="nav-link" href="ticket_view_all.php">All Tickets</a>
+                    </li>
+                <?php } ?>
+                <li class="nav-item">
+                    <a class="nav-link" href="ticket_add.php">New Ticket</a>
+                </li>
+            </ul>
+            <ul class="nav navbar-nav pull-right">
+                <li class="nav-item dropdown">
+                    <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                        <?php echo $session_contact_name ?>
+                    </a>
+                    <div class="dropdown-menu" aria-labelledby="navbarDropdown">
+                        <a class="dropdown-item" href="profile.php">Profile</a>
+                        <div class="dropdown-divider"></div>
+                        <a class="dropdown-item" href="portal_post.php?logout">Logout</a>
+                    </div>
+                </li>
+            </ul>
+        </div>
     </div>
-  </div>
 </nav>
 
 <br>
diff --git a/portal/portal_post.php b/portal/portal_post.php
index ef5d80f6..656e9f00 100644
--- a/portal/portal_post.php
+++ b/portal/portal_post.php
@@ -6,156 +6,151 @@
 
 require_once("inc_portal.php");
 
-if(isset($_POST['add_ticket'])){
+if (isset($_POST['add_ticket'])) {
 
-  // Get ticket prefix/number
-  $sql_settings = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $session_company_id");
-  $row = mysqli_fetch_array($sql_settings);
-  $config_ticket_prefix = $row['config_ticket_prefix'];
-  $config_ticket_next_number = $row['config_ticket_next_number'];
+    // Get ticket prefix/number
+    $sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = $session_company_id");
+    $row = mysqli_fetch_array($sql_settings);
+    $config_ticket_prefix = $row['config_ticket_prefix'];
+    $config_ticket_next_number = $row['config_ticket_next_number'];
 
-  // HTML Purifier
-  require("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
-  $purifier_config = HTMLPurifier_Config::createDefault();
-  $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
-  $purifier = new HTMLPurifier($purifier_config);
+    // HTML Purifier
+    require_once("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
+    $purifier_config = HTMLPurifier_Config::createDefault();
+    $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
+    $purifier = new HTMLPurifier($purifier_config);
 
-  $client_id = $session_client_id;
-  $contact = $session_contact_id;
-  $subject = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['subject'])));
-  $details = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode(nl2br($_POST['details'])))));
+    $client_id = $session_client_id;
+    $contact = $session_contact_id;
+    $subject = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['subject'])));
+    $details = trim(mysqli_real_escape_string($mysqli, $purifier->purify(html_entity_decode(nl2br($_POST['details'])))));
 
-  // Ensure priority is low/med/high (as can be user defined)
-  if($_POST['priority'] !== "Low" && $_POST['priority'] !== "Medium" && $_POST['priority'] !== "High"){
-    $priority = "Low";
-  }
-  else{
-    $priority = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['priority'])));
-  }
-
-  // Get the next Ticket Number and add 1 for the new ticket number
-  $ticket_number = $config_ticket_next_number;
-  $new_config_ticket_next_number = $config_ticket_next_number + 1;
-  mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = $session_company_id");
-
-  mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = '0', ticket_contact_id = $contact, ticket_client_id = $client_id, company_id = $session_company_id");
-  $id = mysqli_insert_id($mysqli);
-
-  // Logging
-  mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'Client contact $session_contact_name created ticket $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $session_company_id");
-
-  header("Location: ticket.php?id=" . $id);
-
-}
-
-if(isset($_POST['add_ticket_comment'])){
-  // HTML Purifier
-  require("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
-  $purifier_config = HTMLPurifier_Config::createDefault();
-  $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
-  $purifier = new HTMLPurifier($purifier_config);
-
-  $ticket_id = intval($_POST['ticket_id']);
-
-  // Not currently providing the client portal with a full summer note editor, but need to maintain line breaks.
-  // In order to maintain line breaks consistently with the agent side, we need to allow HTML tags.
-  // So, we need to convert line breaks to HTML and clean HTML with HTML Purifier
-  $comment = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode(nl2br($_POST['comment'])))));
-
-  // After stripping bad HTML, check the comment isn't just empty
-  if(empty($comment)){
-    header("Location: " . $_SERVER["HTTP_REFERER"]);
-    exit;
-  }
-
-  // Verify the contact has access to the provided ticket ID
-  if(verifyContactTicketAccess($ticket_id, "Open")) {
-
-    // Add the comment
-    mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = '$comment', ticket_reply_type = 'Client', ticket_reply_created_at = NOW(), ticket_reply_by = '$session_contact_id', ticket_reply_ticket_id = '$ticket_id', company_id = '$session_company_id'");
-
-    // Update Ticket Last Response Field & set ticket to open as client has replied
-    mysqli_query($mysqli,"UPDATE tickets SET ticket_status = 'Open', ticket_updated_at = NOW() WHERE ticket_id = $ticket_id AND ticket_client_id = '$session_client_id' LIMIT 1");
-
-    // Redirect
-    header("Location: " . $_SERVER["HTTP_REFERER"]);
-  }
-  else {
-    // The client does not have access to this ticket
-    header("Location: portal_post.php?logout");
-    exit();
-  }
-}
-
-if(isset($_POST['add_ticket_feedback'])){
-  $ticket_id = intval($_POST['ticket_id']);
-  $feedback = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['add_ticket_feedback'])));
-
-  // Verify the contact has access to the provided ticket ID
-  if(verifyContactTicketAccess($ticket_id, "Closed")) {
-
-    // Add feedback
-    mysqli_query($mysqli, "UPDATE tickets SET ticket_feedback = '$feedback' WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' LIMIT 1");
-
-    // Notify on bad feedback
-    if($feedback == "Bad"){
-      mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Feedback', notification = '$session_contact_name rated ticket ID $ticket_id as bad', notification_timestamp = NOW(), notification_client_id = '$session_client_id', company_id = '$session_company_id'");
+    // Ensure priority is low/med/high (as can be user defined)
+    if ($_POST['priority'] !== "Low" && $_POST['priority'] !== "Medium" && $_POST['priority'] !== "High") {
+        $priority = "Low";
+    } else {
+        $priority = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['priority'])));
     }
 
-    // Redirect
-    header("Location: " . $_SERVER["HTTP_REFERER"]);
-  }
-  else {
-    // The client does not have access to this ticket
-    header("Location: portal_post.php?logout");
-    exit();
-  }
+    // Get the next Ticket Number and add 1 for the new ticket number
+    $ticket_number = $config_ticket_next_number;
+    $new_config_ticket_next_number = $config_ticket_next_number + 1;
+    mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = $session_company_id");
+
+    mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = '0', ticket_contact_id = $contact, ticket_client_id = $client_id, company_id = $session_company_id");
+    $id = mysqli_insert_id($mysqli);
+
+    // Logging
+    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'Client contact $session_contact_name created ticket $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $session_company_id");
+
+    header("Location: ticket.php?id=" . $id);
 
 }
 
-if(isset($_GET['close_ticket'])){
-  $ticket_id = intval($_GET['close_ticket']);
+if (isset($_POST['add_ticket_comment'])) {
+    // HTML Purifier
+    require_once("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
+    $purifier_config = HTMLPurifier_Config::createDefault();
+    $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
+    $purifier = new HTMLPurifier($purifier_config);
 
-  // Verify the contact has access to the provided ticket ID
-  if(verifyContactTicketAccess($ticket_id, "Open")) {
+    $ticket_id = intval($_POST['ticket_id']);
 
-    // Close ticket
-    mysqli_query($mysqli,"UPDATE tickets SET ticket_status = 'Closed', ticket_updated_at = NOW(), ticket_closed_at = NOW() WHERE ticket_id = $ticket_id AND ticket_client_id = '$session_client_id'");
+    // Not currently providing the client portal with a full summer note editor, but need to maintain line breaks.
+    // In order to maintain line breaks consistently with the agent side, we need to allow HTML tags.
+    // So, we need to convert line breaks to HTML and clean HTML with HTML Purifier
+    $comment = trim(mysqli_real_escape_string($mysqli, $purifier->purify(html_entity_decode(nl2br($_POST['comment'])))));
 
-    // Add reply
-    mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = 'Ticket closed by $session_contact_name.', ticket_reply_type = 'Client', ticket_reply_created_at = NOW(), ticket_reply_by = '$session_contact_id', ticket_reply_ticket_id = '$ticket_id', company_id = $session_company_id");
+    // After stripping bad HTML, check the comment isn't just empty
+    if (empty($comment)) {
+        header("Location: " . $_SERVER["HTTP_REFERER"]);
+        exit;
+    }
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Closed', log_description = '$ticket_id Closed by client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id");
+    // Verify the contact has access to the provided ticket ID
+    if (verifyContactTicketAccess($ticket_id, "Open")) {
 
-    header("Location: ticket.php?id=" . $ticket_id);
-  }
-  else {
-    // The client does not have access to this ticket
-    // This is only a GET request, might just be a mistake
-    header("Location: index.php");
-    exit();
-  }
+        // Add the comment
+        mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = '$comment', ticket_reply_type = 'Client', ticket_reply_created_at = NOW(), ticket_reply_by = '$session_contact_id', ticket_reply_ticket_id = '$ticket_id', company_id = '$session_company_id'");
+
+        // Update Ticket Last Response Field & set ticket to open as client has replied
+        mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 'Open', ticket_updated_at = NOW() WHERE ticket_id = $ticket_id AND ticket_client_id = '$session_client_id' LIMIT 1");
+
+        // Redirect
+        header("Location: " . $_SERVER["HTTP_REFERER"]);
+    } else {
+        // The client does not have access to this ticket
+        header("Location: portal_post.php?logout");
+        exit();
+    }
 }
 
-if(isset($_GET['logout'])){
-  setcookie("PHPSESSID", '', time() - 3600, "/");
-  unset($_COOKIE['PHPSESSID']);
+if (isset($_POST['add_ticket_feedback'])) {
+    $ticket_id = intval($_POST['ticket_id']);
+    $feedback = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['add_ticket_feedback'])));
 
-  session_unset();
-  session_destroy();
+    // Verify the contact has access to the provided ticket ID
+    if (verifyContactTicketAccess($ticket_id, "Closed")) {
+
+        // Add feedback
+        mysqli_query($mysqli, "UPDATE tickets SET ticket_feedback = '$feedback' WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' LIMIT 1");
+
+        // Notify on bad feedback
+        if ($feedback == "Bad") {
+            mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Feedback', notification = '$session_contact_name rated ticket ID $ticket_id as bad', notification_timestamp = NOW(), notification_client_id = '$session_client_id', company_id = '$session_company_id'");
+        }
+
+        // Redirect
+        header("Location: " . $_SERVER["HTTP_REFERER"]);
+    } else {
+        // The client does not have access to this ticket
+        header("Location: portal_post.php?logout");
+        exit();
+    }
 
-  header('Location: login.php');
 }
 
-if(isset($_POST['edit_profile'])){
-  $new_password = $_POST['new_password'];
-  if(!empty($new_password)){
-    $password_hash = password_hash($new_password, PASSWORD_DEFAULT);
-    mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_id = '$session_contact_id' AND contact_client_id = '$session_client_id'");
+if (isset($_GET['close_ticket'])) {
+    $ticket_id = intval($_GET['close_ticket']);
 
-    //Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Client contact $session_contact_name modified their profile/password.', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $session_client_id, company_id = $session_company_id");
-  }
-  header('Location: index.php');
+    // Verify the contact has access to the provided ticket ID
+    if (verifyContactTicketAccess($ticket_id, "Open")) {
+
+        // Close ticket
+        mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 'Closed', ticket_updated_at = NOW(), ticket_closed_at = NOW() WHERE ticket_id = $ticket_id AND ticket_client_id = '$session_client_id'");
+
+        // Add reply
+        mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = 'Ticket closed by $session_contact_name.', ticket_reply_type = 'Client', ticket_reply_created_at = NOW(), ticket_reply_by = '$session_contact_id', ticket_reply_ticket_id = '$ticket_id', company_id = $session_company_id");
+
+        //Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Closed', log_description = '$ticket_id Closed by client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id");
+
+        header("Location: ticket.php?id=" . $ticket_id);
+    } else {
+        // The client does not have access to this ticket - send them home
+        header("Location: index.php");
+        exit();
+    }
+}
+
+if (isset($_GET['logout'])) {
+    setcookie("PHPSESSID", '', time() - 3600, "/");
+    unset($_COOKIE['PHPSESSID']);
+
+    session_unset();
+    session_destroy();
+
+    header('Location: login.php');
+}
+
+if (isset($_POST['edit_profile'])) {
+    $new_password = $_POST['new_password'];
+    if (!empty($new_password)) {
+        $password_hash = password_hash($new_password, PASSWORD_DEFAULT);
+        mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_id = '$session_contact_id' AND contact_client_id = '$session_client_id'");
+
+        // Logging
+        mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Client contact $session_contact_name modified their profile/password.', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $session_client_id, company_id = $session_company_id");
+    }
+    header('Location: index.php');
 }
\ No newline at end of file
diff --git a/portal/profile.php b/portal/profile.php
index dfe2cd0f..7f8b76e0 100644
--- a/portal/profile.php
+++ b/portal/profile.php
@@ -12,30 +12,30 @@ require('inc_portal.php');
 <p>Name: <?php echo $session_contact_name ?></p>
 <p>Email: <?php echo $session_contact_email ?></p>
 <p>Client: <?php echo $session_client_name ?></p>
-<p>Client Primary Contact: <?php if($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
+<p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
 <p>Login via: <?php echo $_SESSION['login_method'] ?> </p>
 
 
-<!--  // Show option to change password if auth provider is local -->
-<?php if($_SESSION['login_method'] == 'local'): ?>
-  <hr>
-  <div class="col-md-6">
-    <h4>Password</h4>
-    <form action="portal_post.php" method="post" autocomplete="off">
-      <div class="form-group">
-        <label>New Password</label>
-        <div class="input-group">
-          <div class="input-group-prepend">
-            <span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
-          </div>
-          <input type="password" class="form-control" minlength="6" required data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password">
-        </div>
-      </div>
-      <button type="submit" name="edit_profile" class="btn btn-primary mt-3"><i class="fa fa-fw fa-check"></i> Save password</button>
-    </form>
-  </div>
+    <!--  // Show option to change password if auth provider is local -->
+<?php if ($_SESSION['login_method'] == 'local'): ?>
+    <hr>
+    <div class="col-md-6">
+        <h4>Password</h4>
+        <form action="portal_post.php" method="post" autocomplete="off">
+            <div class="form-group">
+                <label>New Password</label>
+                <div class="input-group">
+                    <div class="input-group-prepend">
+                        <span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
+                    </div>
+                    <input type="password" class="form-control" minlength="6" required data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password">
+                </div>
+            </div>
+            <button type="submit" name="edit_profile" class="btn btn-primary mt-3"><i class="fa fa-fw fa-check"></i> Save password</button>
+        </form>
+    </div>
 
 <?php endif ?>
 
 <?php
-include('portal_footer.php');
\ No newline at end of file
+require_once('portal_footer.php');
\ No newline at end of file
diff --git a/portal/ticket.php b/portal/ticket.php
index 64b90015..1e50b74c 100644
--- a/portal/ticket.php
+++ b/portal/ticket.php
@@ -6,160 +6,157 @@
 
 require_once("inc_portal.php");
 
-if(isset($_GET['id']) && intval($_GET['id'])) {
-  $ticket_id = intval($_GET['id']);
+if (isset($_GET['id']) && intval($_GET['id'])) {
+    $ticket_id = intval($_GET['id']);
 
-  if($session_contact_id == $session_client_primary_contact_id){
-    $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'");
-  }
-  else{
-    $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'");
-  }
+    if ($session_contact_id == $session_client_primary_contact_id) {
+        $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'");
+    } else {
+        $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'");
+    }
 
-  $ticket = mysqli_fetch_array($ticket_sql);
+    $ticket = mysqli_fetch_array($ticket_sql);
 
-  if ($ticket) {
-    ?>
-    
-  <nav class="navbar navbar-dark bg-dark">
-    
-   <i class="fas fa-fw fa-ticket-alt text-secondary"></i> <a class="navbar-brand">Ticket <?php echo $ticket['ticket_prefix'], $ticket['ticket_number'] ?></a>
-      
-    <span class="navbar-text">
+    if ($ticket) {
+        ?>
+
+        <nav class="navbar navbar-dark bg-dark">
+
+            <i class="fas fa-fw fa-ticket-alt text-secondary"></i> <a class="navbar-brand">Ticket <?php echo $ticket['ticket_prefix'], $ticket['ticket_number'] ?></a>
+
+            <span class="navbar-text">
       <?php
-    if($ticket['ticket_status'] !== "Closed"){ ?>
-      <button class="btn btn-sm btn-outline-success my-2 my-sm-0 form-inline my-2 my-lg-0" type="submit"><a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>"><i class="fas fa-fw fa-check text-secondary text-success"></i>  Close ticket</a></button>
-    <?php } ?>
+      if ($ticket['ticket_status'] !== "Closed") { ?>
+          <button class="btn btn-sm btn-outline-success my-2 my-sm-0 form-inline my-2 my-lg-0" type="submit"><a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>"><i class="fas fa-fw fa-check text-secondary text-success"></i>  Close ticket</a></button>
+      <?php } ?>
     </span>
-  
-  </nav>
 
-    <div class="card">
-      <div class="card-header">
-        <h3 class="card-title"><b>Subject:</b> <?php echo $ticket['ticket_subject'] ?></h3>
-      </div>
-      <div class="card-body">
-        <p>
-          <b>State:</b> <?php echo $ticket['ticket_status'] ?>
-          <br>
-          <b>Priority:</b> <?php echo $ticket['ticket_priority'] ?>
-        </p>
-        <b>Issue:</b> <?php echo $ticket['ticket_details'] ?>
-      </div>
-    </div>
+        </nav>
 
-          
-    <!-- Either show the reply comments box, ticket smiley feedback, or thanks for feedback -->
+        <div class="card">
+            <div class="card-header">
+                <h3 class="card-title"><b>Subject:</b> <?php echo $ticket['ticket_subject'] ?></h3>
+            </div>
+            <div class="card-body">
+                <p>
+                    <b>State:</b> <?php echo $ticket['ticket_status'] ?>
+                    <br>
+                    <b>Priority:</b> <?php echo $ticket['ticket_priority'] ?>
+                </p>
+                <b>Issue:</b> <?php echo $ticket['ticket_details'] ?>
+            </div>
+        </div>
 
-    <?php if($ticket['ticket_status'] !== "Closed") { ?>
-      <div class="form-group">
-        <form action="portal_post.php" method="post">
-          <div class="form-group">
-            <textarea class="form-control" name="comment" placeholder="Add comments.."></textarea>
-          </div>
-          <input type="hidden" name="ticket_id" value="<?php echo $ticket['ticket_id'] ?>">
-          <button type="submit" class="btn btn-primary" name="add_ticket_comment">Save reply</button>
-        </form>
-      </div>
-    <?php }
 
-    elseif(empty($ticket['ticket_feedback'])) { ?>
+        <!-- Either show the reply comments box, ticket smiley feedback, or thanks for feedback -->
 
-      <h4>Rate your ticket</h4>
+        <?php if ($ticket['ticket_status'] !== "Closed") { ?>
+            <div class="form-group">
+                <form action="portal_post.php" method="post">
+                    <div class="form-group">
+                        <textarea class="form-control" name="comment" placeholder="Add comments.."></textarea>
+                    </div>
+                    <input type="hidden" name="ticket_id" value="<?php echo $ticket['ticket_id'] ?>">
+                    <button type="submit" class="btn btn-primary" name="add_ticket_comment">Save reply</button>
+                </form>
+            </div>
+        <?php }
 
-      <form action="portal_post.php" method="post">
-        <input type="hidden" name="ticket_id" value="<?php echo $ticket['ticket_id'] ?>">
+        elseif (empty($ticket['ticket_feedback'])) { ?>
 
-        <button type="submit" class="btn btn-primary btn-lg" name="add_ticket_feedback" value="Good" onclick="this.form.submit()">
-          <span class="fa fa-smile" aria-hidden="true"></span> Good
-        </button>
+            <h4>Rate your ticket</h4>
 
-        <button type="submit" class="btn btn-danger btn-lg" name="add_ticket_feedback" value="Bad" onclick="this.form.submit()">
-          <span class="fa fa-frown" aria-hidden="true"></span> Bad
-        </button>
-      </form>
+            <form action="portal_post.php" method="post">
+                <input type="hidden" name="ticket_id" value="<?php echo $ticket['ticket_id'] ?>">
 
-    <?php }
+                <button type="submit" class="btn btn-primary btn-lg" name="add_ticket_feedback" value="Good" onclick="this.form.submit()">
+                    <span class="fa fa-smile" aria-hidden="true"></span> Good
+                </button>
 
-    else{ ?>
+                <button type="submit" class="btn btn-danger btn-lg" name="add_ticket_feedback" value="Bad" onclick="this.form.submit()">
+                    <span class="fa fa-frown" aria-hidden="true"></span> Bad
+                </button>
+            </form>
 
-      <h4>Rated <?php echo $ticket['ticket_feedback'] ?> -- Thanks for your feedback!</h4>
+        <?php }
 
-    <?php } ?>
+        else { ?>
 
-    <!-- End comments/feedback -->
+            <h4>Rated <?php echo $ticket['ticket_feedback'] ?> -- Thanks for your feedback!</h4>
 
-    <hr><br>
+        <?php } ?>
 
-    <?php
-    $sql = mysqli_query($mysqli,"SELECT * FROM ticket_replies LEFT JOIN users ON ticket_reply_by = user_id LEFT JOIN contacts ON ticket_reply_by = contact_id WHERE ticket_reply_ticket_id = $ticket_id AND ticket_reply_archived_at IS NULL AND ticket_reply_type != 'Internal' ORDER BY ticket_reply_id DESC");
+        <!-- End comments/feedback -->
 
-    while($row = mysqli_fetch_array($sql)){
-      $ticket_reply_id = $row['ticket_reply_id'];
-      $ticket_reply = $row['ticket_reply'];
-      $ticket_reply_created_at = $row['ticket_reply_created_at'];
-      $ticket_reply_updated_at = $row['ticket_reply_updated_at'];
-      $ticket_reply_by = $row['ticket_reply_by'];
-      $ticket_reply_type = $row['ticket_reply_type'];
+        <hr><br>
 
-      if($ticket_reply_type == "Client"){
-        $ticket_reply_by_display = $row['contact_name'];
-        $user_initials = initials($row['contact_name']);
-        $user_avatar = $row['contact_photo'];
-        $avatar_link = "../uploads/clients/$session_company_id/$session_client_id/$user_avatar";
-      }
-      else{
-        $ticket_reply_by_display = $row['user_name'];
-        $user_id = $row['user_id'];
-        $user_avatar = $row['user_avatar'];
-        $user_initials = initials($row['user_name']);
-        $avatar_link = "../uploads/users/$user_id/$user_avatar";
-      }
-      ?>
+        <?php
+        $sql = mysqli_query($mysqli, "SELECT * FROM ticket_replies LEFT JOIN users ON ticket_reply_by = user_id LEFT JOIN contacts ON ticket_reply_by = contact_id WHERE ticket_reply_ticket_id = $ticket_id AND ticket_reply_archived_at IS NULL AND ticket_reply_type != 'Internal' ORDER BY ticket_reply_id DESC");
 
-      <div class="card card-outline <?php if($ticket_reply_type == 'Client') {echo "card-warning"; } else{ echo "card-info"; } ?> mb-3">
-        <div class="card-header">
-          <h3 class="card-title">
-            <div class="media">
-              <?php if(!empty($user_avatar)){ ?>
-                <img src="<?php echo $avatar_link ?>" alt="User Avatar" class="img-size-50 mr-3 img-circle">
-              <?php }else{ ?>
-                <span class="fa-stack fa-2x">
+        while ($row = mysqli_fetch_array($sql)) {
+            $ticket_reply_id = $row['ticket_reply_id'];
+            $ticket_reply = $row['ticket_reply'];
+            $ticket_reply_created_at = $row['ticket_reply_created_at'];
+            $ticket_reply_updated_at = $row['ticket_reply_updated_at'];
+            $ticket_reply_by = $row['ticket_reply_by'];
+            $ticket_reply_type = $row['ticket_reply_type'];
+
+            if ($ticket_reply_type == "Client") {
+                $ticket_reply_by_display = $row['contact_name'];
+                $user_initials = initials($row['contact_name']);
+                $user_avatar = $row['contact_photo'];
+                $avatar_link = "../uploads/clients/$session_company_id/$session_client_id/$user_avatar";
+            } else {
+                $ticket_reply_by_display = $row['user_name'];
+                $user_id = $row['user_id'];
+                $user_avatar = $row['user_avatar'];
+                $user_initials = initials($row['user_name']);
+                $avatar_link = "../uploads/users/$user_id/$user_avatar";
+            }
+            ?>
+
+            <div class="card card-outline <?php if ($ticket_reply_type == 'Client') { echo "card-warning"; } else { echo "card-info"; } ?> mb-3">
+                <div class="card-header">
+                    <h3 class="card-title">
+                        <div class="media">
+                            <?php if (!empty($user_avatar)) { ?>
+                                <img src="<?php echo $avatar_link ?>" alt="User Avatar" class="img-size-50 mr-3 img-circle">
+                            <?php } else { ?>
+                                <span class="fa-stack fa-2x">
             <i class="fa fa-circle fa-stack-2x text-secondary"></i>
             <span class="fa fa-stack-1x text-white"><?php echo $user_initials; ?></span>
           </span>
-                <?php
-              }
-              ?>
+                                <?php
+                            }
+                            ?>
 
-              <div class="media-body">
-                <?php echo $ticket_reply_by_display; ?>
-                <br>
-                <small class="text-muted"><?php echo $ticket_reply_created_at; ?> <?php if(!empty($ticket_reply_updated_at)){ echo "(edited: $ticket_reply_updated_at)"; } ?></small>
-              </div>
+                            <div class="media-body">
+                                <?php echo $ticket_reply_by_display; ?>
+                                <br>
+                                <small class="text-muted"><?php echo $ticket_reply_created_at; ?> <?php if (!empty($ticket_reply_updated_at)) { echo "(edited: $ticket_reply_updated_at)"; } ?></small>
+                            </div>
+                        </div>
+                    </h3>
+                </div>
+
+                <div class="card-body">
+                    <?php echo $ticket_reply; ?>
+                </div>
             </div>
-          </h3>
-        </div>
 
-        <div class="card-body">
-          <?php echo $ticket_reply; ?>
-        </div>
-      </div>
+            <?php
 
-      <?php
+        }
 
+        ?>
+
+        <?php
+    } else {
+        echo "Ticket ID not found!";
     }
 
-    ?>
-
-    <?php
-  }
-  else{
-    echo "Ticket ID not found!";
-  }
-}
-else{
-  header("Location: index.php");
+} else {
+    header("Location: index.php");
 }
 
 require_once("portal_footer.php");
diff --git a/portal/ticket_add.php b/portal/ticket_add.php
index 902115e9..9f7d5e10 100644
--- a/portal/ticket_add.php
+++ b/portal/ticket_add.php
@@ -7,44 +7,44 @@
 require('inc_portal.php');
 ?>
 
-<h2>Raise a new ticket</h2>
+    <h2>Raise a new ticket</h2>
 
-<div class="col-8">
-  <form action="portal_post.php" method="post">
+    <div class="col-8">
+        <form action="portal_post.php" method="post">
 
-    <div class="form-group">
-      <label>Subject <strong class="text-danger">*</strong></label>
-      <div class="input-group">
-        <div class="input-group-prepend">
-          <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
-        </div>
-        <input type="text" class="form-control" name="subject" placeholder="Subject" required>
-      </div>
+            <div class="form-group">
+                <label>Subject <strong class="text-danger">*</strong></label>
+                <div class="input-group">
+                    <div class="input-group-prepend">
+                        <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
+                    </div>
+                    <input type="text" class="form-control" name="subject" placeholder="Subject" required>
+                </div>
+            </div>
+
+            <div class="form-group">
+                <label>Priority <strong class="text-danger">*</strong></label>
+                <div class="input-group">
+                    <div class="input-group-prepend">
+                        <span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
+                    </div>
+                    <select class="form-control select2" name="priority" required>
+                        <option>Low</option>
+                        <option>Medium</option>
+                        <option>High</option>
+                    </select>
+                </div>
+            </div>
+
+            <div class="form-group">
+                <label>Details <strong class="text-danger">*</strong></label>
+                <textarea class="form-control" rows="4" name="details" required></textarea>
+            </div>
+
+            <button class="btn btn-primary" name="add_ticket">Raise ticket</button>
+
+        </form>
     </div>
 
-    <div class="form-group">
-      <label>Priority <strong class="text-danger">*</strong></label>
-      <div class="input-group">
-        <div class="input-group-prepend">
-          <span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
-        </div>
-        <select class="form-control select2" name="priority" required>
-          <option>Low</option>
-          <option>Medium</option>
-          <option>High</option>
-        </select>
-      </div>
-    </div>
-
-    <div class="form-group">
-      <label>Details <strong class="text-danger">*</strong></label>
-      <textarea class="form-control" rows="4" name="details" required></textarea>
-    </div>
-
-    <button class="btn btn-primary" name="add_ticket">Raise ticket</button>
-
-  </form>
-</div>
-
 <?php
-include('portal_footer.php');
+require_once('portal_footer.php');
diff --git a/portal/ticket_view_all.php b/portal/ticket_view_all.php
index 06f46e9c..7dc48a2a 100644
--- a/portal/ticket_view_all.php
+++ b/portal/ticket_view_all.php
@@ -6,67 +6,67 @@
 
 require('inc_portal.php');
 
-if($session_contact_id !== $session_client_primary_contact_id){
-  header("Location: portal_post.php?logout");
-  exit();
+if ($session_contact_id !== $session_client_primary_contact_id) {
+    header("Location: portal_post.php?logout");
+    exit();
 }
 
 // Ticket status from GET
 if (!isset($_GET['status'])) {
-  // If nothing is set, assume we only want to see open tickets
-  $status = 'Open';
-  $ticket_status_snippet = "ticket_status != 'Closed'";
+    // If nothing is set, assume we only want to see open tickets
+    $status = 'Open';
+    $ticket_status_snippet = "ticket_status != 'Closed'";
 } elseif (isset($_GET['status']) && ($_GET['status']) == 'Open') {
-  $status = 'Open';
-  $ticket_status_snippet = "ticket_status != 'Closed'";
+    $status = 'Open';
+    $ticket_status_snippet = "ticket_status != 'Closed'";
 } elseif (isset($_GET['status']) && ($_GET['status']) == 'Closed') {
-  $status = 'Closed';
-  $ticket_status_snippet = "ticket_status = 'Closed'";
+    $status = 'Closed';
+    $ticket_status_snippet = "ticket_status = 'Closed'";
 } else {
-  $status = '%';
-  $ticket_status_snippet = "ticket_status LIKE '%'";
+    $status = '%';
+    $ticket_status_snippet = "ticket_status LIKE '%'";
 }
 
 $all_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN contacts ON ticket_contact_id = contact_id WHERE $ticket_status_snippet AND ticket_client_id = '$session_client_id' ORDER BY ticket_id DESC");
 ?>
 
-  <h2>All tickets</h2>
-  <div class="col-md-2">
-    <div class="form-group">
-      <form method="get">
-        <label>Ticket Status</label>
-        <select class="form-control" name="status" onchange="this.form.submit()">
-          <option value="%" <?php if($status == "%"){echo "selected";}?> >Any</option>
-          <option value="Open" <?php if($status == "Open"){echo "selected";}?> >Open</option>
-          <option value="Closed" <?php if($status == "Closed"){echo "selected";}?> >Closed</option>
-        </select>
-      </form>
+    <h2>All tickets</h2>
+    <div class="col-md-2">
+        <div class="form-group">
+            <form method="get">
+                <label>Ticket Status</label>
+                <select class="form-control" name="status" onchange="this.form.submit()">
+                    <option value="%" <?php if ($status == "%") {echo "selected";}?> >Any</option>
+                    <option value="Open" <?php if ($status == "Open") {echo "selected";}?> >Open</option>
+                    <option value="Closed" <?php if ($status == "Closed") {echo "selected";}?> >Closed</option>
+                </select>
+            </form>
+        </div>
     </div>
-  </div>
-  <table class="table">
-    <thead>
-    <tr>
-      <th scope="col">#</th>
-      <th scope="col">Subject</th>
-      <th scope="col">Contact</th>
-      <th scope="col">Status</th>
-    </tr>
-    </thead>
-    <tbody>
+    <table class="table">
+        <thead>
+        <tr>
+            <th scope="col">#</th>
+            <th scope="col">Subject</th>
+            <th scope="col">Contact</th>
+            <th scope="col">Status</th>
+        </tr>
+        </thead>
+        <tbody>
 
-    <?php
-    while($ticket = mysqli_fetch_array($all_tickets)){
-      echo "<tr>";
-        echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_prefix]$ticket[ticket_id]</a></td>";
-        echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_subject]</a></td>";
-        echo "<td>$ticket[contact_name]</td>";
-        echo "<td>$ticket[ticket_status]</td>";
-      echo "</tr>";
-    }
-    ?>
-    </tbody>
-  </table>
-  </div>
+        <?php
+        while ($ticket = mysqli_fetch_array($all_tickets)) {
+            echo "<tr>";
+            echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_prefix]$ticket[ticket_id]</a></td>";
+            echo "<td> <a href='ticket.php?id=$ticket[ticket_id]'> $ticket[ticket_subject]</a></td>";
+            echo "<td>$ticket[contact_name]</td>";
+            echo "<td>$ticket[ticket_status]</td>";
+            echo "</tr>";
+        }
+        ?>
+        </tbody>
+    </table>
+    </div>
 
 <?php
-include('portal_footer.php');
\ No newline at end of file
+require_once('portal_footer.php');
\ No newline at end of file
diff --git a/uploads/clients/index.php b/uploads/clients/index.php
index e69de29b..8b137891 100644
--- a/uploads/clients/index.php
+++ b/uploads/clients/index.php
@@ -0,0 +1 @@
+
diff --git a/uploads/expenses/index.php b/uploads/expenses/index.php
index e69de29b..8b137891 100644
--- a/uploads/expenses/index.php
+++ b/uploads/expenses/index.php
@@ -0,0 +1 @@
+
diff --git a/uploads/index.php b/uploads/index.php
index e69de29b..8b137891 100644
--- a/uploads/index.php
+++ b/uploads/index.php
@@ -0,0 +1 @@
+
diff --git a/uploads/settings/index.php b/uploads/settings/index.php
index e69de29b..8b137891 100644
--- a/uploads/settings/index.php
+++ b/uploads/settings/index.php
@@ -0,0 +1 @@
+
diff --git a/uploads/tmp/index.php b/uploads/tmp/index.php
index e69de29b..8b137891 100644
--- a/uploads/tmp/index.php
+++ b/uploads/tmp/index.php
@@ -0,0 +1 @@
+
diff --git a/uploads/users/index.php b/uploads/users/index.php
index e69de29b..8b137891 100644
--- a/uploads/users/index.php
+++ b/uploads/users/index.php
@@ -0,0 +1 @@
+