AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-24 14:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #545 from wrongecho/tidy

Browse Source 
Code Style Tidying
This commit is contained in:
Johnny
2023-01-01 15:56:34 -05:00
committed by GitHub
parent 94d8ec5360 dd00f48e5b
commit 3fd62cd16e
43 changed files with 1552 additions and 1561 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ajax.php
View File

@@ -6,9 +6,9 @@
* Always returns data in JSON format, unless otherwise specified * Always returns data in JSON format, unless otherwise specified
*/ */
include("config.php"); require_once("config.php");
include("functions.php"); require_once("functions.php");
include("check_login.php"); require_once("check_login.php");
require_once("rfc6238.php"); require_once("rfc6238.php");
/* /*
@@ -46,8 +46,7 @@ if(isset($_GET['certificate_fetch_parse_json_details'])){
$response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']); $response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']); $response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$response['public_key'] = $export; //nl2br $response['public_key'] = $export; //nl2br
} } else {
else{
$response['success'] = "FALSE"; $response['success'] = "FALSE";
} }
@@ -118,8 +117,7 @@ if(isset($_GET['merge_ticket_get_json_details'])){
if (mysqli_num_rows($sql) == 0) { if (mysqli_num_rows($sql) == 0) {
//Do nothing. //Do nothing.
} } else {
else {
//Return ticket, client and contact details for the given ticket number //Return ticket, client and contact details for the given ticket number
$response = mysqli_fetch_array($sql); $response = mysqli_fetch_array($sql);
echo json_encode($response); echo json_encode($response);
@@ -187,21 +185,21 @@ if(isset($_GET['ticket_query_views'])){
while ($row = mysqli_fetch_array($query)) { while ($row = mysqli_fetch_array($query)) {
$users[] = $row['user_name']; $users[] = $row['user_name'];
} }
if (!empty($users)) { if (!empty($users)) {
$users = array_unique($users); $users = array_unique($users);
if (count($users) > 1) { if (count($users) > 1) {
// Multiple viewers // Multiple viewers
$response['message'] = implode(", ", $users) . " are viewing this ticket."; $response['message'] = implode(", ", $users) . " are viewing this ticket.";
} } else {
else{
// Single viewer // Single viewer
$response['message'] = implode("", $users) . " is viewing this ticket."; $response['message'] = implode("", $users) . " is viewing this ticket.";
} }
} } else {
else{
// No viewers // No viewers
$response['message'] = ""; $response['message'] = "";
} }
echo json_encode($response); echo json_encode($response);
} }

8
api/v1/assets/create.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_post_method.php'); require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse info // Parse info
@@ -88,7 +88,7 @@ if(isset($_POST['asset_network_id'])){
} }
// Default // Default
$insert_id = FALSE; $insert_id = false;
if (!empty($name) && !empty($client_id)) { if (!empty($name) && !empty($client_id)) {
// Insert into Database // Insert into Database
@@ -104,4 +104,4 @@ if(!empty($name) && !empty($client_id)){
} }
// Output // Output
include('../create_output.php'); require_once('../create_output.php');

8
api/v1/assets/delete.php
View File

@@ -1,13 +1,13 @@
<?php <?php
require('../validate_api_key.php'); require_once('../validate_api_key.php');
require('../require_post_method.php'); require_once('../require_post_method.php');
// Parse ID // Parse ID
$asset_id = intval($_POST['asset_id']); $asset_id = intval($_POST['asset_id']);
// Default // Default
$delete_count = FALSE; $delete_count = false;
if (!empty($asset_id)) { if (!empty($asset_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
@@ -25,4 +25,4 @@ if(!empty($asset_id)){
} }
// Output // Output
include('../delete_output.php'); require_once('../delete_output.php');

6
api/v1/assets/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Asset via ID (single) // Asset via ID (single)
if (isset($_GET['asset_id'])) { if (isset($_GET['asset_id'])) {
@@ -39,4 +39,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

8
api/v1/assets/update.php
View File

@@ -1,13 +1,13 @@
<?php <?php
require('../validate_api_key.php');
require('../require_post_method.php'); require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse ID // Parse ID
$asset_id = intval($_POST['asset_id']); $asset_id = intval($_POST['asset_id']);
// Default // Default
$update_count = FALSE; $update_count = false;
if (!empty($asset_id)) { if (!empty($asset_id)) {
@@ -113,4 +113,4 @@ if(!empty($asset_id)){
} }
// Output // Output
include('../update_output.php'); require_once('../update_output.php');

6
api/v1/certificates/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific certificate via ID (single) // Specific certificate via ID (single)
if (isset($_GET['certificate_id'])) { if (isset($_GET['certificate_id'])) {
@@ -27,4 +27,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

6
api/v1/clients/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific client via ID (single) // Specific client via ID (single)
if (isset($_GET['client_id'])) { if (isset($_GET['client_id'])) {
@@ -21,4 +21,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

8
api/v1/contacts/create.php
View File

@@ -1,10 +1,10 @@
<?php <?php
require('../validate_api_key.php');
require('../require_post_method.php'); require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse Info // Parse Info
include('contact_model.php'); require_once('contact_model.php');
// Default // Default
$insert_id = FALSE; $insert_id = FALSE;
@@ -31,4 +31,4 @@ if(!empty($name) && !empty($email) && !empty($client_id)){
} }
// Output // Output
include('../create_output.php'); require_once('../create_output.php');

6
api/v1/contacts/delete.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_post_method.php'); require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse ID // Parse ID
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
@@ -25,4 +25,4 @@ if(!empty($contact_id)){
} }
// Output // Output
include('../delete_output.php'); require_once('../delete_output.php');

6
api/v1/contacts/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific contact via ID (single) // Specific contact via ID (single)
if (isset($_GET['contact_id'])) { if (isset($_GET['contact_id'])) {
@@ -21,4 +21,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

8
api/v1/contacts/update.php
View File

@@ -1,11 +1,11 @@
<?php <?php
require('../validate_api_key.php');
require('../require_post_method.php'); require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse Info // Parse Info
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
include('contact_model.php'); require_once('contact_model.php');
// Default // Default
$update_count = FALSE; $update_count = FALSE;
@@ -25,4 +25,4 @@ if(!empty($name) && !empty($email)){
} }
// Output // Output
include('../update_output.php'); require_once('../update_output.php');

6
api/v1/domains/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific domain via ID (single) // Specific domain via ID (single)
if (isset($_GET['domain_id'])) { if (isset($_GET['domain_id'])) {
@@ -27,4 +27,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

6
api/v1/networks/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific network via ID (single) // Specific network via ID (single)
if (isset($_GET['network_id'])) { if (isset($_GET['network_id'])) {
@@ -27,4 +27,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

6
api/v1/software/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific software via ID (single) // Specific software via ID (single)
if (isset($_GET['software_id'])) { if (isset($_GET['software_id'])) {
@@ -39,4 +39,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

6
api/v1/tickets/read.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require('../validate_api_key.php');
require('../require_get_method.php'); require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Specific ticket via ID (single) // Specific ticket via ID (single)
if (isset($_GET['ticket_id'])) { if (isset($_GET['ticket_id'])) {
@@ -15,4 +15,4 @@ else{
} }
// Output // Output
include("../read_output.php"); require_once("../read_output.php");

4
api/v1/validate_api_key.php
View File

@@ -7,8 +7,8 @@
*/ */
// Includes // Includes
include( __DIR__ . '../../../functions.php'); require_once( __DIR__ . '../../../functions.php');
include(__DIR__ . "../../../config.php"); require_once(__DIR__ . "../../../config.php");
// JSON header // JSON header
header('Content-Type: application/json'); header('Content-Type: application/json');

15
get_credential.php
View File

@@ -18,7 +18,6 @@
// Headers to allow extensions access (CORS) // Headers to allow extensions access (CORS)
$chrome_id = "chrome-extension://afgpakhonllnmnomchjhidealcpmnegc"; $chrome_id = "chrome-extension://afgpakhonllnmnomchjhidealcpmnegc";
//$firefox_id = "moz-extension://857479e9-3992-4e99-9a5e-b514d2ad0a82"; // Firefox rejected the extension. They are still using manifest v2 so will just focus on Chrome/Edge with v3 for now until Mozilla catches up
if (isset($_SERVER['HTTP_ORIGIN'])) { if (isset($_SERVER['HTTP_ORIGIN'])) {
if ($_SERVER['HTTP_ORIGIN'] == $chrome_id) { if ($_SERVER['HTTP_ORIGIN'] == $chrome_id) {
@@ -27,8 +26,8 @@ if (isset($_SERVER['HTTP_ORIGIN'])) {
} }
} }
include("config.php"); include_once("config.php");
include("functions.php"); include_once("functions.php");
// IP & User Agent for logging // IP & User Agent for logging
$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip())); $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
@@ -44,7 +43,7 @@ DEFINE("WORDING_BAD_EXT_COOKIE_KEY", "ITFlow - You are not logged into ITFlow, d
if (!isset($_COOKIE['user_extension_key'])) { if (!isset($_COOKIE['user_extension_key'])) {
$data['found'] = "FALSE"; $data['found'] = "FALSE";
$data['message'] = WORDING_BAD_EXT_COOKIE_KEY; $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
echo(json_encode($data)); echo json_encode($data);
// Logging // Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
@@ -59,7 +58,7 @@ $user_extension_key = $_COOKIE['user_extension_key'];
if (empty($user_extension_key) || strlen($user_extension_key) < 16 || strtolower($user_extension_key) == "disabled") { if (empty($user_extension_key) || strlen($user_extension_key) < 16 || strtolower($user_extension_key) == "disabled") {
$data['found'] = "FALSE"; $data['found'] = "FALSE";
$data['message'] = WORDING_BAD_EXT_COOKIE_KEY; $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
echo(json_encode($data)); echo json_encode($data);
// Logging // Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
@@ -77,7 +76,7 @@ $row = mysqli_fetch_array($auth_user);
if (mysqli_num_rows($auth_user) < 1 || !$auth_user) { if (mysqli_num_rows($auth_user) < 1 || !$auth_user) {
$data['found'] = "FALSE"; $data['found'] = "FALSE";
$data['message'] = WORDING_BAD_EXT_COOKIE_KEY; $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
echo(json_encode($data)); echo json_encode($data);
//Logging //Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
@@ -89,7 +88,7 @@ if(mysqli_num_rows($auth_user) < 1 || !$auth_user){
if (hash('sha256', $row['user_extension_key']) !== hash('sha256', $_COOKIE['user_extension_key'])) { if (hash('sha256', $row['user_extension_key']) !== hash('sha256', $_COOKIE['user_extension_key'])) {
$data['found'] = "FALSE"; $data['found'] = "FALSE";
$data['message'] = WORDING_BAD_EXT_COOKIE_KEY; $data['message'] = WORDING_BAD_EXT_COOKIE_KEY;
echo(json_encode($data)); echo json_encode($data);
//Logging //Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Extension Failed', log_description = 'Failed login attempt using extension (get_credential.php)', log_ip = '$ip', log_user_agent = '$user_agent'");
@@ -113,7 +112,7 @@ $session_user_role = $row['user_role'];
if ($session_user_role < 1) { if ($session_user_role < 1) {
$data['found'] = "FALSE"; $data['found'] = "FALSE";
$data['message'] = WORDING_ROLECHECK_FAILED; $data['message'] = WORDING_ROLECHECK_FAILED;
echo(json_encode($data)); echo json_encode($data);
//Logging //Logging
$user_name = mysqli_real_escape_string($mysqli, $session_name); $user_name = mysqli_real_escape_string($mysqli, $session_name);

10
portal/inc_portal.php
View File

@@ -4,10 +4,10 @@
* Includes for all pages (except login) * Includes for all pages (except login)
*/ */
include('../config.php'); require_once('../config.php');
include('../functions.php'); require_once('../functions.php');
include('check_login.php'); require_once('check_login.php');
include('portal_functions.php'); require_once('portal_functions.php');
if (!isset($_SESSION)) { if (!isset($_SESSION)) {
// HTTP Only cookies // HTTP Only cookies
@@ -19,4 +19,4 @@ if(!isset($_SESSION)){
session_start(); session_start();
} }
include("portal_header.php"); require_once("portal_header.php");

2
portal/index.php
View File

@@ -128,4 +128,4 @@ $total_tickets = $row['total_tickets'];
</div> </div>
</div> </div>
<?php include("portal_footer.php"); ?> <?php require_once("portal_footer.php"); ?>

17
portal/login_microsoft.php
View File

@@ -4,15 +4,15 @@
* OAuth Login via Microsoft IDP * OAuth Login via Microsoft IDP
*/ */
include('../config.php'); require_once('../config.php');
include('../functions.php'); require_once('../functions.php');
if (!isset($_SESSION)) { if (!isset($_SESSION)) {
// HTTP Only cookies // HTTP Only cookies
ini_set("session.cookie_httponly", True); ini_set("session.cookie_httponly", true);
if ($config_https_only) { if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS // Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True); ini_set("session.cookie_secure", true);
} }
session_start(); session_start();
} }
@@ -86,9 +86,8 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()){
echo "Error with MS Graph API. Details:"; echo "Error with MS Graph API. Details:";
var_dump($msgraph_response['error']); var_dump($msgraph_response['error']);
exit(); exit();
}
elseif(isset($msgraph_response['id'])){ } elseif (isset($msgraph_response['id'])) {
$upn = mysqli_real_escape_string($mysqli, $msgraph_response["userPrincipalName"]); $upn = mysqli_real_escape_string($mysqli, $msgraph_response["userPrincipalName"]);
@@ -106,15 +105,13 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()){
header("Location: index.php"); header("Location: index.php");
} } else {
else{
$_SESSION['login_message'] = 'Something went wrong with login. Ensure you are setup for SSO.'; $_SESSION['login_message'] = 'Something went wrong with login. Ensure you are setup for SSO.';
header("Location: index.php"); header("Location: index.php");
} }
} }
header('Location: index.php'); header('Location: index.php');
} } else {
else{
echo "Error getting access_token"; echo "Error getting access_token";
} }

7
portal/login_reset.php
View File

@@ -16,10 +16,10 @@ if (empty($config_smtp_host)) {
if (!isset($_SESSION)) { if (!isset($_SESSION)) {
// HTTP Only cookies // HTTP Only cookies
ini_set("session.cookie_httponly", True); ini_set("session.cookie_httponly", true);
if ($config_https_only) { if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS // Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True); ini_set("session.cookie_secure", true);
} }
session_start(); session_start();
} }
@@ -82,8 +82,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
/* /*
* Do password reset * Do password reset
*/ */
} } elseif (isset($_POST['password_reset_set_password'])) {
elseif(isset($_POST['password_reset_set_password'])){
if (!isset($_POST['new_password']) || !isset($_POST['email']) || !isset($_POST['token']) || !isset($_POST['client'])) { if (!isset($_POST['new_password']) || !isset($_POST['email']) || !isset($_POST['token']) || !isset($_POST['client'])) {
$_SESSION['login_message'] = WORDING_ERROR; $_SESSION['login_message'] = WORDING_ERROR;

19
portal/portal_post.php
View File

@@ -15,7 +15,7 @@ if(isset($_POST['add_ticket'])){
$config_ticket_next_number = $row['config_ticket_next_number']; $config_ticket_next_number = $row['config_ticket_next_number'];
// HTML Purifier // HTML Purifier
require("../plugins/htmlpurifier/HTMLPurifier.standalone.php"); require_once("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
$purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config); $purifier = new HTMLPurifier($purifier_config);
@@ -28,8 +28,7 @@ if(isset($_POST['add_ticket'])){
// Ensure priority is low/med/high (as can be user defined) // Ensure priority is low/med/high (as can be user defined)
if ($_POST['priority'] !== "Low" && $_POST['priority'] !== "Medium" && $_POST['priority'] !== "High") { if ($_POST['priority'] !== "Low" && $_POST['priority'] !== "Medium" && $_POST['priority'] !== "High") {
$priority = "Low"; $priority = "Low";
} } else {
else{
$priority = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['priority']))); $priority = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['priority'])));
} }
@@ -50,7 +49,7 @@ if(isset($_POST['add_ticket'])){
if (isset($_POST['add_ticket_comment'])) { if (isset($_POST['add_ticket_comment'])) {
// HTML Purifier // HTML Purifier
require("../plugins/htmlpurifier/HTMLPurifier.standalone.php"); require_once("../plugins/htmlpurifier/HTMLPurifier.standalone.php");
$purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config); $purifier = new HTMLPurifier($purifier_config);
@@ -79,8 +78,7 @@ if(isset($_POST['add_ticket_comment'])){
// Redirect // Redirect
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
} } else {
else {
// The client does not have access to this ticket // The client does not have access to this ticket
header("Location: portal_post.php?logout"); header("Location: portal_post.php?logout");
exit(); exit();
@@ -104,8 +102,7 @@ if(isset($_POST['add_ticket_feedback'])){
// Redirect // Redirect
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
} } else {
else {
// The client does not have access to this ticket // The client does not have access to this ticket
header("Location: portal_post.php?logout"); header("Location: portal_post.php?logout");
exit(); exit();
@@ -129,10 +126,8 @@ if(isset($_GET['close_ticket'])){
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Closed', log_description = '$ticket_id Closed by client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Closed', log_description = '$ticket_id Closed by client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id");
header("Location: ticket.php?id=" . $ticket_id); header("Location: ticket.php?id=" . $ticket_id);
} } else {
else { // The client does not have access to this ticket - send them home
// The client does not have access to this ticket
// This is only a GET request, might just be a mistake
header("Location: index.php"); header("Location: index.php");
exit(); exit();
} }

2
portal/profile.php
View File

@@ -38,4 +38,4 @@ require('inc_portal.php');
<?php endif ?> <?php endif ?>
<?php <?php
include('portal_footer.php'); require_once('portal_footer.php');

13
portal/ticket.php
View File

@@ -11,8 +11,7 @@ if(isset($_GET['id']) && intval($_GET['id'])) {
if ($session_contact_id == $session_client_primary_contact_id) { if ($session_contact_id == $session_client_primary_contact_id) {
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'"); $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'");
} } else {
else{
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'"); $ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'");
} }
@@ -107,8 +106,7 @@ if(isset($_GET['id']) && intval($_GET['id'])) {
$user_initials = initials($row['contact_name']); $user_initials = initials($row['contact_name']);
$user_avatar = $row['contact_photo']; $user_avatar = $row['contact_photo'];
$avatar_link = "../uploads/clients/$session_company_id/$session_client_id/$user_avatar"; $avatar_link = "../uploads/clients/$session_company_id/$session_client_id/$user_avatar";
} } else {
else{
$ticket_reply_by_display = $row['user_name']; $ticket_reply_by_display = $row['user_name'];
$user_id = $row['user_id']; $user_id = $row['user_id'];
$user_avatar = $row['user_avatar']; $user_avatar = $row['user_avatar'];
@@ -153,12 +151,11 @@ if(isset($_GET['id']) && intval($_GET['id'])) {
?> ?>
<?php <?php
} } else {
else{
echo "Ticket ID not found!"; echo "Ticket ID not found!";
} }
}
else{ } else {
header("Location: index.php"); header("Location: index.php");
} }

2
portal/ticket_add.php
View File

@@ -47,4 +47,4 @@ require('inc_portal.php');
</div> </div>
<?php <?php
include('portal_footer.php'); require_once('portal_footer.php');

2
portal/ticket_view_all.php
View File

@@ -69,4 +69,4 @@ $all_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN contacts O
</div> </div>
<?php <?php
include('portal_footer.php'); require_once('portal_footer.php');

1
uploads/clients/index.php
View File

@@ -0,0 +1 @@

1
uploads/expenses/index.php
View File

@@ -0,0 +1 @@

1
uploads/index.php
View File

@@ -0,0 +1 @@

1
uploads/settings/index.php
View File

@@ -0,0 +1 @@

1
uploads/tmp/index.php
View File

@@ -0,0 +1 @@

1
uploads/users/index.php
View File

@@ -0,0 +1 @@