AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove destructive client delete from the frontend, still present in the backend, fix the ticket assign to no show active users

This commit is contained in:
johnnyq 2023-09-25 12:20:42 -04:00
parent 6af002122a
commit 4adc0c7cd1
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
clients.php
View File

@ -289,10 +289,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_client=<?php echo $client_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<!-- Removing this function from the frontend as this is extremely destructive. Its best to use Archive, use this for development or test purposes only.
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_client=<?php echo $client_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
-->
</div>
</div>
</td>

2
inc_client_top_head.php
View File

@ -22,10 +22,12 @@
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_client=<?php echo $client_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive Client
</a>
<!-- Removing this function from the frontend as this is extremely destructive. Its best to use Archive, use this for development or test purposes only.
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="#" data-toggle="modal" data-target="#deleteClientModal<?php echo $client_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete Client
</a>
-->
</div>
</div>
<?php } ?>

4
post/client.php
View File

@ -176,10 +176,12 @@ if (isset($_GET['undo_archive_client'])) {
if (isset($_GET['delete_client'])) {
// Removing this function from the frontend as this is extremely destructive. Its best to use Archive, use this for development or test purposes only.
validateAdminRole();
// CSRF Check
validateCSRFToken($_GET['csrf_token']);
// validateCSRFToken($_GET['csrf_token']);
$client_id = intval($_GET['delete_client']);

9
ticket_assign_modal.php
View File

@ -21,13 +21,18 @@
<select class="form-control select2" name="assigned_to">
<option value="0">No One</option>
<?php
$sql_users_select = mysqli_query($mysqli, "SELECT * FROM users WHERE user_archived_at IS NULL ORDER BY user_name DESC");
$sql_users_select = mysqli_query($mysqli, "SELECT * FROM users
LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_role > 1
AND user_archived_at IS NULL
ORDER BY user_name DESC"
);
while ($row = mysqli_fetch_array($sql_users_select)) {
$user_id_select = intval($row['user_id']);
$user_name_select = nullable_htmlentities($row['user_name']);
?>
<option value="<?php echo $user_id_select; ?>" <?php if ($user_id_select == $ticket_assigned_to) { echo "selected"; } ?>><?php echo "$user_name_select"; ?></option>
<option value="<?php echo $user_id_select; ?>" <?php if ($user_id_select == $ticket_assigned_to) { echo "selected"; } ?>><?php echo $user_name_select; ?></option>
<?php } ?>
</select>
</div>