AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-05 13:24:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

More Archiving work, added entity_id to logs for future undo of archives in logs.

Browse Source
This commit is contained in:
johnnyq
2022-05-14 18:14:02 -04:00
parent 25589d38ce
commit 4f2cff6fac
6 changed files with 91 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
client_assets.php
View File

@@ -59,6 +59,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM assets
LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN locations ON asset_location_id = location_id
LEFT JOIN logins ON login_asset_id = asset_id LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id WHERE asset_client_id = $client_id
AND asset_archived_at IS NULL
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%') AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND ($type_query) AND ($type_query)
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
@@ -318,6 +319,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php } ?> <?php } ?>
<?php if($session_user_role == 3) { ?> <?php if($session_user_role == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a> <a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
<?php } ?> <?php } ?>
</div> </div>

8
client_overview.php
View File

@@ -63,7 +63,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
</div> </div>
<div class="col-3"> <div class="col-md-3">
<div class="card card-outline card-primary mb-3"> <div class="card card-outline card-primary mb-3">
<div class="card-header"> <div class="card-header">
@@ -107,7 +107,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
</div> </div>
</div> </div>
<div class="col-3"> <div class="col-md-3">
<div class="card card-outline card-primary mb-3"> <div class="card card-outline card-primary mb-3">
<div class="card-header"> <div class="card-header">
@@ -151,7 +151,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
</div> </div>
</div> </div>
<div class="col-4"> <div class="col-md-4">
<div class="card card-outline card-warning mb-3"> <div class="card card-outline card-warning mb-3">
<div class="card-header"> <div class="card-header">
@@ -221,7 +221,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
<!-- Stale Tickets --> <!-- Stale Tickets -->
<div class="col-5"> <div class="col-md-5">
<div class="card card-outline card-danger mb-3"> <div class="card card-outline card-danger mb-3">
<div class="card-body"> <div class="card-body">

12
database_updates.php
View File

@@ -265,11 +265,19 @@ if(LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION){
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.1.2'"); mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.1.2'");
} }
//if(CURRENT_DATABASE_VERSION == '0.1.2'){ if(CURRENT_DATABASE_VERSION == '0.1.2'){
// Insert queries here required to update to DB version 0.1.3 // Insert queries here required to update to DB version 0.1.3
mysqli_query($mysqli, "ALTER TABLE `logs` ADD `log_entity_id` INT NOT NULL DEFAULT '0' AFTER `log_user_id`");
// Then, update the database to the next sequential version // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.1.3'"); mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.1.3'");
}
//if(CURRENT_DATABASE_VERSION == '0.1.3'){
// Insert queries here required to update to DB version 0.1.4
// Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.1.4'");
//} //}
// etc // etc

2
database_version.php
View File

@@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php * It is used in conjunction with database_updates.php
*/ */
DEFINE("LATEST_DATABASE_VERSION", "0.1.2"); DEFINE("LATEST_DATABASE_VERSION", "0.1.3");

3
db.sql
View File

@@ -705,6 +705,7 @@ CREATE TABLE `logs` (
`log_quote_id` int(11) DEFAULT NULL, `log_quote_id` int(11) DEFAULT NULL,
`log_recurring_id` int(11) DEFAULT NULL, `log_recurring_id` int(11) DEFAULT NULL,
`log_user_id` int(11) DEFAULT NULL, `log_user_id` int(11) DEFAULT NULL,
`log_entity_id` int(11) NOT NULL DEFAULT 0,
`company_id` int(11) DEFAULT NULL, `company_id` int(11) DEFAULT NULL,
PRIMARY KEY (`log_id`) PRIMARY KEY (`log_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
@@ -1543,4 +1544,4 @@ CREATE TABLE `vendors` (
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2022-05-10 17:11:18 -- Dump completed on 2022-05-14 18:12:32

90
post.php
View File

@@ -3158,7 +3158,7 @@ if(isset($_POST['quote_note'])){
mysqli_query($mysqli,"UPDATE quotes SET quote_note = '$note' WHERE quote_id = $quote_id AND company_id = $session_company_id"); mysqli_query($mysqli,"UPDATE quotes SET quote_note = '$note' WHERE quote_id = $quote_id AND company_id = $session_company_id");
$_SESSION['alert_message'] = "<i class='fa fa-2x fa-check-circle'></i> <strong>Notes added</strong>"; $_SESSION['alert_message'] = "Notes added";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -4143,6 +4143,8 @@ if(isset($_GET['delete_revenue'])){
} }
// Client Section
if(isset($_POST['add_contact'])){ if(isset($_POST['add_contact'])){
validateTechRole(); validateTechRole();
@@ -4217,7 +4219,7 @@ if(isset($_POST['add_contact'])){
} }
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Create', log_description = '$session_name created contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Contact added"; $_SESSION['alert_message'] .= "Contact added";
@@ -4308,7 +4310,7 @@ if(isset($_POST['edit_contact'])){
} }
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Contact updated"; $_SESSION['alert_message'] .= "Contact updated";
@@ -4322,12 +4324,19 @@ if(isset($_GET['archive_contact'])){
$contact_id = intval($_GET['archive_contact']); $contact_id = intval($_GET['archive_contact']);
mysqli_query($mysqli,"UPDATE contacts SET contact_archived_at = NOW() WHERE contact_id = $contact_id"); // Get Contact Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$contact_name = strip_tags(mysqli_real_escape_string($mysqli, $row['contact_name']));
$client_id = $row['contact_client_id'];
mysqli_query($mysqli,"UPDATE contacts SET contact_archived_at = NOW() WHERE contact_id = $contact_id AND company_id = $session_company_id");
//logging //logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Archive', log_description = '$contact_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Archive', log_description = '$session_name archived contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Contact Archived!"; $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Contact ".stripslashes($contact_name)." archived. <a href='post.php?undo_archive_location=$location_id'>Undo</a>";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -4339,11 +4348,18 @@ if(isset($_GET['delete_contact'])){
$contact_id = intval($_GET['delete_contact']); $contact_id = intval($_GET['delete_contact']);
// Get Contact Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$contact_name = strip_tags(mysqli_real_escape_string($mysqli, $row['contact_name']));
$client_id = $row['contact_client_id'];
mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id"); mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id");
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Delete', log_description = '$contact_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Delete', log_description = '$session_name deleted contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Contact deleted"; $_SESSION['alert_message'] = "Contact deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -4387,6 +4403,10 @@ if(isset($_GET['export_client_contacts_csv'])){
//output all remaining data on a file pointer //output all remaining data on a file pointer
fpassthru($f); fpassthru($f);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Export', log_description = '$session_name exported contacts', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
} }
exit; exit;
@@ -4475,7 +4495,7 @@ if(isset($_POST["import_client_contacts_csv"])){
fclose($file); fclose($file);
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Import', log_description = '$session_name imported $row_count contact(s) via CSV file', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_client_id = $client_id, log_user_id = $session_user_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Import', log_description = '$session_name imported $row_count contact(s) via CSV file', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "$row_count Contact(s) added, $duplicate_count duplicate(s) detected"; $_SESSION['alert_message'] = "$row_count Contact(s) added, $duplicate_count duplicate(s) detected";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -4504,14 +4524,14 @@ if(isset($_GET['download_client_contacts_csv_template'])){
//set column headers //set column headers
$fields = array( $fields = array(
'Full Name ', 'Full Name ',
'Job Title ', 'Job Title ',
'Department Name ', 'Department Name ',
'Email Address ', 'Email Address ',
'Office Phone ', 'Office Phone ',
'Office Extension ', 'Office Extension ',
'Mobile Phone ', 'Mobile Phone ',
'Office Location ' 'Office Location '
); );
fputcsv($f, $fields, $delimiter); fputcsv($f, $fields, $delimiter);
@@ -4528,6 +4548,8 @@ if(isset($_GET['download_client_contacts_csv_template'])){
} }
// 2022-05-14 Johnny Left Off Adding log_entity_id and logs / alert cleanups import / archive etc
if(isset($_POST['add_location'])){ if(isset($_POST['add_location'])){
validateAdminRole(); validateAdminRole();
@@ -4696,14 +4718,20 @@ if(isset($_POST['edit_location'])){
if(isset($_GET['archive_location'])){ if(isset($_GET['archive_location'])){
validateAdminRole(); validateTechRole();
$location_id = intval($_GET['archive_location']); $location_id = intval($_GET['archive_location']);
// Get Location Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT location_name, location_client_id FROM locations WHERE location_id = $location_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$location_name = strip_tags(mysqli_real_escape_string($mysqli, $row['location_name']));
$client_id = $row['location_client_id'];
mysqli_query($mysqli,"UPDATE locations SET location_archived_at = NOW() WHERE location_id = $location_id AND company_id = $session_company_id"); mysqli_query($mysqli,"UPDATE locations SET location_archived_at = NOW() WHERE location_id = $location_id AND company_id = $session_company_id");
//logging //logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Archive', log_description = '$location_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Archive', log_description = '$session_name archived location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_type'] = "error"; $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Location ".stripslashes($location_name)." archived. <a href='post.php?undo_archive_location=$location_id'>Undo</a>"; $_SESSION['alert_message'] = "Location ".stripslashes($location_name)." archived. <a href='post.php?undo_archive_location=$location_id'>Undo</a>";
@@ -4738,10 +4766,16 @@ if(isset($_GET['delete_location'])){
$location_id = intval($_GET['delete_location']); $location_id = intval($_GET['delete_location']);
// Get Location Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT location_name, location_client_id FROM locations WHERE location_id = $location_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$location_name = strip_tags(mysqli_real_escape_string($mysqli, $row['location_name']));
$client_id = $row['location_client_id'];
mysqli_query($mysqli,"DELETE FROM locations WHERE location_id = $location_id AND company_id = $session_company_id"); mysqli_query($mysqli,"DELETE FROM locations WHERE location_id = $location_id AND company_id = $session_company_id");
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'location', log_action = 'Delete', log_description = '$location_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Delete', log_description = '$session_name deleted location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_type'] = "error"; $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Location deleted"; $_SESSION['alert_message'] = "Location deleted";
@@ -5020,6 +5054,24 @@ if(isset($_POST['edit_asset'])){
} }
if(isset($_GET['archive_asset'])){
validateAdminRole();
$asset_id = intval($_GET['archive_asset']);
mysqli_query($mysqli,"UPDATE assets SET asset_archived_at = NOW() WHERE asset_id = $asset_id AND company_id = $session_company_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Archive', log_description = '$asset_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Asset archived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['delete_asset'])){ if(isset($_GET['delete_asset'])){
validateAdminRole(); validateAdminRole();