mirror of https://github.com/itflow-org/itflow
You can now view all login / passwords for an asset under asset lists and under asset details now
This commit is contained in:
johnnyq
parent
eeb5cece7c
commit
51248ed841
|
|
@ -9,7 +9,6 @@ if (isset($_GET['asset_id'])) {
|
|||
$sql = mysqli_query($mysqli, "SELECT * FROM assets
|
||||
LEFT JOIN contacts ON asset_contact_id = contact_id
|
||||
LEFT JOIN locations ON asset_location_id = location_id
|
||||
LEFT JOIN logins ON login_asset_id = asset_id
|
||||
WHERE asset_id = $asset_id
|
||||
AND asset_client_id = $client_id
|
||||
");
|
||||
|
|
@ -62,10 +61,6 @@ if (isset($_GET['asset_id'])) {
|
|||
$location_name_display = $location_name;
|
||||
}
|
||||
|
||||
$login_id = intval($row['login_id']);
|
||||
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
|
||||
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
|
||||
|
||||
// Related Tickets Query
|
||||
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
|
||||
LEFT JOIN users on ticket_assigned_to = user_id
|
||||
|
|
@ -93,9 +88,8 @@ if (isset($_GET['asset_id'])) {
|
|||
$file_count = mysqli_num_rows($sql_related_files);
|
||||
|
||||
// Related Logins Query
|
||||
$sql_related_logins = mysqli_query($mysqli, "SELECT * FROM asset_logins
|
||||
LEFT JOIN logins ON asset_logins.login_id = logins.login_id
|
||||
WHERE asset_logins.asset_id = $asset_id
|
||||
$sql_related_logins = mysqli_query($mysqli, "SELECT * FROM logins
|
||||
WHERE login_asset_id = $asset_id
|
||||
AND login_archived_at IS NULL
|
||||
ORDER BY login_name DESC"
|
||||
);
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@
|
|||
</div>
|
||||
<form action="post.php" method="post" autocomplete="off">
|
||||
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
|
||||
<input type="hidden" name="login_id" value="<?php echo $login_id; ?>">
|
||||
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
|
@ -27,9 +26,6 @@
|
|||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-purchase<?php echo $asset_id; ?>">Purchase</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-login<?php echo $asset_id; ?>">Login</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $asset_id; ?>">Notes</a>
|
||||
</li>
|
||||
|
|
@ -351,30 +347,6 @@
|
|||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-login<?php echo $asset_id; ?>">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Username</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="username" placeholder="Username" value="<?php echo $login_username; ?>">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Password</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" value="<?php echo $login_password; ?>" autocomplete="off">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-notes<?php echo $asset_id; ?>">
|
||||
|
||||
<div class="form-group">
|
||||
|
|
|
|||
|
|
@ -272,9 +272,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
$location_name_display = $location_name;
|
||||
}
|
||||
|
||||
$login_id = intval($row['login_id']);
|
||||
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
|
||||
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
|
||||
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_asset_id = $asset_id");
|
||||
$login_count = mysqli_num_rows($sql_logins);
|
||||
|
||||
?>
|
||||
<tr>
|
||||
|
|
@ -290,12 +289,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
<a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
|
||||
<?php } ?>
|
||||
<?php
|
||||
if ($login_id > 0) {
|
||||
if ($login_count > 0) {
|
||||
?>
|
||||
<button type="button" class="btn btn-link btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key text-dark"></i></button>
|
||||
|
||||
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
|
||||
<div class="modal-dialog modal-sm">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i><?php echo $asset_name; ?></h5>
|
||||
|
|
@ -304,6 +303,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($sql_logins)) {
|
||||
$login_id = intval($row['login_id']);
|
||||
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
|
||||
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
|
||||
?>
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
|
|
@ -326,6 +331,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -84,7 +84,6 @@ if (isset($_POST['edit_asset'])) {
|
|||
validateTechRole();
|
||||
|
||||
$asset_id = intval($_POST['asset_id']);
|
||||
$login_id = intval($_POST['login_id']);
|
||||
$client_id = intval($_POST['client_id']);
|
||||
$name = sanitizeInput($_POST['name']);
|
||||
$description = sanitizeInput($_POST['description']);
|
||||
|
|
@ -125,49 +124,13 @@ if (isset($_POST['edit_asset'])) {
|
|||
$install_date = "'" . $install_date . "'";
|
||||
}
|
||||
$notes = sanitizeInput($_POST['notes']);
|
||||
$username = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['username'])));
|
||||
$password = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['password'])));
|
||||
|
||||
$alert_extended = "";
|
||||
|
||||
mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_nat_ip = '$nat_ip', asset_mac = '$mac', asset_uri = '$uri', asset_uri_2 = '$uri_2', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id");
|
||||
|
||||
//If login exists then update the login
|
||||
if ($login_id > 0 && !empty($_POST['username'])) {
|
||||
mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_username = '$username', login_password = '$password' WHERE login_id = $login_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$session_name updated login credentials for asset $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
|
||||
|
||||
$alert_extended = " along with updating login credentials";
|
||||
}else{
|
||||
//If Username is filled in then add a login
|
||||
if (!empty($_POST['username'])) {
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id");
|
||||
|
||||
$login_id = mysqli_insert_id($mysqli);
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Create', log_description = '$session_name created login credentials for asset $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
|
||||
|
||||
$alert_extended = " along with creating login credentials";
|
||||
|
||||
} else {
|
||||
mysqli_query($mysqli,"DELETE FROM logins WHERE login_id = $login_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Delete', log_description = '$session_name deleted login credential for asset $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
|
||||
|
||||
$alert_extended = " along with deleting login credentials";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$session_name modified asset $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $asset_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Asset <strong>$name</strong> updated $alert_extended";
|
||||
$_SESSION['alert_message'] = "Asset <strong>$name</strong> updated";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue