diff --git a/admin/database_updates.php b/admin/database_updates.php index 0a173c30..b753cf0d 100644 --- a/admin/database_updates.php +++ b/admin/database_updates.php @@ -4147,7 +4147,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { `approval_approved_by` varchar(255) DEFAULT NULL, `approval_url_key` varchar(200) NOT NULL, `approval_task_id` int(11) NOT NULL, - PRIMARY KEY (`approval_id`) + PRIMARY KEY (`approval_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; "); diff --git a/agent/ajax.php b/agent/ajax.php index e153c01f..ea0f7064 100644 --- a/agent/ajax.php +++ b/agent/ajax.php @@ -999,8 +999,8 @@ if (isset($_GET['get_internal_users'])) { $sql = mysqli_query( $mysqli, - "SELECT user_id, user_name - FROM users + "SELECT user_id, user_name + FROM users WHERE user_type = 1 AND user_status = 1 AND user_archived_at IS NULL ORDER BY user_name" ); diff --git a/agent/post/task.php b/agent/post/task.php index 2950222f..f59a955d 100644 --- a/agent/post/task.php +++ b/agent/post/task.php @@ -357,7 +357,7 @@ if (isset($_GET['approve_ticket_task'])) { redirect(); exit; } - if ($required_user == 0 && $type = 'any' && $created_by == $session_user_id) { + if ($required_user == 0 && $type == 'any' && $created_by == $session_user_id) { flash_alert("You cannot approve your own task", 'error'); redirect(); exit; diff --git a/agent/ticket.php b/agent/ticket.php index f1221ee7..92ee92f5 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -972,9 +972,9 @@ if (isset($_GET['ticket_id'])) { $task_needs_approval = false; $task_needs_approval = mysqli_num_rows(mysqli_query( $mysqli, - "SELECT 1 FROM task_approvals - WHERE approval_task_id = $task_id - AND approval_status IN ('pending','declined') + "SELECT 1 FROM task_approvals + WHERE approval_task_id = $task_id + AND approval_status IN ('pending','declined') LIMIT 1" )) > 0; diff --git a/client/ticket.php b/client/ticket.php index 9051fef3..6e85fe6e 100644 --- a/client/ticket.php +++ b/client/ticket.php @@ -75,7 +75,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) { SELECT task_id, task_name, approval_id, approval_scope, approval_type, approval_required_user_id, approval_status, approval_url_key FROM tasks LEFT JOIN task_approvals ON task_id = task_approvals.approval_task_id - WHERE task_ticket_id = $ticket_id AND task_completed_at IS NULL AND approval_scope = 'client' AND approval_status = 'pending' + WHERE task_ticket_id = $ticket_id AND task_completed_at IS NULL AND approval_scope = 'client' AND approval_status = 'pending' "); ?> diff --git a/guest/guest_approve_ticket_task.php b/guest/guest_approve_ticket_task.php index 952bcc8a..f5ded027 100644 --- a/guest/guest_approve_ticket_task.php +++ b/guest/guest_approve_ticket_task.php @@ -3,7 +3,7 @@ require_once "includes/inc_all_guest.php"; //Initialize the HTML Purifier to prevent XSS -require "../plugins/htmlpurifier/HTMLPurifier.standalone.php"; +require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php"; $purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one @@ -18,14 +18,14 @@ if (!isset($_GET['task_approval_id'], $_GET['url_key'])) { // Company info $company_sql_row = mysqli_fetch_array(mysqli_query($mysqli, " - SELECT + SELECT company_phone, company_phone_country_code, - company_website - FROM + company_website + FROM companies, settings - WHERE + WHERE companies.company_id = settings.company_id AND companies.company_id = 1" ));