diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d6d2a7c..fdeded17 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,20 @@ # Changelog This file documents all notable changes made to ITFlow. +## [25.03.3] + +### Fixed +- Fix adding ITFlow user. +- Do not alert on inactive recurring invoices. +- Fix ticket user assignment including bulk assignment. +- Fix adding a location phone extension. +- Do not default to +1 Country code, instead default to null. +- Do not format numbers unless a country code is entered. +- Fix editing network location. +- Fix ticket redaction on client replies. +- Remove more from user activity as it requires admin privledges. +- Fix MFA Enforcement page. + ## [25.03.2] ### Fixed diff --git a/admin_settings_company.php b/admin_settings_company.php index 3b9a3fc1..dceee89e 100644 --- a/admin_settings_company.php +++ b/admin_settings_company.php @@ -119,7 +119,7 @@ $company_initials = nullable_htmlentities(initials($company_name));
- + diff --git a/ajax/ajax_contact_edit.php b/ajax/ajax_contact_edit.php index 339ed3ee..86e7d73e 100644 --- a/ajax/ajax_contact_edit.php +++ b/ajax/ajax_contact_edit.php @@ -121,7 +121,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + " placeholder="+" maxlength="4"> @@ -141,7 +141,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + " placeholder="+" maxlength="4"> diff --git a/ajax/ajax_location_edit.php b/ajax/ajax_location_edit.php index 23098d95..fb84acbc 100644 --- a/ajax/ajax_location_edit.php +++ b/ajax/ajax_location_edit.php @@ -209,7 +209,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + @@ -229,7 +229,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + diff --git a/ajax/ajax_network_edit.php b/ajax/ajax_network_edit.php index fb53f4b0..71b6139d 100644 --- a/ajax/ajax_network_edit.php +++ b/ajax/ajax_network_edit.php @@ -90,7 +90,7 @@ ob_start(); $location_id = intval($row['location_id']); $location_name = nullable_htmlentities($row['location_name']); ?> - - - - -
@@ -44,7 +37,7 @@ ob_start();
- +
diff --git a/ajax/ajax_vendor_edit.php b/ajax/ajax_vendor_edit.php index 27c84742..b4be05c1 100644 --- a/ajax/ajax_vendor_edit.php +++ b/ajax/ajax_vendor_edit.php @@ -127,7 +127,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + diff --git a/database_updates.php b/database_updates.php index 1cc29ceb..3a7a593e 100644 --- a/database_updates.php +++ b/database_updates.php @@ -3424,10 +3424,43 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.2'"); } - // if (CURRENT_DATABASE_VERSION == '2.1.2') { - // // Insert queries here required to update to DB version 2.1.3 + if (CURRENT_DATABASE_VERSION == '2.1.2') { + + // Update country_code to NULL for `contacts` table + mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_phone_country_code` VARCHAR(10) DEFAULT NULL"); + mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_mobile_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `locations` table + mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_phone_country_code` VARCHAR(10) DEFAULT NULL"); + mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_fax_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `vendors` table + mysqli_query($mysqli, "ALTER TABLE `vendors` MODIFY `vendor_phone_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `companies` table + mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_phone_country_code` VARCHAR(10) DEFAULT NULL"); + + // Set country_code to NULL for `contacts` table + mysqli_query($mysqli, "UPDATE `contacts` SET `contact_phone_country_code` = NULL"); + mysqli_query($mysqli, "UPDATE `contacts` SET `contact_mobile_country_code` = NULL"); + + // Set country_code to NULL for `locations` table + mysqli_query($mysqli, "UPDATE `locations` SET `location_phone_country_code` = NULL"); + mysqli_query($mysqli, "UPDATE `locations` SET `location_fax_country_code` = NULL"); + + // Set country_code to NULL for `vendors` table + mysqli_query($mysqli, "UPDATE `vendors` SET `vendor_phone_country_code` = NULL"); + + // Set country_code to NULL for `companies` table + mysqli_query($mysqli, "UPDATE `companies` SET `company_phone_country_code` = NULL"); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'"); + } + + // if (CURRENT_DATABASE_VERSION == '2.1.3') { + // // Insert queries here required to update to DB version 2.1.4 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'"); // } } else { diff --git a/db.sql b/db.sql index 4a4f9959..bfb82256 100644 --- a/db.sql +++ b/db.sql @@ -546,7 +546,7 @@ CREATE TABLE `companies` ( `company_state` varchar(200) DEFAULT NULL, `company_zip` varchar(200) DEFAULT NULL, `company_country` varchar(200) DEFAULT NULL, - `company_phone_country_code` varchar(10) DEFAULT '1', + `company_phone_country_code` varchar(10) DEFAULT NULL, `company_phone` varchar(200) DEFAULT NULL, `company_email` varchar(200) DEFAULT NULL, `company_website` varchar(200) DEFAULT NULL, @@ -680,10 +680,10 @@ CREATE TABLE `contacts` ( `contact_name` varchar(200) NOT NULL, `contact_title` varchar(200) DEFAULT NULL, `contact_email` varchar(200) DEFAULT NULL, - `contact_phone_country_code` varchar(10) DEFAULT '1', + `contact_phone_country_code` varchar(10) DEFAULT NULL, `contact_phone` varchar(200) DEFAULT NULL, `contact_extension` varchar(200) DEFAULT NULL, - `contact_mobile_country_code` varchar(10) DEFAULT '1', + `contact_mobile_country_code` varchar(10) DEFAULT NULL, `contact_mobile` varchar(200) DEFAULT NULL, `contact_photo` varchar(200) DEFAULT NULL, `contact_pin` varchar(255) DEFAULT NULL, @@ -1115,10 +1115,10 @@ CREATE TABLE `locations` ( `location_city` varchar(200) DEFAULT NULL, `location_state` varchar(200) DEFAULT NULL, `location_zip` varchar(200) DEFAULT NULL, - `location_phone_country_code` varchar(10) DEFAULT '1', + `location_phone_country_code` varchar(10) DEFAULT NULL, `location_phone` varchar(200) DEFAULT NULL, `location_phone_extension` varchar(10) DEFAULT NULL, - `location_fax_country_code` varchar(10) DEFAULT '1', + `location_fax_country_code` varchar(10) DEFAULT NULL, `location_fax` varchar(200) DEFAULT NULL, `location_hours` varchar(200) DEFAULT NULL, `location_photo` varchar(200) DEFAULT NULL, @@ -2468,7 +2468,7 @@ CREATE TABLE `vendors` ( `vendor_name` varchar(200) NOT NULL, `vendor_description` varchar(200) DEFAULT NULL, `vendor_contact_name` varchar(200) DEFAULT NULL, - `vendor_phone_country_code` varchar(10) DEFAULT '1', + `vendor_phone_country_code` varchar(10) DEFAULT NULL, `vendor_phone` varchar(200) DEFAULT NULL, `vendor_extension` varchar(200) DEFAULT NULL, `vendor_email` varchar(200) DEFAULT NULL, @@ -2498,4 +2498,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2025-03-29 18:16:21 +-- Dump completed on 2025-03-31 12:05:41 diff --git a/functions.php b/functions.php index 3176c6ba..e114a877 100644 --- a/functions.php +++ b/functions.php @@ -194,140 +194,161 @@ function truncate($text, $chars) { } function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code = false) { - // Remove all non-digit characters $digits = preg_replace('/\D/', '', $phoneNumber); $formatted = ''; + // If no digits at all, fallback early + if (strlen($digits) === 0) { + return $phoneNumber; + } + + // Helper function to safely check the first digit + $startsWith = function($str, $char) { + return isset($str[0]) && $str[0] === $char; + }; + switch ($country_code) { - case '1': // USA/Canada — (123) 456-7890 + case '1': // USA/Canada if (strlen($digits) === 10) { $formatted = '(' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6); } break; - case '44': // UK — 07123 456 789 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '44': // UK + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 10) { $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '61': // Australia — 0412 345 678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '61': // Australia + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 9) { $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '91': // India — 91234 56789 + case '91': // India if (strlen($digits) === 10) { $formatted = substr($digits, 0, 5) . ' ' . substr($digits, 5); } break; - case '81': // Japan — 03-1234-5678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '81': // Japan + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) >= 9 && strlen($digits) <= 10) { $formatted = '0' . substr($digits, 0, 2) . '-' . substr($digits, 2, 4) . '-' . substr($digits, 6); } break; - case '49': // Germany — 030 12345678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '49': // Germany + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) >= 10) { $formatted = '0' . substr($digits, 0, 3) . ' ' . substr($digits, 3); } break; - case '33': // France — 01 23 45 67 89 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '33': // France + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 9) { $formatted = '0' . implode(' ', str_split($digits, 2)); } break; - case '34': // Spain — 612 345 678 + case '34': // Spain if (strlen($digits) === 9) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; - case '39': // Italy — 312 345 6789 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '39': // Italy + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } $formatted = '0' . implode(' ', str_split($digits, 3)); break; - case '55': // Brazil — (11) 91234-5678 + case '55': // Brazil if (strlen($digits) === 11) { $formatted = '(' . substr($digits, 0, 2) . ') ' . substr($digits, 2, 5) . '-' . substr($digits, 7); } break; - case '7': // Russia — 8 (912) 345-67-89 - if ($digits[0] === '8') $digits = substr($digits, 1); + case '7': // Russia + if ($startsWith($digits, '8')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 10) { $formatted = '8 (' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6, 2) . '-' . substr($digits, 8); } break; - case '86': // China — 138 0013 8000 + case '86': // China if (strlen($digits) === 11) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 4) . ' ' . substr($digits, 7); } break; - case '82': // South Korea — 010-1234-5678 + case '82': // South Korea if (strlen($digits) === 11) { $formatted = substr($digits, 0, 3) . '-' . substr($digits, 3, 4) . '-' . substr($digits, 7); } break; - case '62': // Indonesia — 0812 3456 7890 - if ($digits[0] !== '0') $digits = '0' . $digits; + case '62': // Indonesia + if (!$startsWith($digits, '0')) { + $digits = '0' . $digits; + } if (strlen($digits) === 12) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 4) . ' ' . substr($digits, 8); } break; - case '63': // Philippines — 0912 345 6789 + case '63': // Philippines if (strlen($digits) === 11) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '234': // Nigeria — 0801 234 5678 - if ($digits[0] !== '0') $digits = '0' . $digits; + case '234': // Nigeria + if (!$startsWith($digits, '0')) { + $digits = '0' . $digits; + } if (strlen($digits) === 11) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '27': // South Africa — 082 123 4567 + case '27': // South Africa if (strlen($digits) >= 9 && strlen($digits) <= 10) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; - case '971': // UAE — 050 123 4567 + case '971': // UAE if (strlen($digits) === 9) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; default: - // If no match, do nothing here and use fallback below + // fallback — do nothing, use raw digits later break; } - // Fallback if formatting failed - if (!$formatted && strlen($digits) >= 7) { - $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); - } - - // Still no formatting? Use raw digits if (!$formatted) { - $formatted = $digits ?: $phoneNumber; // Use original input if digits are empty + $formatted = $digits ?: $phoneNumber; } return $show_country_code && $country_code ? "+$country_code $formatted" : $formatted; diff --git a/includes/app_version.php b/includes/app_version.php index 9496998d..8789cc27 100644 --- a/includes/app_version.php +++ b/includes/app_version.php @@ -5,4 +5,4 @@ * Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month. */ -DEFINE("APP_VERSION", "25.03.2"); +DEFINE("APP_VERSION", "25.03.3"); diff --git a/includes/database_version.php b/includes/database_version.php index 021f1386..66ba4bf3 100644 --- a/includes/database_version.php +++ b/includes/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "2.1.2"); +DEFINE("LATEST_DATABASE_VERSION", "2.1.3"); diff --git a/mfa_enforcement.php b/mfa_enforcement.php index 74c0a40c..289ef2fb 100644 --- a/mfa_enforcement.php +++ b/mfa_enforcement.php @@ -1,7 +1,7 @@ - + @@ -228,7 +228,7 @@
- + @@ -267,7 +267,7 @@
- + @@ -287,7 +287,7 @@
- + diff --git a/modals/contact_add_modal.php b/modals/contact_add_modal.php index a10fd71f..9586d709 100644 --- a/modals/contact_add_modal.php +++ b/modals/contact_add_modal.php @@ -101,7 +101,7 @@
- + @@ -121,7 +121,7 @@
- + diff --git a/modals/location_add_modal.php b/modals/location_add_modal.php index b12e3a1e..cdd43b99 100644 --- a/modals/location_add_modal.php +++ b/modals/location_add_modal.php @@ -184,7 +184,7 @@
- + @@ -204,7 +204,7 @@
- + diff --git a/modals/vendor_add_modal.php b/modals/vendor_add_modal.php index fc0f9154..fbd8acb3 100644 --- a/modals/vendor_add_modal.php +++ b/modals/vendor_add_modal.php @@ -77,7 +77,7 @@
- + diff --git a/post/admin/admin_settings_company.php b/post/admin/admin_settings_company.php index 5f11db43..3df3c4a1 100644 --- a/post/admin/admin_settings_company.php +++ b/post/admin/admin_settings_company.php @@ -12,6 +12,7 @@ if (isset($_POST['edit_company'])) { $state = sanitizeInput($_POST['state']); $zip = sanitizeInput($_POST['zip']); $country = sanitizeInput($_POST['country']); + $phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']); $phone = preg_replace("/[^0-9]/", '',$_POST['phone']); $email = sanitizeInput($_POST['email']); $website = sanitizeInput($_POST['website']); @@ -40,7 +41,7 @@ if (isset($_POST['edit_company'])) { } } - mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1"); + mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1"); // Logging logAction("Settings", "Edit", "$session_name edited company details"); diff --git a/post/admin/admin_user.php b/post/admin/admin_user.php index 632fd083..862e4ea4 100644 --- a/post/admin/admin_user.php +++ b/post/admin/admin_user.php @@ -15,7 +15,7 @@ if (isset($_POST['add_user'])) { $password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT); $user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password'])); - mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' user_role_id = $role"); + mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext', user_role_id = $role"); $user_id = mysqli_insert_id($mysqli); @@ -217,7 +217,7 @@ if (isset($_GET['disable_user'])) { // Un-assign tickets mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL"); - mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_assigned_to = 0 WHERE scheduled_ticket_assigned_to = $user_id"); + mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_assigned_to = 0 WHERE recurring_ticket_assigned_to = $user_id"); // Logging logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id); diff --git a/post/user/client.php b/post/user/client.php index bd95eb32..ff2c194e 100644 --- a/post/user/client.php +++ b/post/user/client.php @@ -54,7 +54,7 @@ if (isset($_POST['add_client'])) { // Create Location if (!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)) { - mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id"); + mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_phone_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id"); //Extended Logging $extended_log_description .= ", primary location $address added"; diff --git a/post/user/contact.php b/post/user/contact.php index 1d4552c3..1d70ef05 100644 --- a/post/user/contact.php +++ b/post/user/contact.php @@ -122,7 +122,7 @@ if (isset($_POST['edit_contact'])) { } - mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$phone_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id"); + mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$mobile_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id"); // Upload Photo if (isset($_FILES['file']['tmp_name'])) { diff --git a/post/user/location.php b/post/user/location.php index b4d150bc..087215b1 100644 --- a/post/user/location.php +++ b/post/user/location.php @@ -17,7 +17,7 @@ if(isset($_POST['add_location'])){ mkdir("uploads/clients/$client_id"); } - mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id"); $location_id = mysqli_insert_id($mysqli); @@ -79,7 +79,7 @@ if(isset($_POST['edit_location'])){ mkdir("uploads/clients/$client_id"); } - mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id"); + mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id"); // Update Primay location in clients if primary location is checked if ($location_primary == 1) { diff --git a/post/user/location_model.php b/post/user/location_model.php index 6b33250c..a62147f8 100644 --- a/post/user/location_model.php +++ b/post/user/location_model.php @@ -10,8 +10,10 @@ $city = sanitizeInput($_POST['city']); $state = sanitizeInput($_POST['state']); $zip = sanitizeInput($_POST['zip']); $phone = preg_replace("/[^0-9]/", '',$_POST['phone']); +$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']); $extension = preg_replace("/[^0-9]/", '',$_POST['extension']); $fax = preg_replace("/[^0-9]/", '',$_POST['fax']); +$fax_country_code = preg_replace("/[^0-9]/", '',$_POST['fax_country_code']); $hours = sanitizeInput($_POST['hours']); $notes = sanitizeInput($_POST['notes']); $contact = intval($_POST['contact'] ?? 0); diff --git a/post/user/ticket.php b/post/user/ticket.php index 6b283571..b833774f 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -576,7 +576,7 @@ if (isset($_POST['assign_ticket'])) { $agent_name = "No One"; } else { // Get & verify assigned agent details - $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND user_settings.user_role > 1"); + $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users WHERE users.user_id = $assigned_to"); $agent_details = mysqli_fetch_array($agent_details_sql); $agent_name = sanitizeInput($agent_details['user_name']); @@ -732,7 +732,7 @@ if (isset($_POST['bulk_assign_ticket'])) { $agent_name = "No One"; } else { // Get & verify assigned agent details - $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to AND user_settings.user_role > 1"); + $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to"); $agent_details = mysqli_fetch_array($agent_details_sql); $agent_name = sanitizeInput($agent_details['user_name']); @@ -1572,6 +1572,25 @@ if (isset($_POST['edit_ticket_reply'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } +if (isset($_POST['redact_ticket_reply'])) { + + enforceUserPermission('module_support', 2); + + $ticket_reply_id = intval($_POST['ticket_reply_id']); + $ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']); + + $client_id = intval($_POST['client_id']); + + mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id"); + + // Logging + logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id); + + $_SESSION['alert_message'] = "Ticket reply redacted"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); +} + if (isset($_GET['archive_ticket_reply'])) { enforceUserPermission('module_support', 2); diff --git a/recurring_invoice.php b/recurring_invoice.php index 5bd578c6..a510f522 100644 --- a/recurring_invoice.php +++ b/recurring_invoice.php @@ -164,7 +164,7 @@ if (isset($_GET['recurring_invoice_id'])) { Force Send
- + Delete diff --git a/recurring_invoices.php b/recurring_invoices.php index 7bcda6f2..2df9bf03 100644 --- a/recurring_invoices.php +++ b/recurring_invoices.php @@ -257,7 +257,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- + Delete diff --git a/scripts/cron.php b/scripts/cron.php index 46148972..3c838824 100644 --- a/scripts/cron.php +++ b/scripts/cron.php @@ -879,7 +879,7 @@ while ($row = mysqli_fetch_array($sql_recurring_invoices)) { } //End Recurring Invoices Loop // Flag any active recurring "next run" dates that are in the past -$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE()"); +$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE() AND recurring_invoice_status = 1"); while ($row = mysqli_fetch_array($sql_invalid_recurring_invoices)) { $invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']); $invoice_number = intval($row['recurring_invoice_number']); diff --git a/user_activity.php b/user_activity.php index cf962980..287706a7 100644 --- a/user_activity.php +++ b/user_activity.php @@ -41,9 +41,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs -
- ">See More... -
+ +
+ ">See More... +
+
@@ -86,9 +88,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs ?> -
- See More... -
+ +
+ See More... +
+