From a2599e5d430f2a4ca6ec7269f05b099804ea105a Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 30 Mar 2025 02:14:06 -0400 Subject: [PATCH 01/18] Fix network location edit --- ajax/ajax_network_edit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ajax/ajax_network_edit.php b/ajax/ajax_network_edit.php index fb53f4b0..71b6139d 100644 --- a/ajax/ajax_network_edit.php +++ b/ajax/ajax_network_edit.php @@ -90,7 +90,7 @@ ob_start(); $location_id = intval($row['location_id']); $location_name = nullable_htmlentities($row['location_name']); ?> - Date: Sun, 30 Mar 2025 11:45:27 -0400 Subject: [PATCH 02/18] Fix setting country code in company details --- post/admin/admin_settings_company.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/post/admin/admin_settings_company.php b/post/admin/admin_settings_company.php index 5f11db43..3df3c4a1 100644 --- a/post/admin/admin_settings_company.php +++ b/post/admin/admin_settings_company.php @@ -12,6 +12,7 @@ if (isset($_POST['edit_company'])) { $state = sanitizeInput($_POST['state']); $zip = sanitizeInput($_POST['zip']); $country = sanitizeInput($_POST['country']); + $phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']); $phone = preg_replace("/[^0-9]/", '',$_POST['phone']); $email = sanitizeInput($_POST['email']); $website = sanitizeInput($_POST['website']); @@ -40,7 +41,7 @@ if (isset($_POST['edit_company'])) { } } - mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1"); + mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1"); // Logging logAction("Settings", "Edit", "$session_name edited company details"); From 42606067c093daa556282504ae63151983d95b00 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 30 Mar 2025 12:22:43 -0400 Subject: [PATCH 03/18] If no country code is entered display the number only no spaces hyphens or perenthesis --- functions.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/functions.php b/functions.php index 3176c6ba..f2d0ca37 100644 --- a/functions.php +++ b/functions.php @@ -320,12 +320,7 @@ function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code break; } - // Fallback if formatting failed - if (!$formatted && strlen($digits) >= 7) { - $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); - } - - // Still no formatting? Use raw digits + // no formatting? Use raw digits if (!$formatted) { $formatted = $digits ?: $phoneNumber; // Use original input if digits are empty } From e92f2f714d3c5e295eb10fcc4383e880e4f8a2e4 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 30 Mar 2025 20:48:12 -0400 Subject: [PATCH 04/18] Fix Ticket Assign to --- post/user/ticket.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/user/ticket.php b/post/user/ticket.php index 6b283571..81bfdd6a 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -576,7 +576,7 @@ if (isset($_POST['assign_ticket'])) { $agent_name = "No One"; } else { // Get & verify assigned agent details - $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND user_settings.user_role > 1"); + $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND users.user_role_id > 1"); $agent_details = mysqli_fetch_array($agent_details_sql); $agent_name = sanitizeInput($agent_details['user_name']); From 393c0b8c1191b93d6563b3cd77f906d4ccb53f3f Mon Sep 17 00:00:00 2001 From: wrongecho Date: Mon, 31 Mar 2025 08:28:22 +0100 Subject: [PATCH 05/18] Recurring invoices - Fix the delete link - Cron should only flag recurring invoices that with a next-run in the past if the recurring invoice is active --- recurring_invoice.php | 2 +- recurring_invoices.php | 2 +- scripts/cron.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/recurring_invoice.php b/recurring_invoice.php index 5bd578c6..a510f522 100644 --- a/recurring_invoice.php +++ b/recurring_invoice.php @@ -164,7 +164,7 @@ if (isset($_GET['recurring_invoice_id'])) { Force Send
- + Delete diff --git a/recurring_invoices.php b/recurring_invoices.php index 7bcda6f2..2df9bf03 100644 --- a/recurring_invoices.php +++ b/recurring_invoices.php @@ -257,7 +257,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- + Delete diff --git a/scripts/cron.php b/scripts/cron.php index 46148972..3c838824 100644 --- a/scripts/cron.php +++ b/scripts/cron.php @@ -879,7 +879,7 @@ while ($row = mysqli_fetch_array($sql_recurring_invoices)) { } //End Recurring Invoices Loop // Flag any active recurring "next run" dates that are in the past -$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE()"); +$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE() AND recurring_invoice_status = 1"); while ($row = mysqli_fetch_array($sql_invalid_recurring_invoices)) { $invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']); $invoice_number = intval($row['recurring_invoice_number']); From af46a1fd968e8b64f1f306c11dcbad3d14ac7cac Mon Sep 17 00:00:00 2001 From: wrongecho Date: Mon, 31 Mar 2025 08:32:14 +0100 Subject: [PATCH 06/18] Fix syntax error when adding user, thanks @fleetlognorge --- post/admin/admin_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/admin/admin_user.php b/post/admin/admin_user.php index 632fd083..c88271b6 100644 --- a/post/admin/admin_user.php +++ b/post/admin/admin_user.php @@ -15,7 +15,7 @@ if (isset($_POST['add_user'])) { $password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT); $user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password'])); - mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' user_role_id = $role"); + mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext', user_role_id = $role"); $user_id = mysqli_insert_id($mysqli); From 17a906fd0363380071630410f1dc4fc6c3d8cc8b Mon Sep 17 00:00:00 2001 From: wrongecho Date: Mon, 31 Mar 2025 08:35:42 +0100 Subject: [PATCH 07/18] Users bugfixes - Fix syntax error when adding user, thanks @fleetlognorge - Fix old reference to scheduled_tickets --- post/admin/admin_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/admin/admin_user.php b/post/admin/admin_user.php index c88271b6..862e4ea4 100644 --- a/post/admin/admin_user.php +++ b/post/admin/admin_user.php @@ -217,7 +217,7 @@ if (isset($_GET['disable_user'])) { // Un-assign tickets mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL"); - mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_assigned_to = 0 WHERE scheduled_ticket_assigned_to = $user_id"); + mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_assigned_to = 0 WHERE recurring_ticket_assigned_to = $user_id"); // Logging logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id); From 2032b48ad3320af3d9654e213256dc4e14c3d221 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 12:06:36 -0400 Subject: [PATCH 08/18] DB Update Set Country codes to default to NULL and not 1 Nullify all current country codes --- database_updates.php | 39 ++++++++++++++++++++++++++++++++--- db.sql | 14 ++++++------- includes/database_version.php | 2 +- 3 files changed, 44 insertions(+), 11 deletions(-) diff --git a/database_updates.php b/database_updates.php index 1cc29ceb..3a7a593e 100644 --- a/database_updates.php +++ b/database_updates.php @@ -3424,10 +3424,43 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.2'"); } - // if (CURRENT_DATABASE_VERSION == '2.1.2') { - // // Insert queries here required to update to DB version 2.1.3 + if (CURRENT_DATABASE_VERSION == '2.1.2') { + + // Update country_code to NULL for `contacts` table + mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_phone_country_code` VARCHAR(10) DEFAULT NULL"); + mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_mobile_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `locations` table + mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_phone_country_code` VARCHAR(10) DEFAULT NULL"); + mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_fax_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `vendors` table + mysqli_query($mysqli, "ALTER TABLE `vendors` MODIFY `vendor_phone_country_code` VARCHAR(10) DEFAULT NULL"); + + // Update country_code to NULL for `companies` table + mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_phone_country_code` VARCHAR(10) DEFAULT NULL"); + + // Set country_code to NULL for `contacts` table + mysqli_query($mysqli, "UPDATE `contacts` SET `contact_phone_country_code` = NULL"); + mysqli_query($mysqli, "UPDATE `contacts` SET `contact_mobile_country_code` = NULL"); + + // Set country_code to NULL for `locations` table + mysqli_query($mysqli, "UPDATE `locations` SET `location_phone_country_code` = NULL"); + mysqli_query($mysqli, "UPDATE `locations` SET `location_fax_country_code` = NULL"); + + // Set country_code to NULL for `vendors` table + mysqli_query($mysqli, "UPDATE `vendors` SET `vendor_phone_country_code` = NULL"); + + // Set country_code to NULL for `companies` table + mysqli_query($mysqli, "UPDATE `companies` SET `company_phone_country_code` = NULL"); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'"); + } + + // if (CURRENT_DATABASE_VERSION == '2.1.3') { + // // Insert queries here required to update to DB version 2.1.4 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'"); // } } else { diff --git a/db.sql b/db.sql index 4a4f9959..bfb82256 100644 --- a/db.sql +++ b/db.sql @@ -546,7 +546,7 @@ CREATE TABLE `companies` ( `company_state` varchar(200) DEFAULT NULL, `company_zip` varchar(200) DEFAULT NULL, `company_country` varchar(200) DEFAULT NULL, - `company_phone_country_code` varchar(10) DEFAULT '1', + `company_phone_country_code` varchar(10) DEFAULT NULL, `company_phone` varchar(200) DEFAULT NULL, `company_email` varchar(200) DEFAULT NULL, `company_website` varchar(200) DEFAULT NULL, @@ -680,10 +680,10 @@ CREATE TABLE `contacts` ( `contact_name` varchar(200) NOT NULL, `contact_title` varchar(200) DEFAULT NULL, `contact_email` varchar(200) DEFAULT NULL, - `contact_phone_country_code` varchar(10) DEFAULT '1', + `contact_phone_country_code` varchar(10) DEFAULT NULL, `contact_phone` varchar(200) DEFAULT NULL, `contact_extension` varchar(200) DEFAULT NULL, - `contact_mobile_country_code` varchar(10) DEFAULT '1', + `contact_mobile_country_code` varchar(10) DEFAULT NULL, `contact_mobile` varchar(200) DEFAULT NULL, `contact_photo` varchar(200) DEFAULT NULL, `contact_pin` varchar(255) DEFAULT NULL, @@ -1115,10 +1115,10 @@ CREATE TABLE `locations` ( `location_city` varchar(200) DEFAULT NULL, `location_state` varchar(200) DEFAULT NULL, `location_zip` varchar(200) DEFAULT NULL, - `location_phone_country_code` varchar(10) DEFAULT '1', + `location_phone_country_code` varchar(10) DEFAULT NULL, `location_phone` varchar(200) DEFAULT NULL, `location_phone_extension` varchar(10) DEFAULT NULL, - `location_fax_country_code` varchar(10) DEFAULT '1', + `location_fax_country_code` varchar(10) DEFAULT NULL, `location_fax` varchar(200) DEFAULT NULL, `location_hours` varchar(200) DEFAULT NULL, `location_photo` varchar(200) DEFAULT NULL, @@ -2468,7 +2468,7 @@ CREATE TABLE `vendors` ( `vendor_name` varchar(200) NOT NULL, `vendor_description` varchar(200) DEFAULT NULL, `vendor_contact_name` varchar(200) DEFAULT NULL, - `vendor_phone_country_code` varchar(10) DEFAULT '1', + `vendor_phone_country_code` varchar(10) DEFAULT NULL, `vendor_phone` varchar(200) DEFAULT NULL, `vendor_extension` varchar(200) DEFAULT NULL, `vendor_email` varchar(200) DEFAULT NULL, @@ -2498,4 +2498,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2025-03-29 18:16:21 +-- Dump completed on 2025-03-31 12:05:41 diff --git a/includes/database_version.php b/includes/database_version.php index 021f1386..66ba4bf3 100644 --- a/includes/database_version.php +++ b/includes/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "2.1.2"); +DEFINE("LATEST_DATABASE_VERSION", "2.1.3"); From 14d8dc6fa61da3af95d01e991331e152316e6811 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 16:35:36 -0400 Subject: [PATCH 09/18] Fix php errors thrown when formatPhone is blank --- functions.php | 88 ++++++++++++++++++++++++++++--------------- post/user/contact.php | 2 +- 2 files changed, 58 insertions(+), 32 deletions(-) diff --git a/functions.php b/functions.php index f2d0ca37..e114a877 100644 --- a/functions.php +++ b/functions.php @@ -194,135 +194,161 @@ function truncate($text, $chars) { } function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code = false) { - // Remove all non-digit characters $digits = preg_replace('/\D/', '', $phoneNumber); $formatted = ''; + // If no digits at all, fallback early + if (strlen($digits) === 0) { + return $phoneNumber; + } + + // Helper function to safely check the first digit + $startsWith = function($str, $char) { + return isset($str[0]) && $str[0] === $char; + }; + switch ($country_code) { - case '1': // USA/Canada — (123) 456-7890 + case '1': // USA/Canada if (strlen($digits) === 10) { $formatted = '(' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6); } break; - case '44': // UK — 07123 456 789 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '44': // UK + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 10) { $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '61': // Australia — 0412 345 678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '61': // Australia + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 9) { $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '91': // India — 91234 56789 + case '91': // India if (strlen($digits) === 10) { $formatted = substr($digits, 0, 5) . ' ' . substr($digits, 5); } break; - case '81': // Japan — 03-1234-5678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '81': // Japan + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) >= 9 && strlen($digits) <= 10) { $formatted = '0' . substr($digits, 0, 2) . '-' . substr($digits, 2, 4) . '-' . substr($digits, 6); } break; - case '49': // Germany — 030 12345678 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '49': // Germany + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) >= 10) { $formatted = '0' . substr($digits, 0, 3) . ' ' . substr($digits, 3); } break; - case '33': // France — 01 23 45 67 89 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '33': // France + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 9) { $formatted = '0' . implode(' ', str_split($digits, 2)); } break; - case '34': // Spain — 612 345 678 + case '34': // Spain if (strlen($digits) === 9) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; - case '39': // Italy — 312 345 6789 - if ($digits[0] === '0') $digits = substr($digits, 1); + case '39': // Italy + if ($startsWith($digits, '0')) { + $digits = substr($digits, 1); + } $formatted = '0' . implode(' ', str_split($digits, 3)); break; - case '55': // Brazil — (11) 91234-5678 + case '55': // Brazil if (strlen($digits) === 11) { $formatted = '(' . substr($digits, 0, 2) . ') ' . substr($digits, 2, 5) . '-' . substr($digits, 7); } break; - case '7': // Russia — 8 (912) 345-67-89 - if ($digits[0] === '8') $digits = substr($digits, 1); + case '7': // Russia + if ($startsWith($digits, '8')) { + $digits = substr($digits, 1); + } if (strlen($digits) === 10) { $formatted = '8 (' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6, 2) . '-' . substr($digits, 8); } break; - case '86': // China — 138 0013 8000 + case '86': // China if (strlen($digits) === 11) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 4) . ' ' . substr($digits, 7); } break; - case '82': // South Korea — 010-1234-5678 + case '82': // South Korea if (strlen($digits) === 11) { $formatted = substr($digits, 0, 3) . '-' . substr($digits, 3, 4) . '-' . substr($digits, 7); } break; - case '62': // Indonesia — 0812 3456 7890 - if ($digits[0] !== '0') $digits = '0' . $digits; + case '62': // Indonesia + if (!$startsWith($digits, '0')) { + $digits = '0' . $digits; + } if (strlen($digits) === 12) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 4) . ' ' . substr($digits, 8); } break; - case '63': // Philippines — 0912 345 6789 + case '63': // Philippines if (strlen($digits) === 11) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '234': // Nigeria — 0801 234 5678 - if ($digits[0] !== '0') $digits = '0' . $digits; + case '234': // Nigeria + if (!$startsWith($digits, '0')) { + $digits = '0' . $digits; + } if (strlen($digits) === 11) { $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7); } break; - case '27': // South Africa — 082 123 4567 + case '27': // South Africa if (strlen($digits) >= 9 && strlen($digits) <= 10) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; - case '971': // UAE — 050 123 4567 + case '971': // UAE if (strlen($digits) === 9) { $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6); } break; default: - // If no match, do nothing here and use fallback below + // fallback — do nothing, use raw digits later break; } - // no formatting? Use raw digits if (!$formatted) { - $formatted = $digits ?: $phoneNumber; // Use original input if digits are empty + $formatted = $digits ?: $phoneNumber; } return $show_country_code && $country_code ? "+$country_code $formatted" : $formatted; diff --git a/post/user/contact.php b/post/user/contact.php index 1d4552c3..1d70ef05 100644 --- a/post/user/contact.php +++ b/post/user/contact.php @@ -122,7 +122,7 @@ if (isset($_POST['edit_contact'])) { } - mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$phone_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id"); + mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$mobile_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id"); // Upload Photo if (isset($_FILES['file']['tmp_name'])) { From 36af4d11fcdca5bddfb4f33ec8717ab8bb375ebb Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 16:52:47 -0400 Subject: [PATCH 10/18] Few more phone fixes --- post/user/location.php | 4 ++-- post/user/location_model.php | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/post/user/location.php b/post/user/location.php index b4d150bc..087215b1 100644 --- a/post/user/location.php +++ b/post/user/location.php @@ -17,7 +17,7 @@ if(isset($_POST['add_location'])){ mkdir("uploads/clients/$client_id"); } - mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id"); + mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id"); $location_id = mysqli_insert_id($mysqli); @@ -79,7 +79,7 @@ if(isset($_POST['edit_location'])){ mkdir("uploads/clients/$client_id"); } - mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id"); + mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id"); // Update Primay location in clients if primary location is checked if ($location_primary == 1) { diff --git a/post/user/location_model.php b/post/user/location_model.php index 6b33250c..a62147f8 100644 --- a/post/user/location_model.php +++ b/post/user/location_model.php @@ -10,8 +10,10 @@ $city = sanitizeInput($_POST['city']); $state = sanitizeInput($_POST['state']); $zip = sanitizeInput($_POST['zip']); $phone = preg_replace("/[^0-9]/", '',$_POST['phone']); +$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']); $extension = preg_replace("/[^0-9]/", '',$_POST['extension']); $fax = preg_replace("/[^0-9]/", '',$_POST['fax']); +$fax_country_code = preg_replace("/[^0-9]/", '',$_POST['fax_country_code']); $hours = sanitizeInput($_POST['hours']); $notes = sanitizeInput($_POST['notes']); $contact = intval($_POST['contact'] ?? 0); From ab463c1773f661d7a42b1d847833277954540469 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 17:30:33 -0400 Subject: [PATCH 11/18] Tidy Phone Country code add + placeholder --- admin_settings_company.php | 2 +- ajax/ajax_contact_edit.php | 4 ++-- ajax/ajax_location_edit.php | 4 ++-- ajax/ajax_vendor_edit.php | 2 +- modals/client_add_modal.php | 8 ++++---- modals/contact_add_modal.php | 4 ++-- modals/location_add_modal.php | 4 ++-- modals/vendor_add_modal.php | 2 +- 8 files changed, 15 insertions(+), 15 deletions(-) diff --git a/admin_settings_company.php b/admin_settings_company.php index 3b9a3fc1..dceee89e 100644 --- a/admin_settings_company.php +++ b/admin_settings_company.php @@ -119,7 +119,7 @@ $company_initials = nullable_htmlentities(initials($company_name));
- + diff --git a/ajax/ajax_contact_edit.php b/ajax/ajax_contact_edit.php index 339ed3ee..86e7d73e 100644 --- a/ajax/ajax_contact_edit.php +++ b/ajax/ajax_contact_edit.php @@ -121,7 +121,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + " placeholder="+" maxlength="4"> @@ -141,7 +141,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + " placeholder="+" maxlength="4"> diff --git a/ajax/ajax_location_edit.php b/ajax/ajax_location_edit.php index 23098d95..fb84acbc 100644 --- a/ajax/ajax_location_edit.php +++ b/ajax/ajax_location_edit.php @@ -209,7 +209,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + @@ -229,7 +229,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + diff --git a/ajax/ajax_vendor_edit.php b/ajax/ajax_vendor_edit.php index 27c84742..b4be05c1 100644 --- a/ajax/ajax_vendor_edit.php +++ b/ajax/ajax_vendor_edit.php @@ -127,7 +127,7 @@ ob_start();
- " placeholder="Code" maxlength="4"> + diff --git a/modals/client_add_modal.php b/modals/client_add_modal.php index a83d4cd9..4aba1450 100644 --- a/modals/client_add_modal.php +++ b/modals/client_add_modal.php @@ -208,7 +208,7 @@
- + @@ -228,7 +228,7 @@
- + @@ -267,7 +267,7 @@
- + @@ -287,7 +287,7 @@
- + diff --git a/modals/contact_add_modal.php b/modals/contact_add_modal.php index a10fd71f..9586d709 100644 --- a/modals/contact_add_modal.php +++ b/modals/contact_add_modal.php @@ -101,7 +101,7 @@
- + @@ -121,7 +121,7 @@
- + diff --git a/modals/location_add_modal.php b/modals/location_add_modal.php index b12e3a1e..cdd43b99 100644 --- a/modals/location_add_modal.php +++ b/modals/location_add_modal.php @@ -184,7 +184,7 @@
- + @@ -204,7 +204,7 @@
- + diff --git a/modals/vendor_add_modal.php b/modals/vendor_add_modal.php index fc0f9154..fbd8acb3 100644 --- a/modals/vendor_add_modal.php +++ b/modals/vendor_add_modal.php @@ -77,7 +77,7 @@
- + From 0914716b8ef3c0b8671c7bfbf630d61a8e4852b7 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 18:42:56 -0400 Subject: [PATCH 12/18] Allow user to redact client replied tickets --- ajax/ajax_ticket_reply_redact.php | 9 +-------- post/user/ticket.php | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/ajax/ajax_ticket_reply_redact.php b/ajax/ajax_ticket_reply_redact.php index e38c2bf1..4766ad55 100644 --- a/ajax/ajax_ticket_reply_redact.php +++ b/ajax/ajax_ticket_reply_redact.php @@ -11,9 +11,6 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_replies ); $row = mysqli_fetch_array($sql); -$ticket_reply_type = nullable_htmlentities($row['ticket_reply_type']); -$ticket_reply_time_worked = date_create($row['ticket_reply_time_worked']); -$ticket_reply_time_worked_formatted = date_format($ticket_reply_time_worked, 'H:i:s'); $ticket_reply = nullable_htmlentities($row['ticket_reply']); $client_id = intval($row['ticket_client_id']); @@ -31,10 +28,6 @@ ob_start();
- - - -
@@ -44,7 +37,7 @@ ob_start();
- +
diff --git a/post/user/ticket.php b/post/user/ticket.php index 81bfdd6a..41d31701 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -1572,6 +1572,25 @@ if (isset($_POST['edit_ticket_reply'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } +if (isset($_POST['redact_ticket_reply'])) { + + enforceUserPermission('module_support', 2); + + $ticket_reply_id = intval($_POST['ticket_reply_id']); + $ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']); + + $client_id = intval($_POST['client_id']); + + mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id"); + + // Logging + logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id); + + $_SESSION['alert_message'] = "Ticket reply redacted"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); +} + if (isset($_GET['archive_ticket_reply'])) { enforceUserPermission('module_support', 2); From 090f4cb56018876bc5035aaeb0e953601a3bef63 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 31 Mar 2025 19:33:07 -0400 Subject: [PATCH 13/18] Fix adding location phone extension when addign a client --- post/user/client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/user/client.php b/post/user/client.php index bd95eb32..ff2c194e 100644 --- a/post/user/client.php +++ b/post/user/client.php @@ -54,7 +54,7 @@ if (isset($_POST['add_client'])) { // Create Location if (!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)) { - mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id"); + mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_phone_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id"); //Extended Logging $extended_log_description .= ", primary location $address added"; From 1ae2da80540680b4c2335d7391f7fb511f485517 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Tue, 1 Apr 2025 08:46:22 +0100 Subject: [PATCH 14/18] User activity Hide the See More button if the user can't actually access the logs due to not being an admin --- user_activity.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/user_activity.php b/user_activity.php index cf962980..287706a7 100644 --- a/user_activity.php +++ b/user_activity.php @@ -41,9 +41,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs -
- ">See More... -
+ +
+ ">See More... +
+
@@ -86,9 +88,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs ?> -
- See More... -
+ +
+ See More... +
+
Date: Tue, 1 Apr 2025 09:03:33 +0100 Subject: [PATCH 15/18] Tickets - Fix bulk assign Fix bulk assigning tickets to agents --- post/user/ticket.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/user/ticket.php b/post/user/ticket.php index 41d31701..8d1d8bf4 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -732,7 +732,7 @@ if (isset($_POST['bulk_assign_ticket'])) { $agent_name = "No One"; } else { // Get & verify assigned agent details - $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to AND user_settings.user_role > 1"); + $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to"); $agent_details = mysqli_fetch_array($agent_details_sql); $agent_name = sanitizeInput($agent_details['user_name']); From 7286248fefb50741527b8b42f3c3c9efe0cb8e21 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Tue, 1 Apr 2025 09:12:24 +0100 Subject: [PATCH 16/18] Ticket assign Remove the role check altogether, its the old way of doing the roles anyway --- post/user/ticket.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/user/ticket.php b/post/user/ticket.php index 41d31701..2cdafddf 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -576,7 +576,7 @@ if (isset($_POST['assign_ticket'])) { $agent_name = "No One"; } else { // Get & verify assigned agent details - $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND users.user_role_id > 1"); + $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users WHERE users.user_id = $assigned_to"); $agent_details = mysqli_fetch_array($agent_details_sql); $agent_name = sanitizeInput($agent_details['user_name']); From 3621e99c611c113609620e9fb20ed70e7878dcba Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 1 Apr 2025 11:33:04 -0400 Subject: [PATCH 17/18] Update Changelog and app version --- CHANGELOG.md | 14 ++++++++++++++ includes/app_version.php | 2 +- mfa_enforcement.php | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d6d2a7c..287def62 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,20 @@ # Changelog This file documents all notable changes made to ITFlow. +## [25.03.3] + +### Fixed +- Fix adding ITFlow user. +- Do not alert on inactive recurring invoices. +- Fix ticket user assignment including bulk assignment. +- Fix adding a location phone extension. +- Do not default to +1 Country code instead. +- Do not format numbers unless there a country code is entered. +- Fix editing network location. +- Fix ticket redaction on client replies. +- Remove more from user activity as it requires admin privledges +- Fix MFA Enforcement page. + ## [25.03.2] ### Fixed diff --git a/includes/app_version.php b/includes/app_version.php index 9496998d..8789cc27 100644 --- a/includes/app_version.php +++ b/includes/app_version.php @@ -5,4 +5,4 @@ * Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month. */ -DEFINE("APP_VERSION", "25.03.2"); +DEFINE("APP_VERSION", "25.03.3"); diff --git a/mfa_enforcement.php b/mfa_enforcement.php index 74c0a40c..289ef2fb 100644 --- a/mfa_enforcement.php +++ b/mfa_enforcement.php @@ -1,7 +1,7 @@ Date: Tue, 1 Apr 2025 11:40:24 -0400 Subject: [PATCH 18/18] Update Changelog --- CHANGELOG.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 287def62..fdeded17 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,11 +8,11 @@ This file documents all notable changes made to ITFlow. - Do not alert on inactive recurring invoices. - Fix ticket user assignment including bulk assignment. - Fix adding a location phone extension. -- Do not default to +1 Country code instead. -- Do not format numbers unless there a country code is entered. +- Do not default to +1 Country code, instead default to null. +- Do not format numbers unless a country code is entered. - Fix editing network location. - Fix ticket redaction on client replies. -- Remove more from user activity as it requires admin privledges +- Remove more from user activity as it requires admin privledges. - Fix MFA Enforcement page. ## [25.03.2]