diff --git a/post/admin/admin_software_template.php b/post/admin/admin_software_template.php
index f999e0e9..e0f9d019 100644
--- a/post/admin/admin_software_template.php
+++ b/post/admin/admin_software_template.php
@@ -17,10 +17,12 @@ if (isset($_POST['add_software_template'])) {
mysqli_query($mysqli,"INSERT INTO software SET software_name = '$name', software_version = '$version', software_description = '$description', software_type = '$type', software_license_type = '$license_type', software_notes = '$notes', software_template = 1, software_client_id = 0");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Template', log_action = 'Create', log_description = '$session_user_name created software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $software_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Software template created";
+ // Logging
+ logAction("Software Template", "Create", "$session_name created software template $name", 0, $software_id);
+
+ $_SESSION['alert_message'] = "Software template $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -38,10 +40,10 @@ if (isset($_POST['edit_software_template'])) {
mysqli_query($mysqli,"UPDATE software SET software_name = '$name', software_version = '$version', software_description = '$description', software_type = '$type', software_license_type = '$license_type', software_notes = '$notes' WHERE software_id = $software_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Teplate', log_action = 'Modify', log_description = '$session_name modified software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Software Template", "Edit", "$session_name edited software template $name", 0, $software_id);
- $_SESSION['alert_message'] = "Software template updated";
+ $_SESSION['alert_message'] = "Software template $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_tag.php b/post/admin/admin_tag.php
index 387c24a2..bb3e8280 100644
--- a/post/admin/admin_tag.php
+++ b/post/admin/admin_tag.php
@@ -10,10 +10,12 @@ if (isset($_POST['add_tag'])) {
mysqli_query($mysqli,"INSERT INTO tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon'");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $tag_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Tag added";
+ // Logging
+ logAction("Tag", "Create", "$session_name created tag $name", 0, $tag_id);
+
+ $_SESSION['alert_message'] = "Tag $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -27,10 +29,10 @@ if (isset($_POST['edit_tag'])) {
mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Tag", "Edit", "$session_name edited tag $name", 0, $tag_id);
- $_SESSION['alert_message'] = "Tag modified";
+ $_SESSION['alert_message'] = "Tag $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -39,14 +41,19 @@ if (isset($_POST['edit_tag'])) {
if (isset($_GET['delete_tag'])) {
$tag_id = intval($_GET['delete_tag']);
+ // Get Tag Name for logging
+ $sql = mysqli_query($mysqli,"SELECT tag_name FROM tags WHERE tag_id = $tag_id");
+ $row = mysqli_fetch_array($sql);
+ $tag_name = sanitizeInput($row['tag_name']);
+
mysqli_query($mysqli,"DELETE FROM tags WHERE tag_id = $tag_id");
mysqli_query($mysqli,"DELETE FROM client_tags WHERE tag_id = $tag_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Delete', log_description = '$tag_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Tag", "Delete", "$session_name deleted tag $tag_name");
- $_SESSION['alert_message'] = "Tag deleted";
$_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Tag $tag_name deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_tax.php b/post/admin/admin_tax.php
index 3254e4e8..76b39759 100644
--- a/post/admin/admin_tax.php
+++ b/post/admin/admin_tax.php
@@ -12,10 +12,12 @@ if (isset($_POST['add_tax'])) {
mysqli_query($mysqli,"INSERT INTO taxes SET tax_name = '$name', tax_percent = $percent");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Create', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $tax_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Tax added";
+ // Logging
+ logAction("Tax", "Create", "$session_name created tax $name - $percent%", 0, $tax_id);
+
+ $_SESSION['alert_message'] = "Tax $name ($percent%) created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -30,10 +32,10 @@ if (isset($_POST['edit_tax'])) {
mysqli_query($mysqli,"UPDATE taxes SET tax_name = '$name', tax_percent = $percent WHERE tax_id = $tax_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Modify', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Tax", "Edit", "$session_name edited tax $name - $percent%", 0, $tax_id);
- $_SESSION['alert_message'] = "Tax modified";
+ $_SESSION['alert_message'] = "Tax $name ($percent%) edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -43,12 +45,18 @@ if (isset($_GET['archive_tax'])) {
validateCSRFToken($_GET['csrf_token']);
$tax_id = intval($_GET['archive_tax']);
+ // Get Tax Name for logging
+ $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxs WHERE tax_id = $tax_id");
+ $row = mysqli_fetch_array($sql);
+ $tax_name = sanitizeInput($row['tax_name']);
+
mysqli_query($mysqli,"UPDATE taxes SET tax_archived_at = NOW() WHERE tax_id = $tax_id");
- //logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Archive', log_description = '$tax_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'");
+ // Logging
+ logAction("Tax", "Archive", "$session_name archived tax $tax_name", 0, $tax_id);
- $_SESSION['alert_message'] = "Tax Archived";
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Tax $tax_name Archived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -57,13 +65,18 @@ if (isset($_GET['archive_tax'])) {
if (isset($_GET['delete_tax'])) {
$tax_id = intval($_GET['delete_tax']);
+ // Get Tax Name for logging
+ $sql = mysqli_query($mysqli,"SELECT tax_name FROM taxs WHERE tax_id = $tax_id");
+ $row = mysqli_fetch_array($sql);
+ $tax_name = sanitizeInput($row['tax_name']);
+
mysqli_query($mysqli,"DELETE FROM taxes WHERE tax_id = $tax_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Delete', log_description = '$tax_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Tax", "Delete", "$session_name deleted tax $tax_name");
- $_SESSION['alert_message'] = "Tax deleted";
$_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Tax $tax_name deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_ticket_status.php b/post/admin/admin_ticket_status.php
index 150ade7c..79b600cd 100644
--- a/post/admin/admin_ticket_status.php
+++ b/post/admin/admin_ticket_status.php
@@ -10,9 +10,9 @@ if (isset($_POST['add_ticket_status'])) {
$ticket_status_id = mysqli_insert_id($mysqli);
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Status', log_action = 'Create', log_description = '$session_name created ticket status $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_status_id");
+ logAction("Ticket Status", "Create", "$session_name created custom ticket status $name", 0, $ticket_status_id);
- $_SESSION['alert_message'] = "You created Ticket Status $name";
+ $_SESSION['alert_message'] = "Custom Ticket Status $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -28,9 +28,9 @@ if (isset($_POST['edit_ticket_status'])) {
mysqli_query($mysqli, "UPDATE ticket_statuses SET ticket_status_name = '$name', ticket_status_color = '$color', ticket_status_active = $status WHERE ticket_status_id = $ticket_status_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Status', log_action = 'Edit', log_description = '$session_name edited ticket status $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_status_id");
+ logAction("Ticket Status", "Edit", "$session_name edited custom ticket status $name", 0, $ticket_status_id);
- $_SESSION['alert_message'] = "You edited Ticket Status $name";
+ $_SESSION['alert_message'] = "Custom Ticket Status $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -48,10 +48,10 @@ if (isset($_GET['delete_ticket_status'])) {
mysqli_query($mysqli, "DELETE FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Status', log_action = 'Delete', log_description = '$session_name deleted ticket_status $ticket_status_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_status_id");
+ logAction("Ticket Status", "Delete", "$session_name deleted custom ticket status $ticket_status_name");
$_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "You Deleted Ticket Status $ticket_status_name";
+ $_SESSION['alert_message'] = "Custom Ticket Status $ticket_status_name Deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_ticket_template.php b/post/admin/admin_ticket_template.php
index 56f68a63..428b1d16 100644
--- a/post/admin/admin_ticket_template.php
+++ b/post/admin/admin_ticket_template.php
@@ -8,7 +8,6 @@ require_once 'post/user/task.php';
if (isset($_POST['add_ticket_template'])) {
- validateTechRole();
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$subject = sanitizeInput($_POST['subject']);
@@ -24,9 +23,9 @@ if (isset($_POST['add_ticket_template'])) {
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Template', log_action = 'Create', log_description = '$session_name created ticket template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_template_id");
+ logAction("Ticket Template", "Create", "$session_name created ticket template $name", 0, $ticket_template_id);
- $_SESSION['alert_message'] = "You created Ticket Template $name";
+ $_SESSION['alert_message'] = "Ticket Template $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -34,7 +33,6 @@ if (isset($_POST['add_ticket_template'])) {
if (isset($_POST['edit_ticket_template'])) {
- validateTechRole();
$ticket_template_id = intval($_POST['ticket_template_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
@@ -44,17 +42,15 @@ if (isset($_POST['edit_ticket_template'])) {
mysqli_query($mysqli, "UPDATE ticket_templates SET ticket_template_name = '$name', ticket_template_description = '$description', ticket_template_subject = '$subject', ticket_template_details = '$details' WHERE ticket_template_id = $ticket_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Template', log_action = 'Edit', log_description = '$session_name edited ticket template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_template_id");
+ logAction("Ticket Template", "Edit", "$session_name edited ticket template $name", 0, $ticket_template_id);
- $_SESSION['alert_message'] = "You edited Ticket Template $name";
+ $_SESSION['alert_message'] = "Ticket Template $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_ticket_template'])) {
- validateTechRole();
-
$ticket_template_id = intval($_GET['delete_ticket_template']);
// Get ticket template name
@@ -71,17 +67,16 @@ if (isset($_GET['delete_ticket_template'])) {
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE ticket_template_id = $ticket_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Template', log_action = 'Delete', log_description = '$session_name deleted ticket template $ticket_template_name and its tasks', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_template_id");
+ logAction("Ticket Template", "Delete", "$session_name deleted ticket template $ticket_template_name");
$_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "You Deleted Ticket Template $ticket_template_name and its associated tasks";
+ $_SESSION['alert_message'] = "Ticket Template $ticket_template_name and its associated tasks deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['add_ticket_template_task'])) {
- validateTechRole();
$ticket_template_id = intval($_POST['ticket_template_id']);
$task_name = sanitizeInput($_POST['task_name']);
@@ -92,7 +87,10 @@ if (isset($_POST['add_ticket_template_task'])) {
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Task Template', log_action = 'Create', log_description = '$session_name created task template $task_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $ticket_template_id");
- $_SESSION['alert_message'] = "You created Task Template $task_name";
+ // Logging
+ logAction("Ticket Template", "Edit", "$session_name added task $task_name to ticket template", 0, $ticket_template_id);
+
+ $_SESSION['alert_message'] = "Added Task $task_name";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -100,8 +98,6 @@ if (isset($_POST['add_ticket_template_task'])) {
if (isset($_GET['delete_task_template'])) {
- validateTechRole();
-
$task_template_id = intval($_GET['delete_task_template']);
// Get task template name
@@ -112,10 +108,10 @@ if (isset($_GET['delete_task_template'])) {
mysqli_query($mysqli, "DELETE FROM task_templates WHERE task_template_id = $task_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Task Template', log_action = 'Delete', log_description = '$session_name deleted task template $task_template_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $task_template_id");
+ logAction("Ticket Template", "Edit", "$session_name deleted task $task_template_name from ticket template");
$_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "You Deleted Task Template $task_template_name";
+ $_SESSION['alert_message'] = "Task $task_template_name deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_user.php b/post/admin/admin_user.php
index 93da74c9..974936ee 100644
--- a/post/admin/admin_user.php
+++ b/post/admin/admin_user.php
@@ -18,7 +18,7 @@ if (isset($_POST['add_user'])) {
$user_id = mysqli_insert_id($mysqli);
// Add Client Access Permissions if set
- if (!empty($_POST['clients'])) {
+ if (isset($_POST['clients'])) {
foreach($_POST['clients'] as $client_id) {
$client_id = intval($client_id);
mysqli_query($mysqli,"INSERT INTO user_permissions SET user_id = $user_id, client_id = $client_id");
@@ -92,7 +92,7 @@ if (isset($_POST['add_user'])) {
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Create', log_description = '$session_name created user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ logAction("User", "Create", "$session_name created user $name", 0, $user_id);
$_SESSION['alert_message'] = "User $name created" . $extended_alert_description;
@@ -111,7 +111,7 @@ if (isset($_POST['edit_user'])) {
// Update Client Access
mysqli_query($mysqli,"DELETE FROM user_permissions WHERE user_id = $user_id");
- if (!empty($_POST['clients'])) {
+ if (isset($_POST['clients'])) {
foreach($_POST['clients'] as $client_id) {
$client_id = intval($client_id);
mysqli_query($mysqli,"INSERT INTO user_permissions SET user_id = $user_id, client_id = $client_id");
@@ -174,8 +174,8 @@ if (isset($_POST['edit_user'])) {
//Update User Settings
mysqli_query($mysqli, "UPDATE user_settings SET user_role = $role, user_config_force_mfa = $force_mfa WHERE user_id = $user_id");
- //Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name modified user $name $extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ // Logging
+ logAction("User", "Edit", "$session_name edited user $name", 0, $user_id);
$_SESSION['alert_message'] = "User $name updated" . $extended_alert_description;
@@ -196,8 +196,8 @@ if (isset($_GET['activate_user'])) {
mysqli_query($mysqli, "UPDATE users SET user_status = 1 WHERE user_id = $user_id");
- //Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name activated user $user_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ // Logging
+ logAction("User", "Activate", "$session_name activated user $user_name", 0, $user_id);
$_SESSION['alert_message'] = "User $user_name activated";
@@ -222,8 +222,8 @@ if (isset($_GET['disable_user'])) {
mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL");
mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_assigned_to = 0 WHERE scheduled_ticket_assigned_to = $user_id");
- //Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name disabled user $user_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ // Logging
+ logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User $user_name disabled";
@@ -244,8 +244,8 @@ if (isset($_GET['revoke_remember_me'])) {
mysqli_query($mysqli, "DELETE FROM remember_tokens WHERE remember_token_user_id = $user_id");
- //Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name revoked all remember me tokens for user $user_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ // Logging
+ logAction("User", "Edit", "$session_name revoked all remember me tokens for user $user_name", 0, $user_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User $user_name remember me tokens revoked";
@@ -271,7 +271,7 @@ if (isset($_GET['archive_user'])) {
mysqli_query($mysqli, "UPDATE users SET user_name = '$name (archived)', user_password = '$password', user_status = 0, user_specific_encryption_ciphertext = '', user_archived_at = NOW() WHERE user_id = $user_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Archive', log_description = '$session_name archived user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+ logAction("User", "Archive", "$session_name archived user $name", 0, $user_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User $name archived";
@@ -285,7 +285,9 @@ if (isset($_POST['export_users_csv'])) {
//get records from database
$sql = mysqli_query($mysqli, "SELECT * FROM users ORDER BY user_name ASC");
- if ($sql->num_rows > 0) {
+ $count = mysqli_num_rows($sql);
+
+ if ($count > 0) {
$delimiter = ", ";
$filename = $session_company_name . "-Users-" . date('Y-m-d') . ".csv";
@@ -329,6 +331,9 @@ if (isset($_POST['export_users_csv'])) {
//output all remaining data on a file pointer
fpassthru($f);
+
+ // Logging
+ logAction("User", "Export", "$session_name exported $count user(s) to a CSV file");
}
exit;
@@ -370,7 +375,7 @@ if (isset($_POST['ir_reset_user_password'])) {
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name reset ALL user passwords', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("User", "Edit", "$session_name reset ALL user passwords");
exit; // Stay on the plain text password page
diff --git a/post/admin/admin_vendor_template.php b/post/admin/admin_vendor_template.php
index c11a4448..9f8c8b5b 100644
--- a/post/admin/admin_vendor_template.php
+++ b/post/admin/admin_vendor_template.php
@@ -13,8 +13,8 @@ if (isset($_POST['add_vendor_template'])) {
$vendor_id = mysqli_insert_id($mysqli);
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Create', log_description = '$session_name created vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Vendor Template", "Create", "$session_name created vendor template $name", 0, $vendor_id);
$_SESSION['alert_message'] = "Vendor template $name created";
@@ -107,10 +107,10 @@ if (isset($_POST['edit_vendor_template'])) {
mysqli_query($mysqli,"UPDATE vendors SET $sql WHERE vendor_template_id = $vendor_id");
}
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Modify', log_description = '$session_name modified vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Vendor Template", "Edit", "$session_name edited vendor template $name", 0, $vendor_template_id);
- $_SESSION['alert_message'] = "Vendor template $name modified";
+ $_SESSION['alert_message'] = "Vendor template $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin_update.php b/post/admin_update.php
index 2e002c6f..41e1ac42 100644
--- a/post/admin_update.php
+++ b/post/admin_update.php
@@ -270,8 +270,8 @@ if (isset($_GET['update'])) {
}
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Update', log_description = '$session_name ran updates', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("App", "Update", "$session_name ran updates");
$_SESSION['alert_message'] = "Update successful";
@@ -291,8 +291,8 @@ if (isset($_GET['update_db'])) {
// Perform upgrades, if required
require_once ('database_updates.php');
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Update', log_description = '$session_name updated the database structure', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Database", "Update", "$session_name updated the database structure");
$_SESSION['alert_message'] = "Database structure update successful";