From 5edd37a46e6e17bbac9c95ae82489f729c7892ac Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Thu, 26 Jan 2023 12:10:29 +0000 Subject: [PATCH] Remove currency_code variable assignment when posting add_quote/add_recurring as it's not provided. The session company currency is actually used --- post.php | 1584 +++++++++++++++++++++++++++--------------------------- 1 file changed, 791 insertions(+), 793 deletions(-) diff --git a/post.php b/post.php index 61c13e30..2bfc96ad 100644 --- a/post.php +++ b/post.php @@ -7,7 +7,7 @@ include("check_login.php"); if(isset($_POST['change_records_per_page'])){ $_SESSION['records_per_page'] = intval($_POST['change_records_per_page']); - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -22,7 +22,7 @@ if(isset($_GET['switch_company'])){ //Check to see if user has Permission to access the company if(in_array($company_id,$session_user_company_access_array)){ - + mysqli_query($mysqli,"UPDATE user_settings SET user_default_company = $company_id WHERE user_id = $session_user_id"); $_SESSION['alert_type'] = "error"; @@ -30,7 +30,7 @@ if(isset($_GET['switch_company'])){ //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Switch', log_description = '$session_name switched to company $company_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); - + }else{ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "You do not have permission to switch to this company"; @@ -38,9 +38,9 @@ if(isset($_GET['switch_company'])){ //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Switch', log_description = '$session_name attempted to switch to company $company_name but did not have permission', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); } - + header("Location: dashboard_financial.php"); - + } if(isset($_POST['add_user'])){ @@ -67,7 +67,7 @@ if(isset($_POST['add_user'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -81,7 +81,7 @@ if(isset($_POST['add_user'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -136,7 +136,7 @@ if(isset($_POST['add_user'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Create', log_description = '$session_name created user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "User $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -166,7 +166,7 @@ if(isset($_POST['edit_user'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -180,7 +180,7 @@ if(isset($_POST['edit_user'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -199,7 +199,7 @@ if(isset($_POST['edit_user'])){ //Delete old file unlink("uploads/users/$user_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id"); //Extended Logging @@ -211,7 +211,7 @@ if(isset($_POST['edit_user'])){ $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } - + mysqli_query($mysqli,"UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $user_id"); if(!empty($new_password)){ @@ -234,7 +234,7 @@ if(isset($_POST['edit_user'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name modified user $name $extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "User $name updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -244,14 +244,14 @@ if(isset($_GET['activate_user'])){ validateAdminRole(); $user_id = intval($_GET['activate_user']); - + mysqli_query($mysqli,"UPDATE users SET user_status = 1 WHERE user_id = $user_id"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Activate', log_description = '$session_name activated user $user_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "User activated!"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -261,7 +261,7 @@ if(isset($_GET['disable_user'])){ validateAdminRole(); $user_id = intval($_GET['disable_user']); - + mysqli_query($mysqli,"UPDATE users SET user_status = 0 WHERE user_id = $user_id"); //Logging @@ -269,7 +269,7 @@ if(isset($_GET['disable_user'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "User disabled!"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -315,7 +315,7 @@ if(isset($_POST['edit_profile'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -329,7 +329,7 @@ if(isset($_POST['edit_profile'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -348,7 +348,7 @@ if(isset($_POST['edit_profile'])){ //Delete old file unlink("uploads/users/$user_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id"); //Extended Logging @@ -423,7 +423,7 @@ if(isset($_POST['edit_user_companies'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name updated company permissions for user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Company permssions updated for user $name"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -452,7 +452,7 @@ if(isset($_GET['archive_user'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "User $name archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -478,7 +478,7 @@ if(isset($_POST['add_api_key'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API Key', log_action = 'Create', log_description = '$session_name created API Key $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "API Key $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -498,14 +498,14 @@ if(isset($_GET['delete_api_key'])){ mysqli_query($mysqli,"DELETE FROM api_keys WHERE api_key_id = $api_key_id AND company_id = $session_company_id"); - // Logging + // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API Key', log_action = 'Delete', log_description = '$session_name deleted API key $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "API Key $name deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_company'])){ @@ -523,12 +523,12 @@ if(isset($_POST['add_company'])){ $website = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['website']))); $locale = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['locale']))); $currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code']))); - + mysqli_query($mysqli,"INSERT INTO companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website', company_locale = '$locale', company_currency = '$currency_code'"); $company_id = mysqli_insert_id($mysqli); $current_database_version = CURRENT_DATABASE_VERSION; - + mkdir("uploads/clients/$company_id"); mkdir("uploads/expenses/$company_id"); mkdir("uploads/settings/$company_id"); @@ -536,7 +536,7 @@ if(isset($_POST['add_company'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -550,7 +550,7 @@ if(isset($_POST['add_company'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -571,7 +571,7 @@ if(isset($_POST['add_company'])){ $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -603,7 +603,7 @@ if(isset($_POST['add_company'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Create', log_description = '$session_name created company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Company $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -632,7 +632,7 @@ if(isset($_POST['edit_company'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -646,7 +646,7 @@ if(isset($_POST['edit_company'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -665,12 +665,12 @@ if(isset($_POST['edit_company'])){ //Delete old file unlink("uploads/settings/$company_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = $company_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -681,7 +681,7 @@ if(isset($_POST['edit_company'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Modify', log_description = '$session_name modified company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Company $name updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -701,7 +701,7 @@ if(isset($_GET['archive_company'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Company $company_name archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -759,8 +759,8 @@ if(isset($_GET['delete_company'])){ mysqli_query($mysqli,"DELETE FROM records WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM recurring WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM revenues WHERE company_id = $company_id"); - mysqli_query($mysqli,"DELETE FROM scheduled_tickets WHERE company_id = $company_id"); - + mysqli_query($mysqli,"DELETE FROM scheduled_tickets WHERE company_id = $company_id"); + // Delete Items Associated Services $sql = mysqli_query($mysqli,"SELECT service_id FROM services WHERE company_id = $company_id"); while($row = mysqli_fetch_array($sql)){ @@ -776,20 +776,20 @@ if(isset($_GET['delete_company'])){ mysqli_query($mysqli,"DELETE FROM services WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM settings WHERE company_id = $company_id"); - + $sql = mysqli_query($mysqli,"SELECT software_id FROM software WHERE company_id = $company_id"); while($row = mysqli_fetch_array($sql)){ $software_id = $row['software_id']; mysqli_query($mysqli,"DELETE FROM software_assets WHERE software_id = $software_id"); mysqli_query($mysqli,"DELETE FROM software_contacts WHERE software_id = $software_id"); } - mysqli_query($mysqli,"DELETE FROM software WHERE company_id = $company_id"); + mysqli_query($mysqli,"DELETE FROM software WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM tags WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM taxes WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM tickets WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM ticket_replies WHERE company_id = $company_id"); - + mysqli_query($mysqli,"DELETE FROM transfers WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM trips WHERE company_id = $company_id"); mysqli_query($mysqli,"DELETE FROM user_companies WHERE company_id = $company_id"); @@ -809,9 +809,9 @@ if(isset($_GET['delete_company'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Company $company_name deleted"; - + header("Location: post.php?logout"); - + } if(isset($_POST['verify'])){ @@ -824,7 +824,7 @@ if(isset($_POST['verify'])){ }else{ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "IN-VALID!"; - } + } header("Location: " . $_SERVER["HTTP_REFERER"]); @@ -1146,7 +1146,7 @@ if(isset($_POST['send_telemetry_data'])){ // Basic Telemetry if($config_telemetry == 1){ - + // Company Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies")); $company_count = $row['num']; @@ -1330,26 +1330,26 @@ if(isset($_GET['download_database'])){ $sqlScript = ""; foreach ($tables as $table) { - + // Prepare SQLscript for creating table structure $query = "SHOW CREATE TABLE $table"; $result = mysqli_query($mysqli, $query); $row = mysqli_fetch_row($result); - + $sqlScript .= "\n\n" . $row[1] . ";\n\n"; - - + + $query = "SELECT * FROM $table"; $result = mysqli_query($mysqli, $query); - + $columnCount = mysqli_num_fields($result); - + // Prepare SQLscript for dumping data for each table for ($i = 0; $i < $columnCount; $i ++) { while ($row = mysqli_fetch_row($result)) { $sqlScript .= "INSERT INTO $table VALUES("; for ($j = 0; $j < $columnCount; $j ++) { - + if (isset($row[$j])) { $sqlScript .= '"' . $row[$j] . '"'; } else { @@ -1362,8 +1362,8 @@ if(isset($_GET['download_database'])){ $sqlScript .= ");\n"; } } - - $sqlScript .= "\n"; + + $sqlScript .= "\n"; } if(!empty($sqlScript)) @@ -1372,7 +1372,7 @@ if(isset($_GET['download_database'])){ $backup_file_name = date('Y-m-d') . '_' . $config_company_name . '_backup.sql'; $fileHandler = fopen($backup_file_name, 'w+'); $number_of_lines = fwrite($fileHandler, $sqlScript); - fclose($fileHandler); + fclose($fileHandler); // Download the SQL backup file to the browser header('Content-Description: File Transfer'); @@ -1386,7 +1386,7 @@ if(isset($_GET['download_database'])){ ob_clean(); flush(); readfile($backup_file_name); - exec('rm ' . $backup_file_name); + exec('rm ' . $backup_file_name); } //Logging @@ -1506,7 +1506,7 @@ if(isset($_POST['add_client'])){ //Add Location if(!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)){ mysqli_query($mysqli,"INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$location_phone', location_country = '$country', location_client_id = $client_id, company_id = $session_company_id"); - + //Update Primay location in clients $location_id = mysqli_insert_id($mysqli); mysqli_query($mysqli,"UPDATE clients SET primary_location = $location_id WHERE client_id = $client_id"); @@ -1515,15 +1515,15 @@ if(isset($_POST['add_client'])){ $extended_log_description .= ", primary location $address added"; } - + //Add Contact if(!empty($contact) || !empty($title) || !empty($contact_phone) || !empty($contact_mobile) || !empty($contact_email)){ mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$contact', contact_title = '$title', contact_phone = '$contact_phone', contact_extension = '$contact_extension', contact_mobile = '$contact_mobile', contact_email = '$contact_email', contact_client_id = $client_id, company_id = $session_company_id"); - + //Update Primary contact in clients $contact_id = mysqli_insert_id($mysqli); mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id"); - + //Extended Logging $extended_log_description .= ", primary contact $contact added"; } @@ -1576,10 +1576,10 @@ if(isset($_POST['add_client'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Create', log_description = '$session_name created $name$extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Client $name created"; - + header("Location: clients.php"); exit; - + } if(isset($_POST['edit_client'])){ @@ -1600,7 +1600,7 @@ if(isset($_POST['edit_client'])){ //Tags //Delete existing tags mysqli_query($mysqli,"DELETE FROM client_tags WHERE client_id = $client_id"); - + //Add new tags foreach($_POST['tags'] as $tag){ $tag = intval($tag); @@ -1611,7 +1611,7 @@ if(isset($_POST['edit_client'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Client ".htmlentities($client_name)." updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1633,7 +1633,7 @@ if(isset($_GET['archive_client'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Client ".htmlentities($client_name)." archived. Undo"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1652,7 +1652,7 @@ if(isset($_GET['undo_archive_client'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Undo Archive', log_description = '$session_name unarchived client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Client ".htmlentities($client_name)." unarchived."; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1677,7 +1677,7 @@ if(isset($_GET['delete_client'])){ mysqli_query($mysqli,"DELETE FROM client_tags WHERE client_id = $client_id"); mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_client_id = $client_id"); mysqli_query($mysqli,"DELETE FROM documents WHERE document_client_id = $client_id"); - + // Delete Domains and associated records $sql = mysqli_query($mysqli,"SELECT domain_id FROM domains WHERE domain_client_id = $client_id"); while($row = mysqli_fetch_array($sql)){ @@ -1714,7 +1714,7 @@ if(isset($_GET['delete_client'])){ mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_quote_id = $quote_id"); } mysqli_query($mysqli,"DELETE FROM quotes WHERE quote_client_id = $client_id"); - + // Delete Recurring Invoices and associated items $sql = mysqli_query($mysqli,"SELECT recurring_id FROM recurring WHERE recurring_client_id = $client_id"); while($row = mysqli_fetch_array($sql)){ @@ -1741,7 +1741,7 @@ if(isset($_GET['delete_client'])){ mysqli_query($mysqli,"DELETE FROM services WHERE service_client_id = $client_id"); mysqli_query($mysqli,"DELETE FROM shared_items WHERE item_client_id = $client_id"); - + $sql = mysqli_query($mysqli,"SELECT software_id FROM software WHERE software_client_id = $client_id"); while($row = mysqli_fetch_array($sql)){ $software_id = $row['software_id']; @@ -1772,7 +1772,7 @@ if(isset($_GET['delete_client'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Client $client_name deleted along with all associated data"; - + header("Location: clients.php"); } @@ -1787,7 +1787,7 @@ if(isset($_POST['add_calendar'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Create', log_description = '$session_name created calendar $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Calendar created, now lets add some events!"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1846,7 +1846,7 @@ if(isset($_POST['add_event'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Create', log_description = '$session_name created event $title in calendar', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Event added to the calendar"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1907,7 +1907,7 @@ if(isset($_POST['edit_event'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Modify', log_description = '$session_name modified event $title in calendar', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Event modified on the calendar"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1927,9 +1927,9 @@ if(isset($_GET['delete_event'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Event $event_title deleted on the calendar"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } //Vendor Templates @@ -1948,7 +1948,7 @@ if(isset($_POST['add_vendor_template'])){ $sla = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['sla']))); $code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['code']))); $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes']))); - + mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_contact_name = '$contact_name', vendor_phone = '$phone', vendor_extension = '$extension', vendor_email = '$email', vendor_website = '$website', vendor_hours = '$hours', vendor_sla = '$sla', vendor_code = '$code', vendor_account_number = '$account_number', vendor_notes = '$notes', vendor_template = 1, vendor_client_id = 0, company_id = $session_company_id"); $vendor_id = mysqli_insert_id($mysqli); @@ -1957,7 +1957,7 @@ if(isset($_POST['add_vendor_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Create', log_description = '$session_name created vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Vendor template $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -1983,7 +1983,7 @@ if(isset($_POST['edit_vendor_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Modify', log_description = '$session_name modified vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Vendor template $name modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2020,7 +2020,7 @@ if(isset($_POST['add_vendor_from_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Create', log_description = 'Vendor created from template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Vendor created from template"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2042,7 +2042,7 @@ if(isset($_POST['add_vendor'])){ $sla = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['sla']))); $code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['code']))); $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes']))); - + mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_contact_name = '$contact_name', vendor_phone = '$phone', vendor_extension = '$extension', vendor_email = '$email', vendor_website = '$website', vendor_hours = '$hours', vendor_sla = '$sla', vendor_code = '$code', vendor_account_number = '$account_number', vendor_notes = '$notes', vendor_client_id = $client_id, company_id = $session_company_id"); $vendor_id = mysqli_insert_id($mysqli); @@ -2051,7 +2051,7 @@ if(isset($_POST['add_vendor'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Create', log_description = '$session_name created vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Vendor $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2077,7 +2077,7 @@ if(isset($_POST['edit_vendor'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Modify', log_description = '$session_name modified vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Vendor $name modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2096,7 +2096,7 @@ if(isset($_GET['archive_vendor'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Vendor $vendor_name archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2116,7 +2116,7 @@ if(isset($_GET['delete_vendor'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Vendor $vendor_name deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2128,36 +2128,36 @@ if(isset($_GET['export_client_vendors_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Vendors-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Description', 'Contact Name', 'Phone', 'Website', 'Account Number', 'Notes'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['vendor_name'], $row['vendor_description'], $row['vendor_contact_name'], $row['vendor_phone'], $row['vendor_website'], $row['vendor_account_number'], $row['vendor_notes']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } - + //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Export', log_description = '$session_name exported vendors to CSV', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); @@ -2179,7 +2179,7 @@ if(isset($_POST['add_product'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Create', log_description = '$session_name created product $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Product $name created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2202,7 +2202,7 @@ if(isset($_POST['edit_product'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Modify', log_description = '$session_name modifyed product $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Product $name modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2222,9 +2222,9 @@ if(isset($_GET['delete_product'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Product $product_name deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_trip'])){ @@ -2244,7 +2244,7 @@ if(isset($_POST['add_trip'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Create', log_description = '$session_name logged trip to $destination', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Trip added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2267,7 +2267,7 @@ if(isset($_POST['edit_trip'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Modify', log_description = '$date', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Trip modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2285,9 +2285,9 @@ if(isset($_GET['delete_trip'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Delete', log_description = '$trip_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Trip deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_account'])){ @@ -2303,7 +2303,7 @@ if(isset($_POST['add_account'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Account added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2320,7 +2320,7 @@ if(isset($_POST['edit_account'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Account modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2334,7 +2334,7 @@ if(isset($_GET['archive_account'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Archive', log_description = '$account_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'"); $_SESSION['alert_message'] = "Account Archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2348,9 +2348,9 @@ if(isset($_GET['delete_account'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Delete', log_description = '$account_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Account deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_category'])){ @@ -2365,7 +2365,7 @@ if(isset($_POST['add_category'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Category added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2383,7 +2383,7 @@ if(isset($_POST['edit_category'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Category modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2397,7 +2397,7 @@ if(isset($_GET['archive_category'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Archive', log_description = '$category_id'"); $_SESSION['alert_message'] = "Category Archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2412,9 +2412,9 @@ if(isset($_GET['delete_category'])){ $_SESSION['alert_message'] = "Category deleted"; $_SESSION['alert_type'] = "error"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } @@ -2433,7 +2433,7 @@ if(isset($_POST['add_tag'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Tag added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2452,7 +2452,7 @@ if(isset($_POST['edit_tag'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Tag modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2468,9 +2468,9 @@ if(isset($_GET['delete_tag'])){ $_SESSION['alert_message'] = "Tag deleted"; $_SESSION['alert_type'] = "error"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } //Tax @@ -2486,7 +2486,7 @@ if(isset($_POST['add_tax'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Create', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Tax added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2503,7 +2503,7 @@ if(isset($_POST['edit_tax'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Modify', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Tax modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2517,7 +2517,7 @@ if(isset($_GET['archive_tax'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Archive', log_description = '$tax_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'"); $_SESSION['alert_message'] = "Tax Archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2532,9 +2532,9 @@ if(isset($_GET['delete_tax'])){ $_SESSION['alert_message'] = "Tax deleted"; $_SESSION['alert_type'] = "error"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } //End Tax @@ -2549,7 +2549,7 @@ if(isset($_GET['dismiss_notification'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Notification', log_action = 'Dismiss', log_description = '$session_name dismissed notification', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Notification Dismissed"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2559,20 +2559,20 @@ if(isset($_GET['dismiss_all_notifications'])){ $sql = mysqli_query($mysqli,"SELECT * FROM notifications WHERE company_id = $session_company_id AND notification_dismissed_at IS NULL"); $num_notifications = mysqli_num_rows($sql); - + while($row = mysqli_fetch_array($sql)){ $notification_id = $row['notification_id']; $notification_dismissed_at = $row['notification_dismissed_at']; mysqli_query($mysqli,"UPDATE notifications SET notification_dismissed_at = CURDATE(), notification_dismissed_by = $session_user_id WHERE notification_id = $notification_id"); - + } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Notification', log_action = 'Dismiss', log_description = '$session_name dismissed $num_notifications notifications', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); - + $_SESSION['alert_message'] = "$num_notifications Notifications Dismissed"; - + header("Location: notifications.php"); } @@ -2593,7 +2593,7 @@ if(isset($_POST['add_expense'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -2607,7 +2607,7 @@ if(isset($_POST['add_expense'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png', 'pdf'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -2623,12 +2623,12 @@ if(isset($_POST['add_expense'])){ $dest_path = $upload_file_dir . $new_file_name; move_uploaded_file($file_tmp_path, $dest_path); - + mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -2637,7 +2637,7 @@ if(isset($_POST['add_expense'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Create', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Expense added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2656,7 +2656,7 @@ if(isset($_POST['edit_expense'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -2670,7 +2670,7 @@ if(isset($_POST['edit_expense'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png', 'pdf'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -2689,12 +2689,12 @@ if(isset($_POST['edit_expense'])){ //Delete old file unlink("uploads/expenses/$session_company_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -2705,7 +2705,7 @@ if(isset($_POST['edit_expense'])){ //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Modify', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2725,9 +2725,9 @@ if(isset($_GET['delete_expense'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Delete', log_description = '$epense_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Expense deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['export_expenses_csv'])){ @@ -2740,7 +2740,7 @@ if(isset($_POST['export_expenses_csv'])){ $date_query = ""; $file_name_date = date('Y-m-d'); } - + //get records from database $sql = mysqli_query($mysqli,"SELECT * FROM expenses LEFT JOIN categories ON expense_category_id = category_id @@ -2755,31 +2755,31 @@ if(isset($_POST['export_expenses_csv'])){ if(mysqli_num_rows($sql) > 0){ $delimiter = ","; $filename = "$session_company_name-Expenses-$file_name_date.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Date', 'Amount', 'Vendor', 'Description', 'Category', 'Account'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = mysqli_fetch_assoc($sql)){ $lineData = array($row['expense_date'], $row['expense_amount'], $row['vendor_name'], $row['expense_description'], $row['category_name'], $row['account_name']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } - + //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Export', log_description = '$session_name exported expenses to CSV File', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); @@ -2796,7 +2796,7 @@ if(isset($_POST['add_transfer'])){ mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$date', expense_amount = '$amount', expense_currency_code = '$session_company_currency', expense_vendor_id = 0, expense_category_id = 0, expense_account_id = $account_from, company_id = $session_company_id"); $expense_id = mysqli_insert_id($mysqli); - + mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = '$amount', revenue_currency_code = '$session_company_currency', revenue_account_id = $account_to, revenue_category_id = 0, company_id = $session_company_id"); $revenue_id = mysqli_insert_id($mysqli); @@ -2806,7 +2806,7 @@ if(isset($_POST['add_transfer'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Create', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Transfer added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2832,7 +2832,7 @@ if(isset($_POST['edit_transfer'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Modifed', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Transfer modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2856,9 +2856,9 @@ if(isset($_GET['delete_transfer'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Delete', log_description = '$transfer_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Transfer deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_invoice'])){ @@ -2866,12 +2866,12 @@ if(isset($_POST['add_invoice'])){ $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']))); $category = intval($_POST['category']); $scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope']))); - + //Get Net Terms - $sql = mysqli_query($mysqli,"SELECT client_net_terms FROM clients WHERE client_id = $client AND company_id = $session_company_id"); + $sql = mysqli_query($mysqli,"SELECT client_net_terms FROM clients WHERE client_id = $client AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); $client_net_terms = $row['client_net_terms']; - + //Get the last Invoice Number and add 1 for the new invoice number $invoice_number = $config_invoice_next_number; $new_config_invoice_next_number = $config_invoice_next_number + 1; @@ -2882,14 +2882,14 @@ if(isset($_POST['add_invoice'])){ mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $invoice_number, invoice_scope = '$scope', invoice_date = '$date', invoice_due = DATE_ADD('$date', INTERVAL $client_net_terms day), invoice_currency_code = '$session_company_currency', invoice_category_id = $category, invoice_status = 'Draft', invoice_url_key = '$url_key', invoice_client_id = $client, company_id = $session_company_id"); $invoice_id = mysqli_insert_id($mysqli); - + mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'INVOICE added!', history_invoice_id = $invoice_id, company_id = $session_company_id"); - + //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice added"; - + header("Location: invoice.php?invoice_id=$invoice_id"); } @@ -2907,7 +2907,7 @@ if(isset($_POST['edit_invoice'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modify', log_description = '$invoice_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -2963,7 +2963,7 @@ if(isset($_POST['add_invoice_copy'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'Copied Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice copied"; - + header("Location: invoice.php?invoice_id=$new_invoice_id"); } @@ -3013,7 +3013,7 @@ if(isset($_POST['add_invoice_recurring'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'From recurring invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Created recurring Invoice from this Invoice"; - + header("Location: recurring_invoice.php?recurring_id=$recurring_id"); } @@ -3023,9 +3023,8 @@ if(isset($_POST['add_quote'])){ $client = intval($_POST['client']); $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']))); $category = intval($_POST['category']); - $currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code']))); $scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope']))); - + //Get the last Quote Number and add 1 for the new Quote number $quote_number = $config_quote_next_number; $new_config_quote_next_number = $config_quote_next_number + 1; @@ -3044,7 +3043,7 @@ if(isset($_POST['add_quote'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = '$quote_prefix$quote_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quote added"; - + header("Location: quote.php?quote_id=$quote_id"); } @@ -3053,7 +3052,7 @@ if(isset($_POST['add_quote_copy'])){ $quote_id = intval($_POST['quote_id']); $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']))); - + //Get the last Invoice Number and add 1 for the new invoice number $quote_number = $config_quote_next_number; $new_config_quote_next_number = $config_quote_next_number + 1; @@ -3096,7 +3095,7 @@ if(isset($_POST['add_quote_copy'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = 'Copied Quote', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quote copied"; - + header("Location: quote.php?quote_id=$new_quote_id"); } @@ -3106,7 +3105,7 @@ if(isset($_POST['add_quote_to_invoice'])){ $quote_id = intval($_POST['quote_id']); $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']))); $client_net_terms = intval($_POST['client_net_terms']); - + $invoice_number = $config_invoice_next_number; $new_config_invoice_next_number = $config_invoice_next_number + 1; mysqli_query($mysqli,"UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $session_company_id"); @@ -3117,7 +3116,7 @@ if(isset($_POST['add_quote_to_invoice'])){ $quote_currency_code = $row['quote_currency_code']; $quote_scope = mysqli_real_escape_string($mysqli,$row['quote_scope']); $quote_note = mysqli_real_escape_string($mysqli,$row['quote_note']); - + $client_id = $row['quote_client_id']; $category_id = $row['quote_category_id']; @@ -3151,7 +3150,7 @@ if(isset($_POST['add_quote_to_invoice'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = 'Quote copied to Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quote copied to Invoice"; - + header("Location: invoice.php?invoice_id=$new_invoice_id"); } @@ -3159,15 +3158,15 @@ if(isset($_POST['add_quote_to_invoice'])){ if(isset($_POST['add_quote_item'])){ $quote_id = intval($_POST['quote_id']); - + $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']))); $description = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']))); $qty = floatval($_POST['qty']); $price = floatval($_POST['price']); $tax_id = intval($_POST['tax_id']); - + $subtotal = $price * $qty; - + if($tax_id > 0){ $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id"); $row = mysqli_fetch_array($sql); @@ -3176,7 +3175,7 @@ if(isset($_POST['add_quote_item'])){ }else{ $tax_amount = 0; } - + $total = $subtotal + $tax_amount; mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_quote_id = $quote_id, company_id = $session_company_id"); @@ -3197,7 +3196,7 @@ if(isset($_POST['add_quote_item'])){ } if(isset($_POST['quote_note'])){ - + $quote_id = intval($_POST['quote_id']); $note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note']))); @@ -3222,7 +3221,7 @@ if(isset($_POST['edit_quote'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = '$quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quote modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3250,9 +3249,9 @@ if(isset($_GET['delete_quote'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Delete', log_description = '$quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quotes deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['delete_quote_item'])){ @@ -3267,7 +3266,7 @@ if(isset($_GET['delete_quote_item'])){ $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); - + $new_quote_amount = $row['quote_amount'] - $item_total; mysqli_query($mysqli,"UPDATE quotes SET quote_amount = '$new_quote_amount' WHERE quote_id = $quote_id AND company_id = $session_company_id"); @@ -3278,9 +3277,9 @@ if(isset($_GET['delete_quote_item'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote Item', log_action = 'Delete', log_description = '$item_id from $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Item deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['mark_quote_sent'])){ @@ -3295,7 +3294,7 @@ if(isset($_GET['mark_quote_sent'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Update', log_description = '$quote_id marked sent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = " Quote marked sent"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3312,7 +3311,7 @@ if(isset($_GET['accept_quote'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = 'Accepted Quote $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = " Quote accepted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3329,7 +3328,7 @@ if(isset($_GET['decline_quote'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = 'Declined Quote $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Quote declined"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3412,7 +3411,6 @@ if(isset($_POST['add_recurring'])){ $frequency = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['frequency']))); $start_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['start_date']))); $category = intval($_POST['category']); - $currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code']))); $scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope']))); //Get the last Recurring Number and add 1 for the new Recurring number @@ -3430,7 +3428,7 @@ if(isset($_POST['add_recurring'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Create', log_description = '$start_date - $category', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Recurring Invoice added"; - + header("Location: recurring_invoice.php?recurring_id=$recurring_id"); } @@ -3452,7 +3450,7 @@ if(isset($_POST['edit_recurring'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Modify', log_description = '$recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Recurring Invoice modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3461,7 +3459,7 @@ if(isset($_GET['delete_recurring'])){ $recurring_id = intval($_GET['delete_recurring']); mysqli_query($mysqli,"DELETE FROM recurring WHERE recurring_id = $recurring_id AND company_id = $session_company_id"); - + //Delete Items Associated with the Recurring $sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id AND company_id = $session_company_id"); while($row = mysqli_fetch_array($sql)){; @@ -3480,9 +3478,9 @@ if(isset($_GET['delete_recurring'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Delete', log_description = '$recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Recurring Invoice deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_recurring_item'])){ @@ -3493,9 +3491,9 @@ if(isset($_POST['add_recurring_item'])){ $qty = floatval($_POST['qty']); $price = floatval($_POST['price']); $tax_id = intval($_POST['tax_id']); - + $subtotal = $price * $qty; - + if($tax_id > 0){ $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id"); $row = mysqli_fetch_array($sql); @@ -3504,7 +3502,7 @@ if(isset($_POST['add_recurring_item'])){ }else{ $tax_amount = 0; } - + $total = $subtotal + $tax_amount; mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_recurring_id = $recurring_id, company_id = $session_company_id"); @@ -3525,7 +3523,7 @@ if(isset($_POST['add_recurring_item'])){ } if(isset($_POST['recurring_note'])){ - + $recurring_id = intval($_POST['recurring_id']); $note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note']))); @@ -3549,7 +3547,7 @@ if(isset($_GET['delete_recurring_item'])){ $sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); - + $new_recurring_amount = $row['recurring_amount'] - $item_total; mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = '$new_recurring_amount' WHERE recurring_id = $recurring_id AND company_id = $session_company_id"); @@ -3560,9 +3558,9 @@ if(isset($_GET['delete_recurring_item'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring Item', log_action = 'Delete', log_description = 'Item ID $item_id from Recurring ID $recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Item deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['mark_invoice_sent'])){ @@ -3577,7 +3575,7 @@ if(isset($_GET['mark_invoice_sent'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Update', log_description = '$invoice_id marked sent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice marked sent"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3594,7 +3592,7 @@ if(isset($_GET['cancel_invoice'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modify', log_description = 'Cancelled', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice cancelled"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -3629,9 +3627,9 @@ if(isset($_GET['delete_invoice'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Delete', log_description = '$invoice_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_invoice_item'])){ @@ -3642,9 +3640,9 @@ if(isset($_POST['add_invoice_item'])){ $qty = floatval($_POST['qty']); $price = floatval($_POST['price']); $tax_id = intval($_POST['tax_id']); - + $subtotal = $price * $qty; - + if($tax_id > 0){ $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id"); $row = mysqli_fetch_array($sql); @@ -3653,7 +3651,7 @@ if(isset($_POST['add_invoice_item'])){ }else{ $tax_amount = 0; } - + $total = $subtotal + $tax_amount; mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_invoice_id = $invoice_id, company_id = $session_company_id"); @@ -3698,9 +3696,9 @@ if(isset($_POST['edit_item'])){ $qty = floatval($_POST['qty']); $price = floatval($_POST['price']); $tax_id = intval($_POST['tax_id']); - + $subtotal = $price * $qty; - + if($tax_id > 0){ $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id"); $row = mysqli_fetch_array($sql); @@ -3709,7 +3707,7 @@ if(isset($_POST['edit_item'])){ }else{ $tax_amount = 0; } - + $total = $subtotal + $tax_amount; mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = '$qty', item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id WHERE item_id = $item_id"); @@ -3721,7 +3719,7 @@ if(isset($_POST['edit_item'])){ $new_invoice_amount = $row['invoice_total']; mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id"); - + }elseif($quote_id > 0){ //Update Quote Balances by tallying up items $sql_quote_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS quote_total FROM invoice_items WHERE item_quote_id = $quote_id AND company_id = $session_company_id"); @@ -3759,7 +3757,7 @@ if(isset($_GET['delete_invoice_item'])){ $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); - + $new_invoice_amount = $row['invoice_amount'] - $item_total; mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id"); @@ -3770,9 +3768,9 @@ if(isset($_GET['delete_invoice_item'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice Item', log_action = 'Delete', log_description = '$item_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Item deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_payment'])){ @@ -3798,7 +3796,7 @@ if(isset($_POST['add_payment'])){ $sql_total_payments_amount = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payments_amount FROM payments WHERE payment_invoice_id = $invoice_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql_total_payments_amount); $total_payments_amount = $row['payments_amount']; - + //Get the invoice total $sql = mysqli_query($mysqli,"SELECT * FROM invoices LEFT JOIN clients ON invoice_client_id = client_id @@ -3818,12 +3816,12 @@ if(isset($_POST['add_payment'])){ $contact_name = $row['contact_name']; $contact_email = $row['contact_email']; $contact_phone = $row['contact_phone']; - if(strlen($contact_phone)>2){ + if(strlen($contact_phone)>2){ $contact_phone = substr($row['contact_phone'],0,3)."-".substr($row['contact_phone'],3,3)."-".substr($row['contact_phone'],6,4); } $contact_extension = $row['contact_extension']; $contact_mobile = $row['contact_mobile']; - if(strlen($contact_mobile)>2){ + if(strlen($contact_mobile)>2){ $contact_mobile = substr($row['contact_mobile'],0,3)."-".substr($row['contact_mobile'],3,3)."-".substr($row['contact_mobile'],6,4); } $company_name = $row['company_name']; @@ -3839,10 +3837,10 @@ if(isset($_POST['add_payment'])){ //Calculate the Invoice balance $invoice_balance = $invoice_amount - $total_payments_amount; - + //Determine if invoice has been paid then set the status accordingly if($invoice_balance == 0){ - $invoice_status = "Paid"; + $invoice_status = "Paid"; if($email_receipt == 1){ @@ -3866,7 +3864,7 @@ if(isset($_POST['add_payment'])){ mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); } - + } }else{ $invoice_status = "Partial"; @@ -3893,7 +3891,7 @@ if(isset($_POST['add_payment'])){ mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); } - + } } @@ -3908,7 +3906,7 @@ if(isset($_POST['add_payment'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = '$payment_amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] .= "Payment added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } } @@ -3925,7 +3923,7 @@ if(isset($_GET['delete_payment'])){ $sql_total_payments_amount = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments_amount FROM payments WHERE payment_invoice_id = $invoice_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql_total_payments_amount); $total_payments_amount = $row['total_payments_amount']; - + //Get the invoice total $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); @@ -3953,9 +3951,9 @@ if(isset($_GET['delete_payment'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Delete', log_description = '$payment_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Payment deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['email_invoice'])){ @@ -3987,7 +3985,7 @@ if(isset($_GET['email_invoice'])){ $contact_extension = $row['contact_extension']; $contact_mobile = formatPhoneNumber($row['contact_mobile']); $client_website = $row['client_website']; - + $company_name = $row['company_name']; $company_country = $row['company_country']; $company_address = $row['company_address']; @@ -4065,7 +4063,7 @@ if(isset($_POST['add_revenue'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Create', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Revenue added!"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4088,9 +4086,9 @@ if(isset($_POST['edit_revenue'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Modify', log_description = '$revenue_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Revenue modified!"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['delete_revenue'])){ @@ -4102,9 +4100,9 @@ if(isset($_GET['delete_revenue'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Delete', log_description = '$revenue_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Revenue deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } // Client Section @@ -4140,13 +4138,13 @@ if(isset($_POST['add_contact'])){ $contact_id = mysqli_insert_id($mysqli); //Update Primary contact in clients if primary contact is checked - if($primary_contact > 0){ + if($primary_contact > 0){ mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id"); } //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -4160,7 +4158,7 @@ if(isset($_POST['add_contact'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -4176,12 +4174,12 @@ if(isset($_POST['add_contact'])){ $dest_path = $upload_file_dir . $new_file_name; move_uploaded_file($file_tmp_path, $dest_path); - + mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -4190,7 +4188,7 @@ if(isset($_POST['add_contact'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Create', log_description = '$session_name created contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] .= "Contact added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4261,7 +4259,7 @@ if(isset($_POST['edit_contact'])){ // Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -4275,7 +4273,7 @@ if(isset($_POST['edit_contact'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -4293,12 +4291,12 @@ if(isset($_POST['edit_contact'])){ move_uploaded_file($file_tmp_path, $dest_path); //Delete old file unlink("uploads/clients/$session_company_id/$client_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -4307,7 +4305,7 @@ if(isset($_POST['edit_contact'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] .= "Contact updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4331,7 +4329,7 @@ if(isset($_GET['archive_contact'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Contact ".htmlentities($contact_name)." archived. Undo"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4355,9 +4353,9 @@ if(isset($_GET['delete_contact'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Contact deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_contacts_csv'])){ @@ -4368,33 +4366,33 @@ if(isset($_GET['export_client_contacts_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + //Contacts $sql = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN locations ON location_id = contact_location_id WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Contacts-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Title', 'Department', 'Email', 'Phone', 'Ext', 'Mobile', 'Location'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['contact_name'], $row['contact_title'], $row['contact_department'], $row['contact_email'], formatPhoneNumber($row['contact_phone']), $row['contact_extension'], formatPhoneNumber($row['contact_mobile']), $row['location_name']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); @@ -4476,7 +4474,7 @@ if(isset($_POST["import_client_contacts_csv"])){ } // Potentially import the rest in the future? - + // Check if duplicate was detected if($duplicate_detect == 0){ //Add @@ -4484,7 +4482,7 @@ if(isset($_POST["import_client_contacts_csv"])){ $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; - } + } } fclose($file); @@ -4509,13 +4507,13 @@ if(isset($_GET['download_client_contacts_csv_template'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Contacts-Template.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array( 'Full Name ', @@ -4528,18 +4526,18 @@ if(isset($_GET['download_client_contacts_csv_template'])){ 'Office Location ' ); fputcsv($f, $fields, $delimiter); - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); exit; - + } // 2022-05-14 Johnny Left Off Adding log_entity_id and logs / alert cleanups import / archive etc @@ -4576,7 +4574,7 @@ if(isset($_POST['add_location'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -4590,7 +4588,7 @@ if(isset($_POST['add_location'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -4606,12 +4604,12 @@ if(isset($_POST['add_location'])){ $dest_path = $upload_file_dir . $new_file_name; move_uploaded_file($file_tmp_path, $dest_path); - + mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -4620,7 +4618,7 @@ if(isset($_POST['add_location'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] .= "Location added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4658,7 +4656,7 @@ if(isset($_POST['edit_location'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -4672,7 +4670,7 @@ if(isset($_POST['edit_location'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'gif', 'png'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -4691,12 +4689,12 @@ if(isset($_POST['edit_location'])){ //Delete old file unlink("uploads/clients/$session_company_id/$client_id/$existing_file_name"); - + mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -4705,7 +4703,7 @@ if(isset($_POST['edit_location'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] .= "Location updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4729,7 +4727,7 @@ if(isset($_GET['archive_location'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Location ".htmlentities($location_name)." archived. Undo"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4750,7 +4748,7 @@ if(isset($_GET['undo_archive_location'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Undo Archive', log_description = '$session_name unarchived location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Location ".htmlentities($location_name)." unarchived."; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -4773,9 +4771,9 @@ if(isset($_GET['delete_location'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Location deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_locations_csv'])){ @@ -4786,38 +4784,38 @@ if(isset($_GET['export_client_locations_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + //Locations $sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL AND company_id = $session_company_id ORDER BY location_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Locations-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Address', 'City', 'State', 'Postal Code', 'Phone', 'Hours'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['location_name'], $row['location_address'], $row['location_city'], $row['location_state'], $row['location_zip'], $row['location_phone'], $row['location_hours']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST["import_client_locations_csv"])){ @@ -4882,7 +4880,7 @@ if(isset($_POST["import_client_locations_csv"])){ if(isset($column[6])){ $hours = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[6]))); } - + // Check if duplicate was detected if($duplicate_detect == 0){ //Add @@ -4890,7 +4888,7 @@ if(isset($_POST["import_client_locations_csv"])){ $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; - } + } } fclose($file); @@ -4915,28 +4913,28 @@ if(isset($_GET['download_client_locations_csv_template'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Locations-Template.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Address', 'City', 'State', 'Postal Code', 'Phone', 'Hours'); fputcsv($f, $fields, $delimiter); - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); exit; - + } if(isset($_POST['add_asset'])){ @@ -4986,7 +4984,7 @@ if(isset($_POST['add_asset'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Asset added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5035,7 +5033,7 @@ if(isset($_POST['edit_asset'])){ }else{ //If Username is filled in then add a login if(!empty($username)) { - + mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id, company_id = $session_company_id"); } @@ -5045,7 +5043,7 @@ if(isset($_POST['edit_asset'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Asset updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5063,7 +5061,7 @@ if(isset($_GET['archive_asset'])){ $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Asset archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5080,9 +5078,9 @@ if(isset($_GET['delete_asset'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Delete', log_description = '$asset_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Asset deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST["import_client_assets_csv"])){ @@ -5156,7 +5154,7 @@ if(isset($_POST["import_client_assets_csv"])){ $row = mysqli_fetch_assoc($sql_location); $location_id = intval($row['location_id']); } - + // Check if duplicate was detected if($duplicate_detect == 0){ //Add @@ -5164,7 +5162,7 @@ if(isset($_POST["import_client_assets_csv"])){ $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; - } + } } fclose($file); @@ -5189,28 +5187,28 @@ if(isset($_GET['download_client_assets_csv_template'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Assets-Template.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location'); fputcsv($f, $fields, $delimiter); - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); exit; - + } if(isset($_GET['export_client_assets_csv'])){ @@ -5224,37 +5222,37 @@ if(isset($_GET['export_client_assets_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Assets-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['asset_name'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } // Client Software/License @@ -5277,7 +5275,7 @@ if(isset($_POST['add_software_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Template', log_action = 'Create', log_description = '$session_user_name created software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Software template created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5299,7 +5297,7 @@ if(isset($_POST['edit_software_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Teplate', log_action = 'Modify', log_description = '$session_name updated software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Software template updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5328,7 +5326,7 @@ if(isset($_POST['add_software_from_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Create', log_description = 'Software created from template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Software created from template"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5387,7 +5385,7 @@ if(isset($_POST['add_software'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Software added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5443,7 +5441,7 @@ if(isset($_POST['edit_software'])){ }else{ //If Username is filled in then add a login if(!empty($username)) { - + mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_software_id = $software_id, login_client_id = $client_id, company_id = $session_company_id"); } @@ -5453,7 +5451,7 @@ if(isset($_POST['edit_software'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Software updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5466,7 +5464,7 @@ if(isset($_GET['delete_software'])){ mysqli_query($mysqli,"DELETE FROM software WHERE software_id = $software_id AND company_id = $session_company_id"); - // Remove Software Relations + // Remove Software Relations mysqli_query($mysqli,"DELETE FROM software_contacts WHERE software_id = $software_id"); mysqli_query($mysqli,"DELETE FROM software_assets WHERE software_id = $software_id"); @@ -5474,9 +5472,9 @@ if(isset($_GET['delete_software'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Delete', log_description = '$software_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Software deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_software_csv'])){ @@ -5490,7 +5488,7 @@ if(isset($_GET['export_client_software_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; @@ -5498,11 +5496,11 @@ if(isset($_GET['export_client_software_csv'])){ //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Version', 'Type', 'License Type', 'Seats', 'Key', 'Assets', 'Contacts', 'Purchased', 'Expires', 'Notes'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ @@ -5533,19 +5531,19 @@ if(isset($_GET['export_client_software_csv'])){ $lineData = array($row['software_name'], $row['software_version'], $row['software_type'], $row['software_license_type'], $row['software_seats'], $row['software_key'], $assigned_to_assets, $assigned_to_contacts, $row['software_purchase'], $row['software_expire'], $row['software_notes']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST['add_login'])){ @@ -5570,7 +5568,7 @@ if(isset($_POST['add_login'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Login added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5597,7 +5595,7 @@ if(isset($_POST['edit_login'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Login updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5614,9 +5612,9 @@ if(isset($_GET['delete_login'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Delete', log_description = '$login_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Login deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_logins_csv'])){ @@ -5630,38 +5628,38 @@ if(isset($_GET['export_client_logins_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_client_id = $client_id ORDER BY login_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Logins-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Username', 'Password', 'URL'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $login_password = decryptLoginEntry($row['login_password']); $lineData = array($row['login_name'], $row['login_username'], $login_password, $row['login_uri']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST["import_client_logins_csv"])){ @@ -5717,7 +5715,7 @@ if(isset($_POST["import_client_logins_csv"])){ if(isset($column[3])){ $url = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[3]))); } - + // Check if duplicate was detected if($duplicate_detect == 0){ //Add @@ -5725,7 +5723,7 @@ if(isset($_POST["import_client_logins_csv"])){ $row_count = $row_count + 1; }else{ $duplicate_count = $duplicate_count + 1; - } + } } fclose($file); @@ -5750,28 +5748,28 @@ if(isset($_GET['download_client_logins_csv_template'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $delimiter = ","; $filename = strto_AZaz09($client_name) . "-Logins-Template.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Username', 'Password', 'URL'); fputcsv($f, $fields, $delimiter); - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); exit; - + } if(isset($_POST['add_network'])){ @@ -5792,7 +5790,7 @@ if(isset($_POST['add_network'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Network added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5815,7 +5813,7 @@ if(isset($_POST['edit_network'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Modifed', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Network updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5831,9 +5829,9 @@ if(isset($_GET['delete_network'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Delete', log_description = '$network_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Network deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_networks_csv'])){ @@ -5847,43 +5845,43 @@ if(isset($_GET['export_client_networks_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_client_id = $client_id ORDER BY network_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Networks-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'vLAN', 'Network', 'Gateway', 'DHCP Range'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['network_name'], $row['network_vlan'], $row['network'], $row['network_gateway'], $row['network_dhcp_range']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST['add_certificate'])){ validateTechRole(); - + $client_id = intval($_POST['client_id']); $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']))); $domain = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['domain']))); @@ -5912,7 +5910,7 @@ if(isset($_POST['add_certificate'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = '$session_company_id', log_user_id = '$session_user_id'"); $_SESSION['alert_message'] = "Certificate added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5949,7 +5947,7 @@ if(isset($_POST['edit_certificate'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Certificate updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -5966,9 +5964,9 @@ if(isset($_GET['delete_certificate'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Delete', log_description = '$certificate_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Certificate deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_certificates_csv'])){ @@ -5982,37 +5980,37 @@ if(isset($_GET['export_client_certificates_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_client_id = $client_id ORDER BY certificate_name ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Certificates-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Name', 'Domain', 'Issuer', 'Expiration Date'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['certificate_name'], $row['certificate_domain'], $row['certificate_issued_by'], $row['certificate_expire']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST['add_domain'])){ @@ -6064,7 +6062,7 @@ if(isset($_POST['add_domain'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Create', log_description = '$name$extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -6099,7 +6097,7 @@ if(isset($_POST['edit_domain'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -6116,9 +6114,9 @@ if(isset($_GET['delete_domain'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Delete', log_description = '$domain_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['export_client_domains_csv'])){ @@ -6132,38 +6130,38 @@ if(isset($_GET['export_client_domains_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_client_id = $client_id ORDER BY domain_name ASC"); - + if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Domains-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Domain', 'Registrar', 'Web Host', 'Expiration Date'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['domain_name'], $row['domain_registrar'], $row['domain_webhost'], $row['domain_expire']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST['add_ticket'])){ @@ -6188,7 +6186,7 @@ if(isset($_POST['add_ticket'])){ $sql = mysqli_query($mysqli,"SELECT primary_contact FROM clients WHERE client_id = $client_id AND company_id = $session_company_id"); $row = mysqli_fetch_array($sql); $contact = $row['primary_contact']; - } + } //Get the next Ticket Number and add 1 for the new ticket number $ticket_number = $config_ticket_next_number; @@ -6358,7 +6356,7 @@ if(isset($_POST['edit_ticket'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Ticket updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -6427,7 +6425,7 @@ if(isset($_POST['assign_ticket'])){ $_SESSION['alert_message'] = "Ticket re-assigned"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -6444,9 +6442,9 @@ if(isset($_GET['delete_ticket'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Delete', log_description = '$ticket_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Ticket deleted"; - + header("Location: tickets.php"); - + } if(isset($_POST['add_ticket_reply'])){ @@ -6486,7 +6484,7 @@ if(isset($_POST['add_ticket_reply'])){ LEFT JOIN companies ON tickets.company_id = companies.company_id WHERE ticket_id = $ticket_id AND tickets.company_id = $session_company_id "); - + $row = mysqli_fetch_array($ticket_sql); $contact_name = $row['contact_name']; @@ -6528,9 +6526,9 @@ if(isset($_POST['add_ticket_reply'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Create', log_description = '$ticket_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Posted an update"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['edit_ticket_reply'])){ @@ -6553,9 +6551,9 @@ if(isset($_POST['edit_ticket_reply'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Update Modify', log_action = 'Modify', log_description = '$ticket_update_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Ticket update modified"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['archive_ticket_reply'])){ @@ -6570,9 +6568,9 @@ if(isset($_GET['archive_ticket_reply'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Update', log_action = 'Archive', log_description = '$ticket_update_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Ticket update archived"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['merge_ticket'])){ @@ -6687,7 +6685,7 @@ if(isset($_GET['close_ticket'])){ } if(isset($_POST['add_invoice_from_ticket'])){ - + $invoice_id = intval($_POST['invoice_id']); $ticket_id = intval($_POST['ticket_id']); $date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date']))); @@ -6739,16 +6737,16 @@ if(isset($_POST['add_invoice_from_ticket'])){ mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $invoice_number, invoice_scope = '$scope', invoice_date = '$date', invoice_due = DATE_ADD('$date', INTERVAL $client_net_terms day), invoice_currency_code = '$session_company_currency', invoice_category_id = $category, invoice_status = 'Draft', invoice_url_key = '$url_key', invoice_client_id = $client_id, company_id = $session_company_id"); $invoice_id = mysqli_insert_id($mysqli); } - + //Add Item $item_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['item_name']))); $item_description = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['item_description']))); $qty = floatval($_POST['qty']); $price = floatval($_POST['price']); $tax_id = intval($_POST['tax_id']); - + $subtotal = $price * $qty; - + if($tax_id > 0){ $sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id"); $row = mysqli_fetch_array($sql); @@ -6757,7 +6755,7 @@ if(isset($_POST['add_invoice_from_ticket'])){ }else{ $tax_amount = 0; } - + $total = $subtotal + $tax_amount; mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_invoice_id = $invoice_id, company_id = $session_company_id"); @@ -6780,7 +6778,7 @@ if(isset($_POST['add_invoice_from_ticket'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number created from Ticket $ticket_prefix$ticket_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice created from ticket"; - + header("Location: invoice.php?invoice_id=$invoice_id"); } @@ -6795,37 +6793,37 @@ if(isset($_GET['export_client_tickets_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_client_id = $client_id ORDER BY ticket_number ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Tickets-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Ticket Number', 'Priority', 'Status', 'Subject', 'Date Opened', 'Date Closed'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['ticket_number'], $row['ticket_priority'], $row['ticket_status'], $row['ticket_subject'], $row['ticket_created_at'], $row['ticket_closed_at']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_POST['add_service'])){ @@ -7076,7 +7074,7 @@ if(isset($_POST['add_file'])){ //Check to see if a file is attached if($_FILES['file']['tmp_name'] != ''){ - + // get details of the uploaded file $file_error = 0; $file_tmp_path = $_FILES['file']['tmp_name']; @@ -7092,7 +7090,7 @@ if(isset($_POST['add_file'])){ // check if file has one of the following extensions $allowed_file_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'csv', 'xls', 'xlsx', 'xlsm', 'zip', 'tar', 'gz'); - + if(in_array($file_extension,$allowed_file_extensions) === false){ $file_error = 1; } @@ -7108,12 +7106,12 @@ if(isset($_POST['add_file'])){ $dest_path = $upload_file_dir . $file_reference_name; move_uploaded_file($file_tmp_path, $dest_path); - + mysqli_query($mysqli,"INSERT INTO files SET file_reference_name = '$file_reference_name', file_name = '$file_name', file_ext = '$file_extension', file_client_id = $client_id, company_id = $session_company_id"); $_SESSION['alert_message'] = 'File successfully uploaded.'; }else{ - + $_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.'; } } @@ -7122,7 +7120,7 @@ if(isset($_POST['add_file'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Upload', log_description = '$path', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "File uploaded"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7147,9 +7145,9 @@ if(isset($_GET['delete_file'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Delete', log_description = '$file_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "File deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_document'])){ @@ -7167,7 +7165,7 @@ if(isset($_POST['add_document'])){ $content = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode($_POST['content'])))); $content_raw = trim(mysqli_real_escape_string($mysqli, strip_tags($_POST['name'] . " " . str_replace("<", " <", $_POST['content'])))); // Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching. - + $folder = intval($_POST['folder']); // Document add query @@ -7178,7 +7176,7 @@ if(isset($_POST['add_document'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Create', log_description = 'Created $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Document added"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7207,7 +7205,7 @@ if(isset($_POST['add_document_template'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document Template', log_action = 'Create', log_description = 'Created Document Template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Document Template created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7228,7 +7226,7 @@ if(isset($_POST['add_document_from_template'])){ $document_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']))); $document_template_id = intval($_POST['document_template_id']); $folder = intval($_POST['folder']); - + //GET Document Info $sql_document = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_id = $document_template_id AND company_id = $session_company_id"); @@ -7240,14 +7238,14 @@ if(isset($_POST['add_document_from_template'])){ // Document add query $add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$document_name', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_client_id = $client_id, company_id = $session_company_id"); - + $document_id = $mysqli->insert_id; // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Create', log_description = 'Document $document_name created from template $document_template_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Document created from template"; - + header("Location: client_document_details.php?client_id=$client_id&document_id=$document_id"); } @@ -7277,7 +7275,7 @@ if(isset($_POST['edit_document'])){ $_SESSION['alert_message'] = "Document updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7306,7 +7304,7 @@ if(isset($_POST['edit_document_template'])){ $_SESSION['alert_message'] = "Document Template updated"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7323,9 +7321,9 @@ if(isset($_GET['delete_document'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Delete', log_description = '$document_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Document deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_POST['add_folder'])){ @@ -7343,7 +7341,7 @@ if(isset($_POST['add_folder'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Create', log_description = 'Created $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Folder created"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7362,7 +7360,7 @@ if(isset($_POST['rename_folder'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Modify', log_description = '$folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Folder renamed"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } @@ -7387,9 +7385,9 @@ if(isset($_GET['delete_folder'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Delete', log_description = '$folder_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Folder deleted"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); - + } if(isset($_GET['deactivate_shared_item'])){ @@ -7471,7 +7469,7 @@ if(isset($_GET['force_recurring'])){ }else{ $item_tax_amount = 0; } - + $item_total = $item_subtotal + $item_tax_amount; //Update Recurring Items with new tax @@ -7551,7 +7549,7 @@ if(isset($_GET['force_recurring'])){ mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'Recurring Forced to an Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Recurring Invoice Forced"; - + header("Location: " . $_SERVER["HTTP_REFERER"]); } //End Force Recurring @@ -7578,32 +7576,32 @@ if(isset($_POST['export_trips_csv'])){ if(mysqli_num_rows($sql) > 0){ $delimiter = ","; $filename = "$session_company_name-Trips-$file_name_date.csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Date', 'Purpose', 'Source', 'Destination', 'Miles'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = mysqli_fetch_assoc($sql)){ $lineData = array($row['trip_date'], $row['trip_purpose'], $row['trip_source'], $row['trip_destination'], $row['trip_miles']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_invoices_csv'])){ @@ -7614,37 +7612,37 @@ if(isset($_GET['export_client_invoices_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_client_id = $client_id ORDER BY invoice_number ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Invoices-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Invoice Number', 'Scope', 'Amount', 'Issued Date', 'Due Date', 'Status'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['invoice_prefix'] . $row['invoice_number'], $row['invoice_scope'], $row['invoice_amount'], $row['invoice_date'], $row['invoice_due'], $row['invoice_status']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_recurring_csv'])){ @@ -7655,37 +7653,37 @@ if(isset($_GET['export_client_recurring_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_client_id = $client_id ORDER BY recurring_number ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Recurring Invoices-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Recurring Number', 'Scope', 'Amount', 'Frequency', 'Date Created'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['recurring_prefix'] . $row['recurring_number'], $row['recurring_scope'], $row['recurring_amount'], ucwords($row['recurring_frequency'] . "ly"), $row['recurring_created_at']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_quotes_csv'])){ @@ -7696,37 +7694,37 @@ if(isset($_GET['export_client_quotes_csv'])){ $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; - + $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_client_id = $client_id ORDER BY quote_number ASC"); if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Quotes-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Quote Number', 'Scope', 'Amount', 'Date', 'Status'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['quote_prefix'] . $row['quote_number'], $row['quote_scope'], $row['quote_amount'], $row['quote_date'], $row['quote_status']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_payments_csv'])){ @@ -7742,32 +7740,32 @@ if(isset($_GET['export_client_payments_csv'])){ if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Payments-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Payment Date', 'Invoice Date', 'Invoice Number', 'Invoice Amount', 'Payment Amount', 'Payment Method', 'Referrence'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['payment_date'], $row['invoice_date'], $row['invoice_prefix'] . $row['invoice_number'], $row['invoice_amount'], $row['payment_amount'], $row['payment_method'], $row['payment_reference']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_trips_csv'])){ @@ -7783,32 +7781,32 @@ if(isset($_GET['export_client_trips_csv'])){ if($sql->num_rows > 0){ $delimiter = ","; $filename = $client_name . "-Trips-" . date('Y-m-d') . ".csv"; - + //create a file pointer $f = fopen('php://memory', 'w'); - + //set column headers $fields = array('Date', 'Purpose', 'Source', 'Destination', 'Miles'); fputcsv($f, $fields, $delimiter); - + //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()){ $lineData = array($row['trip_date'], $row['trip_purpose'], $row['trip_source'], $row['trip_destination'], $row['trip_miles']); fputcsv($f, $lineData, $delimiter); } - + //move back to beginning of file fseek($f, 0); - + //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); - + //output all remaining data on a file pointer fpassthru($f); } exit; - + } if(isset($_GET['export_client_pdf'])){ @@ -7869,9 +7867,9 @@ if(isset($_GET['export_client_pdf'])){ pageMargins: [ 15, 15, 15, 15 ], content: [ - { - text: , - style: 'title' + { + text: , + style: 'title' }, { @@ -7882,54 +7880,54 @@ if(isset($_GET['export_client_pdf'])){ { text: 'Address', style: 'itemHeader' - }, + }, { text: , style: 'item' } ], - [ - { + [ + { text: 'City State Zip', style: 'itemHeader' - }, + }, { text: , style: 'item' } ], - [ - { + [ + { text: 'Phone', style: 'itemHeader' - }, + }, { text: , style: 'item' } ], - [ + [ { text: 'Website', - style: 'itemHeader' - }, + style: 'itemHeader' + }, { - text: , + text: , style: 'item' } ], - [ + [ { text: 'Contact', - style: 'itemHeader' - }, + style: 'itemHeader' + }, { - text: , + text: , style: 'item' } ], - [ - { + [ + { text: 'Email', style: 'itemHeader' }, @@ -7937,15 +7935,15 @@ if(isset($_GET['export_client_pdf'])){ text: , style: 'item' } - ] + ] ] } }, //Contacts Start 0){ ?> - { - text: 'Contacts', + { + text: 'Contacts', style: 'title' }, @@ -7955,32 +7953,32 @@ if(isset($_GET['export_client_pdf'])){ // you can declare how many rows should be treated as headers body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Title', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'Department', - style: 'itemHeader' - }, - { - text: 'Email', - style: 'itemHeader' - }, - { - text: 'Phone', - style: 'itemHeader' + { + text: 'Title', + style: 'itemHeader' }, - { + { + text: 'Department', + style: 'itemHeader' + }, + { + text: 'Email', + style: 'itemHeader' + }, + { + text: 'Phone', + style: 'itemHeader' + }, + { text: 'Mobile', - style: 'itemHeader' + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8019,7 +8017,7 @@ if(isset($_GET['export_client_pdf'])){ { text: , style: 'item' - } + } ], 0){ ?> - { - text: 'Locations', + { + text: 'Locations', style: 'title' }, @@ -8042,20 +8040,20 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Address', - style: 'itemHeader' - }, - { - text: 'Phone', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' + }, + { + text: 'Address', + style: 'itemHeader' + }, + { + text: 'Phone', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8092,8 +8090,8 @@ if(isset($_GET['export_client_pdf'])){ //Vendors Start 0){ ?> - { - text: 'Vendors', + { + text: 'Vendors', style: 'title' }, @@ -8101,28 +8099,28 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Description', - style: 'itemHeader' - }, - { - text: 'Phone', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'Website', - style: 'itemHeader' + { + text: 'Description', + style: 'itemHeader' }, - { - text: 'Account Number', - style: 'itemHeader' + { + text: 'Phone', + style: 'itemHeader' + }, + { + text: 'Website', + style: 'itemHeader' + }, + { + text: 'Account Number', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8169,8 +8167,8 @@ if(isset($_GET['export_client_pdf'])){ //Logins Start 0){ ?> - { - text: 'Logins', + { + text: 'Logins', style: 'title' }, @@ -8178,28 +8176,28 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Username', - style: 'itemHeader' - }, - { - text: 'Password', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'URL', - style: 'itemHeader' + { + text: 'Username', + style: 'itemHeader' }, - { - text: 'Notes', - style: 'itemHeader' + { + text: 'Password', + style: 'itemHeader' + }, + { + text: 'URL', + style: 'itemHeader' + }, + { + text: 'Notes', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8238,18 +8236,18 @@ if(isset($_GET['export_client_pdf'])){ ] } }, - //Logins END //Assets Start 0){ ?> - { - text: 'Assets', + { + text: 'Assets', style: 'assetTitle' }, @@ -8257,8 +8255,8 @@ if(isset($_GET['export_client_pdf'])){ //Asset Workstations Start 0){ ?> - { - text: 'Workstations', + { + text: 'Workstations', style: 'assetSubTitle' }, @@ -8266,44 +8264,44 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Type', - style: 'itemHeader' - }, - { - text: 'Model', - style: 'itemHeader' - }, - { - text: 'Serial', - style: 'itemHeader' - }, - { - text: 'OS', - style: 'itemHeader' - }, - { - text: 'Purchase Date', + { + text: 'Name', style: 'itemHeader' }, - { - text: 'Warranty Expire', + { + text: 'Type', style: 'itemHeader' }, - { - text: 'Install Date', + { + text: 'Model', style: 'itemHeader' }, - { - text: 'Assigned To', + { + text: 'Serial', + style: 'itemHeader' + }, + { + text: 'OS', + style: 'itemHeader' + }, + { + text: 'Purchase Date', + style: 'itemHeader' + }, + { + text: 'Warranty Expire', + style: 'itemHeader' + }, + { + text: 'Install Date', + style: 'itemHeader' + }, + { + text: 'Assigned To', style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8371,8 +8369,8 @@ if(isset($_GET['export_client_pdf'])){ //Assets Servers Start 0){ ?> - { - text: 'Servers', + { + text: 'Servers', style: 'assetSubTitle' }, @@ -8380,40 +8378,40 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Model', - style: 'itemHeader' - }, - { - text: 'Serial', - style: 'itemHeader' - }, - { - text: 'OS', - style: 'itemHeader' - }, - { - text: 'IP', - style: 'itemHeader' - }, - { - text: 'Purchase Date', + { + text: 'Name', style: 'itemHeader' }, - { - text: 'Warranty Expire', + { + text: 'Model', style: 'itemHeader' }, - { - text: 'Install Date', + { + text: 'Serial', + style: 'itemHeader' + }, + { + text: 'OS', + style: 'itemHeader' + }, + { + text: 'IP', + style: 'itemHeader' + }, + { + text: 'Purchase Date', + style: 'itemHeader' + }, + { + text: 'Warranty Expire', + style: 'itemHeader' + }, + { + text: 'Install Date', style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8476,8 +8474,8 @@ if(isset($_GET['export_client_pdf'])){ //Asset VMs Start 0){ ?> - { - text: 'Virtual Machines', + { + text: 'Virtual Machines', style: 'assetSubTitle' }, @@ -8485,24 +8483,24 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'OS', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'IP', - style: 'itemHeader' + { + text: 'OS', + style: 'itemHeader' }, - { - text: 'Install Date', + { + text: 'IP', + style: 'itemHeader' + }, + { + text: 'Install Date', style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8549,8 +8547,8 @@ if(isset($_GET['export_client_pdf'])){ //Assets Network Devices Start 0){ ?> - { - text: 'Network Devices', + { + text: 'Network Devices', style: 'assetSubTitle' }, @@ -8558,40 +8556,40 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Type', - style: 'itemHeader' - }, - { - text: 'Model', - style: 'itemHeader' - }, - { - text: 'Serial', - style: 'itemHeader' - }, - { - text: 'IP', - style: 'itemHeader' - }, - { - text: 'Purchase Date', + { + text: 'Name', style: 'itemHeader' }, - { - text: 'Warranty Expire', + { + text: 'Type', style: 'itemHeader' }, - { - text: 'Install Date', + { + text: 'Model', + style: 'itemHeader' + }, + { + text: 'Serial', + style: 'itemHeader' + }, + { + text: 'IP', + style: 'itemHeader' + }, + { + text: 'Purchase Date', + style: 'itemHeader' + }, + { + text: 'Warranty Expire', + style: 'itemHeader' + }, + { + text: 'Install Date', style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8654,8 +8652,8 @@ if(isset($_GET['export_client_pdf'])){ //Asset Other Start 0){ ?> - { - text: 'Other Devices', + { + text: 'Other Devices', style: 'assetSubTitle' }, @@ -8663,40 +8661,40 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Type', - style: 'itemHeader' - }, - { - text: 'Model', - style: 'itemHeader' - }, - { - text: 'Serial', - style: 'itemHeader' - }, - { - text: 'IP', - style: 'itemHeader' - }, - { - text: 'Purchase Date', + { + text: 'Name', style: 'itemHeader' }, - { - text: 'Warranty Expire', + { + text: 'Type', style: 'itemHeader' }, - { - text: 'Install Date', + { + text: 'Model', + style: 'itemHeader' + }, + { + text: 'Serial', + style: 'itemHeader' + }, + { + text: 'IP', + style: 'itemHeader' + }, + { + text: 'Purchase Date', + style: 'itemHeader' + }, + { + text: 'Warranty Expire', + style: 'itemHeader' + }, + { + text: 'Install Date', style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8759,8 +8757,8 @@ if(isset($_GET['export_client_pdf'])){ //Software Start 0){ ?> - { - text: 'Software', + { + text: 'Software', style: 'title' }, @@ -8768,24 +8766,24 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'Type', - style: 'itemHeader' - }, - { - text: 'License', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'Notes', - style: 'itemHeader' + { + text: 'Type', + style: 'itemHeader' + }, + { + text: 'License', + style: 'itemHeader' + }, + { + text: 'Notes', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8824,8 +8822,8 @@ if(isset($_GET['export_client_pdf'])){ //Networks Start 0){ ?> - { - text: 'Networks', + { + text: 'Networks', style: 'title' }, @@ -8833,28 +8831,28 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Name', - style: 'itemHeader' - }, - { - text: 'vLAN', - style: 'itemHeader' - }, - { - text: 'Network Subnet', - style: 'itemHeader' + { + text: 'Name', + style: 'itemHeader' }, - { - text: 'Gateway', - style: 'itemHeader' + { + text: 'vLAN', + style: 'itemHeader' }, - { - text: 'DHCP Range', - style: 'itemHeader' + { + text: 'Network Subnet', + style: 'itemHeader' + }, + { + text: 'Gateway', + style: 'itemHeader' + }, + { + text: 'DHCP Range', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8898,8 +8896,8 @@ if(isset($_GET['export_client_pdf'])){ //Domains Start 0){ ?> - { - text: 'Domains', + { + text: 'Domains', style: 'title' }, @@ -8907,23 +8905,23 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Domain Name', - style: 'itemHeader' - }, - { - text: 'Expire', - style: 'itemHeader' + { + text: 'Domain Name', + style: 'itemHeader' + }, + { + text: 'Expire', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -8945,8 +8943,8 @@ if(isset($_GET['export_client_pdf'])){ //Certificates Start 0){ ?> - { - text: 'Certificates', + { + text: 'Certificates', style: 'title' }, @@ -8954,24 +8952,24 @@ if(isset($_GET['export_client_pdf'])){ table: { body: [ [ - { - text: 'Certificate Name', - style: 'itemHeader' - }, - { - text: 'Domain Name', - style: 'itemHeader' + { + text: 'Certificate Name', + style: 'itemHeader' }, - { - text: 'Issuer', - style: 'itemHeader' + { + text: 'Domain Name', + style: 'itemHeader' }, - { - text: 'Expiration Date', - style: 'itemHeader' + { + text: 'Issuer', + style: 'itemHeader' + }, + { + text: 'Expiration Date', + style: 'itemHeader' } ], - + - [ + [ { text: , style: 'item' @@ -9042,7 +9040,7 @@ if(isset($_GET['export_client_pdf'])){ } } }; - + pdfMake.createPdf(docDefinition).download('-IT_Documentation-.pdf');