diff --git a/client_assets.php b/client_assets.php
index 7ba2d85b..7efb34bf 100644
--- a/client_assets.php
+++ b/client_assets.php
@@ -240,7 +240,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
}
$login_id = $row['login_id'];
- $login_username = htmlentities($row['login_username']);
+ $login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
// Related tickets
diff --git a/client_logins.php b/client_logins.php
index 08e51124..4100c413 100644
--- a/client_logins.php
+++ b/client_logins.php
@@ -12,8 +12,8 @@ if (!empty($_GET['sb'])) {
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logins
- WHERE login_client_id = $client_id
- AND (login_name LIKE '%$q%' OR login_username LIKE '%$q%' OR login_uri LIKE '%$q%')
+ WHERE login_client_id = $client_id
+ AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
@@ -75,7 +75,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
}else{
$login_uri_display = "$login_uri";
}
- $login_username = htmlentities($row['login_username']);
+ $login_username = htmlentities(decryptLoginEntry($row['login_username']));
if (empty($login_username)) {
$login_username_display = "-";
}else{
@@ -169,4 +169,4 @@ include("client_login_import_modal.php");
?>
-
\ No newline at end of file
+
diff --git a/database_updates.php b/database_updates.php
index 29ff09b3..051f5f45 100644
--- a/database_updates.php
+++ b/database_updates.php
@@ -466,9 +466,9 @@ if(LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION){
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.3.1'");
}
-
+
if (CURRENT_DATABASE_VERSION == '0.3.1') {
-
+
// Assets
mysqli_query($mysqli, "UPDATE `assets` SET `asset_login_id` = 0 WHERE `asset_login_id` IS NULL");
@@ -702,10 +702,10 @@ if(LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION){
mysqli_query($mysqli, "UPDATE `settings` SET `config_enable_alert_domain_expire` = 1 WHERE `config_enable_alert_domain_expire` IS NULL");
mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_enable_alert_domain_expire` `config_enable_alert_domain_expire` TINYINT(1) NOT NULL DEFAULT 1");
-
+
mysqli_query($mysqli, "UPDATE `settings` SET `config_send_invoice_reminders` = 1 WHERE `config_send_invoice_reminders` IS NULL");
mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_send_invoice_reminders` `config_send_invoice_reminders` TINYINT(1) NOT NULL DEFAULT 1");
-
+
mysqli_query($mysqli, "UPDATE `settings` SET `config_stripe_enable` = 0 WHERE `config_stripe_enable` IS NULL");
mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_stripe_enable` `config_stripe_enable` TINYINT(1) NOT NULL DEFAULT 0");
@@ -770,18 +770,34 @@ if(LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION){
if(CURRENT_DATABASE_VERSION == '0.3.3'){
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_telemetry` TINYINT(1) DEFAULT 0 AFTER `config_theme`");
-
+
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.3.4'");
}
- //if(CURRENT_DATABASE_VERSION == '0.3.4'){
+ if(CURRENT_DATABASE_VERSION == '0.3.4'){
// Insert queries here required to update to DB version 0.3.5
+ //Get & upgrade user login encryption
+ $sql_logins = mysqli_query($mysqli, "SELECT login_id, login_username FROM logins WHERE login_username IS NOT NULL");
+ foreach ($sql_logins as $row) {
+ $login_id = $row['login_id'];
+ $login_username = $row['login_username'];
+ $login_encrypted_username = encryptLoginEntry($row['login_username']);
+ mysqli_query($mysqli, "UPDATE logins SET login_username = '$login_encrypted_username' WHERE login_id = '$login_id'");
+ }
+
// Then, update the database to the next sequential version
- // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.3.5'");
+ mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.3.5'");
+ }
+
+ //if(CURRENT_DATABASE_VERSION == '0.3.5'){
+ // Insert queries here required to update to DB version 0.3.6
+
+ // Then, update the database to the next sequential version
+ // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.3.6'");
//}
} else {
// Up-to-date
-}
\ No newline at end of file
+}
diff --git a/database_version.php b/database_version.php
index 8f7c311e..cf73b8f0 100644
--- a/database_version.php
+++ b/database_version.php
@@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php
*/
-DEFINE("LATEST_DATABASE_VERSION", "0.3.4");
\ No newline at end of file
+DEFINE("LATEST_DATABASE_VERSION", "0.3.5");
diff --git a/global_search.php b/global_search.php
index 519238e3..d84762b0 100644
--- a/global_search.php
+++ b/global_search.php
@@ -19,7 +19,7 @@ if (isset($_GET['query'])) {
$sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
$sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5");
$sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') AND tickets.company_id = $session_company_id ORDER BY ticket_id DESC LIMIT 5");
- $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE (login_name LIKE '%$query%' OR login_username LIKE '%$query%') AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
+ $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
$q = htmlentities($_GET['query']);
?>
@@ -358,4 +358,4 @@ if (isset($_GET['query'])) {
-$name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -166,7 +166,7 @@ if(isset($_POST['edit_user'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -180,7 +180,7 @@ if(isset($_POST['edit_user'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -199,7 +199,7 @@ if(isset($_POST['edit_user'])){
//Delete old file
unlink("uploads/users/$user_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
//Extended Logging
@@ -211,7 +211,7 @@ if(isset($_POST['edit_user'])){
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
-
+
mysqli_query($mysqli,"UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $user_id");
if(!empty($new_password)){
@@ -234,7 +234,7 @@ if(isset($_POST['edit_user'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name modified user $name $extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "User $name updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -244,14 +244,14 @@ if(isset($_GET['activate_user'])){
validateAdminRole();
$user_id = intval($_GET['activate_user']);
-
+
mysqli_query($mysqli,"UPDATE users SET user_status = 1 WHERE user_id = $user_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Activate', log_description = '$session_name activated user $user_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "User activated!";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -261,7 +261,7 @@ if(isset($_GET['disable_user'])){
validateAdminRole();
$user_id = intval($_GET['disable_user']);
-
+
mysqli_query($mysqli,"UPDATE users SET user_status = 0 WHERE user_id = $user_id");
//Logging
@@ -269,7 +269,7 @@ if(isset($_GET['disable_user'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User disabled!";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -315,7 +315,7 @@ if(isset($_POST['edit_profile'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -329,7 +329,7 @@ if(isset($_POST['edit_profile'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -348,7 +348,7 @@ if(isset($_POST['edit_profile'])){
//Delete old file
unlink("uploads/users/$user_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
//Extended Logging
@@ -423,7 +423,7 @@ if(isset($_POST['edit_user_companies'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name updated company permissions for user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Company permssions updated for user $name";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -452,7 +452,7 @@ if(isset($_GET['archive_user'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User $name archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -478,7 +478,7 @@ if(isset($_POST['add_api_key'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API Key', log_action = 'Create', log_description = '$session_name created API Key $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "API Key $name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -498,14 +498,14 @@ if(isset($_GET['delete_api_key'])){
mysqli_query($mysqli,"DELETE FROM api_keys WHERE api_key_id = $api_key_id AND company_id = $session_company_id");
- // Logging
+ // Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API Key', log_action = 'Delete', log_description = '$session_name deleted API key $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "API Key $name deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_company'])){
@@ -523,12 +523,12 @@ if(isset($_POST['add_company'])){
$website = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['website'])));
$locale = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['locale'])));
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
-
+
mysqli_query($mysqli,"INSERT INTO companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website', company_locale = '$locale', company_currency = '$currency_code'");
$company_id = mysqli_insert_id($mysqli);
$current_database_version = CURRENT_DATABASE_VERSION;
-
+
mkdir("uploads/clients/$company_id");
mkdir("uploads/expenses/$company_id");
mkdir("uploads/settings/$company_id");
@@ -536,7 +536,7 @@ if(isset($_POST['add_company'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -550,7 +550,7 @@ if(isset($_POST['add_company'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -571,7 +571,7 @@ if(isset($_POST['add_company'])){
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -603,7 +603,7 @@ if(isset($_POST['add_company'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Create', log_description = '$session_name created company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Company $name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -632,7 +632,7 @@ if(isset($_POST['edit_company'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -646,7 +646,7 @@ if(isset($_POST['edit_company'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -665,12 +665,12 @@ if(isset($_POST['edit_company'])){
//Delete old file
unlink("uploads/settings/$company_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = $company_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -681,7 +681,7 @@ if(isset($_POST['edit_company'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Modify', log_description = '$session_name modified company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Company $name updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -701,7 +701,7 @@ if(isset($_GET['archive_company'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Company $company_name archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -759,8 +759,8 @@ if(isset($_GET['delete_company'])){
mysqli_query($mysqli,"DELETE FROM records WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM recurring WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM revenues WHERE company_id = $company_id");
- mysqli_query($mysqli,"DELETE FROM scheduled_tickets WHERE company_id = $company_id");
-
+ mysqli_query($mysqli,"DELETE FROM scheduled_tickets WHERE company_id = $company_id");
+
// Delete Items Associated Services
$sql = mysqli_query($mysqli,"SELECT service_id FROM services WHERE company_id = $company_id");
while($row = mysqli_fetch_array($sql)){
@@ -776,20 +776,20 @@ if(isset($_GET['delete_company'])){
mysqli_query($mysqli,"DELETE FROM services WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM settings WHERE company_id = $company_id");
-
+
$sql = mysqli_query($mysqli,"SELECT software_id FROM software WHERE company_id = $company_id");
while($row = mysqli_fetch_array($sql)){
$software_id = $row['software_id'];
mysqli_query($mysqli,"DELETE FROM software_assets WHERE software_id = $software_id");
mysqli_query($mysqli,"DELETE FROM software_contacts WHERE software_id = $software_id");
}
- mysqli_query($mysqli,"DELETE FROM software WHERE company_id = $company_id");
+ mysqli_query($mysqli,"DELETE FROM software WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM tags WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM taxes WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM tickets WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM ticket_replies WHERE company_id = $company_id");
-
+
mysqli_query($mysqli,"DELETE FROM transfers WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM trips WHERE company_id = $company_id");
mysqli_query($mysqli,"DELETE FROM user_companies WHERE company_id = $company_id");
@@ -809,9 +809,9 @@ if(isset($_GET['delete_company'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Company $company_name deleted";
-
+
header("Location: post.php?logout");
-
+
}
if(isset($_POST['verify'])){
@@ -824,7 +824,7 @@ if(isset($_POST['verify'])){
}else{
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "IN-VALID!";
- }
+ }
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -1146,7 +1146,7 @@ if(isset($_POST['send_telemetry_data'])){
// Basic Telemetry
if($config_telemetry == 1){
-
+
// Company Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies"));
$company_count = $row['num'];
@@ -1330,26 +1330,26 @@ if(isset($_GET['download_database'])){
$sqlScript = "";
foreach ($tables as $table) {
-
+
// Prepare SQLscript for creating table structure
$query = "SHOW CREATE TABLE $table";
$result = mysqli_query($mysqli, $query);
$row = mysqli_fetch_row($result);
-
+
$sqlScript .= "\n\n" . $row[1] . ";\n\n";
-
-
+
+
$query = "SELECT * FROM $table";
$result = mysqli_query($mysqli, $query);
-
+
$columnCount = mysqli_num_fields($result);
-
+
// Prepare SQLscript for dumping data for each table
for ($i = 0; $i < $columnCount; $i ++) {
while ($row = mysqli_fetch_row($result)) {
$sqlScript .= "INSERT INTO $table VALUES(";
for ($j = 0; $j < $columnCount; $j ++) {
-
+
if (isset($row[$j])) {
$sqlScript .= '"' . $row[$j] . '"';
} else {
@@ -1362,8 +1362,8 @@ if(isset($_GET['download_database'])){
$sqlScript .= ");\n";
}
}
-
- $sqlScript .= "\n";
+
+ $sqlScript .= "\n";
}
if(!empty($sqlScript))
@@ -1372,7 +1372,7 @@ if(isset($_GET['download_database'])){
$backup_file_name = date('Y-m-d') . '_' . $config_company_name . '_backup.sql';
$fileHandler = fopen($backup_file_name, 'w+');
$number_of_lines = fwrite($fileHandler, $sqlScript);
- fclose($fileHandler);
+ fclose($fileHandler);
// Download the SQL backup file to the browser
header('Content-Description: File Transfer');
@@ -1386,7 +1386,7 @@ if(isset($_GET['download_database'])){
ob_clean();
flush();
readfile($backup_file_name);
- exec('rm ' . $backup_file_name);
+ exec('rm ' . $backup_file_name);
}
//Logging
@@ -1506,7 +1506,7 @@ if(isset($_POST['add_client'])){
//Add Location
if(!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)){
mysqli_query($mysqli,"INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$location_phone', location_country = '$country', location_client_id = $client_id, company_id = $session_company_id");
-
+
//Update Primay location in clients
$location_id = mysqli_insert_id($mysqli);
mysqli_query($mysqli,"UPDATE clients SET primary_location = $location_id WHERE client_id = $client_id");
@@ -1515,15 +1515,15 @@ if(isset($_POST['add_client'])){
$extended_log_description .= ", primary location $address added";
}
-
+
//Add Contact
if(!empty($contact) || !empty($title) || !empty($contact_phone) || !empty($contact_mobile) || !empty($contact_email)){
mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$contact', contact_title = '$title', contact_phone = '$contact_phone', contact_extension = '$contact_extension', contact_mobile = '$contact_mobile', contact_email = '$contact_email', contact_client_id = $client_id, company_id = $session_company_id");
-
+
//Update Primary contact in clients
$contact_id = mysqli_insert_id($mysqli);
mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id");
-
+
//Extended Logging
$extended_log_description .= ", primary contact $contact added";
}
@@ -1576,10 +1576,10 @@ if(isset($_POST['add_client'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Create', log_description = '$session_name created $name$extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Client $name created";
-
+
header("Location: clients.php");
exit;
-
+
}
if(isset($_POST['edit_client'])){
@@ -1600,7 +1600,7 @@ if(isset($_POST['edit_client'])){
//Tags
//Delete existing tags
mysqli_query($mysqli,"DELETE FROM client_tags WHERE client_id = $client_id");
-
+
//Add new tags
foreach($_POST['tags'] as $tag){
$tag = intval($tag);
@@ -1611,7 +1611,7 @@ if(isset($_POST['edit_client'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Client ".htmlentities($client_name)." updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1633,7 +1633,7 @@ if(isset($_GET['archive_client'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Client ".htmlentities($client_name)." archived. Undo";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1652,7 +1652,7 @@ if(isset($_GET['undo_archive_client'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Undo Archive', log_description = '$session_name unarchived client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Client ".htmlentities($client_name)." unarchived.";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1677,7 +1677,7 @@ if(isset($_GET['delete_client'])){
mysqli_query($mysqli,"DELETE FROM client_tags WHERE client_id = $client_id");
mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_client_id = $client_id");
mysqli_query($mysqli,"DELETE FROM documents WHERE document_client_id = $client_id");
-
+
// Delete Domains and associated records
$sql = mysqli_query($mysqli,"SELECT domain_id FROM domains WHERE domain_client_id = $client_id");
while($row = mysqli_fetch_array($sql)){
@@ -1714,7 +1714,7 @@ if(isset($_GET['delete_client'])){
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_quote_id = $quote_id");
}
mysqli_query($mysqli,"DELETE FROM quotes WHERE quote_client_id = $client_id");
-
+
// Delete Recurring Invoices and associated items
$sql = mysqli_query($mysqli,"SELECT recurring_id FROM recurring WHERE recurring_client_id = $client_id");
while($row = mysqli_fetch_array($sql)){
@@ -1741,7 +1741,7 @@ if(isset($_GET['delete_client'])){
mysqli_query($mysqli,"DELETE FROM services WHERE service_client_id = $client_id");
mysqli_query($mysqli,"DELETE FROM shared_items WHERE item_client_id = $client_id");
-
+
$sql = mysqli_query($mysqli,"SELECT software_id FROM software WHERE software_client_id = $client_id");
while($row = mysqli_fetch_array($sql)){
$software_id = $row['software_id'];
@@ -1772,7 +1772,7 @@ if(isset($_GET['delete_client'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Client $client_name deleted along with all associated data";
-
+
header("Location: clients.php");
}
@@ -1787,7 +1787,7 @@ if(isset($_POST['add_calendar'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Create', log_description = '$session_name created calendar $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Calendar created, now lets add some events!";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1846,7 +1846,7 @@ if(isset($_POST['add_event'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Create', log_description = '$session_name created event $title in calendar', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Event added to the calendar";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1907,7 +1907,7 @@ if(isset($_POST['edit_event'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Modify', log_description = '$session_name modified event $title in calendar', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Event modified on the calendar";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1927,9 +1927,9 @@ if(isset($_GET['delete_event'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Event $event_title deleted on the calendar";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
//Vendor Templates
@@ -1948,7 +1948,7 @@ if(isset($_POST['add_vendor_template'])){
$sla = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['sla'])));
$code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['code'])));
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes'])));
-
+
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_contact_name = '$contact_name', vendor_phone = '$phone', vendor_extension = '$extension', vendor_email = '$email', vendor_website = '$website', vendor_hours = '$hours', vendor_sla = '$sla', vendor_code = '$code', vendor_account_number = '$account_number', vendor_notes = '$notes', vendor_template = 1, vendor_client_id = 0, company_id = $session_company_id");
$vendor_id = mysqli_insert_id($mysqli);
@@ -1957,7 +1957,7 @@ if(isset($_POST['add_vendor_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Create', log_description = '$session_name created vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor template $name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -1983,7 +1983,7 @@ if(isset($_POST['edit_vendor_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor Template', log_action = 'Modify', log_description = '$session_name modified vendor template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor template $name modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2020,7 +2020,7 @@ if(isset($_POST['add_vendor_from_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Create', log_description = 'Vendor created from template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Vendor created from template";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2042,7 +2042,7 @@ if(isset($_POST['add_vendor'])){
$sla = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['sla'])));
$code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['code'])));
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes'])));
-
+
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_contact_name = '$contact_name', vendor_phone = '$phone', vendor_extension = '$extension', vendor_email = '$email', vendor_website = '$website', vendor_hours = '$hours', vendor_sla = '$sla', vendor_code = '$code', vendor_account_number = '$account_number', vendor_notes = '$notes', vendor_client_id = $client_id, company_id = $session_company_id");
$vendor_id = mysqli_insert_id($mysqli);
@@ -2051,7 +2051,7 @@ if(isset($_POST['add_vendor'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Create', log_description = '$session_name created vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor $name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2077,7 +2077,7 @@ if(isset($_POST['edit_vendor'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Modify', log_description = '$session_name modified vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor $name modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2096,7 +2096,7 @@ if(isset($_GET['archive_vendor'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Vendor $vendor_name archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2116,7 +2116,7 @@ if(isset($_GET['delete_vendor'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Vendor $vendor_name deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2128,36 +2128,36 @@ if(isset($_GET['export_client_vendors_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Vendors-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Description', 'Contact Name', 'Phone', 'Website', 'Account Number', 'Notes');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['vendor_name'], $row['vendor_description'], $row['vendor_contact_name'], $row['vendor_phone'], $row['vendor_website'], $row['vendor_account_number'], $row['vendor_notes']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
-
+
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Export', log_description = '$session_name exported vendors to CSV', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
@@ -2179,7 +2179,7 @@ if(isset($_POST['add_product'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Create', log_description = '$session_name created product $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Product $name created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2202,7 +2202,7 @@ if(isset($_POST['edit_product'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Modify', log_description = '$session_name modifyed product $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Product $name modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2222,9 +2222,9 @@ if(isset($_GET['delete_product'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Product $product_name deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_trip'])){
@@ -2244,7 +2244,7 @@ if(isset($_POST['add_trip'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Create', log_description = '$session_name logged trip to $destination', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Trip added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2267,7 +2267,7 @@ if(isset($_POST['edit_trip'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Modify', log_description = '$date', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Trip modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2285,9 +2285,9 @@ if(isset($_GET['delete_trip'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Delete', log_description = '$trip_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Trip deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_account'])){
@@ -2303,7 +2303,7 @@ if(isset($_POST['add_account'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Account added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2320,7 +2320,7 @@ if(isset($_POST['edit_account'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Account modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2334,7 +2334,7 @@ if(isset($_GET['archive_account'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Archive', log_description = '$account_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'");
$_SESSION['alert_message'] = "Account Archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2348,9 +2348,9 @@ if(isset($_GET['delete_account'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Delete', log_description = '$account_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Account deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_category'])){
@@ -2365,7 +2365,7 @@ if(isset($_POST['add_category'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Category added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2383,7 +2383,7 @@ if(isset($_POST['edit_category'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Category modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2397,7 +2397,7 @@ if(isset($_GET['archive_category'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Archive', log_description = '$category_id'");
$_SESSION['alert_message'] = "Category Archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2412,9 +2412,9 @@ if(isset($_GET['delete_category'])){
$_SESSION['alert_message'] = "Category deleted";
$_SESSION['alert_type'] = "error";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
@@ -2433,7 +2433,7 @@ if(isset($_POST['add_tag'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Tag added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2452,7 +2452,7 @@ if(isset($_POST['edit_tag'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Tag modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2468,9 +2468,9 @@ if(isset($_GET['delete_tag'])){
$_SESSION['alert_message'] = "Tag deleted";
$_SESSION['alert_type'] = "error";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
//Tax
@@ -2486,7 +2486,7 @@ if(isset($_POST['add_tax'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Create', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Tax added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2503,7 +2503,7 @@ if(isset($_POST['edit_tax'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Modify', log_description = '$name - $percent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Tax modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2517,7 +2517,7 @@ if(isset($_GET['archive_tax'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tax', log_action = 'Archive', log_description = '$tax_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent'");
$_SESSION['alert_message'] = "Tax Archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2532,9 +2532,9 @@ if(isset($_GET['delete_tax'])){
$_SESSION['alert_message'] = "Tax deleted";
$_SESSION['alert_type'] = "error";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
//End Tax
@@ -2549,7 +2549,7 @@ if(isset($_GET['dismiss_notification'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Notification', log_action = 'Dismiss', log_description = '$session_name dismissed notification', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Notification Dismissed";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2559,20 +2559,20 @@ if(isset($_GET['dismiss_all_notifications'])){
$sql = mysqli_query($mysqli,"SELECT * FROM notifications WHERE company_id = $session_company_id AND notification_dismissed_at IS NULL");
$num_notifications = mysqli_num_rows($sql);
-
+
while($row = mysqli_fetch_array($sql)){
$notification_id = $row['notification_id'];
$notification_dismissed_at = $row['notification_dismissed_at'];
mysqli_query($mysqli,"UPDATE notifications SET notification_dismissed_at = CURDATE(), notification_dismissed_by = $session_user_id WHERE notification_id = $notification_id");
-
+
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Notification', log_action = 'Dismiss', log_description = '$session_name dismissed $num_notifications notifications', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
-
+
$_SESSION['alert_message'] = "$num_notifications Notifications Dismissed";
-
+
header("Location: notifications.php");
}
@@ -2593,7 +2593,7 @@ if(isset($_POST['add_expense'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -2607,7 +2607,7 @@ if(isset($_POST['add_expense'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png', 'pdf');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -2623,12 +2623,12 @@ if(isset($_POST['add_expense'])){
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
-
+
mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -2637,7 +2637,7 @@ if(isset($_POST['add_expense'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Create', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Expense added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2656,7 +2656,7 @@ if(isset($_POST['edit_expense'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -2670,7 +2670,7 @@ if(isset($_POST['edit_expense'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png', 'pdf');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -2689,12 +2689,12 @@ if(isset($_POST['edit_expense'])){
//Delete old file
unlink("uploads/expenses/$session_company_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -2705,7 +2705,7 @@ if(isset($_POST['edit_expense'])){
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Modify', log_description = '$description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2725,9 +2725,9 @@ if(isset($_GET['delete_expense'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Delete', log_description = '$epense_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Expense deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['export_expenses_csv'])){
@@ -2740,7 +2740,7 @@ if(isset($_POST['export_expenses_csv'])){
$date_query = "";
$file_name_date = date('Y-m-d');
}
-
+
//get records from database
$sql = mysqli_query($mysqli,"SELECT * FROM expenses
LEFT JOIN categories ON expense_category_id = category_id
@@ -2755,31 +2755,31 @@ if(isset($_POST['export_expenses_csv'])){
if(mysqli_num_rows($sql) > 0){
$delimiter = ",";
$filename = "$session_company_name-Expenses-$file_name_date.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Date', 'Amount', 'Vendor', 'Description', 'Category', 'Account');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = mysqli_fetch_assoc($sql)){
$lineData = array($row['expense_date'], $row['expense_amount'], $row['vendor_name'], $row['expense_description'], $row['category_name'], $row['account_name']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
-
+
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Export', log_description = '$session_name exported expenses to CSV File', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
@@ -2796,7 +2796,7 @@ if(isset($_POST['add_transfer'])){
mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$date', expense_amount = '$amount', expense_currency_code = '$session_company_currency', expense_vendor_id = 0, expense_category_id = 0, expense_account_id = $account_from, company_id = $session_company_id");
$expense_id = mysqli_insert_id($mysqli);
-
+
mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = '$amount', revenue_currency_code = '$session_company_currency', revenue_account_id = $account_to, revenue_category_id = 0, company_id = $session_company_id");
$revenue_id = mysqli_insert_id($mysqli);
@@ -2806,7 +2806,7 @@ if(isset($_POST['add_transfer'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Create', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Transfer added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2832,7 +2832,7 @@ if(isset($_POST['edit_transfer'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Modifed', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Transfer modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2856,9 +2856,9 @@ if(isset($_GET['delete_transfer'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Delete', log_description = '$transfer_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Transfer deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_invoice'])){
@@ -2866,12 +2866,12 @@ if(isset($_POST['add_invoice'])){
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
$category = intval($_POST['category']);
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
-
+
//Get Net Terms
- $sql = mysqli_query($mysqli,"SELECT client_net_terms FROM clients WHERE client_id = $client AND company_id = $session_company_id");
+ $sql = mysqli_query($mysqli,"SELECT client_net_terms FROM clients WHERE client_id = $client AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$client_net_terms = $row['client_net_terms'];
-
+
//Get the last Invoice Number and add 1 for the new invoice number
$invoice_number = $config_invoice_next_number;
$new_config_invoice_next_number = $config_invoice_next_number + 1;
@@ -2882,14 +2882,14 @@ if(isset($_POST['add_invoice'])){
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $invoice_number, invoice_scope = '$scope', invoice_date = '$date', invoice_due = DATE_ADD('$date', INTERVAL $client_net_terms day), invoice_currency_code = '$session_company_currency', invoice_category_id = $category, invoice_status = 'Draft', invoice_url_key = '$url_key', invoice_client_id = $client, company_id = $session_company_id");
$invoice_id = mysqli_insert_id($mysqli);
-
+
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'INVOICE added!', history_invoice_id = $invoice_id, company_id = $session_company_id");
-
+
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice added";
-
+
header("Location: invoice.php?invoice_id=$invoice_id");
}
@@ -2907,7 +2907,7 @@ if(isset($_POST['edit_invoice'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modify', log_description = '$invoice_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -2963,7 +2963,7 @@ if(isset($_POST['add_invoice_copy'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'Copied Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice copied";
-
+
header("Location: invoice.php?invoice_id=$new_invoice_id");
}
@@ -3013,7 +3013,7 @@ if(isset($_POST['add_invoice_recurring'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'From recurring invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Created recurring Invoice from this Invoice";
-
+
header("Location: recurring_invoice.php?recurring_id=$recurring_id");
}
@@ -3025,7 +3025,7 @@ if(isset($_POST['add_quote'])){
$category = intval($_POST['category']);
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
-
+
//Get the last Quote Number and add 1 for the new Quote number
$quote_number = $config_quote_next_number;
$new_config_quote_next_number = $config_quote_next_number + 1;
@@ -3044,7 +3044,7 @@ if(isset($_POST['add_quote'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = '$quote_prefix$quote_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote added";
-
+
header("Location: quote.php?quote_id=$quote_id");
}
@@ -3053,7 +3053,7 @@ if(isset($_POST['add_quote_copy'])){
$quote_id = intval($_POST['quote_id']);
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
-
+
//Get the last Invoice Number and add 1 for the new invoice number
$quote_number = $config_quote_next_number;
$new_config_quote_next_number = $config_quote_next_number + 1;
@@ -3096,7 +3096,7 @@ if(isset($_POST['add_quote_copy'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = 'Copied Quote', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote copied";
-
+
header("Location: quote.php?quote_id=$new_quote_id");
}
@@ -3106,7 +3106,7 @@ if(isset($_POST['add_quote_to_invoice'])){
$quote_id = intval($_POST['quote_id']);
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
$client_net_terms = intval($_POST['client_net_terms']);
-
+
$invoice_number = $config_invoice_next_number;
$new_config_invoice_next_number = $config_invoice_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $session_company_id");
@@ -3117,7 +3117,7 @@ if(isset($_POST['add_quote_to_invoice'])){
$quote_currency_code = $row['quote_currency_code'];
$quote_scope = mysqli_real_escape_string($mysqli,$row['quote_scope']);
$quote_note = mysqli_real_escape_string($mysqli,$row['quote_note']);
-
+
$client_id = $row['quote_client_id'];
$category_id = $row['quote_category_id'];
@@ -3151,7 +3151,7 @@ if(isset($_POST['add_quote_to_invoice'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Create', log_description = 'Quote copied to Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote copied to Invoice";
-
+
header("Location: invoice.php?invoice_id=$new_invoice_id");
}
@@ -3159,15 +3159,15 @@ if(isset($_POST['add_quote_to_invoice'])){
if(isset($_POST['add_quote_item'])){
$quote_id = intval($_POST['quote_id']);
-
+
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$description = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['description'])));
$qty = floatval($_POST['qty']);
$price = floatval($_POST['price']);
$tax_id = intval($_POST['tax_id']);
-
+
$subtotal = $price * $qty;
-
+
if($tax_id > 0){
$sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
$row = mysqli_fetch_array($sql);
@@ -3176,7 +3176,7 @@ if(isset($_POST['add_quote_item'])){
}else{
$tax_amount = 0;
}
-
+
$total = $subtotal + $tax_amount;
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_quote_id = $quote_id, company_id = $session_company_id");
@@ -3197,7 +3197,7 @@ if(isset($_POST['add_quote_item'])){
}
if(isset($_POST['quote_note'])){
-
+
$quote_id = intval($_POST['quote_id']);
$note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note'])));
@@ -3222,7 +3222,7 @@ if(isset($_POST['edit_quote'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = '$quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3250,9 +3250,9 @@ if(isset($_GET['delete_quote'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Delete', log_description = '$quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quotes deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['delete_quote_item'])){
@@ -3267,7 +3267,7 @@ if(isset($_GET['delete_quote_item'])){
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
-
+
$new_quote_amount = $row['quote_amount'] - $item_total;
mysqli_query($mysqli,"UPDATE quotes SET quote_amount = '$new_quote_amount' WHERE quote_id = $quote_id AND company_id = $session_company_id");
@@ -3278,9 +3278,9 @@ if(isset($_GET['delete_quote_item'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote Item', log_action = 'Delete', log_description = '$item_id from $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Item deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['mark_quote_sent'])){
@@ -3295,7 +3295,7 @@ if(isset($_GET['mark_quote_sent'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Update', log_description = '$quote_id marked sent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = " Quote marked sent";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3312,7 +3312,7 @@ if(isset($_GET['accept_quote'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = 'Accepted Quote $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = " Quote accepted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3329,7 +3329,7 @@ if(isset($_GET['decline_quote'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modify', log_description = 'Declined Quote $quote_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Quote declined";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3430,7 +3430,7 @@ if(isset($_POST['add_recurring'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Create', log_description = '$start_date - $category', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Recurring Invoice added";
-
+
header("Location: recurring_invoice.php?recurring_id=$recurring_id");
}
@@ -3452,7 +3452,7 @@ if(isset($_POST['edit_recurring'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Modify', log_description = '$recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Recurring Invoice modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3461,7 +3461,7 @@ if(isset($_GET['delete_recurring'])){
$recurring_id = intval($_GET['delete_recurring']);
mysqli_query($mysqli,"DELETE FROM recurring WHERE recurring_id = $recurring_id AND company_id = $session_company_id");
-
+
//Delete Items Associated with the Recurring
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id AND company_id = $session_company_id");
while($row = mysqli_fetch_array($sql)){;
@@ -3480,9 +3480,9 @@ if(isset($_GET['delete_recurring'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Delete', log_description = '$recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Recurring Invoice deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_recurring_item'])){
@@ -3493,9 +3493,9 @@ if(isset($_POST['add_recurring_item'])){
$qty = floatval($_POST['qty']);
$price = floatval($_POST['price']);
$tax_id = intval($_POST['tax_id']);
-
+
$subtotal = $price * $qty;
-
+
if($tax_id > 0){
$sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
$row = mysqli_fetch_array($sql);
@@ -3504,7 +3504,7 @@ if(isset($_POST['add_recurring_item'])){
}else{
$tax_amount = 0;
}
-
+
$total = $subtotal + $tax_amount;
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_recurring_id = $recurring_id, company_id = $session_company_id");
@@ -3525,7 +3525,7 @@ if(isset($_POST['add_recurring_item'])){
}
if(isset($_POST['recurring_note'])){
-
+
$recurring_id = intval($_POST['recurring_id']);
$note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note'])));
@@ -3549,7 +3549,7 @@ if(isset($_GET['delete_recurring_item'])){
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
-
+
$new_recurring_amount = $row['recurring_amount'] - $item_total;
mysqli_query($mysqli,"UPDATE recurring SET recurring_amount = '$new_recurring_amount' WHERE recurring_id = $recurring_id AND company_id = $session_company_id");
@@ -3560,9 +3560,9 @@ if(isset($_GET['delete_recurring_item'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring Item', log_action = 'Delete', log_description = 'Item ID $item_id from Recurring ID $recurring_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Item deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['mark_invoice_sent'])){
@@ -3577,7 +3577,7 @@ if(isset($_GET['mark_invoice_sent'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Update', log_description = '$invoice_id marked sent', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice marked sent";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3594,7 +3594,7 @@ if(isset($_GET['cancel_invoice'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modify', log_description = 'Cancelled', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice cancelled";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -3629,9 +3629,9 @@ if(isset($_GET['delete_invoice'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Delete', log_description = '$invoice_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_invoice_item'])){
@@ -3642,9 +3642,9 @@ if(isset($_POST['add_invoice_item'])){
$qty = floatval($_POST['qty']);
$price = floatval($_POST['price']);
$tax_id = intval($_POST['tax_id']);
-
+
$subtotal = $price * $qty;
-
+
if($tax_id > 0){
$sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
$row = mysqli_fetch_array($sql);
@@ -3653,7 +3653,7 @@ if(isset($_POST['add_invoice_item'])){
}else{
$tax_amount = 0;
}
-
+
$total = $subtotal + $tax_amount;
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$name', item_description = '$description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_invoice_id = $invoice_id, company_id = $session_company_id");
@@ -3698,9 +3698,9 @@ if(isset($_POST['edit_item'])){
$qty = floatval($_POST['qty']);
$price = floatval($_POST['price']);
$tax_id = intval($_POST['tax_id']);
-
+
$subtotal = $price * $qty;
-
+
if($tax_id > 0){
$sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
$row = mysqli_fetch_array($sql);
@@ -3709,7 +3709,7 @@ if(isset($_POST['edit_item'])){
}else{
$tax_amount = 0;
}
-
+
$total = $subtotal + $tax_amount;
mysqli_query($mysqli,"UPDATE invoice_items SET item_name = '$name', item_description = '$description', item_quantity = '$qty', item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id WHERE item_id = $item_id");
@@ -3721,7 +3721,7 @@ if(isset($_POST['edit_item'])){
$new_invoice_amount = $row['invoice_total'];
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
-
+
}elseif($quote_id > 0){
//Update Quote Balances by tallying up items
$sql_quote_total = mysqli_query($mysqli,"SELECT SUM(item_total) AS quote_total FROM invoice_items WHERE item_quote_id = $quote_id AND company_id = $session_company_id");
@@ -3759,7 +3759,7 @@ if(isset($_GET['delete_invoice_item'])){
$sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
-
+
$new_invoice_amount = $row['invoice_amount'] - $item_total;
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
@@ -3770,9 +3770,9 @@ if(isset($_GET['delete_invoice_item'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice Item', log_action = 'Delete', log_description = '$item_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Item deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_payment'])){
@@ -3798,7 +3798,7 @@ if(isset($_POST['add_payment'])){
$sql_total_payments_amount = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payments_amount FROM payments WHERE payment_invoice_id = $invoice_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_payments_amount);
$total_payments_amount = $row['payments_amount'];
-
+
//Get the invoice total
$sql = mysqli_query($mysqli,"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
@@ -3818,12 +3818,12 @@ if(isset($_POST['add_payment'])){
$contact_name = $row['contact_name'];
$contact_email = $row['contact_email'];
$contact_phone = $row['contact_phone'];
- if(strlen($contact_phone)>2){
+ if(strlen($contact_phone)>2){
$contact_phone = substr($row['contact_phone'],0,3)."-".substr($row['contact_phone'],3,3)."-".substr($row['contact_phone'],6,4);
}
$contact_extension = $row['contact_extension'];
$contact_mobile = $row['contact_mobile'];
- if(strlen($contact_mobile)>2){
+ if(strlen($contact_mobile)>2){
$contact_mobile = substr($row['contact_mobile'],0,3)."-".substr($row['contact_mobile'],3,3)."-".substr($row['contact_mobile'],6,4);
}
$company_name = $row['company_name'];
@@ -3839,10 +3839,10 @@ if(isset($_POST['add_payment'])){
//Calculate the Invoice balance
$invoice_balance = $invoice_amount - $total_payments_amount;
-
+
//Determine if invoice has been paid then set the status accordingly
if($invoice_balance == 0){
- $invoice_status = "Paid";
+ $invoice_status = "Paid";
if($email_receipt == 1){
@@ -3866,7 +3866,7 @@ if(isset($_POST['add_payment'])){
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $session_company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
}
-
+
}
}else{
$invoice_status = "Partial";
@@ -3893,7 +3893,7 @@ if(isset($_POST['add_payment'])){
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $session_company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
}
-
+
}
}
@@ -3908,7 +3908,7 @@ if(isset($_POST['add_payment'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = '$payment_amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Payment added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
}
@@ -3925,7 +3925,7 @@ if(isset($_GET['delete_payment'])){
$sql_total_payments_amount = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments_amount FROM payments WHERE payment_invoice_id = $invoice_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_payments_amount);
$total_payments_amount = $row['total_payments_amount'];
-
+
//Get the invoice total
$sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
@@ -3953,9 +3953,9 @@ if(isset($_GET['delete_payment'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Delete', log_description = '$payment_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Payment deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['email_invoice'])){
@@ -3987,7 +3987,7 @@ if(isset($_GET['email_invoice'])){
$contact_extension = $row['contact_extension'];
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
$client_website = $row['client_website'];
-
+
$company_name = $row['company_name'];
$company_country = $row['company_country'];
$company_address = $row['company_address'];
@@ -4065,7 +4065,7 @@ if(isset($_POST['add_revenue'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Create', log_description = '$date - $amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Revenue added!";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4088,9 +4088,9 @@ if(isset($_POST['edit_revenue'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Modify', log_description = '$revenue_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Revenue modified!";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['delete_revenue'])){
@@ -4102,9 +4102,9 @@ if(isset($_GET['delete_revenue'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Delete', log_description = '$revenue_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Revenue deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
// Client Section
@@ -4140,13 +4140,13 @@ if(isset($_POST['add_contact'])){
$contact_id = mysqli_insert_id($mysqli);
//Update Primary contact in clients if primary contact is checked
- if($primary_contact > 0){
+ if($primary_contact > 0){
mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id");
}
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -4160,7 +4160,7 @@ if(isset($_POST['add_contact'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -4176,12 +4176,12 @@ if(isset($_POST['add_contact'])){
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
-
+
mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -4190,7 +4190,7 @@ if(isset($_POST['add_contact'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Create', log_description = '$session_name created contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Contact added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4261,7 +4261,7 @@ if(isset($_POST['edit_contact'])){
// Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -4275,7 +4275,7 @@ if(isset($_POST['edit_contact'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -4293,12 +4293,12 @@ if(isset($_POST['edit_contact'])){
move_uploaded_file($file_tmp_path, $dest_path);
//Delete old file
unlink("uploads/clients/$session_company_id/$client_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -4307,7 +4307,7 @@ if(isset($_POST['edit_contact'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Contact updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4331,7 +4331,7 @@ if(isset($_GET['archive_contact'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Contact ".htmlentities($contact_name)." archived. Undo";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4355,9 +4355,9 @@ if(isset($_GET['delete_contact'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Contact deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_contacts_csv'])){
@@ -4368,33 +4368,33 @@ if(isset($_GET['export_client_contacts_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
//Contacts
$sql = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN locations ON location_id = contact_location_id WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Contacts-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Title', 'Department', 'Email', 'Phone', 'Ext', 'Mobile', 'Location');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['contact_name'], $row['contact_title'], $row['contact_department'], $row['contact_email'], formatPhoneNumber($row['contact_phone']), $row['contact_extension'], formatPhoneNumber($row['contact_mobile']), $row['location_name']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
@@ -4476,7 +4476,7 @@ if(isset($_POST["import_client_contacts_csv"])){
}
// Potentially import the rest in the future?
-
+
// Check if duplicate was detected
if($duplicate_detect == 0){
//Add
@@ -4484,7 +4484,7 @@ if(isset($_POST["import_client_contacts_csv"])){
$row_count = $row_count + 1;
}else{
$duplicate_count = $duplicate_count + 1;
- }
+ }
}
fclose($file);
@@ -4509,13 +4509,13 @@ if(isset($_GET['download_client_contacts_csv_template'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Contacts-Template.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array(
'Full Name ',
@@ -4528,18 +4528,18 @@ if(isset($_GET['download_client_contacts_csv_template'])){
'Office Location '
);
fputcsv($f, $fields, $delimiter);
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
exit;
-
+
}
// 2022-05-14 Johnny Left Off Adding log_entity_id and logs / alert cleanups import / archive etc
@@ -4576,7 +4576,7 @@ if(isset($_POST['add_location'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -4590,7 +4590,7 @@ if(isset($_POST['add_location'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -4606,12 +4606,12 @@ if(isset($_POST['add_location'])){
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
-
+
mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -4620,7 +4620,7 @@ if(isset($_POST['add_location'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Location added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4658,7 +4658,7 @@ if(isset($_POST['edit_location'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -4672,7 +4672,7 @@ if(isset($_POST['edit_location'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'gif', 'png');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -4691,12 +4691,12 @@ if(isset($_POST['edit_location'])){
//Delete old file
unlink("uploads/clients/$session_company_id/$client_id/$existing_file_name");
-
+
mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -4705,7 +4705,7 @@ if(isset($_POST['edit_location'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] .= "Location updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4729,7 +4729,7 @@ if(isset($_GET['archive_location'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Location ".htmlentities($location_name)." archived. Undo";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4750,7 +4750,7 @@ if(isset($_GET['undo_archive_location'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Undo Archive', log_description = '$session_name unarchived location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Location ".htmlentities($location_name)." unarchived.";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -4773,9 +4773,9 @@ if(isset($_GET['delete_location'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Location deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_locations_csv'])){
@@ -4786,38 +4786,38 @@ if(isset($_GET['export_client_locations_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
//Locations
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL AND company_id = $session_company_id ORDER BY location_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Locations-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Address', 'City', 'State', 'Postal Code', 'Phone', 'Hours');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['location_name'], $row['location_address'], $row['location_city'], $row['location_state'], $row['location_zip'], $row['location_phone'], $row['location_hours']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST["import_client_locations_csv"])){
@@ -4882,7 +4882,7 @@ if(isset($_POST["import_client_locations_csv"])){
if(isset($column[6])){
$hours = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[6])));
}
-
+
// Check if duplicate was detected
if($duplicate_detect == 0){
//Add
@@ -4890,7 +4890,7 @@ if(isset($_POST["import_client_locations_csv"])){
$row_count = $row_count + 1;
}else{
$duplicate_count = $duplicate_count + 1;
- }
+ }
}
fclose($file);
@@ -4915,28 +4915,28 @@ if(isset($_GET['download_client_locations_csv_template'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Locations-Template.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Address', 'City', 'State', 'Postal Code', 'Phone', 'Hours');
fputcsv($f, $fields, $delimiter);
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
exit;
-
+
}
if(isset($_POST['add_asset'])){
@@ -4986,7 +4986,7 @@ if(isset($_POST['add_asset'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Asset added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5035,7 +5035,7 @@ if(isset($_POST['edit_asset'])){
}else{
//If Username is filled in then add a login
if(!empty($username)) {
-
+
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id, company_id = $session_company_id");
}
@@ -5045,7 +5045,7 @@ if(isset($_POST['edit_asset'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Asset updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5063,7 +5063,7 @@ if(isset($_GET['archive_asset'])){
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Asset archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5080,9 +5080,9 @@ if(isset($_GET['delete_asset'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Delete', log_description = '$asset_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Asset deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST["import_client_assets_csv"])){
@@ -5156,7 +5156,7 @@ if(isset($_POST["import_client_assets_csv"])){
$row = mysqli_fetch_assoc($sql_location);
$location_id = intval($row['location_id']);
}
-
+
// Check if duplicate was detected
if($duplicate_detect == 0){
//Add
@@ -5164,7 +5164,7 @@ if(isset($_POST["import_client_assets_csv"])){
$row_count = $row_count + 1;
}else{
$duplicate_count = $duplicate_count + 1;
- }
+ }
}
fclose($file);
@@ -5189,28 +5189,28 @@ if(isset($_GET['download_client_assets_csv_template'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Assets-Template.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location');
fputcsv($f, $fields, $delimiter);
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
exit;
-
+
}
if(isset($_GET['export_client_assets_csv'])){
@@ -5224,37 +5224,37 @@ if(isset($_GET['export_client_assets_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Assets-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['asset_name'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
// Client Software/License
@@ -5277,7 +5277,7 @@ if(isset($_POST['add_software_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Template', log_action = 'Create', log_description = '$session_user_name created software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Software template created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5299,7 +5299,7 @@ if(isset($_POST['edit_software_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software Teplate', log_action = 'Modify', log_description = '$session_name updated software template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Software template updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5328,7 +5328,7 @@ if(isset($_POST['add_software_from_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Create', log_description = 'Software created from template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Software created from template";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5387,7 +5387,7 @@ if(isset($_POST['add_software'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Software added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5443,7 +5443,7 @@ if(isset($_POST['edit_software'])){
}else{
//If Username is filled in then add a login
if(!empty($username)) {
-
+
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_software_id = $software_id, login_client_id = $client_id, company_id = $session_company_id");
}
@@ -5453,7 +5453,7 @@ if(isset($_POST['edit_software'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Software updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5466,7 +5466,7 @@ if(isset($_GET['delete_software'])){
mysqli_query($mysqli,"DELETE FROM software WHERE software_id = $software_id AND company_id = $session_company_id");
- // Remove Software Relations
+ // Remove Software Relations
mysqli_query($mysqli,"DELETE FROM software_contacts WHERE software_id = $software_id");
mysqli_query($mysqli,"DELETE FROM software_assets WHERE software_id = $software_id");
@@ -5474,9 +5474,9 @@ if(isset($_GET['delete_software'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Delete', log_description = '$software_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Software deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_software_csv'])){
@@ -5490,7 +5490,7 @@ if(isset($_GET['export_client_software_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
@@ -5498,11 +5498,11 @@ if(isset($_GET['export_client_software_csv'])){
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Version', 'Type', 'License Type', 'Seats', 'Key', 'Assets', 'Contacts', 'Purchased', 'Expires', 'Notes');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
@@ -5533,19 +5533,19 @@ if(isset($_GET['export_client_software_csv'])){
$lineData = array($row['software_name'], $row['software_version'], $row['software_type'], $row['software_license_type'], $row['software_seats'], $row['software_key'], $assigned_to_assets, $assigned_to_contacts, $row['software_purchase'], $row['software_expire'], $row['software_notes']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST['add_login'])){
@@ -5555,7 +5555,7 @@ if(isset($_POST['add_login'])){
$client_id = intval($_POST['client_id']);
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$uri = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['uri'])));
- $username = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['username'])));
+ $username = trim(strip_tags(mysqli_real_escape_string($mysqli,encryptLoginEntry($_POST['username']))));
$password = trim(mysqli_real_escape_string($mysqli,encryptLoginEntry($_POST['password'])));
$otp_secret = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['otp_secret'])));
$note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note'])));
@@ -5570,7 +5570,7 @@ if(isset($_POST['add_login'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Login added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5582,7 +5582,7 @@ if(isset($_POST['edit_login'])){
$login_id = intval($_POST['login_id']);
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$uri = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['uri'])));
- $username = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['username'])));
+ $username = trim(strip_tags(mysqli_real_escape_string($mysqli,encryptLoginEntry($_POST['username']))));
$password = trim(mysqli_real_escape_string($mysqli,encryptLoginEntry($_POST['password'])));
$otp_secret = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['otp_secret'])));
$note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['note'])));
@@ -5597,7 +5597,7 @@ if(isset($_POST['edit_login'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Login updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5614,9 +5614,9 @@ if(isset($_GET['delete_login'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Delete', log_description = '$login_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Login deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_logins_csv'])){
@@ -5630,38 +5630,39 @@ if(isset($_GET['export_client_logins_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_client_id = $client_id ORDER BY login_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Logins-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Username', 'Password', 'URL');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
+ $login_username = decryptLoginEntry($row['login_username']);
$login_password = decryptLoginEntry($row['login_password']);
- $lineData = array($row['login_name'], $row['login_username'], $login_password, $row['login_uri']);
+ $lineData = array($row['login_name'], $login_username, $login_password, $row['login_uri']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST["import_client_logins_csv"])){
@@ -5709,7 +5710,7 @@ if(isset($_POST["import_client_logins_csv"])){
}
}
if(isset($column[1])){
- $username = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[1])));
+ $username = trim(strip_tags(mysqli_real_escape_string($mysqli, encryptLoginEntry($column[1]))));
}
if(isset($column[2])){
$password = trim(mysqli_real_escape_string($mysqli,encryptLoginEntry($column[2])));
@@ -5717,7 +5718,7 @@ if(isset($_POST["import_client_logins_csv"])){
if(isset($column[3])){
$url = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[3])));
}
-
+
// Check if duplicate was detected
if($duplicate_detect == 0){
//Add
@@ -5725,7 +5726,7 @@ if(isset($_POST["import_client_logins_csv"])){
$row_count = $row_count + 1;
}else{
$duplicate_count = $duplicate_count + 1;
- }
+ }
}
fclose($file);
@@ -5750,28 +5751,28 @@ if(isset($_GET['download_client_logins_csv_template'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$delimiter = ",";
$filename = strto_AZaz09($client_name) . "-Logins-Template.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Username', 'Password', 'URL');
fputcsv($f, $fields, $delimiter);
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
exit;
-
+
}
if(isset($_POST['add_network'])){
@@ -5792,7 +5793,7 @@ if(isset($_POST['add_network'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Network added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5815,7 +5816,7 @@ if(isset($_POST['edit_network'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Modifed', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Network updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5831,9 +5832,9 @@ if(isset($_GET['delete_network'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Delete', log_description = '$network_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Network deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_networks_csv'])){
@@ -5847,43 +5848,43 @@ if(isset($_GET['export_client_networks_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_client_id = $client_id ORDER BY network_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Networks-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'vLAN', 'Network', 'Gateway', 'DHCP Range');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['network_name'], $row['network_vlan'], $row['network'], $row['network_gateway'], $row['network_dhcp_range']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST['add_certificate'])){
validateTechRole();
-
+
$client_id = intval($_POST['client_id']);
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$domain = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['domain'])));
@@ -5912,7 +5913,7 @@ if(isset($_POST['add_certificate'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = '$session_company_id', log_user_id = '$session_user_id'");
$_SESSION['alert_message'] = "Certificate added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5949,7 +5950,7 @@ if(isset($_POST['edit_certificate'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Certificate updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -5966,9 +5967,9 @@ if(isset($_GET['delete_certificate'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Delete', log_description = '$certificate_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Certificate deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_certificates_csv'])){
@@ -5982,37 +5983,37 @@ if(isset($_GET['export_client_certificates_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_client_id = $client_id ORDER BY certificate_name ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Certificates-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Name', 'Domain', 'Issuer', 'Expiration Date');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['certificate_name'], $row['certificate_domain'], $row['certificate_issued_by'], $row['certificate_expire']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST['add_domain'])){
@@ -6064,7 +6065,7 @@ if(isset($_POST['add_domain'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Create', log_description = '$name$extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -6099,7 +6100,7 @@ if(isset($_POST['edit_domain'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -6116,9 +6117,9 @@ if(isset($_GET['delete_domain'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Delete', log_description = '$domain_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['export_client_domains_csv'])){
@@ -6132,38 +6133,38 @@ if(isset($_GET['export_client_domains_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_client_id = $client_id ORDER BY domain_name ASC");
-
+
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Domains-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Domain', 'Registrar', 'Web Host', 'Expiration Date');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['domain_name'], $row['domain_registrar'], $row['domain_webhost'], $row['domain_expire']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST['add_ticket'])){
@@ -6188,7 +6189,7 @@ if(isset($_POST['add_ticket'])){
$sql = mysqli_query($mysqli,"SELECT primary_contact FROM clients WHERE client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$contact = $row['primary_contact'];
- }
+ }
//Get the next Ticket Number and add 1 for the new ticket number
$ticket_number = $config_ticket_next_number;
@@ -6358,7 +6359,7 @@ if(isset($_POST['edit_ticket'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Ticket updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -6427,7 +6428,7 @@ if(isset($_POST['assign_ticket'])){
$_SESSION['alert_message'] = "Ticket re-assigned";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -6444,9 +6445,9 @@ if(isset($_GET['delete_ticket'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Delete', log_description = '$ticket_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Ticket deleted";
-
+
header("Location: tickets.php");
-
+
}
if(isset($_POST['add_ticket_reply'])){
@@ -6486,7 +6487,7 @@ if(isset($_POST['add_ticket_reply'])){
LEFT JOIN companies ON tickets.company_id = companies.company_id
WHERE ticket_id = $ticket_id AND tickets.company_id = $session_company_id
");
-
+
$row = mysqli_fetch_array($ticket_sql);
$contact_name = $row['contact_name'];
@@ -6528,9 +6529,9 @@ if(isset($_POST['add_ticket_reply'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Create', log_description = '$ticket_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Posted an update";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['edit_ticket_reply'])){
@@ -6553,9 +6554,9 @@ if(isset($_POST['edit_ticket_reply'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Update Modify', log_action = 'Modify', log_description = '$ticket_update_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Ticket update modified";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['archive_ticket_reply'])){
@@ -6570,9 +6571,9 @@ if(isset($_GET['archive_ticket_reply'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Update', log_action = 'Archive', log_description = '$ticket_update_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Ticket update archived";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['merge_ticket'])){
@@ -6687,7 +6688,7 @@ if(isset($_GET['close_ticket'])){
}
if(isset($_POST['add_invoice_from_ticket'])){
-
+
$invoice_id = intval($_POST['invoice_id']);
$ticket_id = intval($_POST['ticket_id']);
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
@@ -6739,16 +6740,16 @@ if(isset($_POST['add_invoice_from_ticket'])){
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $invoice_number, invoice_scope = '$scope', invoice_date = '$date', invoice_due = DATE_ADD('$date', INTERVAL $client_net_terms day), invoice_currency_code = '$session_company_currency', invoice_category_id = $category, invoice_status = 'Draft', invoice_url_key = '$url_key', invoice_client_id = $client_id, company_id = $session_company_id");
$invoice_id = mysqli_insert_id($mysqli);
}
-
+
//Add Item
$item_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['item_name'])));
$item_description = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['item_description'])));
$qty = floatval($_POST['qty']);
$price = floatval($_POST['price']);
$tax_id = intval($_POST['tax_id']);
-
+
$subtotal = $price * $qty;
-
+
if($tax_id > 0){
$sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_id = $tax_id");
$row = mysqli_fetch_array($sql);
@@ -6757,7 +6758,7 @@ if(isset($_POST['add_invoice_from_ticket'])){
}else{
$tax_amount = 0;
}
-
+
$total = $subtotal + $tax_amount;
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $qty, item_price = '$price', item_subtotal = '$subtotal', item_tax = '$tax_amount', item_total = '$total', item_tax_id = $tax_id, item_invoice_id = $invoice_id, company_id = $session_company_id");
@@ -6780,7 +6781,7 @@ if(isset($_POST['add_invoice_from_ticket'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number created from Ticket $ticket_prefix$ticket_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice created from ticket";
-
+
header("Location: invoice.php?invoice_id=$invoice_id");
}
@@ -6795,37 +6796,37 @@ if(isset($_GET['export_client_tickets_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_client_id = $client_id ORDER BY ticket_number ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Tickets-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Ticket Number', 'Priority', 'Status', 'Subject', 'Date Opened', 'Date Closed');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['ticket_number'], $row['ticket_priority'], $row['ticket_status'], $row['ticket_subject'], $row['ticket_created_at'], $row['ticket_closed_at']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_POST['add_service'])){
@@ -7076,7 +7077,7 @@ if(isset($_POST['add_file'])){
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
-
+
// get details of the uploaded file
$file_error = 0;
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -7092,7 +7093,7 @@ if(isset($_POST['add_file'])){
// check if file has one of the following extensions
$allowed_file_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'csv', 'xls', 'xlsx', 'xlsm', 'zip', 'tar', 'gz');
-
+
if(in_array($file_extension,$allowed_file_extensions) === false){
$file_error = 1;
}
@@ -7108,12 +7109,12 @@ if(isset($_POST['add_file'])){
$dest_path = $upload_file_dir . $file_reference_name;
move_uploaded_file($file_tmp_path, $dest_path);
-
+
mysqli_query($mysqli,"INSERT INTO files SET file_reference_name = '$file_reference_name', file_name = '$file_name', file_ext = '$file_extension', file_client_id = $client_id, company_id = $session_company_id");
$_SESSION['alert_message'] = 'File successfully uploaded.';
}else{
-
+
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
@@ -7122,7 +7123,7 @@ if(isset($_POST['add_file'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Upload', log_description = '$path', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "File uploaded";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7147,9 +7148,9 @@ if(isset($_GET['delete_file'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Delete', log_description = '$file_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "File deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_document'])){
@@ -7167,7 +7168,7 @@ if(isset($_POST['add_document'])){
$content = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode($_POST['content']))));
$content_raw = trim(mysqli_real_escape_string($mysqli, strip_tags($_POST['name'] . " " . str_replace("<", " <", $_POST['content']))));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
-
+
$folder = intval($_POST['folder']);
// Document add query
@@ -7178,7 +7179,7 @@ if(isset($_POST['add_document'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Create', log_description = 'Created $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Document added";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7207,7 +7208,7 @@ if(isset($_POST['add_document_template'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document Template', log_action = 'Create', log_description = 'Created Document Template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Document Template created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7228,7 +7229,7 @@ if(isset($_POST['add_document_from_template'])){
$document_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$document_template_id = intval($_POST['document_template_id']);
$folder = intval($_POST['folder']);
-
+
//GET Document Info
$sql_document = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_id = $document_template_id AND company_id = $session_company_id");
@@ -7240,14 +7241,14 @@ if(isset($_POST['add_document_from_template'])){
// Document add query
$add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$document_name', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_client_id = $client_id, company_id = $session_company_id");
-
+
$document_id = $mysqli->insert_id;
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Create', log_description = 'Document $document_name created from template $document_template_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Document created from template";
-
+
header("Location: client_document_details.php?client_id=$client_id&document_id=$document_id");
}
@@ -7277,7 +7278,7 @@ if(isset($_POST['edit_document'])){
$_SESSION['alert_message'] = "Document updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7306,7 +7307,7 @@ if(isset($_POST['edit_document_template'])){
$_SESSION['alert_message'] = "Document Template updated";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7323,9 +7324,9 @@ if(isset($_GET['delete_document'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Delete', log_description = '$document_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Document deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_POST['add_folder'])){
@@ -7343,7 +7344,7 @@ if(isset($_POST['add_folder'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Create', log_description = 'Created $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Folder created";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7362,7 +7363,7 @@ if(isset($_POST['rename_folder'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Modify', log_description = '$folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Folder renamed";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -7387,9 +7388,9 @@ if(isset($_GET['delete_folder'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Delete', log_description = '$folder_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Folder deleted";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
-
+
}
if(isset($_GET['deactivate_shared_item'])){
@@ -7471,7 +7472,7 @@ if(isset($_GET['force_recurring'])){
}else{
$item_tax_amount = 0;
}
-
+
$item_total = $item_subtotal + $item_tax_amount;
//Update Recurring Items with new tax
@@ -7551,7 +7552,7 @@ if(isset($_GET['force_recurring'])){
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = 'Recurring Forced to an Invoice', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Recurring Invoice Forced";
-
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
} //End Force Recurring
@@ -7578,32 +7579,32 @@ if(isset($_POST['export_trips_csv'])){
if(mysqli_num_rows($sql) > 0){
$delimiter = ",";
$filename = "$session_company_name-Trips-$file_name_date.csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Date', 'Purpose', 'Source', 'Destination', 'Miles');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = mysqli_fetch_assoc($sql)){
$lineData = array($row['trip_date'], $row['trip_purpose'], $row['trip_source'], $row['trip_destination'], $row['trip_miles']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_invoices_csv'])){
@@ -7614,37 +7615,37 @@ if(isset($_GET['export_client_invoices_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM invoices WHERE invoice_client_id = $client_id ORDER BY invoice_number ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Invoices-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Invoice Number', 'Scope', 'Amount', 'Issued Date', 'Due Date', 'Status');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['invoice_prefix'] . $row['invoice_number'], $row['invoice_scope'], $row['invoice_amount'], $row['invoice_date'], $row['invoice_due'], $row['invoice_status']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_recurring_csv'])){
@@ -7655,37 +7656,37 @@ if(isset($_GET['export_client_recurring_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_client_id = $client_id ORDER BY recurring_number ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Recurring Invoices-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Recurring Number', 'Scope', 'Amount', 'Frequency', 'Date Created');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['recurring_prefix'] . $row['recurring_number'], $row['recurring_scope'], $row['recurring_amount'], ucwords($row['recurring_frequency'] . "ly"), $row['recurring_created_at']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_quotes_csv'])){
@@ -7696,37 +7697,37 @@ if(isset($_GET['export_client_quotes_csv'])){
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
-
+
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_client_id = $client_id ORDER BY quote_number ASC");
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Quotes-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Quote Number', 'Scope', 'Amount', 'Date', 'Status');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['quote_prefix'] . $row['quote_number'], $row['quote_scope'], $row['quote_amount'], $row['quote_date'], $row['quote_status']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_payments_csv'])){
@@ -7742,32 +7743,32 @@ if(isset($_GET['export_client_payments_csv'])){
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Payments-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Payment Date', 'Invoice Date', 'Invoice Number', 'Invoice Amount', 'Payment Amount', 'Payment Method', 'Referrence');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['payment_date'], $row['invoice_date'], $row['invoice_prefix'] . $row['invoice_number'], $row['invoice_amount'], $row['payment_amount'], $row['payment_method'], $row['payment_reference']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_trips_csv'])){
@@ -7783,32 +7784,32 @@ if(isset($_GET['export_client_trips_csv'])){
if($sql->num_rows > 0){
$delimiter = ",";
$filename = $client_name . "-Trips-" . date('Y-m-d') . ".csv";
-
+
//create a file pointer
$f = fopen('php://memory', 'w');
-
+
//set column headers
$fields = array('Date', 'Purpose', 'Source', 'Destination', 'Miles');
fputcsv($f, $fields, $delimiter);
-
+
//output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){
$lineData = array($row['trip_date'], $row['trip_purpose'], $row['trip_source'], $row['trip_destination'], $row['trip_miles']);
fputcsv($f, $lineData, $delimiter);
}
-
+
//move back to beginning of file
fseek($f, 0);
-
+
//set headers to download file rather than displayed
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="' . $filename . '";');
-
+
//output all remaining data on a file pointer
fpassthru($f);
}
exit;
-
+
}
if(isset($_GET['export_client_pdf'])){
@@ -7869,9 +7870,9 @@ if(isset($_GET['export_client_pdf'])){
pageMargins: [ 15, 15, 15, 15 ],
content: [
- {
- text: ,
- style: 'title'
+ {
+ text: ,
+ style: 'title'
},
{
@@ -7882,54 +7883,54 @@ if(isset($_GET['export_client_pdf'])){
{
text: 'Address',
style: 'itemHeader'
- },
+ },
{
text: ,
style: 'item'
}
],
- [
- {
+ [
+ {
text: 'City State Zip',
style: 'itemHeader'
- },
+ },
{
text: ,
style: 'item'
}
],
- [
- {
+ [
+ {
text: 'Phone',
style: 'itemHeader'
- },
+ },
{
text: ,
style: 'item'
}
],
- [
+ [
{
text: 'Website',
- style: 'itemHeader'
- },
+ style: 'itemHeader'
+ },
{
- text: ,
+ text: ,
style: 'item'
}
],
- [
+ [
{
text: 'Contact',
- style: 'itemHeader'
- },
+ style: 'itemHeader'
+ },
{
- text: ,
+ text: ,
style: 'item'
}
],
- [
- {
+ [
+ {
text: 'Email',
style: 'itemHeader'
},
@@ -7937,15 +7938,15 @@ if(isset($_GET['export_client_pdf'])){
text: ,
style: 'item'
}
- ]
+ ]
]
}
},
//Contacts Start
0){ ?>
- {
- text: 'Contacts',
+ {
+ text: 'Contacts',
style: 'title'
},
@@ -7955,32 +7956,32 @@ if(isset($_GET['export_client_pdf'])){
// you can declare how many rows should be treated as headers
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Title',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'Department',
- style: 'itemHeader'
- },
- {
- text: 'Email',
- style: 'itemHeader'
- },
- {
- text: 'Phone',
- style: 'itemHeader'
+ {
+ text: 'Title',
+ style: 'itemHeader'
},
- {
+ {
+ text: 'Department',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Email',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Phone',
+ style: 'itemHeader'
+ },
+ {
text: 'Mobile',
- style: 'itemHeader'
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8019,7 +8020,7 @@ if(isset($_GET['export_client_pdf'])){
{
text: ,
style: 'item'
- }
+ }
],
0){ ?>
- {
- text: 'Locations',
+ {
+ text: 'Locations',
style: 'title'
},
@@ -8042,20 +8043,20 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Address',
- style: 'itemHeader'
- },
- {
- text: 'Phone',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Address',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Phone',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8092,8 +8093,8 @@ if(isset($_GET['export_client_pdf'])){
//Vendors Start
0){ ?>
- {
- text: 'Vendors',
+ {
+ text: 'Vendors',
style: 'title'
},
@@ -8101,28 +8102,28 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Description',
- style: 'itemHeader'
- },
- {
- text: 'Phone',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'Website',
- style: 'itemHeader'
+ {
+ text: 'Description',
+ style: 'itemHeader'
},
- {
- text: 'Account Number',
- style: 'itemHeader'
+ {
+ text: 'Phone',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Website',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Account Number',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8169,8 +8170,8 @@ if(isset($_GET['export_client_pdf'])){
//Logins Start
0){ ?>
- {
- text: 'Logins',
+ {
+ text: 'Logins',
style: 'title'
},
@@ -8178,38 +8179,38 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Username',
- style: 'itemHeader'
- },
- {
- text: 'Password',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'URL',
- style: 'itemHeader'
+ {
+ text: 'Username',
+ style: 'itemHeader'
},
- {
- text: 'Notes',
- style: 'itemHeader'
+ {
+ text: 'Password',
+ style: 'itemHeader'
+ },
+ {
+ text: 'URL',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Notes',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8238,18 +8239,18 @@ if(isset($_GET['export_client_pdf'])){
]
}
},
-
//Logins END
//Assets Start
0){ ?>
- {
- text: 'Assets',
+ {
+ text: 'Assets',
style: 'assetTitle'
},
@@ -8257,8 +8258,8 @@ if(isset($_GET['export_client_pdf'])){
//Asset Workstations Start
0){ ?>
- {
- text: 'Workstations',
+ {
+ text: 'Workstations',
style: 'assetSubTitle'
},
@@ -8266,44 +8267,44 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Type',
- style: 'itemHeader'
- },
- {
- text: 'Model',
- style: 'itemHeader'
- },
- {
- text: 'Serial',
- style: 'itemHeader'
- },
- {
- text: 'OS',
- style: 'itemHeader'
- },
- {
- text: 'Purchase Date',
+ {
+ text: 'Name',
style: 'itemHeader'
},
- {
- text: 'Warranty Expire',
+ {
+ text: 'Type',
style: 'itemHeader'
},
- {
- text: 'Install Date',
+ {
+ text: 'Model',
style: 'itemHeader'
},
- {
- text: 'Assigned To',
+ {
+ text: 'Serial',
+ style: 'itemHeader'
+ },
+ {
+ text: 'OS',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Purchase Date',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Warranty Expire',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Install Date',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Assigned To',
style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8371,8 +8372,8 @@ if(isset($_GET['export_client_pdf'])){
//Assets Servers Start
0){ ?>
- {
- text: 'Servers',
+ {
+ text: 'Servers',
style: 'assetSubTitle'
},
@@ -8380,40 +8381,40 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Model',
- style: 'itemHeader'
- },
- {
- text: 'Serial',
- style: 'itemHeader'
- },
- {
- text: 'OS',
- style: 'itemHeader'
- },
- {
- text: 'IP',
- style: 'itemHeader'
- },
- {
- text: 'Purchase Date',
+ {
+ text: 'Name',
style: 'itemHeader'
},
- {
- text: 'Warranty Expire',
+ {
+ text: 'Model',
style: 'itemHeader'
},
- {
- text: 'Install Date',
+ {
+ text: 'Serial',
+ style: 'itemHeader'
+ },
+ {
+ text: 'OS',
+ style: 'itemHeader'
+ },
+ {
+ text: 'IP',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Purchase Date',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Warranty Expire',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Install Date',
style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8476,8 +8477,8 @@ if(isset($_GET['export_client_pdf'])){
//Asset VMs Start
0){ ?>
- {
- text: 'Virtual Machines',
+ {
+ text: 'Virtual Machines',
style: 'assetSubTitle'
},
@@ -8485,24 +8486,24 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'OS',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'IP',
- style: 'itemHeader'
+ {
+ text: 'OS',
+ style: 'itemHeader'
},
- {
- text: 'Install Date',
+ {
+ text: 'IP',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Install Date',
style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8549,8 +8550,8 @@ if(isset($_GET['export_client_pdf'])){
//Assets Network Devices Start
0){ ?>
- {
- text: 'Network Devices',
+ {
+ text: 'Network Devices',
style: 'assetSubTitle'
},
@@ -8558,40 +8559,40 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Type',
- style: 'itemHeader'
- },
- {
- text: 'Model',
- style: 'itemHeader'
- },
- {
- text: 'Serial',
- style: 'itemHeader'
- },
- {
- text: 'IP',
- style: 'itemHeader'
- },
- {
- text: 'Purchase Date',
+ {
+ text: 'Name',
style: 'itemHeader'
},
- {
- text: 'Warranty Expire',
+ {
+ text: 'Type',
style: 'itemHeader'
},
- {
- text: 'Install Date',
+ {
+ text: 'Model',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Serial',
+ style: 'itemHeader'
+ },
+ {
+ text: 'IP',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Purchase Date',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Warranty Expire',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Install Date',
style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8654,8 +8655,8 @@ if(isset($_GET['export_client_pdf'])){
//Asset Other Start
0){ ?>
- {
- text: 'Other Devices',
+ {
+ text: 'Other Devices',
style: 'assetSubTitle'
},
@@ -8663,40 +8664,40 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Type',
- style: 'itemHeader'
- },
- {
- text: 'Model',
- style: 'itemHeader'
- },
- {
- text: 'Serial',
- style: 'itemHeader'
- },
- {
- text: 'IP',
- style: 'itemHeader'
- },
- {
- text: 'Purchase Date',
+ {
+ text: 'Name',
style: 'itemHeader'
},
- {
- text: 'Warranty Expire',
+ {
+ text: 'Type',
style: 'itemHeader'
},
- {
- text: 'Install Date',
+ {
+ text: 'Model',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Serial',
+ style: 'itemHeader'
+ },
+ {
+ text: 'IP',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Purchase Date',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Warranty Expire',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Install Date',
style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8759,8 +8760,8 @@ if(isset($_GET['export_client_pdf'])){
//Software Start
0){ ?>
- {
- text: 'Software',
+ {
+ text: 'Software',
style: 'title'
},
@@ -8768,24 +8769,24 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'Type',
- style: 'itemHeader'
- },
- {
- text: 'License',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'Notes',
- style: 'itemHeader'
+ {
+ text: 'Type',
+ style: 'itemHeader'
+ },
+ {
+ text: 'License',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Notes',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8824,8 +8825,8 @@ if(isset($_GET['export_client_pdf'])){
//Networks Start
0){ ?>
- {
- text: 'Networks',
+ {
+ text: 'Networks',
style: 'title'
},
@@ -8833,28 +8834,28 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Name',
- style: 'itemHeader'
- },
- {
- text: 'vLAN',
- style: 'itemHeader'
- },
- {
- text: 'Network Subnet',
- style: 'itemHeader'
+ {
+ text: 'Name',
+ style: 'itemHeader'
},
- {
- text: 'Gateway',
- style: 'itemHeader'
+ {
+ text: 'vLAN',
+ style: 'itemHeader'
},
- {
- text: 'DHCP Range',
- style: 'itemHeader'
+ {
+ text: 'Network Subnet',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Gateway',
+ style: 'itemHeader'
+ },
+ {
+ text: 'DHCP Range',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8898,8 +8899,8 @@ if(isset($_GET['export_client_pdf'])){
//Domains Start
0){ ?>
- {
- text: 'Domains',
+ {
+ text: 'Domains',
style: 'title'
},
@@ -8907,23 +8908,23 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Domain Name',
- style: 'itemHeader'
- },
- {
- text: 'Expire',
- style: 'itemHeader'
+ {
+ text: 'Domain Name',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Expire',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -8945,8 +8946,8 @@ if(isset($_GET['export_client_pdf'])){
//Certificates Start
0){ ?>
- {
- text: 'Certificates',
+ {
+ text: 'Certificates',
style: 'title'
},
@@ -8954,24 +8955,24 @@ if(isset($_GET['export_client_pdf'])){
table: {
body: [
[
- {
- text: 'Certificate Name',
- style: 'itemHeader'
- },
- {
- text: 'Domain Name',
- style: 'itemHeader'
+ {
+ text: 'Certificate Name',
+ style: 'itemHeader'
},
- {
- text: 'Issuer',
- style: 'itemHeader'
+ {
+ text: 'Domain Name',
+ style: 'itemHeader'
},
- {
- text: 'Expiration Date',
- style: 'itemHeader'
+ {
+ text: 'Issuer',
+ style: 'itemHeader'
+ },
+ {
+ text: 'Expiration Date',
+ style: 'itemHeader'
}
],
-
+
- [
+ [
{
text: ,
style: 'item'
@@ -9042,7 +9043,7 @@ if(isset($_GET['export_client_pdf'])){
}
}
};
-
+
pdfMake.createPdf(docDefinition).download('-IT_Documentation-.pdf');