AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

General cleanup/formatting

This commit is contained in:
Marcus Hill 2023-02-09 12:29:12 +00:00
parent c219324bb8
commit 615f317d2b
138 changed files with 3706 additions and 3556 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
accounts.php
View File

@ -9,11 +9,14 @@ if (!empty($_GET['sb'])) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM accounts $sql = mysqli_query(
WHERE account_name LIKE '%$q%' AND company_id = $session_company_id $mysqli,
ORDER BY $sb $o LIMIT $record_from, $record_to"); "SELECT SQL_CALC_FOUND_ROWS * FROM accounts
WHERE account_name LIKE '%$q%' AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

10
ajax.php
View File

@ -141,7 +141,9 @@ if (isset($_GET['network_get_json_details'])) {
} }
// Lookup all client locations, as networks can be associated with any client location // Lookup all client locations, as networks can be associated with any client location
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations $locations_sql = mysqli_query(
$mysqli,
"SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'" WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
); );
while ($row = mysqli_fetch_array($locations_sql)) { while ($row = mysqli_fetch_array($locations_sql)) {
@ -226,11 +228,11 @@ if (isset($_GET['share_generate_link'])) {
$item_encrypted_credential = ''; // Default empty $item_encrypted_credential = ''; // Default empty
$client_id = intval($_GET['client_id']); $client_id = intval($_GET['client_id']);
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type']))); $item_type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['type'])));
$item_id = intval($_GET['id']); $item_id = intval($_GET['id']);
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note']))); $item_note = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['note'])));
$item_view_limit = intval($_GET['views']); $item_view_limit = intval($_GET['views']);
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires']))); $item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['expires'])));
$item_key = randomString(156); $item_key = randomString(156);
if ($item_type == "Document") { if ($item_type == "Document") {

4
base32static.php
View File

@ -44,7 +44,7 @@ class Base32Static {
$i=0; $i=0;
while($i < count($fiveBitBinaryArray)) { while($i < count($fiveBitBinaryArray)) {
$base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5,'0'), 2, 10)]; $base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5, '0'), 2, 10)];
$i++; $i++;
} }
@ -71,7 +71,7 @@ class Base32Static {
substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false; substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
} }
$input = str_replace('=','', $input); $input = str_replace('=', '', $input);
$input = str_split($input); $input = str_split($input);
$binaryString = ""; $binaryString = "";

4
calendar_event_add_modal.php
View File

@ -48,7 +48,7 @@
<option value="">- Calendar -</option> <option value="">- Calendar -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$calendar_id = $row['calendar_id']; $calendar_id = $row['calendar_id'];
$calendar_name = htmlentities($row['calendar_name']); $calendar_name = htmlentities($row['calendar_name']);
@ -117,7 +117,7 @@
<option value="">- Client -</option> <option value="">- Client -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']); $client_name = htmlentities($row['client_name']);

4
calendar_event_edit_modal.php
View File

@ -50,7 +50,7 @@
<select class="form-control select2" name="calendar" required> <select class="form-control select2" name="calendar" required>
<?php <?php
$sql_calendars_select = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC"); $sql_calendars_select = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql_calendars_select)) { while ($row = mysqli_fetch_array($sql_calendars_select)) {
$calendar_id_select = $row['calendar_id']; $calendar_id_select = $row['calendar_id'];
$calendar_name_select = htmlentities($row['calendar_name']); $calendar_name_select = htmlentities($row['calendar_name']);
@ -116,7 +116,7 @@
<option value="">- Client -</option> <option value="">- Client -</option>
<?php <?php
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC"); $sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_clients)) { while ($row = mysqli_fetch_array($sql_clients)) {
$client_id_select = $row['client_id']; $client_id_select = $row['client_id'];
$client_name_select = htmlentities($row['client_name']); $client_name_select = htmlentities($row['client_name']);

14
calendar_events.php
View File

@ -18,7 +18,7 @@ require_once("calendar_add_modal.php");
require_once("category_quick_add_modal.php"); require_once("category_quick_add_modal.php");
//loop through IDs and create a modal for each //loop through IDs and create a modal for each
$sql = mysqli_query($mysqli,"SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = $row['event_id']; $event_id = $row['event_id'];
$event_title = htmlentities($row['event_title']); $event_title = htmlentities($row['event_title']);
@ -70,7 +70,7 @@ while ($row = mysqli_fetch_array($sql)) {
}, },
events: [ events: [
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']); $event_id = json_encode($row['event_id']);
$event_title = json_encode($row['event_title']); $event_title = json_encode($row['event_title']);
@ -84,7 +84,7 @@ while ($row = mysqli_fetch_array($sql)) {
} }
//Invoices Created //Invoices Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id WHERE clients.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['invoice_id']); $event_id = json_encode($row['invoice_id']);
$event_title = json_encode($row['invoice_prefix'] . $row['invoice_number'] . " " . $row['invoice_scope']); $event_title = json_encode($row['invoice_prefix'] . $row['invoice_number'] . " " . $row['invoice_scope']);
@ -94,7 +94,7 @@ while ($row = mysqli_fetch_array($sql)) {
} }
//Quotes Created //Quotes Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id WHERE clients.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['quote_id']); $event_id = json_encode($row['quote_id']);
$event_title = json_encode($row['quote_prefix'] . $row['quote_number'] . " " . $row['quote_scope']); $event_title = json_encode($row['quote_prefix'] . $row['quote_number'] . " " . $row['quote_scope']);
@ -104,7 +104,7 @@ while ($row = mysqli_fetch_array($sql)) {
} }
//Tickets Created //Tickets Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN tickets ON client_id = ticket_client_id WHERE clients.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN tickets ON client_id = ticket_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['ticket_id']); $event_id = json_encode($row['ticket_id']);
$event_title = json_encode($row['ticket_prefix'] . $row['ticket_number'] . " " . $row['ticket_subject']); $event_title = json_encode($row['ticket_prefix'] . $row['ticket_number'] . " " . $row['ticket_subject']);
@ -115,7 +115,7 @@ while ($row = mysqli_fetch_array($sql)) {
} }
//Vendors Added Created //Vendors Added Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id WHERE vendor_template = 0 AND clients.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id WHERE vendor_template = 0 AND clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['vendor_id']); $event_id = json_encode($row['vendor_id']);
$event_title = json_encode($row['vendor_name']); $event_title = json_encode($row['vendor_name']);
@ -125,7 +125,7 @@ while ($row = mysqli_fetch_array($sql)) {
} }
//Clients Added //Clients Added
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE clients.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['client_id']); $event_id = json_encode($row['client_id']);
$event_title = json_encode($row['client_name']); $event_title = json_encode($row['client_name']);

32
categories.php
View File

@ -3,35 +3,39 @@
require_once("inc_all_settings.php"); require_once("inc_all_settings.php");
if (isset($_GET['category'])) { if (isset($_GET['category'])) {
$category = strip_tags(mysqli_real_escape_string($mysqli,$_GET['category'])); $category = strip_tags(mysqli_real_escape_string($mysqli, $_GET['category']));
} else { } else {
$category = "Expense"; $category = "Expense";
} }
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "category_name"; $sb = "category_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories $sql = mysqli_query(
WHERE category_name LIKE '%$q%' $mysqli,
AND category_type = '$category' "SELECT SQL_CALC_FOUND_ROWS * FROM categories
AND category_archived_at IS NULL WHERE category_name LIKE '%$q%'
AND company_id = $session_company_id AND category_type = '$category'
ORDER BY $sb $o LIMIT $record_from, $record_to" AND category_archived_at IS NULL
AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
//Colors Used //Colors Used
$sql_colors_used = mysqli_query($mysqli,"SELECT category_color FROM categories $sql_colors_used = mysqli_query(
WHERE category_type = '$category' $mysqli,
AND category_archived_at IS NULL "SELECT category_color FROM categories
AND company_id = $session_company_id" WHERE category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id"
); );
while ($color_used_row = mysqli_fetch_array($sql_colors_used)) { while ($color_used_row = mysqli_fetch_array($sql_colors_used)) {

4
client_add_modal.php
View File

@ -64,7 +64,7 @@
<option value="">N/A</option> <option value="">N/A</option>
<?php <?php
$referral_sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($referral_sql)) { while ($row = mysqli_fetch_array($referral_sql)) {
$referral = htmlentities($row['category_name']); ?> $referral = htmlentities($row['category_name']); ?>
<option><?php echo $referral; ?></option> <option><?php echo $referral; ?></option>
@ -271,7 +271,7 @@
<ul class="list-group"> <ul class="list-group">
<?php <?php
$sql_tags_select = mysqli_query($mysqli,"SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC"); $sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) { while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id']; $tag_id_select = $row['tag_id'];

8
client_asset_add_modal.php
View File

@ -122,7 +122,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id']; $location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);
@ -145,7 +145,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id']; $contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']); $contact_name = htmlentities($row['contact_name']);
@ -184,7 +184,7 @@
<option value="">- Network -</option> <option value="">- Network -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id']; $network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']); $network_name = htmlentities($row['network_name']);
@ -232,7 +232,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);

8
client_asset_copy_modal.php
View File

@ -119,7 +119,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC"); $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) { while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id']; $location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']); $location_name_select = htmlentities($row['location_name']);
@ -142,7 +142,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = $row['contact_id']; $contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']); $contact_name = htmlentities($row['contact_name']);
@ -179,7 +179,7 @@
<option value="">- Network -</option> <option value="">- Network -</option>
<?php <?php
$sql_networks = mysqli_query($mysqli,"SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC"); $sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) { while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id']; $network_id_select = $row['network_id'];
$network_name_select = htmlentities($row['network_name']); $network_name_select = htmlentities($row['network_name']);
@ -227,7 +227,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id']; $vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']); $vendor_name_select = htmlentities($row['vendor_name']);

10
client_asset_edit_modal.php
View File

@ -121,7 +121,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC"); $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) { while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id']; $location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']); $location_name_select = htmlentities($row['location_name']);
@ -143,13 +143,13 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id']; $contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']); $contact_name_select = htmlentities($row['contact_name']);
?> ?>
<option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"> <option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>">
<?php echo $contact_name_select; ?> <?php if (!empty($row['contact_archived_at'])) { echo " (Archived " . date('Y-m-d',strtotime($row['contact_archived_at'])) .")"; } ?> <?php echo $contact_name_select; ?> <?php if (!empty($row['contact_archived_at'])) { echo " (Archived " . date('Y-m-d', strtotime($row['contact_archived_at'])) .")"; } ?>
</option> </option>
<?php } ?> <?php } ?>
@ -181,7 +181,7 @@
<option value="">- Network -</option> <option value="">- Network -</option>
<?php <?php
$sql_networks = mysqli_query($mysqli,"SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC"); $sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) { while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id']; $network_id_select = $row['network_id'];
$network_name_select = htmlentities($row['network_name']); $network_name_select = htmlentities($row['network_name']);
@ -229,7 +229,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id']; $vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']); $vendor_name_select = htmlentities($row['vendor_name']);

2
client_asset_interface_add_modal.php
View File

@ -75,7 +75,7 @@
<option value="">- None -</option> <option value="">- None -</option>
<?php <?php
$sql_network_select = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC"); $sql_network_select = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_network_select)) { while ($row = mysqli_fetch_array($sql_network_select)) {
$network_id = $row['network_id']; $network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']); $network_name = htmlentities($row['network_name']);

24
client_assets.php
View File

@ -31,7 +31,7 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM a
$other_count = $row['count']; $other_count = $row['count'];
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "asset_name"; $sb = "asset_name";
} }
@ -53,17 +53,19 @@ if (isset($_GET['type']) && ($_GET['type']) == 'workstation') {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM assets $sql = mysqli_query(
LEFT JOIN contacts ON asset_contact_id = contact_id $mysqli,
LEFT JOIN locations ON asset_location_id = location_id "SELECT SQL_CALC_FOUND_ROWS * FROM assets
LEFT JOIN logins ON login_asset_id = asset_id LEFT JOIN contacts ON asset_contact_id = contact_id
WHERE asset_client_id = $client_id LEFT JOIN locations ON asset_location_id = location_id
AND asset_archived_at IS NULL LEFT JOIN logins ON login_asset_id = asset_id
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%') WHERE asset_client_id = $client_id
AND ($type_query) AND asset_archived_at IS NULL
ORDER BY $sb $o LIMIT $record_from, $record_to" AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND ($type_query)
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

16
client_certificates.php
View File

@ -1,21 +1,21 @@
<?php require_once("inc_all_client.php"); ?> <?php require_once("inc_all_client.php"); ?>
<?php <?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "certificate_name"; $sb = "certificate_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM certificates $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM certificates
WHERE certificate_client_id = $client_id AND (certificate_name LIKE '%$q%' OR certificate_domain LIKE '%$q%' OR certificate_issued_by LIKE '%$q%') WHERE certificate_client_id = $client_id AND (certificate_name LIKE '%$q%' OR certificate_domain LIKE '%$q%' OR certificate_issued_by LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -30,7 +30,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Certificates"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Certificates">
@ -62,7 +62,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$certificate_id = $row['certificate_id']; $certificate_id = $row['certificate_id'];
$certificate_name = htmlentities($row['certificate_name']); $certificate_name = htmlentities($row['certificate_name']);

2
client_contact_add_modal.php
View File

@ -120,7 +120,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id']; $location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);

6
client_contact_details.php
View File

@ -94,7 +94,7 @@ if (isset($_GET['contact_id'])) {
if (!empty($contact_mobile)) { ?> if (!empty($contact_mobile)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div> <div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
<?php } ?> <?php } ?>
<div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d',strtotime($contact_created_at)); ?></div> <div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
<hr> <hr>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>"> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-user-edit"></i> Edit <i class="fas fa-fw fa-user-edit"></i> Edit
@ -389,7 +389,7 @@ if (isset($_GET['contact_id'])) {
$asset_licenses_array[] = $row['asset_id']; $asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1; $seat_count = $seat_count + 1;
} }
$asset_licenses = implode(',',$asset_licenses_array); $asset_licenses = implode(',', $asset_licenses_array);
// Contact Licenses // Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id"); $contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
@ -398,7 +398,7 @@ if (isset($_GET['contact_id'])) {
$contact_licenses_array[] = $row['contact_id']; $contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1; $seat_count = $seat_count + 1;
} }
$contact_licenses = implode(',',$contact_licenses_array); $contact_licenses = implode(',', $contact_licenses_array);
?> ?>
<tr> <tr>

2
client_contact_edit_modal.php
View File

@ -122,7 +122,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC"); $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) { while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id']; $location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']); $location_name_select = htmlentities($row['location_name']);

20
client_contacts.php
View File

@ -3,9 +3,9 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q'])); $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers //Phone Numbers
$n = preg_replace("/[^0-9]/", '',$q); $n = preg_replace("/[^0-9]/", '', $q);
if (empty($n)) { if (empty($n)) {
$n = $q; $n = $q;
} }
@ -16,21 +16,21 @@ if (isset($_GET['q'])) {
} }
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "contact_name"; $sb = "contact_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM contacts $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts
LEFT JOIN locations ON location_id = contact_location_id LEFT JOIN locations ON location_id = contact_location_id
WHERE contact_archived_at IS NULL WHERE contact_archived_at IS NULL
AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%') AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%')
AND contact_client_id = $client_id ORDER BY $sb $o LIMIT $record_from, $record_to"); AND contact_client_id = $client_id ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -145,19 +145,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$auth_method = htmlentities($row['contact_auth_method']); $auth_method = htmlentities($row['contact_auth_method']);
// Related Assets Query // Related Assets Query
$sql_related_assets = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_contact_id = $contact_id AND company_id = $session_company_id ORDER BY asset_id DESC"); $sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id AND company_id = $session_company_id ORDER BY asset_id DESC");
$asset_count = mysqli_num_rows($sql_related_assets); $asset_count = mysqli_num_rows($sql_related_assets);
// Related Logins Query // Related Logins Query
$sql_related_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_contact_id = $contact_id AND company_id = $session_company_id ORDER BY login_id DESC"); $sql_related_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_contact_id = $contact_id AND company_id = $session_company_id ORDER BY login_id DESC");
$login_count = mysqli_num_rows($sql_related_logins); $login_count = mysqli_num_rows($sql_related_logins);
// Related Software Query // Related Software Query
$sql_related_software = mysqli_query($mysqli,"SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC"); $sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC");
$software_count = mysqli_num_rows($sql_related_software); $software_count = mysqli_num_rows($sql_related_software);
// Related Tickets Query // Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC"); $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
$ticket_count = mysqli_num_rows($sql_related_tickets); $ticket_count = mysqli_num_rows($sql_related_tickets);
?> ?>

4
client_document_add_from_template_modal.php
View File

@ -20,7 +20,7 @@
<select class="form-control" name="document_template_id" required> <select class="form-control" name="document_template_id" required>
<option value="">- Select Template -</option> <option value="">- Select Template -</option>
<?php <?php
$sql_document_templates = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_template = 1 AND company_id = $session_company_id AND document_archived_at IS NULL ORDER BY document_name ASC"); $sql_document_templates = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND company_id = $session_company_id AND document_archived_at IS NULL ORDER BY document_name ASC");
while ($row = mysqli_fetch_array($sql_document_templates)) { while ($row = mysqli_fetch_array($sql_document_templates)) {
$document_template_id = $row['document_id']; $document_template_id = $row['document_id'];
$document_template_name = htmlentities($row['document_name']); $document_template_name = htmlentities($row['document_name']);
@ -54,7 +54,7 @@
<select class="form-control" name="folder"> <select class="form-control" name="folder">
<option value="0">/</option> <option value="0">/</option>
<?php <?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) { while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id']; $folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']); $folder_name = htmlentities($row['folder_name']);

2
client_document_add_modal.php
View File

@ -27,7 +27,7 @@
<select class="form-control" name="folder"> <select class="form-control" name="folder">
<option value="0">/</option> <option value="0">/</option>
<?php <?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) { while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id']; $folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']); $folder_name = htmlentities($row['folder_name']);

2
client_document_details.php
View File

@ -7,7 +7,7 @@ if (isset($_GET['document_id'])) {
} }
$sql_document = mysqli_query($mysqli,"SELECT * FROM documents LEFT JOIN folders ON document_folder_id = folder_id WHERE document_client_id = $client_id AND document_id = $document_id AND documents.company_id = $session_company_id"); $sql_document = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN folders ON document_folder_id = folder_id WHERE document_client_id = $client_id AND document_id = $document_id AND documents.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_document); $row = mysqli_fetch_array($sql_document);

2
client_document_edit_modal.php
View File

@ -27,7 +27,7 @@
<select class="form-control" name="folder"> <select class="form-control" name="folder">
<option value="0">/</option> <option value="0">/</option>
<?php <?php
$sql_folders_select = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); $sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders_select)) { while ($row = mysqli_fetch_array($sql_folders_select)) {
$folder_id_select = $row['folder_id']; $folder_id_select = $row['folder_id'];
$folder_name_select = htmlentities($row['folder_name']); $folder_name_select = htmlentities($row['folder_name']);

2
client_document_template_details.php
View File

@ -8,7 +8,7 @@ if (isset($_GET['document_id'])) {
} }
$sql_document = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id AND documents.company_id = $session_company_id"); $sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id AND documents.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_document); $row = mysqli_fetch_array($sql_document);

26
client_document_templates.php
View File

@ -4,8 +4,8 @@
// Sort by // Sort by
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "document_name"; $sb = "document_name";
} }
@ -17,16 +17,18 @@ if (!empty($q)) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents $sql = mysqli_query(
WHERE document_template = 1 $mysqli,
AND documents.company_id = $session_company_id "SELECT SQL_CALC_FOUND_ROWS * FROM documents
$query_snippet WHERE document_template = 1
ORDER BY $sb $o LIMIT $record_from, $record_to" AND documents.company_id = $session_company_id
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -44,7 +46,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</div> </div>
</div> </div>
<div class="card-body"> <div class="card-body">
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo intval($client_id); ?>"> <input type="hidden" name="client_id" value="<?php echo intval($client_id); ?>">
<div class="input-group"> <div class="input-group">
@ -76,7 +78,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$document_id = $row['document_id']; $document_id = $row['document_id'];
$document_name = htmlentities($row['document_name']); $document_name = htmlentities($row['document_name']);
@ -110,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tr> </tr>
<?php <?php
include("client_document_template_edit_modal.php"); include("client_document_template_edit_modal.php");
} }

26
client_documents.php
View File

@ -11,7 +11,7 @@ if (!empty($_GET['folder_id'])) {
// Sort by // Sort by
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "document_name"; $sb = "document_name";
} }
@ -24,7 +24,7 @@ if (!empty($q)) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// Folder ID // Folder ID
$get_folder_id = 0; $get_folder_id = 0;
@ -32,16 +32,18 @@ if (!empty($_GET['folder_id'])) {
$get_folder_id = intval($_GET['folder_id']); $get_folder_id = intval($_GET['folder_id']);
} }
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents $sql = mysqli_query(
WHERE document_client_id = $client_id $mysqli,
AND documents.company_id = $session_company_id "SELECT SQL_CALC_FOUND_ROWS * FROM documents
AND document_template = 0 WHERE document_client_id = $client_id
AND document_folder_id = $folder AND documents.company_id = $session_company_id
$query_snippet AND document_template = 0
ORDER BY $sb $o LIMIT $record_from, $record_to" AND document_folder_id = $folder
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -82,12 +84,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<a class="nav-link <?php if ($get_folder_id == 0) { echo "active"; } ?>" href="?client_id=<?php echo $client_id; ?>&folder_id=0">/</a> <a class="nav-link <?php if ($get_folder_id == 0) { echo "active"; } ?>" href="?client_id=<?php echo $client_id; ?>&folder_id=0">/</a>
</li> </li>
<?php <?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC"); $sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) { while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id']; $folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']); $folder_name = htmlentities($row['folder_name']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id"));
$num_documents = $row['num']; $num_documents = $row['num'];
?> ?>

4
client_domain_add_modal.php
View File

@ -31,7 +31,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);
@ -52,7 +52,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);

10
client_domains.php
View File

@ -3,19 +3,19 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "domain_name"; $sb = "domain_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM domains LEFT JOIN vendors ON domain_registrar = vendor_id $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM domains LEFT JOIN vendors ON domain_registrar = vendor_id
WHERE domain_client_id = $client_id AND (domain_name LIKE '%$q%' OR vendor_name LIKE '%$q%') WHERE domain_client_id = $client_id AND (domain_name LIKE '%$q%' OR vendor_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -75,7 +75,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$domain_registrar_name = "-"; $domain_registrar_name = "-";
} }
$sql_domain_webhost = mysqli_query($mysqli,"SELECT vendor_name FROM vendors WHERE vendor_id = $domain_webhost"); $sql_domain_webhost = mysqli_query($mysqli, "SELECT vendor_name FROM vendors WHERE vendor_id = $domain_webhost");
$row = mysqli_fetch_array($sql_domain_webhost); $row = mysqli_fetch_array($sql_domain_webhost);
$domain_webhost_name = htmlentities($row['vendor_name']); $domain_webhost_name = htmlentities($row['vendor_name']);
if (empty($domain_webhost_name)) { if (empty($domain_webhost_name)) {

4
client_edit_modal.php
View File

@ -59,7 +59,7 @@
<option value="">N/A</option> <option value="">N/A</option>
<?php <?php
$referral_sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Referral' AND (category_archived_at > '$client_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC"); $referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND (category_archived_at > '$client_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($referral_sql)) { while ($row = mysqli_fetch_array($referral_sql)) {
$referral = htmlentities($row['category_name']); $referral = htmlentities($row['category_name']);
?> ?>
@ -137,7 +137,7 @@
<?php <?php
$sql_tags_select = mysqli_query($mysqli,"SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC"); $sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) { while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id']; $tag_id_select = $row['tag_id'];

4
client_events.php
View File

@ -22,7 +22,7 @@ if (isset($_GET['calendar_id'])) {
<?php <?php
//loop through IDs and create a modal for each //loop through IDs and create a modal for each
$sql = mysqli_query($mysqli,"SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = $row['event_id']; $event_id = $row['event_id'];
$event_title = htmlentities($row['event_title']); $event_title = htmlentities($row['event_title']);
@ -71,7 +71,7 @@ while ($row = mysqli_fetch_array($sql)) {
}, },
events: [ events: [
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']); $event_id = json_encode($row['event_id']);
$event_title = json_encode($row['event_title']); $event_title = json_encode($row['event_title']);

9
client_invoices.php
View File

@ -2,7 +2,7 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "invoice_number"; $sb = "invoice_number";
} }
@ -14,7 +14,7 @@ if (!isset($_GET['o'])) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
@ -22,9 +22,10 @@ $sql = mysqli_query(
LEFT JOIN categories ON invoice_category_id = category_id LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%') AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

2
client_location_add_modal.php
View File

@ -113,7 +113,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = $row['contact_id']; $contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']); $contact_name = htmlentities($row['contact_name']);

2
client_location_edit_modal.php
View File

@ -115,7 +115,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id']; $contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']); $contact_name_select = htmlentities($row['contact_name']);

12
client_locations.php
View File

@ -3,9 +3,9 @@
<?php <?php
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q'])); $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers //Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q); $phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $q; $phone_query = $q;
} }
@ -15,21 +15,21 @@ if (isset($_GET['q'])) {
} }
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ }else{
$sb = "location_name"; $sb = "location_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM locations $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM locations
WHERE location_client_id = $client_id WHERE location_client_id = $client_id
AND location_archived_at IS NULL AND location_archived_at IS NULL
AND (location_name LIKE '%$q%' OR location_address LIKE '%$q%' OR location_phone LIKE '%$phone_query%') AND (location_name LIKE '%$q%' OR location_address LIKE '%$q%' OR location_phone LIKE '%$phone_query%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

8
client_login_add_modal.php
View File

@ -107,7 +107,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id']; $contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']); $contact_name = htmlentities($row['contact_name']);
@ -131,7 +131,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);
@ -155,7 +155,7 @@
<option value="">- Asset -</option> <option value="">- Asset -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id']; $asset_id = $row['asset_id'];
$asset_name = htmlentities($row['asset_name']); $asset_name = htmlentities($row['asset_name']);
@ -179,7 +179,7 @@
<option value="">- software -</option> <option value="">- software -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id']; $software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']); $software_name = htmlentities($row['software_name']);

8
client_login_edit_modal.php
View File

@ -115,7 +115,7 @@
<option value="">- Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id']; $contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']); $contact_name_select = htmlentities($row['contact_name']);
@ -136,7 +136,7 @@
<option value="0">- None -</option> <option value="0">- None -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id']; $vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']); $vendor_name_select = htmlentities($row['vendor_name']);
@ -158,7 +158,7 @@
<option value="0">- None -</option> <option value="0">- None -</option>
<?php <?php
$sql_assets = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); $sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = $row['asset_id']; $asset_id_select = $row['asset_id'];
$asset_name_select = htmlentities($row['asset_name']); $asset_name_select = htmlentities($row['asset_name']);
@ -180,7 +180,7 @@
<option value="0">- None -</option> <option value="0">- None -</option>
<?php <?php
$sql_software = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); $sql_software = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql_software)) { while ($row = mysqli_fetch_array($sql_software)) {
$software_id_select = $row['software_id']; $software_id_select = $row['software_id'];
$software_name_select = htmlentities($row['software_name']); $software_name_select = htmlentities($row['software_name']);

17
client_logins.php
View File

@ -3,20 +3,23 @@
<?php <?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ }else{
$sb = "login_name"; $sb = "login_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logins $sql = mysqli_query(
WHERE login_client_id = $client_id $mysqli,
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%') "SELECT SQL_CALC_FOUND_ROWS * FROM logins
ORDER BY $sb $o LIMIT $record_from, $record_to"); WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

39
client_logs.php
View File

@ -1,10 +1,9 @@
<?php require_once("inc_all_client.php"); ?> <?php
require_once("inc_all_client.php");
<?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "log_id"; $sb = "log_id";
} }
@ -15,16 +14,18 @@ if (!isset($_GET['o'])) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logs $sql = mysqli_query(
LEFT JOIN users ON log_user_id = user_id $mysqli,
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%') "SELECT SQL_CALC_FOUND_ROWS * FROM logs
AND log_client_id = $client_id LEFT JOIN users ON log_user_id = user_id
ORDER BY $sb $o LIMIT $record_from, $record_to" WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%')
AND log_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -37,7 +38,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Logs"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Logs">
@ -69,7 +70,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$log_id = $row['log_id']; $log_id = $row['log_id'];
$log_type = htmlentities($row['log_type']); $log_type = htmlentities($row['log_type']);
@ -84,13 +85,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$user_name = htmlentities($row['user_name']); $user_name = htmlentities($row['user_name']);
if (empty($user_name)) { if (empty($user_name)) {
$user_name_display = "-"; $user_name_display = "-";
}else{ } else {
$user_name_display = $user_name; $user_name_display = $user_name;
} }
$log_entity_id = $row['log_entity_id']; $log_entity_id = $row['log_entity_id'];
?> ?>
<tr> <tr>
<td><?php echo $log_created_at; ?></td> <td><?php echo $log_created_at; ?></td>
<td><?php echo $user_name_display; ?></td> <td><?php echo $user_name_display; ?></td>
@ -109,8 +110,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php include("pagination.php"); ?> <?php require_once("pagination.php"); ?>
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>

2
client_network_add_modal.php
View File

@ -71,7 +71,7 @@
<option value="">- Location -</option> <option value="">- Location -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id']; $location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);

27
client_networks.php
View File

@ -1,23 +1,22 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "network_name"; $sb = "network_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM networks $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM networks
LEFT JOIN locations ON location_id = network_location_id LEFT JOIN locations ON location_id = network_location_id
WHERE network_client_id = $client_id WHERE network_client_id = $client_id
AND (network_name LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%') AND (network_name LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -32,7 +31,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Networks"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Networks">
@ -66,7 +65,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id']; $network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']); $network_name = htmlentities($row['network_name']);
@ -88,14 +87,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);
if (empty($location_name)) { if (empty($location_name)) {
$location_name_display = "-"; $location_name_display = "-";
}else{ } else {
$location_name_display = $location_name; $location_name_display = $location_name;
} }
?> ?>
<tr> <tr>
<th> <th>
<i class="fa fa-fw fa-network-wired text-secondary"></i> <i class="fa fa-fw fa-network-wired text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal"><?php echo $network_name; ?></a></th> <a class="text-dark" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal"><?php echo $network_name; ?></a></th>
<td><?php echo $network_vlan_display; ?></td> <td><?php echo $network_vlan_display; ?></td>
<td><?php echo $network; ?></td> <td><?php echo $network; ?></td>
@ -121,7 +120,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php <?php
} }
?> ?>
</tbody> </tbody>
@ -140,7 +139,7 @@ include("client_network_add_modal.php");
<script> <script>
function populateNetworkEditModal(client_id, network_id) { function populateNetworkEditModal(client_id, network_id) {
// Send a GET request to post.php as post.php?network_get_json_details=true&client_id=NUM&network_id=NUM // Send a GET request to post.php as post.php?network_get_json_details=true&client_id=NUM&network_id=NUM
jQuery.get( jQuery.get(
"ajax.php", "ajax.php",

4
client_overview.php
View File

@ -15,7 +15,9 @@ $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id
// Expiring Items // Expiring Items
// Get Domains Expiring // Get Domains Expiring
$sql_domains_expiring = mysqli_query($mysqli, "SELECT * FROM domains $sql_domains_expiring = mysqli_query(
$mysqli,
"SELECT * FROM domains
WHERE domain_client_id = $client_id WHERE domain_client_id = $client_id
AND domain_expire != '0000-00-00' AND domain_expire != '0000-00-00'
AND domain_archived_at IS NULL AND domain_archived_at IS NULL

20
client_payments.php
View File

@ -3,8 +3,8 @@
<?php <?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "payment_date"; $sb = "payment_date";
} }
@ -15,16 +15,16 @@ if (!isset($_GET['o'])) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM payments $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM payments
LEFT JOIN invoices ON payment_invoice_id = invoice_id LEFT JOIN invoices ON payment_invoice_id = invoice_id
LEFT JOIN accounts ON payment_account_id = account_id LEFT JOIN accounts ON payment_account_id = account_id
WHERE invoice_client_id = $client_id WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%') AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -36,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Payments"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Payments">
@ -71,7 +71,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id']; $invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']); $invoice_prefix = htmlentities($row['invoice_prefix']);
@ -92,7 +92,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$payment_currency_code = htmlentities($row['payment_currency_code']); $payment_currency_code = htmlentities($row['payment_currency_code']);
$account_name = htmlentities($row['account_name']); $account_name = htmlentities($row['account_name']);
?> ?>
<tr> <tr>
<td><?php echo $payment_date; ?></td> <td><?php echo $payment_date; ?></td>
@ -106,9 +106,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tr> </tr>
<?php <?php
} }
?> ?>
</tbody> </tbody>

8
client_quotes.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "quote_number"; $sb = "quote_number";
} }
@ -15,15 +15,15 @@ if (!isset($_GET['o'])) {
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM quotes
LEFT JOIN categories ON category_id = quote_category_id LEFT JOIN categories ON category_id = quote_category_id
WHERE quote_client_id = $client_id WHERE quote_client_id = $client_id
AND (CONCAT(quote_prefix,quote_number) LIKE '%$q%' OR quote_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR quote_status LIKE '%$q%') AND (CONCAT(quote_prefix,quote_number) LIKE '%$q%' OR quote_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR quote_status LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

18
client_recurring_invoices.php
View File

@ -3,21 +3,21 @@
<?php <?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "recurring_id"; $sb = "recurring_id";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT * FROM recurring $sql = mysqli_query($mysqli, "SELECT * FROM recurring
LEFT JOIN categories ON recurring_category_id = category_id LEFT JOIN categories ON recurring_category_id = category_id
WHERE recurring_client_id = $client_id WHERE recurring_client_id = $client_id
AND (CONCAT(recurring_prefix,recurring_number) LIKE '%$q%' OR recurring_frequency LIKE '%$q%' OR recurring_scope LIKE '%$q%' OR category_name LIKE '%$q%') AND (CONCAT(recurring_prefix,recurring_number) LIKE '%$q%' OR recurring_frequency LIKE '%$q%' OR recurring_scope LIKE '%$q%' OR category_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -32,7 +32,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Recurring Invoices"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Recurring Invoices">
@ -68,7 +68,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$recurring_id = $row['recurring_id']; $recurring_id = $row['recurring_id'];
$recurring_prefix = htmlentities($row['recurring_prefix']); $recurring_prefix = htmlentities($row['recurring_prefix']);
@ -119,7 +119,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_recurring=<?php echo $recurring_id; ?>">Delete</a> <a class="dropdown-item text-danger" href="post.php?delete_recurring=<?php echo $recurring_id; ?>">Delete</a>
</div> </div>
</div> </div>
</td> </td>
</tr> </tr>

10
client_scheduled_tickets.php
View File

@ -3,23 +3,25 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "scheduled_ticket_subject"; $sb = "scheduled_ticket_subject";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// SQL // SQL
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM scheduled_tickets $sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM scheduled_tickets
LEFT JOIN clients on scheduled_ticket_client_id = client_id LEFT JOIN clients on scheduled_ticket_client_id = client_id
WHERE scheduled_ticket_client_id = $client_id WHERE scheduled_ticket_client_id = $client_id
AND scheduled_tickets.scheduled_ticket_subject LIKE '%$q%' AND scheduled_tickets.scheduled_ticket_subject LIKE '%$q%'
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

14
client_service_edit_modal.php
View File

@ -101,7 +101,7 @@
<select multiple class="form-control" id="contacts" name="contacts[]"> <select multiple class="form-control" id="contacts" name="contacts[]">
<?php <?php
// Get just the currently selected contact IDs // Get just the currently selected contact IDs
$selected_ids = array_column(mysqli_fetch_all($sql_contacts,MYSQLI_ASSOC), "contact_id"); $selected_ids = array_column(mysqli_fetch_all($sql_contacts, MYSQLI_ASSOC), "contact_id");
// Get all contacts // Get all contacts
// NOTE: These are called $sql_all and $row_all for a reason - anything overwriting $sql or $row will break the current while loop we are in from client_services.php // NOTE: These are called $sql_all and $row_all for a reason - anything overwriting $sql or $row will break the current while loop we are in from client_services.php
@ -126,7 +126,7 @@
<label for="vendors">Vendors</label> <label for="vendors">Vendors</label>
<select multiple class="form-control" id="vendors" name="vendors[]"> <select multiple class="form-control" id="vendors" name="vendors[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_vendors,MYSQLI_ASSOC), "vendor_id"); $selected_ids = array_column(mysqli_fetch_all($sql_vendors, MYSQLI_ASSOC), "vendor_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
@ -148,7 +148,7 @@
<label for="documents">Documents</label> <label for="documents">Documents</label>
<select multiple class="form-control" id="documents" name="documents[]"> <select multiple class="form-control" id="documents" name="documents[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_docs,MYSQLI_ASSOC), "document_id"); $selected_ids = array_column(mysqli_fetch_all($sql_docs, MYSQLI_ASSOC), "document_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
@ -181,7 +181,7 @@
<label for="assets">Assets</label> <label for="assets">Assets</label>
<select multiple class="form-control" id="assets" name="assets[]"> <select multiple class="form-control" id="assets" name="assets[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_assets,MYSQLI_ASSOC), "asset_id"); $selected_ids = array_column(mysqli_fetch_all($sql_assets, MYSQLI_ASSOC), "asset_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
@ -205,7 +205,7 @@
<label for="logins">Logins</label> <label for="logins">Logins</label>
<select multiple class="form-control" id="logins" name="logins[]"> <select multiple class="form-control" id="logins" name="logins[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_logins,MYSQLI_ASSOC), "login_id"); $selected_ids = array_column(mysqli_fetch_all($sql_logins, MYSQLI_ASSOC), "login_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
@ -234,7 +234,7 @@
<label for="domains">Domains</label> <label for="domains">Domains</label>
<select multiple class="form-control" id="domains" name="domains[]"> <select multiple class="form-control" id="domains" name="domains[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_domains,MYSQLI_ASSOC), "domain_id"); $selected_ids = array_column(mysqli_fetch_all($sql_domains, MYSQLI_ASSOC), "domain_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
@ -258,7 +258,7 @@
<label for="certificates">Certificates</label> <label for="certificates">Certificates</label>
<select multiple class="form-control" id="certificates" name="certificates[]"> <select multiple class="form-control" id="certificates" name="certificates[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_certificates,MYSQLI_ASSOC), "certificate_id"); $selected_ids = array_column(mysqli_fetch_all($sql_certificates, MYSQLI_ASSOC), "certificate_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id'"); $sql_all = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {

80
client_services.php
View File

@ -12,13 +12,15 @@ if (!empty($_GET['sb'])) {
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// Overview SQL query // Overview SQL query
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM services $sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM services
WHERE service_client_id = '$client_id' WHERE service_client_id = '$client_id'
AND (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%') AND (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
@ -108,36 +110,37 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php <?php
// Associated Assets (and their logins/networks/locations) // Associated Assets (and their logins/networks/locations)
$sql_assets = mysqli_query($mysqli, "SELECT * FROM service_assets $sql_assets = mysqli_query(
LEFT JOIN assets $mysqli,
ON service_assets.asset_id = assets.asset_id "SELECT * FROM service_assets
LEFT JOIN logins LEFT JOIN assets ON service_assets.asset_id = assets.asset_id
ON service_assets.asset_id = logins.login_asset_id LEFT JOIN logins ON service_assets.asset_id = logins.login_asset_id
LEFT JOIN networks LEFT JOIN networks ON assets.asset_network_id = networks.network_id
ON assets.asset_network_id = networks.network_id LEFT JOIN locations ON assets.asset_location_id = locations.location_id
LEFT JOIN locations WHERE service_id = '$service_id'"
ON assets.asset_location_id = locations.location_id
WHERE service_id = '$service_id'"
); );
// Associated logins // Associated logins
$sql_logins = mysqli_query($mysqli, "SELECT * FROM service_logins $sql_logins = mysqli_query(
LEFT JOIN logins $mysqli,
ON service_logins.login_id = logins.login_id "SELECT * FROM service_logins
WHERE service_id = '$service_id'" LEFT JOIN logins ON service_logins.login_id = logins.login_id
WHERE service_id = '$service_id'"
); );
// Associated Domains // Associated Domains
$sql_domains = mysqli_query($mysqli, "SELECT * FROM service_domains $sql_domains = mysqli_query(
LEFT JOIN domains $mysqli,
ON service_domains.domain_id = domains.domain_id "SELECT * FROM service_domains
WHERE service_id = '$service_id'" LEFT JOIN domains ON service_domains.domain_id = domains.domain_id
WHERE service_id = '$service_id'"
); );
// Associated Certificates // Associated Certificates
$sql_certificates = mysqli_query($mysqli, "SELECT * FROM service_certificates $sql_certificates = mysqli_query(
LEFT JOIN certificates $mysqli,
ON service_certificates.certificate_id = certificates.certificate_id "SELECT * FROM service_certificates
WHERE service_id = '$service_id'" LEFT JOIN certificates ON service_certificates.certificate_id = certificates.certificate_id
WHERE service_id = '$service_id'"
); );
// Associated URLs ---- REMOVED for now // Associated URLs ---- REMOVED for now
@ -145,24 +148,27 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
//WHERE service_id = '$service_id'"); //WHERE service_id = '$service_id'");
// Associated Vendors // Associated Vendors
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM service_vendors $sql_vendors = mysqli_query(
LEFT JOIN vendors $mysqli,
ON service_vendors.vendor_id = vendors.vendor_id "SELECT * FROM service_vendors
WHERE service_id = '$service_id'" LEFT JOIN vendors ON service_vendors.vendor_id = vendors.vendor_id
WHERE service_id = '$service_id'"
); );
// Associated Contacts // Associated Contacts
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM service_contacts $sql_contacts = mysqli_query(
LEFT JOIN contacts $mysqli,
ON service_contacts.contact_id = contacts.contact_id "SELECT * FROM service_contacts
WHERE service_id = '$service_id'" LEFT JOIN contacts ON service_contacts.contact_id = contacts.contact_id
WHERE service_id = '$service_id'"
); );
// Associated Documents // Associated Documents
$sql_docs = mysqli_query($mysqli, "SELECT * FROM service_documents $sql_docs = mysqli_query(
LEFT JOIN documents $mysqli,
ON service_documents.document_id = documents.document_id "SELECT * FROM service_documents
WHERE service_id = '$service_id'" LEFT JOIN documents ON service_documents.document_id = documents.document_id
WHERE service_id = '$service_id'"
); );
require("client_service_edit_modal.php"); require("client_service_edit_modal.php");

217
client_shared_items.php
View File

@ -1,131 +1,132 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q'])); $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers //Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q); $phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $q; $phone_query = $q;
} }
}else{ } else {
$q = ""; $q = "";
$phone_query = ""; $phone_query = "";
} }
// Sort // Sort
$sb = "item_created_at"; $sb = "item_created_at";
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM shared_items $sql = mysqli_query(
WHERE item_client_id = $client_id $mysqli,
AND item_active = '1' "SELECT SQL_CALC_FOUND_ROWS * FROM shared_items
AND item_views != item_view_limit WHERE item_client_id = $client_id
AND item_expire_at > NOW() AND item_active = '1'
AND (item_note LIKE '%$q%') ORDER BY $sb $o LIMIT $record_from, $record_to"); AND item_views != item_view_limit
AND item_expire_at > NOW()
AND (item_note LIKE '%$q%') ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-3"> <div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-share"></i> Shared Items (Links)</h3> <h3 class="card-title"><i class="fa fa-fw fa-share"></i> Shared Items (Links)</h3>
</div> </div>
<div class="card-body"> <div class="card-body">
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Shared Items"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Shared Items">
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button> <button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div> </div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>Item Name</th>
<th>Item Type</th>
<th>Share Note</th>
<th>Views</th>
<th>Expires</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$item_id = $row['item_id'];
$item_active = htmlentities($row['item_active']);
$item_key = htmlentities($row['item_key']);
$item_type = htmlentities($row['item_type']);
$item_related_id = $row['item_related_id'];
$item_note = htmlentities($row['item_note']);
$item_views = htmlentities($row['item_views']);
$item_view_limit = htmlentities($row['item_view_limit']);
$item_created_at = $row['item_created_at'];
$item_expire_at = $row['item_expire_at'];
if ($item_type == 'Login') {
$share_item_sql = mysqli_query($mysqli, "SELECT login_name FROM logins WHERE login_id = '$item_related_id' AND login_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['login_name']);
}
elseif ($item_type == 'Document') {
$share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_related_id' AND document_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['document_name']);
}
elseif ($item_type == 'File') {
$share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['file_name']);
}
?>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo $item_type ?></td>
<td><?php echo $item_note ?></td>
<td><?php echo "$item_views / $item_view_limit" ?></td>
<td><?php echo $item_expire_at ?></td>
<td>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger" href="post.php?deactivate_shared_item=<?php echo $item_id; ?>">Deactivate</a>
</div> </div>
</div> </div>
<?php } ?>
</td>
</tr>
<?php </div>
} </form>
?> <hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>Item Name</th>
<th>Item Type</th>
<th>Share Note</th>
<th>Views</th>
<th>Expires</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
</tbody> while ($row = mysqli_fetch_array($sql)) {
</table> $item_id = $row['item_id'];
</div> $item_active = htmlentities($row['item_active']);
<?php include("pagination.php"); ?> $item_key = htmlentities($row['item_key']);
$item_type = htmlentities($row['item_type']);
$item_related_id = $row['item_related_id'];
$item_note = htmlentities($row['item_note']);
$item_views = htmlentities($row['item_views']);
$item_view_limit = htmlentities($row['item_view_limit']);
$item_created_at = $row['item_created_at'];
$item_expire_at = $row['item_expire_at'];
if ($item_type == 'Login') {
$share_item_sql = mysqli_query($mysqli, "SELECT login_name FROM logins WHERE login_id = '$item_related_id' AND login_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['login_name']);
} elseif ($item_type == 'Document') {
$share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_related_id' AND document_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['document_name']);
} elseif ($item_type == 'File') {
$share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['file_name']);
}
?>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo $item_type ?></td>
<td><?php echo $item_note ?></td>
<td><?php echo "$item_views / $item_view_limit" ?></td>
<td><?php echo $item_expire_at ?></td>
<td>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger" href="post.php?deactivate_shared_item=<?php echo $item_id; ?>">Deactivate</a>
</div>
</div>
<?php } ?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div> </div>
</div> </div>
<?php include("footer.php"); ?> <?php
require_once("footer.php");

354
client_software.php
View File

@ -1,200 +1,198 @@
<?php require_once("inc_all_client.php"); ?> <?php
require_once("inc_all_client.php");
<?php
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "software_name"; $sb = "software_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM software $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM software
LEFT JOIN logins ON login_software_id = software_id LEFT JOIN logins ON login_software_id = software_id
WHERE software_client_id = $client_id WHERE software_client_id = $client_id
AND software_template = 0 AND software_template = 0
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%') AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-cube"></i> Licenses</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-cube"></i> Licenses</h3>
<div class="card-tools"> <div class="card-tools">
<div class="btn-group"> <div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addSoftwareModal"> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addSoftwareModal">
<i class="fas fa-fw fa-plus"></i> New License <i class="fas fa-fw fa-plus"></i> New License
</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addSoftwareFromTemplateModal">From Template</a>
</div>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_software_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_name&o=<?php echo $disp; ?>">Software</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_license_type&o=<?php echo $disp; ?>">License Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_seats&o=<?php echo $disp; ?>">Seats</a></th>
<th></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
$software_type = htmlentities($row['software_type']);
$software_license_type = htmlentities($row['software_license_type']);
$software_key = htmlentities($row['software_key']);
$software_seats = htmlentities($row['software_seats']);
$software_purchase = $row['software_purchase'];
$software_expire = $row['software_expire'];
$software_notes = htmlentities($row['software_notes']);
// Get Login
$login_id = $row['login_id'];
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$seat_count = 0;
// Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli,"SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array();
while ($row = mysqli_fetch_array($asset_licenses_sql)) {
$asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',',$asset_licenses_array);
// Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli,"SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
$contact_licenses_array = array();
while ($row = mysqli_fetch_array($contact_licenses_sql)) {
$contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',',$contact_licenses_array);
?>
<tr>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>"><?php echo "$software_name<br><span class='text-secondary'>$software_version</span>"; ?></a></td>
<td><?php echo $software_type; ?></td>
<td><?php echo $software_license_type; ?></td>
<td><?php echo "$seat_count / $software_seats"; ?></td>
<td>
<?php
if ($login_id > 0) {
?>
<button type="button" class="btn btn-dark btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> <?php echo $software_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button> </button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">Edit</a> <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addSoftwareFromTemplateModal">From Template</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_software=<?php echo $software_id; ?>">Archive and<br><small>Remove Licenses</small></a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_software=<?php echo $software_id; ?>">Delete and<br><small>Remove Licenses</small></a>
<?php } ?>
</div> </div>
</div> </div>
</td> </div>
</tr> </div>
<div class="card-body">
<?php <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
include("client_software_edit_modal.php"); <div class="row">
}
<div class="col-md-4">
?> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
</tbody> <div class="input-group-append">
</table> <button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_software_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_name&o=<?php echo $disp; ?>">Software</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_license_type&o=<?php echo $disp; ?>">License Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_seats&o=<?php echo $disp; ?>">Seats</a></th>
<th></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
$software_type = htmlentities($row['software_type']);
$software_license_type = htmlentities($row['software_license_type']);
$software_key = htmlentities($row['software_key']);
$software_seats = htmlentities($row['software_seats']);
$software_purchase = $row['software_purchase'];
$software_expire = $row['software_expire'];
$software_notes = htmlentities($row['software_notes']);
// Get Login
$login_id = $row['login_id'];
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$seat_count = 0;
// Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array();
while ($row = mysqli_fetch_array($asset_licenses_sql)) {
$asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',', $asset_licenses_array);
// Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
$contact_licenses_array = array();
while ($row = mysqli_fetch_array($contact_licenses_sql)) {
$contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',', $contact_licenses_array);
?>
<tr>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>"><?php echo "$software_name<br><span class='text-secondary'>$software_version</span>"; ?></a></td>
<td><?php echo $software_type; ?></td>
<td><?php echo $software_license_type; ?></td>
<td><?php echo "$seat_count / $software_seats"; ?></td>
<td>
<?php
if ($login_id > 0) { ?>
<button type="button" class="btn btn-dark btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> <?php echo $software_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_software=<?php echo $software_id; ?>">Archive and<br><small>Remove Licenses</small></a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_software=<?php echo $software_id; ?>">Delete and<br><small>Remove Licenses</small></a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
require("client_software_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div> </div>
<?php include("client_software_add_modal.php"); ?> <?php
<?php include("client_software_add_from_template_modal.php"); ?> require_once("client_software_add_modal.php");
require_once("client_software_add_from_template_modal.php");
<?php include("footer.php"); ?> require_once("footer.php");

2
client_software_add_from_template_modal.php
View File

@ -20,7 +20,7 @@
<select class="form-control" name="software_template_id" required> <select class="form-control" name="software_template_id" required>
<option value="">- Select Template -</option> <option value="">- Select Template -</option>
<?php <?php
$sql_software_templates = mysqli_query($mysqli,"SELECT * FROM software WHERE software_template = 1 AND company_id = $session_company_id AND software_archived_at IS NULL ORDER BY software_name ASC"); $sql_software_templates = mysqli_query($mysqli, "SELECT * FROM software WHERE software_template = 1 AND company_id = $session_company_id AND software_archived_at IS NULL ORDER BY software_name ASC");
while($row = mysqli_fetch_array($sql_software_templates)){ while($row = mysqli_fetch_array($sql_software_templates)){
$software_template_id = $row['software_id']; $software_template_id = $row['software_id'];
$software_template_name = htmlentities($row['software_name']); $software_template_name = htmlentities($row['software_name']);

4
client_software_add_modal.php
View File

@ -136,7 +136,7 @@
<ul class="list-group"> <ul class="list-group">
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id']; $asset_id = $row['asset_id'];
@ -167,7 +167,7 @@
<ul class="list-group"> <ul class="list-group">
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id']; $contact_id = $row['contact_id'];

8
client_software_edit_modal.php
View File

@ -136,7 +136,7 @@
<ul class="list-group"> <ul class="list-group">
<?php <?php
$sql_assets_select = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC"); $sql_assets_select = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets_select)) { while ($row = mysqli_fetch_array($sql_assets_select)) {
$asset_id_select = $row['asset_id']; $asset_id_select = $row['asset_id'];
@ -147,7 +147,7 @@
?> ?>
<li class="list-group-item"> <li class="list-group-item">
<div class="form-check"> <div class="form-check">
<input type="checkbox" class="form-check-input" name="assets[]" value="<?php echo $asset_id_select; ?>" <?php if (in_array($asset_id_select,$asset_licenses_array)) { echo "checked"; } ?>> <input type="checkbox" class="form-check-input" name="assets[]" value="<?php echo $asset_id_select; ?>" <?php if (in_array($asset_id_select, $asset_licenses_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo "$asset_name_select - $contact_name_select"; ?></label> <label class="form-check-label ml-2"><?php echo "$asset_name_select - $contact_name_select"; ?></label>
</div> </div>
</li> </li>
@ -167,7 +167,7 @@
<ul class="list-group"> <ul class="list-group">
<?php <?php
$sql_contacts_select = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts_select = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts_select)) { while ($row = mysqli_fetch_array($sql_contacts_select)) {
$contact_id_select = $row['contact_id']; $contact_id_select = $row['contact_id'];
@ -177,7 +177,7 @@
?> ?>
<li class="list-group-item"> <li class="list-group-item">
<div class="form-check"> <div class="form-check">
<input type="checkbox" class="form-check-input" name="contacts[]" value="<?php echo $contact_id_select; ?>" <?php if (in_array("$contact_id_select",$contact_licenses_array)) { echo "checked"; } ?>> <input type="checkbox" class="form-check-input" name="contacts[]" value="<?php echo $contact_id_select; ?>" <?php if (in_array("$contact_id_select", $contact_licenses_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo "$contact_name_select - $contact_email_select"; ?></label> <label class="form-check-label ml-2"><?php echo "$contact_name_select - $contact_email_select"; ?></label>
</div> </div>
</li> </li>

37
client_software_templates.php
View File

@ -1,23 +1,22 @@
<?php require_once("inc_all_client.php"); ?> <?php
require_once("inc_all_client.php");
<?php
if(!empty($_GET['sb'])){ if(!empty($_GET['sb'])){
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "software_name"; $sb = "software_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM software $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM software
LEFT JOIN logins ON login_software_id = software_id LEFT JOIN logins ON login_software_id = software_id
WHERE software_template = 1 WHERE software_template = 1
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%') AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -36,7 +35,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off"> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row"> <div class="row">
<div class="col-md-4"> <div class="col-md-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if(isset($q)){ echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses"> <input type="search" class="form-control" name="q" value="<?php if(isset($q)){ echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
@ -65,8 +64,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead> </thead>
<tbody> <tbody>
<?php <?php
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$software_id = $row['software_id']; $software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']); $software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']); $software_version = htmlentities($row['software_version']);
@ -96,24 +95,24 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<a class="dropdown-item text-danger" href="post.php?delete_software=<?php echo $software_id; ?>">Delete</a> <a class="dropdown-item text-danger" href="post.php?delete_software=<?php echo $software_id; ?>">Delete</a>
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
</td> </td>
</tr> </tr>
<?php <?php
include("client_software_template_edit_modal.php"); require("client_software_template_edit_modal.php");
} }
?> ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<?php include("pagination.php"); ?> <?php require_once("pagination.php"); ?>
</div> </div>
</div> </div>
<?php include("client_software_template_add_modal.php"); ?> <?php
require_once("client_software_template_add_modal.php");
<?php include("footer.php"); ?> require_once("footer.php");

360
client_tickets.php
View File

@ -1,203 +1,203 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "ticket_number"; $sb = "ticket_number";
} }
// Reverse default sort // Reverse default sort
if (!isset($_GET['o'])) { if (!isset($_GET['o'])) {
$o = "DESC"; $o = "DESC";
$disp = "ASC"; $disp = "ASC";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM tickets $sql = mysqli_query(
LEFT JOIN contacts ON ticket_contact_id = contact_id $mysqli,
LEFT JOIN users ON ticket_assigned_to = user_id "SELECT SQL_CALC_FOUND_ROWS * FROM tickets
LEFT JOIN assets ON ticket_asset_id = asset_id LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN locations ON ticket_location_id = location_id LEFT JOIN users ON ticket_assigned_to = user_id
WHERE ticket_client_id = $client_id LEFT JOIN assets ON ticket_asset_id = asset_id
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%') LEFT JOIN locations ON ticket_location_id = location_id
ORDER BY $sb $o LIMIT $record_from, $record_to"); WHERE ticket_client_id = $client_id
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button> <button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_scheduled_tickets.php?client_id=<?php echo $client_id; ?>">Scheduled Tickets</a>
</div>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal"><i class="fas fa-fw fa-plus"></i> New Ticket</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addScheduledTicketModal">Scheduled</a> <a class="dropdown-item text-dark" href="client_scheduled_tickets.php?client_id=<?php echo $client_id; ?>">Scheduled Tickets</a>
</div> </div>
</div> <div class="card-tools">
</div> <div class="btn-group">
</div> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal"><i class="fas fa-fw fa-plus"></i> New Ticket</button>
<div class="card-body"> <button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<form autocomplete="off"> <div class="dropdown-menu">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addScheduledTicketModal">Scheduled</a>
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Tickets">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_tickets_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_subject&o=<?php echo $disp; ?>">Subject</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Contact</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_priority&o=<?php echo $disp; ?>">Priority</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_status&o=<?php echo $disp; ?>">Status</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=user_name&o=<?php echo $disp; ?>">Assigned</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_updated_at&o=<?php echo $disp; ?>">Last Response</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_created_at&o=<?php echo $disp; ?>">Created</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$ticket_id = $row['ticket_id'];
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
}
else{
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
}
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
}elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
}else{
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
if ($ticket_priority == "High") {
$ticket_priority_display = "<span class='p-2 badge badge-danger'>$ticket_priority</span>";
}elseif ($ticket_priority == "Medium") {
$ticket_priority_display = "<span class='p-2 badge badge-warning'>$ticket_priority</span>";
}elseif ($ticket_priority == "Low") {
$ticket_priority_display = "<span class='p-2 badge badge-info'>$ticket_priority</span>";
}else{
$ticket_priority_display = "-";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";
}
else{
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
}
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_display = "-";
}else{
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
$contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
<td><?php echo $ticket_updated_at_display; ?></td>
<td><?php echo $ticket_created_at; ?></td>
<td>
<?php if ($ticket_status !== "Closed") { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketModal<?php echo $ticket_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">Delete</a>
<?php } ?>
</div>
</div> </div>
<?php } ?> </div>
</td> </div>
</tr> </div>
<div class="card-body">
<?php <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
include("ticket_edit_modal.php"); <div class="row">
}
<div class="col-md-4">
?> <div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Tickets">
</tbody> <div class="input-group-append">
</table> <button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_tickets_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_subject&o=<?php echo $disp; ?>">Subject</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Contact</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_priority&o=<?php echo $disp; ?>">Priority</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_status&o=<?php echo $disp; ?>">Status</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=user_name&o=<?php echo $disp; ?>">Assigned</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_updated_at&o=<?php echo $disp; ?>">Last Response</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_created_at&o=<?php echo $disp; ?>">Created</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$ticket_id = $row['ticket_id'];
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
}
else{
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
}
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
} elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
} else{
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
if ($ticket_priority == "High") {
$ticket_priority_display = "<span class='p-2 badge badge-danger'>$ticket_priority</span>";
} elseif ($ticket_priority == "Medium") {
$ticket_priority_display = "<span class='p-2 badge badge-warning'>$ticket_priority</span>";
} elseif ($ticket_priority == "Low") {
$ticket_priority_display = "<span class='p-2 badge badge-info'>$ticket_priority</span>";
} else{
$ticket_priority_display = "-";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";
}
else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
}
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_display = "-";
} else {
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
$contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
<td><?php echo $ticket_updated_at_display; ?></td>
<td><?php echo $ticket_created_at; ?></td>
<td>
<?php if ($ticket_status !== "Closed") { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketModal<?php echo $ticket_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
<?php } ?>
</td>
</tr>
<?php
require("ticket_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div> </div>
<?php <?php
include("ticket_add_modal.php"); require_once("ticket_add_modal.php");
include("scheduled_ticket_add_modal.php"); require_once("scheduled_ticket_add_modal.php");
?> require_once("footer.php");
<?php include("footer.php"); ?>

12
client_trips.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "trip_date"; $sb = "trip_date";
} }
@ -16,17 +16,17 @@ if (!isset($_GET['o'])) {
//Date From and Date To Filter //Date From and Date To Filter
if (isset($_GET['dtf'])) { if (isset($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} else { } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM trips
LEFT JOIN users ON trip_user_id = user_id LEFT JOIN users ON trip_user_id = user_id
WHERE (trip_purpose LIKE '%$q%' OR trip_source LIKE '%$q%' OR trip_destination LIKE '%$q%' OR user_name LIKE '%$q%') WHERE (trip_purpose LIKE '%$q%' OR trip_source LIKE '%$q%' OR trip_destination LIKE '%$q%' OR user_name LIKE '%$q%')
AND DATE(trip_date) BETWEEN '$dtf' AND '$dtt' AND DATE(trip_date) BETWEEN '$dtf' AND '$dtt'
@ -34,7 +34,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips
AND trip_client_id = $client_id AND trip_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

312
client_vendor_templates.php
View File

@ -1,180 +1,170 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q'])); $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers //Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q); $phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $q; $phone_query = $q;
} }
}else{ } else {
$q = ""; $q = "";
$phone_query = ""; $phone_query = "";
} }
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "vendor_name"; $sb = "vendor_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors $sql = mysqli_query(
WHERE vendor_template = 1 $mysqli,
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to"); "SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"> <h3 class="card-title mt-2">
<i class="fa fa-fw fa-building"></i> Vendor Templates <i class="fa fa-fw fa-building"></i> Vendor Templates
</h3> </h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button> <button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_vendors.php?client_id=<?php echo $client_id; ?>">Vendors</a> <a class="dropdown-item text-dark" href="client_vendors.php?client_id=<?php echo $client_id; ?>">Vendors</a>
</div> </div>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addVendorTemplateModal"> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addVendorTemplateModal">
<i class="fas fa-fw fa-plus"></i> New Template <i class="fas fa-fw fa-plus"></i> New Template
</button> </button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Vendors Templates">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div> </div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_name&o=<?php echo $disp; ?>">Vendor</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_description&o=<?php echo $disp; ?>">Description</a></th>
<th>Contact</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
$vendor_description = htmlentities($row['vendor_description']);
if (empty($vendor_description)) {
$vendor_description_display = "-";
}else{
$vendor_description_display = $vendor_description;
}
$vendor_account_number = htmlentities($row['vendor_account_number']);
$vendor_contact_name = htmlentities($row['vendor_contact_name']);
if (empty($vendor_contact_name)) {
$vendor_contact_name_display = "-";
}else{
$vendor_contact_name_display = $vendor_contact_name;
}
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = htmlentities($row['vendor_extension']);
$vendor_email = htmlentities($row['vendor_email']);
$vendor_website = htmlentities($row['vendor_website']);
$vendor_hours = htmlentities($row['vendor_hours']);
$vendor_sla = htmlentities($row['vendor_sla']);
$vendor_code = htmlentities($row['vendor_code']);
$vendor_notes = htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?>
<tr>
<th>
<i class="fa fa-fw fa-building text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></a>
<?php
if (!empty($vendor_account_number)) {
?>
<br>
<small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php
}
?>
</th>
<td><?php echo $vendor_description_display; ?></td>
<td>
<?php
if (!empty($vendor_contact_name)) {
?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br>
<?php
}else{
echo $vendor_contact_name_display;
}
?>
<?php
if (!empty($vendor_phone)) {
?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br>
<?php
}
?>
<?php
if (!empty($vendor_email)) {
?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
include("vendor_template_edit_modal.php");
}
?>
</tbody>
</table>
</div> </div>
<?php include("pagination.php"); ?> <div class="card-body">
</div> <form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Vendors Templates">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_name&o=<?php echo $disp; ?>">Vendor</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_description&o=<?php echo $disp; ?>">Description</a></th>
<th>Contact</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
$vendor_description = htmlentities($row['vendor_description']);
if (empty($vendor_description)) {
$vendor_description_display = "-";
} else {
$vendor_description_display = $vendor_description;
}
$vendor_account_number = htmlentities($row['vendor_account_number']);
$vendor_contact_name = htmlentities($row['vendor_contact_name']);
if (empty($vendor_contact_name)) {
$vendor_contact_name_display = "-";
} else {
$vendor_contact_name_display = $vendor_contact_name;
}
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = htmlentities($row['vendor_extension']);
$vendor_email = htmlentities($row['vendor_email']);
$vendor_website = htmlentities($row['vendor_website']);
$vendor_hours = htmlentities($row['vendor_hours']);
$vendor_sla = htmlentities($row['vendor_sla']);
$vendor_code = htmlentities($row['vendor_code']);
$vendor_notes = htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?>
<tr>
<th>
<i class="fa fa-fw fa-building text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></a>
<?php
if (!empty($vendor_account_number)) { ?>
<br>
<small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php } ?>
</th>
<td><?php echo $vendor_description_display; ?></td>
<td>
<?php
if (!empty($vendor_contact_name)) { ?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br>
<?php } else {
echo $vendor_contact_name_display;
}
if (!empty($vendor_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br>
<?php }
if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br>
<?php } ?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
require("vendor_template_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div> </div>
<?php include("vendor_template_add_modal.php"); ?> <?php
require_once("vendor_template_add_modal.php");
<?php include("footer.php"); ?> require_once("footer.php");

12
client_vendors.php
View File

@ -3,9 +3,9 @@
require_once("inc_all_client.php"); require_once("inc_all_client.php");
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q'])); $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers //Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q); $phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $q; $phone_query = $q;
} }
@ -15,20 +15,20 @@ if (isset($_GET['q'])) {
} }
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "vendor_name"; $sb = "vendor_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_client_id = $client_id WHERE vendor_client_id = $client_id
AND vendor_template = 0 AND vendor_template = 0
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to"); AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

46
clients.php
View File

@ -15,9 +15,9 @@ if (isset($_GET['p'])) {
//Custom Query Filter //Custom Query Filter
if (isset($_GET['query'])) { if (isset($_GET['query'])) {
$query = strip_tags(mysqli_real_escape_string($mysqli,$_GET['query'])); $query = strip_tags(mysqli_real_escape_string($mysqli, $_GET['query']));
//Phone Numbers //Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$query); $phone_query = preg_replace("/[^0-9]/", '', $query);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $query; $phone_query = $query;
} }
@ -28,7 +28,7 @@ if (isset($_GET['query'])) {
//Column Filter //Column Filter
if (!empty($_GET['sortby'])) { if (!empty($_GET['sortby'])) {
$sortby = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sortby'])); $sortby = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sortby']));
} else { } else {
$sortby = "client_accessed_at"; $sortby = "client_accessed_at";
} }
@ -55,41 +55,41 @@ if (empty($_GET['canned_date'])) {
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['date_from'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['date_from'])) {
$date_from = strip_tags(mysqli_real_escape_string($mysqli,$_GET['date_from'])); $date_from = strip_tags(mysqli_real_escape_string($mysqli, $_GET['date_from']));
$date_to = strip_tags(mysqli_real_escape_string($mysqli,$_GET['date_to'])); $date_to = strip_tags(mysqli_real_escape_string($mysqli, $_GET['date_to']));
} elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$date_from = date('Y-m-d'); $date_from = date('Y-m-d');
$date_to = date('Y-m-d'); $date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$date_from = date('Y-m-d',strtotime("yesterday")); $date_from = date('Y-m-d', strtotime("yesterday"));
$date_to = date('Y-m-d',strtotime("yesterday")); $date_to = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$date_from = date('Y-m-d',strtotime("monday this week")); $date_from = date('Y-m-d', strtotime("monday this week"));
$date_to = date('Y-m-d'); $date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$date_from = date('Y-m-d',strtotime("monday last week")); $date_from = date('Y-m-d', strtotime("monday last week"));
$date_to = date('Y-m-d',strtotime("sunday last week")); $date_to = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$date_from = date('Y-m-01'); $date_from = date('Y-m-01');
$date_to = date('Y-m-d'); $date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$date_from = date('Y-m-d',strtotime("first day of last month")); $date_from = date('Y-m-d', strtotime("first day of last month"));
$date_to = date('Y-m-d',strtotime("last day of last month")); $date_to = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$date_from = date('Y-01-01'); $date_from = date('Y-01-01');
$date_to = date('Y-m-d'); $date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$date_from = date('Y-m-d',strtotime("first day of january last year")); $date_from = date('Y-m-d', strtotime("first day of january last year"));
$date_to = date('Y-m-d',strtotime("last day of december last year")); $date_to = date('Y-m-d', strtotime("last day of december last year"));
} else { } else {
$date_from = "0000-00-00"; $date_from = "0000-00-00";
$date_to = "9999-00-00"; $date_to = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sortby = http_build_query(array_merge($_GET,array('sortby' => $sortby, 'order' => $order))); $url_query_strings_sortby = http_build_query(array_merge($_GET, array('sortby' => $sortby, 'order' => $order)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM clients
LEFT JOIN contacts ON clients.primary_contact = contacts.contact_id AND contact_archived_at IS NULL LEFT JOIN contacts ON clients.primary_contact = contacts.contact_id AND contact_archived_at IS NULL
LEFT JOIN locations ON clients.primary_location = locations.location_id AND location_archived_at IS NULL LEFT JOIN locations ON clients.primary_location = locations.location_id AND location_archived_at IS NULL
WHERE (client_name LIKE '%$query%' OR client_type LIKE '%$query%' OR client_referral LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_name LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' WHERE (client_name LIKE '%$query%' OR client_type LIKE '%$query%' OR client_referral LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_name LIKE '%$query%' OR contact_phone LIKE '%$phone_query%'
@ -100,7 +100,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients
ORDER BY $sortby $order LIMIT $record_from, $record_to ORDER BY $sortby $order LIMIT $record_from, $record_to
"); ");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -202,7 +202,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_net_terms = htmlentities($row['client_net_terms']); $client_net_terms = htmlentities($row['client_net_terms']);
$client_referral = htmlentities($row['client_referral']); $client_referral = htmlentities($row['client_referral']);
$client_notes = htmlentities($row['client_notes']); $client_notes = htmlentities($row['client_notes']);
$client_created_at = date('Y-m-d',strtotime($row['client_created_at'])); $client_created_at = date('Y-m-d', strtotime($row['client_created_at']));
$client_updated_at = $row['client_updated_at']; $client_updated_at = $row['client_updated_at'];
$client_archive_at = $row['client_archived_at']; $client_archive_at = $row['client_archived_at'];
@ -210,7 +210,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_tag_name_display_array = array(); $client_tag_name_display_array = array();
$client_tag_id_array = array(); $client_tag_id_array = array();
$sql_client_tags = mysqli_query($mysqli,"SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id"); $sql_client_tags = mysqli_query($mysqli, "SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
while ($row = mysqli_fetch_array($sql_client_tags)) { while ($row = mysqli_fetch_array($sql_client_tags)) {
$client_tag_id = $row['tag_id']; $client_tag_id = $row['tag_id'];
@ -231,12 +231,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_tags_display = implode('', $client_tag_name_display_array); $client_tags_display = implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice //Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' "); $sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' ");
$row = mysqli_fetch_array($sql_invoice_amounts); $row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = $row['invoice_amounts']; $invoice_amounts = $row['invoice_amounts'];
$sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id"); $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$row = mysqli_fetch_array($sql_amount_paid); $row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = $row['amount_paid']; $amount_paid = $row['amount_paid'];
@ -250,13 +250,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
} }
//Get Monthly Recurring Total //Get Monthly Recurring Total
$sql_recurring_monthly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id"); $sql_recurring_monthly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_monthly_total); $row = mysqli_fetch_array($sql_recurring_monthly_total);
$recurring_monthly_total = $row['recurring_monthly_total']; $recurring_monthly_total = $row['recurring_monthly_total'];
//Get Yearly Recurring Total //Get Yearly Recurring Total
$sql_recurring_yearly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id"); $sql_recurring_yearly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_yearly_total); $row = mysqli_fetch_array($sql_recurring_yearly_total);
$recurring_yearly_total = $row['recurring_yearly_total'] / 12; $recurring_yearly_total = $row['recurring_yearly_total'] / 12;

8
companies.php
View File

@ -2,20 +2,20 @@
require_once("inc_all_settings.php"); require_once("inc_all_settings.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "company_name"; $sb = "company_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM companies, settings $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM companies, settings
WHERE companies.company_id = settings.company_id WHERE companies.company_id = settings.company_id
AND (company_name LIKE '%$q%') AND (company_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

245
cron.php
View File

@ -3,7 +3,7 @@
require_once("config.php"); require_once("config.php");
require_once("functions.php"); require_once("functions.php");
$sql_companies = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id"); $sql_companies = mysqli_query($mysqli, "SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id");
while($row = mysqli_fetch_array($sql_companies)){ while($row = mysqli_fetch_array($sql_companies)){
$company_id = $row['company_id']; $company_id = $row['company_id'];
@ -50,7 +50,7 @@ while($row = mysqli_fetch_array($sql_companies)){
if ($config_enable_cron == 1) { if ($config_enable_cron == 1) {
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Started', log_description = 'Cron started for $company_name', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Started', log_description = 'Cron started for $company_name', company_id = $company_id");
// REFRESH DOMAIN WHOIS DATA (1 a day) // REFRESH DOMAIN WHOIS DATA (1 a day)
@ -70,7 +70,7 @@ while($row = mysqli_fetch_array($sql_companies)){
$whois = mysqli_real_escape_string($mysqli, $records['whois']); $whois = mysqli_real_escape_string($mysqli, $records['whois']);
// Update the domain // Update the domain
mysqli_query($mysqli,"UPDATE domains SET domain_name = '$domain_name', domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_txt = '$txt', domain_raw_whois = '$whois' WHERE domain_id = $domain_id"); mysqli_query($mysqli, "UPDATE domains SET domain_name = '$domain_name', domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_txt = '$txt', domain_raw_whois = '$whois' WHERE domain_id = $domain_id");
} }
// GET NOTIFICATIONS // GET NOTIFICATIONS
@ -82,7 +82,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($domainAlertArray as $day){ foreach($domainAlertArray as $day){
//Get Domains Expiring //Get Domains Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM domains $sql = mysqli_query(
$mysqli,
"SELECT * FROM domains
LEFT JOIN clients ON domain_client_id = client_id LEFT JOIN clients ON domain_client_id = client_id
WHERE domain_expire = CURDATE() + INTERVAL $day DAY WHERE domain_expire = CURDATE() + INTERVAL $day DAY
AND domains.company_id = $company_id" AND domains.company_id = $company_id"
@ -90,12 +92,12 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$domain_id = $row['domain_id']; $domain_id = $row['domain_id'];
$domain_name = mysqli_real_escape_string($mysqli,$row['domain_name']); $domain_name = mysqli_real_escape_string($mysqli, $row['domain_name']);
$domain_expire = $row['domain_expire']; $domain_expire = $row['domain_expire'];
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); $client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Domain', notification = 'Domain $domain_name for $client_name will expire in $day Days on $domain_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Domain', notification = 'Domain $domain_name for $client_name will expire in $day Days on $domain_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
} }
@ -108,7 +110,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($certificateAlertArray as $day){ foreach($certificateAlertArray as $day){
//Get Certs Expiring //Get Certs Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM certificates $sql = mysqli_query(
$mysqli,
"SELECT * FROM certificates
LEFT JOIN clients ON certificate_client_id = client_id LEFT JOIN clients ON certificate_client_id = client_id
WHERE certificate_expire = CURDATE() + INTERVAL $day DAY WHERE certificate_expire = CURDATE() + INTERVAL $day DAY
AND certificates.company_id = $company_id" AND certificates.company_id = $company_id"
@ -116,13 +120,13 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$certificate_id = $row['certificate_id']; $certificate_id = $row['certificate_id'];
$certificate_name = mysqli_real_escape_string($mysqli,$row['certificate_name']); $certificate_name = mysqli_real_escape_string($mysqli, $row['certificate_name']);
$certificate_domain = $row['certificate_domain']; $certificate_domain = $row['certificate_domain'];
$certificate_expire = $row['certificate_expire']; $certificate_expire = $row['certificate_expire'];
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); $client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Certificate', notification = 'Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Certificate', notification = 'Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
} }
@ -135,7 +139,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($warranty_alert_array as $day){ foreach($warranty_alert_array as $day){
//Get Asset Warranty Expiring //Get Asset Warranty Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM assets $sql = mysqli_query(
$mysqli,
"SELECT * FROM assets
LEFT JOIN clients ON asset_client_id = client_id LEFT JOIN clients ON asset_client_id = client_id
WHERE asset_warranty_expire = CURDATE() + INTERVAL $day DAY WHERE asset_warranty_expire = CURDATE() + INTERVAL $day DAY
AND assets.company_id = $company_id" AND assets.company_id = $company_id"
@ -143,12 +149,12 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$asset_id = $row['asset_id']; $asset_id = $row['asset_id'];
$asset_name = mysqli_real_escape_string($mysqli,$row['asset_name']); $asset_name = mysqli_real_escape_string($mysqli, $row['asset_name']);
$asset_warranty_expire = $row['asset_warranty_expire']; $asset_warranty_expire = $row['asset_warranty_expire'];
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); $client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Asset', notification = 'Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Asset', notification = 'Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
} }
@ -166,8 +172,8 @@ while($row = mysqli_fetch_array($sql_companies)){
if(mysqli_num_rows($sql_scheduled_tickets) > 0){ if(mysqli_num_rows($sql_scheduled_tickets) > 0){
while($row = mysqli_fetch_array($sql_scheduled_tickets)){ while($row = mysqli_fetch_array($sql_scheduled_tickets)){
$schedule_id = $row['scheduled_ticket_id']; $schedule_id = $row['scheduled_ticket_id'];
$subject = mysqli_real_escape_string($mysqli,$row['scheduled_ticket_subject']); $subject = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_subject']);
$details = mysqli_real_escape_string($mysqli,$row['scheduled_ticket_details']); $details = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_details']);
$priority = $row['scheduled_ticket_priority']; $priority = $row['scheduled_ticket_priority'];
$frequency = strtolower($row['scheduled_ticket_frequency']); $frequency = strtolower($row['scheduled_ticket_frequency']);
$created_id = $row['scheduled_ticket_created_by']; $created_id = $row['scheduled_ticket_created_by'];
@ -179,20 +185,20 @@ while($row = mysqli_fetch_array($sql_companies)){
//Get the next Ticket Number and add 1 for the new ticket number //Get the next Ticket Number and add 1 for the new ticket number
$ticket_number = $config_ticket_next_number; $ticket_number = $config_ticket_next_number;
$new_config_ticket_next_number = $config_ticket_next_number + 1; $new_config_ticket_next_number = $config_ticket_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = '$company_id'"); mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = '$company_id'");
// Raise the ticket // Raise the ticket
mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = $created_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = $created_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id, company_id = $company_id");
$id = mysqli_insert_id($mysqli); $id = mysqli_insert_id($mysqli);
// Logging // Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'System created scheduled $frequency ticket - $subject', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id, log_user_id = $created_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'System created scheduled $frequency ticket - $subject', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id, log_user_id = $created_id");
// E-mail client // E-mail client
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) { if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) {
// Get contact/ticket/company details // Get contact/ticket/company details
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, company_phone FROM tickets $sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, company_phone FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN companies ON tickets.company_id = companies.company_id LEFT JOIN companies ON tickets.company_id = companies.company_id
@ -212,14 +218,23 @@ while($row = mysqli_fetch_array($sql_companies)){
$subject = "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)"; $subject = "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)";
$body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>A ticket regarding \"$ticket_subject\" has been automatically created for you.<br><br>--------------------------------<br>$details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone"; $body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>A ticket regarding \"$ticket_subject\" has been automatically created for you.<br><br>--------------------------------<br>$details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_ticket_from_email, $config_ticket_from_name, $config_smtp_host,
$contact_email, $contact_name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_ticket_from_email,
$config_ticket_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail !== true) { if ($mail !== true) {
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
} }
} }
@ -273,7 +288,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($invoiceAlertArray as $day){ foreach($invoiceAlertArray as $day){
$sql = mysqli_query($mysqli,"SELECT * FROM invoices $sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON contact_id = primary_contact LEFT JOIN contacts ON contact_id = primary_contact
WHERE invoice_status NOT LIKE 'Draft' WHERE invoice_status NOT LIKE 'Draft'
@ -295,29 +312,38 @@ while($row = mysqli_fetch_array($sql_companies)){
$invoice_amount = $row['invoice_amount']; $invoice_amount = $row['invoice_amount'];
$invoice_currency_code = $row['invoice_currency_code']; $invoice_currency_code = $row['invoice_currency_code'];
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); $client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
$contact_name = $row['contact_name']; $contact_name = $row['contact_name'];
$contact_email = $row['contact_email']; $contact_email = $row['contact_email'];
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Invoice Overdue', notification = 'Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Invoice Overdue', notification = 'Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
$subject = "Overdue Invoice $invoice_prefix$invoice_number"; $subject = "Overdue Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>According to our records, we have not received payment for invoice $invoice_prefix$invoice_number. Please submit your payment as soon as possible. If you have any questions please contact us at $company_phone. $body = "Hello $contact_name,<br><br>According to our records, we have not received payment for invoice $invoice_prefix$invoice_number. Please submit your payment as soon as possible. If you have any questions please contact us at $company_phone.
<br><br> <br><br>
Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone"; Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_invoice_from_email, $config_invoice_from_name, $config_smtp_host,
$contact_email, $contact_name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail === true) { if ($mail === true) {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
} else { } else {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Failed to send Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Failed to send Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
} }
} }
@ -327,7 +353,7 @@ while($row = mysqli_fetch_array($sql_companies)){
//Send Recurring Invoices that match todays date and are active //Send Recurring Invoices that match todays date and are active
//Loop through all recurring that match today's date and is active //Loop through all recurring that match today's date and is active
$sql_recurring = mysqli_query($mysqli,"SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1 AND recurring.company_id = $company_id"); $sql_recurring = mysqli_query($mysqli, "SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1 AND recurring.company_id = $company_id");
while($row = mysqli_fetch_array($sql_recurring)){ while($row = mysqli_fetch_array($sql_recurring)){
$recurring_id = $row['recurring_id']; $recurring_id = $row['recurring_id'];
@ -338,36 +364,36 @@ while($row = mysqli_fetch_array($sql_companies)){
$recurring_next_date = $row['recurring_next_date']; $recurring_next_date = $row['recurring_next_date'];
$recurring_amount = $row['recurring_amount']; $recurring_amount = $row['recurring_amount'];
$recurring_currency_code = $row['recurring_currency_code']; $recurring_currency_code = $row['recurring_currency_code'];
$recurring_note = mysqli_real_escape_string($mysqli,$row['recurring_note']); //Escape SQL $recurring_note = mysqli_real_escape_string($mysqli, $row['recurring_note']); //Escape SQL
$category_id = $row['recurring_category_id']; $category_id = $row['recurring_category_id'];
$client_id = $row['recurring_client_id']; $client_id = $row['recurring_client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); //Escape SQL just in case a name is like Safran's etc $client_name = mysqli_real_escape_string($mysqli, $row['client_name']); //Escape SQL just in case a name is like Safran's etc
$client_net_terms = $row['client_net_terms']; $client_net_terms = $row['client_net_terms'];
//Get the last Invoice Number and add 1 for the new invoice number //Get the last Invoice Number and add 1 for the new invoice number
$sql_invoice_number = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $company_id"); $sql_invoice_number = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = $company_id");
$row = mysqli_fetch_array($sql_invoice_number); $row = mysqli_fetch_array($sql_invoice_number);
$config_invoice_next_number = $row['config_invoice_next_number']; $config_invoice_next_number = $row['config_invoice_next_number'];
$new_invoice_number = $config_invoice_next_number; $new_invoice_number = $config_invoice_next_number;
$new_config_invoice_next_number = $config_invoice_next_number + 1; $new_config_invoice_next_number = $config_invoice_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $company_id"); mysqli_query($mysqli, "UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $company_id");
//Generate a unique URL key for clients to access //Generate a unique URL key for clients to access
$url_key = randomString(156); $url_key = randomString(156);
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_amount = '$recurring_amount', invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_created_at = NOW(), invoice_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_amount = '$recurring_amount', invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_created_at = NOW(), invoice_client_id = $client_id, company_id = $company_id");
$new_invoice_id = mysqli_insert_id($mysqli); $new_invoice_id = mysqli_insert_id($mysqli);
//Copy Items from original recurring invoice to new invoice //Copy Items from original recurring invoice to new invoice
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC"); $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC");
while($row = mysqli_fetch_array($sql_invoice_items)){ while($row = mysqli_fetch_array($sql_invoice_items)){
$item_id = $row['item_id']; $item_id = $row['item_id'];
$item_name = mysqli_real_escape_string($mysqli,$row['item_name']); //SQL Escape incase of , $item_name = mysqli_real_escape_string($mysqli, $row['item_name']); //SQL Escape incase of ,
$item_description = mysqli_real_escape_string($mysqli,$row['item_description']); //SQL Escape incase of , $item_description = mysqli_real_escape_string($mysqli, $row['item_description']); //SQL Escape incase of ,
$item_quantity = $row['item_quantity']; $item_quantity = $row['item_quantity'];
$item_price = $row['item_price']; $item_price = $row['item_price'];
$item_subtotal = $row['item_subtotal']; $item_subtotal = $row['item_subtotal'];
@ -376,20 +402,22 @@ while($row = mysqli_fetch_array($sql_companies)){
$tax_id = $row['item_tax_id']; $tax_id = $row['item_tax_id'];
//Insert Items into New Invoice //Insert Items into New Invoice
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = '$item_quantity', item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), item_tax_id = $tax_id, item_invoice_id = $new_invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = '$item_quantity', item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), item_tax_id = $tax_id, item_invoice_id = $new_invoice_id, company_id = $company_id");
} }
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Recurring Sent', notification = 'Recurring Invoice $config_invoice_prefix$new_invoice_number for $client_name Sent', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Recurring Sent', notification = 'Recurring Invoice $config_invoice_prefix$new_invoice_number for $client_name Sent', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
//Update recurring dates //Update recurring dates
mysqli_query($mysqli,"UPDATE recurring SET recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency), recurring_updated_at = NOW() WHERE recurring_id = $recurring_id"); mysqli_query($mysqli, "UPDATE recurring SET recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency), recurring_updated_at = NOW() WHERE recurring_id = $recurring_id");
if($config_recurring_auto_send_invoice == 1){ if($config_recurring_auto_send_invoice == 1){
$sql = mysqli_query($mysqli,"SELECT * FROM invoices $sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON contact_id = primary_contact LEFT JOIN contacts ON contact_id = primary_contact
WHERE invoice_id = $new_invoice_id WHERE invoice_id = $new_invoice_id
@ -412,20 +440,29 @@ while($row = mysqli_fetch_array($sql_companies)){
$subject = "Invoice $invoice_prefix$invoice_number"; $subject = "Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone"; $body = "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_invoice_from_email, $config_invoice_from_name, $config_smtp_host,
$contact_email, $contact_name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail === true) { if ($mail === true) {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"UPDATE invoices SET invoice_status = 'Sent', invoice_updated_at = NOW(), invoice_client_id = $client_id WHERE invoice_id = $new_invoice_id"); mysqli_query($mysqli, "UPDATE invoices SET invoice_status = 'Sent', invoice_updated_at = NOW(), invoice_client_id = $client_id WHERE invoice_id = $new_invoice_id");
} else { } else {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Cron Failed to send Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Draft', history_description = 'Cron Failed to send Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
} }
} //End if Autosend is on } //End if Autosend is on
@ -436,163 +473,163 @@ while($row = mysqli_fetch_array($sql_companies)){
$current_version = exec("git rev-parse HEAD"); $current_version = exec("git rev-parse HEAD");
// Client Count // Client Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('client_id') AS num FROM clients")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS num FROM clients"));
$client_count = $row['num']; $client_count = $row['num'];
// Ticket Count // Ticket Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM tickets"));
$ticket_count = $row['num']; $ticket_count = $row['num'];
// Calendar Event Count // Calendar Event Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events"));
$calendar_event_count = $row['num']; $calendar_event_count = $row['num'];
// Quote Count // Quote Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('quote_id') AS num FROM quotes"));
$quote_count = $row['num']; $quote_count = $row['num'];
// Invoice Count // Invoice Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices"));
$invoice_count = $row['num']; $invoice_count = $row['num'];
// Revenue Count // Revenue Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('revenue_id') AS num FROM revenues")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('revenue_id') AS num FROM revenues"));
$revenue_count = $row['num']; $revenue_count = $row['num'];
// Recurring Count // Recurring Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM recurring"));
$recurring_count = $row['num']; $recurring_count = $row['num'];
// Account Count // Account Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('account_id') AS num FROM accounts")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('account_id') AS num FROM accounts"));
$account_count = $row['num']; $account_count = $row['num'];
// Tax Count // Tax Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tax_id') AS num FROM taxes")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tax_id') AS num FROM taxes"));
$tax_count = $row['num']; $tax_count = $row['num'];
// Product Count // Product Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('product_id') AS num FROM products")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('product_id') AS num FROM products"));
$product_count = $row['num']; $product_count = $row['num'];
// Payment Count // Payment Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0"));
$payment_count = $row['num']; $payment_count = $row['num'];
// Company Vendor Count // Company Vendor Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0"));
$company_vendor_count = $row['num']; $company_vendor_count = $row['num'];
// Expense Count // Expense Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0"));
$expense_count = $row['num']; $expense_count = $row['num'];
// Trip Count // Trip Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('trip_id') AS num FROM trips"));
$trip_count = $row['num']; $trip_count = $row['num'];
// Transfer Count // Transfer Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('transfer_id') AS num FROM transfers")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('transfer_id') AS num FROM transfers"));
$transfer_count = $row['num']; $transfer_count = $row['num'];
// Contact Count // Contact Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts"));
$contact_count = $row['num']; $contact_count = $row['num'];
// Location Count // Location Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations"));
$location_count = $row['num']; $location_count = $row['num'];
// Asset Count // Asset Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets"));
$asset_count = $row['num']; $asset_count = $row['num'];
// Software Count // Software Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0"));
$software_count = $row['num']; $software_count = $row['num'];
// Software Template Count // Software Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1"));
$software_template_count = $row['num']; $software_template_count = $row['num'];
// Password Count // Password Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('login_id') AS num FROM logins"));
$password_count = $row['num']; $password_count = $row['num'];
// Network Count // Network Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks"));
$network_count = $row['num']; $network_count = $row['num'];
// Certificate Count // Certificate Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates"));
$certificate_count = $row['num']; $certificate_count = $row['num'];
// Domain Count // Domain Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains"));
$domain_count = $row['num']; $domain_count = $row['num'];
// Service Count // Service Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services"));
$service_count = $row['num']; $service_count = $row['num'];
// Client Vendor Count // Client Vendor Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0"));
$client_vendor_count = $row['num']; $client_vendor_count = $row['num'];
// Vendor Template Count // Vendor Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1"));
$vendor_template_count = $row['num']; $vendor_template_count = $row['num'];
// File Count // File Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('file_id') AS num FROM files"));
$file_count = $row['num']; $file_count = $row['num'];
// Document Count // Document Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0"));
$document_count = $row['num']; $document_count = $row['num'];
// Document Template Count // Document Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1"));
$document_template_count = $row['num']; $document_template_count = $row['num'];
// Shared Item Count // Shared Item Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('item_id') AS num FROM shared_items"));
$shared_item_count = $row['num']; $shared_item_count = $row['num'];
// Company Count // Company Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('company_id') AS num FROM companies"));
$company_count = $row['num']; $company_count = $row['num'];
// User Count // User Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('user_id') AS num FROM users")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('user_id') AS num FROM users"));
$user_count = $row['num']; $user_count = $row['num'];
// Category Expense Count // Category Expense Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'"));
$category_expense_count = $row['num']; $category_expense_count = $row['num'];
// Category Income Count // Category Income Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'"));
$category_income_count = $row['num']; $category_income_count = $row['num'];
// Category Referral Count // Category Referral Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'"));
$category_referral_count = $row['num']; $category_referral_count = $row['num'];
// Category Payment Method Count // Category Payment Method Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'"));
$category_payment_method_count = $row['num']; $category_payment_method_count = $row['num'];
// Tag Count // Tag Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tag_id') AS num FROM tags")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tag_id') AS num FROM tags"));
$tag_count = $row['num']; $tag_count = $row['num'];
// API Key Count // API Key Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('api_key_id') AS num FROM api_keys")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('api_key_id') AS num FROM api_keys"));
$api_key_count = $row['num']; $api_key_count = $row['num'];
// Log Count // Log Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('log_id') AS num FROM logs")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('log_id') AS num FROM logs"));
$log_count = $row['num']; $log_count = $row['num'];
$postdata = http_build_query( $postdata = http_build_query(
@ -668,14 +705,14 @@ while($row = mysqli_fetch_array($sql_companies)){
$result = file_get_contents('https://telemetry.itflow.org', false, $context); $result = file_get_contents('https://telemetry.itflow.org', false, $context);
// Logging // Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Telemetry', log_description = 'Cron sent telemetry results to ITFlow Developers', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Telemetry', log_description = 'Cron sent telemetry results to ITFlow Developers', company_id = $company_id");
} }
//Send Alert to inform Cron was run //Send Alert to inform Cron was run
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Cron', notification = 'Cron.php successfully executed', notification_timestamp = NOW(), company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Cron', notification = 'Cron.php successfully executed', notification_timestamp = NOW(), company_id = $company_id");
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Ended', log_description = 'Cron executed successfully for $company_name', company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Ended', log_description = 'Cron executed successfully for $company_name', company_id = $company_id");
} //End Cron Check } //End Cron Check
} //End Company Loop through } //End Company Loop through

19
cron_ticket_email_parser.php
View File

@ -88,10 +88,19 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $comp
$email_subject = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"; $email_subject = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject";
$email_body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone"; $email_body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_ticket_from_email, $config_ticket_from_name, $config_smtp_host,
$contact_email, $contact_name, $config_smtp_username,
$email_subject, $email_body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_ticket_from_email,
$config_ticket_from_name,
$contact_email,
$contact_name,
$email_subject,
$email_body
);
if ($mail !== true) { if ($mail !== true) {
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
@ -203,7 +212,7 @@ if (array_search("{{$imap_mailbox}}$imap_folder", $list) === false) {
} }
// Search for unread ("UNSEEN") emails // Search for unread ("UNSEEN") emails
$emails = imap_search($imap,'UNSEEN'); $emails = imap_search($imap, 'UNSEEN');
if ($emails) { if ($emails) {

14
dashboard_financial.php
View File

@ -58,17 +58,21 @@ $profit = $total_income - $total_expenses;
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE company_id = $session_company_id"); $sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE company_id = $session_company_id");
$sql_latest_invoice_payments = mysqli_query($mysqli, "SELECT * FROM payments, invoices, clients $sql_latest_invoice_payments = mysqli_query(
$mysqli,
"SELECT * FROM payments, invoices, clients
WHERE payment_invoice_id = invoice_id WHERE payment_invoice_id = invoice_id
AND invoice_client_id = client_id AND invoice_client_id = client_id
AND clients.company_id = $session_company_id AND clients.company_id = $session_company_id
ORDER BY payment_id DESC LIMIT 5" ORDER BY payment_id DESC LIMIT 5"
); );
$sql_latest_expenses = mysqli_query($mysqli, "SELECT * FROM expenses, vendors, categories $sql_latest_expenses = mysqli_query(
$mysqli,
"SELECT * FROM expenses, vendors, categories
WHERE expense_vendor_id = vendor_id WHERE expense_vendor_id = vendor_id
AND expense_category_id = category_id AND expense_category_id = category_id
AND expenses.company_id = $session_company_id AND expenses.company_id = $session_company_id
ORDER BY expense_id DESC LIMIT 5" ORDER BY expense_id DESC LIMIT 5"
); );
@ -194,7 +198,7 @@ $vendors_added = $row['vendors_added'];
<!-- small box --> <!-- small box -->
<a class="small-box bg-secondary" href="trips.php?dtf=<?php echo $year; ?>-01-01&dtt=<?php echo $year; ?>-12-31"> <a class="small-box bg-secondary" href="trips.php?dtf=<?php echo $year; ?>-01-01&dtt=<?php echo $year; ?>-12-31">
<div class="inner"> <div class="inner">
<h3><?php echo number_format($total_miles,2); ?></h3> <h3><?php echo number_format($total_miles, 2); ?></h3>
<p>Miles Traveled</p> <p>Miles Traveled</p>
</div> </div>
<div class="icon"> <div class="icon">

28
dashboard_technical.php
View File

@ -9,7 +9,9 @@ if (isset($_GET['year'])) {
} }
// GET unique years from expenses, payments and revenues // GET unique years from expenses, payments and revenues
$sql_payment_years = mysqli_query($mysqli, "SELECT YEAR(expense_date) AS all_years FROM expenses $sql_payment_years = mysqli_query(
$mysqli,
"SELECT YEAR(expense_date) AS all_years FROM expenses
WHERE company_id = $session_company_id WHERE company_id = $session_company_id
UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id
UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id
@ -17,28 +19,36 @@ $sql_payment_years = mysqli_query($mysqli, "SELECT YEAR(expense_date) AS all_yea
); );
// Get Total Clients added // Get Total Clients added
$sql_clients = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS clients_added FROM clients $sql_clients = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('client_id') AS clients_added FROM clients
WHERE YEAR(client_created_at) = $year WHERE YEAR(client_created_at) = $year
AND company_id = $session_company_id" AND company_id = $session_company_id"
)); ));
$clients_added = $sql_clients['clients_added']; $clients_added = $sql_clients['clients_added'];
// Get Total contacts added // Get Total contacts added
$sql_contacts = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS contacts_added FROM contacts $sql_contacts = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('contact_id') AS contacts_added FROM contacts
WHERE YEAR(contact_created_at) = $year WHERE YEAR(contact_created_at) = $year
AND company_id = $session_company_id" AND company_id = $session_company_id"
)); ));
$contacts_added = $sql_contacts['contacts_added']; $contacts_added = $sql_contacts['contacts_added'];
// Get Total assets added // Get Total assets added
$sql_assets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS assets_added FROM assets $sql_assets = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('asset_id') AS assets_added FROM assets
WHERE YEAR(asset_created_at) = $year WHERE YEAR(asset_created_at) = $year
AND company_id = $session_company_id" AND company_id = $session_company_id"
)); ));
$assets_added = $sql_assets['assets_added']; $assets_added = $sql_assets['assets_added'];
// Ticket count // Ticket count
$sql_tickets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS active_tickets $sql_tickets = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('ticket_id') AS active_tickets
FROM tickets FROM tickets
WHERE ticket_status != 'Closed' WHERE ticket_status != 'Closed'
AND company_id = $session_company_id" AND company_id = $session_company_id"
@ -46,7 +56,9 @@ $sql_tickets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id
$active_tickets = $sql_tickets['active_tickets']; $active_tickets = $sql_tickets['active_tickets'];
// Expiring domains (but not ones that have already expired) // Expiring domains (but not ones that have already expired)
$sql_domains_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') as expiring_domains $sql_domains_expiring = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('domain_id') as expiring_domains
FROM domains FROM domains
WHERE domain_expire != '0000-00-00' WHERE domain_expire != '0000-00-00'
AND domain_expire > CURRENT_DATE AND domain_expire > CURRENT_DATE
@ -57,7 +69,9 @@ $sql_domains_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('
$expiring_domains = $sql_domains_expiring['expiring_domains']; $expiring_domains = $sql_domains_expiring['expiring_domains'];
// Expiring Certificates (but not ones that have already expired) // Expiring Certificates (but not ones that have already expired)
$sql_certs_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') as expiring_certs $sql_certs_expiring = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('certificate_id') as expiring_certs
FROM certificates FROM certificates
WHERE certificate_expire != '0000-00-00' WHERE certificate_expire != '0000-00-00'
AND certificate_expire > CURRENT_DATE AND certificate_expire > CURRENT_DATE

14
expense_add_modal.php
View File

@ -43,28 +43,28 @@
<option value="">- Account -</option> <option value="">- Account -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$account_id = $row['account_id']; $account_id = $row['account_id'];
$account_name = htmlentities($row['account_name']); $account_name = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']); $opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments']; $total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues']; $total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses']; $total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses; $balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?> ?>
<option <?php if ($config_default_expense_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><div class="float-left"><?php echo $account_name; ?></div><div class="float-right"> [$<?php echo number_format($balance,2); ?>]</div></option> <option <?php if ($config_default_expense_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><div class="float-left"><?php echo $account_name; ?></div><div class="float-right"> [$<?php echo number_format($balance, 2); ?>]</div></option>
<?php <?php
} }
@ -83,7 +83,7 @@
<option value="">- Vendor -</option> <option value="">- Vendor -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL AND company_id = $session_company_id ORDER BY vendor_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);
@ -118,7 +118,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id']; $category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']); $category_name = htmlentities($row['category_name']);

14
expense_copy_modal.php
View File

@ -44,27 +44,27 @@
<select class="form-control select2" name="account" required> <select class="form-control select2" name="account" required>
<?php <?php
$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id ORDER BY account_name ASC"); $sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql_accounts)) { while ($row = mysqli_fetch_array($sql_accounts)) {
$account_id_select = $row['account_id']; $account_id_select = $row['account_id'];
$account_name_select = htmlentities($row['account_name']); $account_name_select = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']); $opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments']; $total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues']; $total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses']; $total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses; $balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?> ?>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance,2); ?>]</option> <option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance, 2); ?>]</option>
<?php <?php
} }
@ -82,7 +82,7 @@
<select class="form-control select2" name="vendor" required> <select class="form-control select2" name="vendor" required>
<?php <?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id']; $vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']); $vendor_name_select = htmlentities($row['vendor_name']);
@ -114,7 +114,7 @@
<select class="form-control select2" name="category" required> <select class="form-control select2" name="category" required>
<?php <?php
$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) { while ($row = mysqli_fetch_array($sql_categories)) {
$category_id_select = $row['category_id']; $category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']); $category_name_select = htmlentities($row['category_name']);

14
expense_edit_modal.php
View File

@ -46,28 +46,28 @@
<select class="form-control select2" name="account" required> <select class="form-control select2" name="account" required>
<?php <?php
$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE (account_archived_at > '$expense_created_at' OR account_archived_at IS NULL) AND company_id = $session_company_id ORDER BY account_name ASC"); $sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE (account_archived_at > '$expense_created_at' OR account_archived_at IS NULL) AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql_accounts)) { while ($row = mysqli_fetch_array($sql_accounts)) {
$account_id_select = $row['account_id']; $account_id_select = $row['account_id'];
$account_name_select = htmlentities($row['account_name']); $account_name_select = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']); $opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments']; $total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues']; $total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses']; $total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses; $balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?> ?>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance,2); ?>]</option> <option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance, 2); ?>]</option>
<?php <?php
} }
@ -85,7 +85,7 @@
<select class="form-control select2" name="vendor" required> <select class="form-control select2" name="vendor" required>
<?php <?php
$sql_select = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) AND company_id = $session_company_id ORDER BY vendor_name ASC"); $sql_select = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) { while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = $row['vendor_id']; $vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']); $vendor_name_select = htmlentities($row['vendor_name']);
@ -120,7 +120,7 @@
<select class="form-control select2" name="category" required> <select class="form-control select2" name="category" required>
<?php <?php
$sql_select = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND (category_archived_at > '$expense_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_select = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND (category_archived_at > '$expense_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_select)) { while ($row = mysqli_fetch_array($sql_select)) {
$category_id_select = $row['category_id']; $category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']); $category_name_select = htmlentities($row['category_name']);

32
expenses.php
View File

@ -5,7 +5,7 @@ require_once("inc_all.php");
//$o = "DESC"; //$o = "DESC";
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "expense_date"; $sb = "expense_date";
} }
@ -24,41 +24,41 @@ if (empty($_GET['canned_date'])) {
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
} else { } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM expenses
LEFT JOIN categories ON expense_category_id = category_id LEFT JOIN categories ON expense_category_id = category_id
LEFT JOIN vendors ON expense_vendor_id = vendor_id LEFT JOIN vendors ON expense_vendor_id = vendor_id
LEFT JOIN accounts ON expense_account_id = account_id LEFT JOIN accounts ON expense_account_id = account_id
@ -68,7 +68,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses
AND (vendor_name LIKE '%$q%' OR category_name LIKE '%$q%' OR account_name LIKE '%$q%' OR expense_description LIKE '%$q%' OR expense_amount LIKE '%$q%') AND (vendor_name LIKE '%$q%' OR category_name LIKE '%$q%' OR account_name LIKE '%$q%' OR expense_description LIKE '%$q%' OR expense_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
@ -176,7 +176,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<td><?php echo $receipt_attached; ?> <a class="text-dark" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>"><?php echo $expense_date; ?></a></td> <td><?php echo $receipt_attached; ?> <a class="text-dark" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>"><?php echo $expense_date; ?></a></td>
<td><?php echo $vendor_name; ?></td> <td><?php echo $vendor_name; ?></td>
<td><?php echo $category_name; ?></td> <td><?php echo $category_name; ?></td>
<td><?php echo truncate($expense_description,50); ?></td> <td><?php echo truncate($expense_description, 50); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $expense_amount, $expense_currency_code); ?></td> <td class="text-right"><?php echo numfmt_format_currency($currency_format, $expense_amount, $expense_currency_code); ?></td>
<td><?php echo $account_name; ?></td> <td><?php echo $account_name; ?></td>
<td> <td>

18
functions.php
View File

@ -50,7 +50,7 @@ function initials($str) {
$ret = ''; $ret = '';
foreach (explode(' ', $str) as $word) foreach (explode(' ', $str) as $word)
$ret .= strtoupper($word[0]); $ret .= strtoupper($word[0]);
$ret = substr($ret,0, 2); $ret = substr($ret, 0, 2);
return $ret; return $ret;
} }
} }
@ -139,7 +139,7 @@ function getDevice() {
if (preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone|android|iemobile)/i', strtolower($_SERVER['HTTP_USER_AGENT']))) { if (preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone|android|iemobile)/i', strtolower($_SERVER['HTTP_USER_AGENT']))) {
$mobile_browser++; $mobile_browser++;
} }
if ((strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml') > 0) || ((isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE'])))) { if ((strpos(strtolower($_SERVER['HTTP_ACCEPT']), 'application/vnd.wap.xhtml+xml') > 0) || ((isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE'])))) {
$mobile_browser++; $mobile_browser++;
} }
$mobile_ua = strtolower(substr(getUserAgent(), 0, 4)); $mobile_ua = strtolower(substr(getUserAgent(), 0, 4));
@ -153,10 +153,10 @@ function getDevice() {
'sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-', 'sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-',
'tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp', 'tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp',
'wapr','webc','winw','winw','xda ','xda-'); 'wapr','webc','winw','winw','xda ','xda-');
if (in_array($mobile_ua,$mobile_agents)) { if (in_array($mobile_ua, $mobile_agents)) {
$mobile_browser++; $mobile_browser++;
} }
if (strpos(strtolower(getUserAgent()),'opera mini') > 0) { if (strpos(strtolower(getUserAgent()), 'opera mini') > 0) {
$mobile_browser++; $mobile_browser++;
//Check for tablets on Opera Mini alternative headers //Check for tablets on Opera Mini alternative headers
$stock_ua = strtolower(isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])?$_SERVER['HTTP_X_OPERAMINI_PHONE_UA']:(isset($_SERVER['HTTP_DEVICE_STOCK_UA'])?$_SERVER['HTTP_DEVICE_STOCK_UA']:'')); $stock_ua = strtolower(isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])?$_SERVER['HTTP_X_OPERAMINI_PHONE_UA']:(isset($_SERVER['HTTP_DEVICE_STOCK_UA'])?$_SERVER['HTTP_DEVICE_STOCK_UA']:''));
@ -183,13 +183,13 @@ function truncate($text, $chars) {
return $text; return $text;
} }
$text = $text." "; $text = $text." ";
$text = substr($text,0,$chars); $text = substr($text, 0, $chars);
$text = substr($text,0,strrpos($text,' ')); $text = substr($text, 0, strrpos($text, ' '));
return $text."..."; return $text."...";
} }
function formatPhoneNumber($phoneNumber) { function formatPhoneNumber($phoneNumber) {
$phoneNumber = preg_replace('/[^0-9]/','',$phoneNumber); $phoneNumber = preg_replace('/[^0-9]/', '', $phoneNumber);
if (strlen($phoneNumber) > 10) { if (strlen($phoneNumber) > 10) {
$countryCode = substr($phoneNumber, 0, strlen($phoneNumber)-10); $countryCode = substr($phoneNumber, 0, strlen($phoneNumber)-10);
@ -358,8 +358,8 @@ function getDomainExpirationDate($name) {
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://lookup.itflow.org:8080/$name"); curl_setopt($ch, CURLOPT_URL, "http://lookup.itflow.org:8080/$name");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = json_decode(curl_exec($ch),1); $response = json_decode(curl_exec($ch), 1);
if ($response) { if ($response) {
if (is_array($response['expiration_date'])) { if (is_array($response['expiration_date'])) {

4
get_credential.php
View File

@ -30,8 +30,8 @@ require_once("config.php");
require_once("functions.php"); require_once("functions.php");
// IP & User Agent for logging // IP & User Agent for logging
$ip = strip_tags(mysqli_real_escape_string($mysqli,getIP())); $ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT'])); $user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
// Define wording for the user // Define wording for the user
DEFINE("WORDING_ROLECHECK_FAILED", "ITFlow - You are not permitted to use this application!"); DEFINE("WORDING_ROLECHECK_FAILED", "ITFlow - You are not permitted to use this application!");

2
get_settings.php
View File

@ -1,7 +1,7 @@
<?php <?php
// Query Settings // Query Settings
$sql_settings = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $session_company_id"); $sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = $session_company_id");
$row = mysqli_fetch_array($sql_settings); $row = mysqli_fetch_array($sql_settings);
// Database version // Database version

14
global_search.php
View File

@ -4,22 +4,22 @@ require_once("inc_all.php");
if (isset($_GET['query'])) { if (isset($_GET['query'])) {
$query = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['query']))); $query = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['query'])));
$phone_query = preg_replace("/[^0-9]/", '',$query); $phone_query = preg_replace("/[^0-9]/", '', $query);
if (empty($phone_query)) { if (empty($phone_query)) {
$phone_query = $query; $phone_query = $query;
} }
$ticket_num_query = str_replace("$config_ticket_prefix", "", "$query"); $ticket_num_query = str_replace("$config_ticket_prefix", "", "$query");
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN locations ON clients.primary_location = locations.location_id WHERE client_name LIKE '%$query%' AND clients.company_id = $session_company_id ORDER BY client_id DESC LIMIT 5"); $sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN locations ON clients.primary_location = locations.location_id WHERE client_name LIKE '%$query%' AND clients.company_id = $session_company_id ORDER BY client_id DESC LIMIT 5");
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN clients ON client_id = contact_client_id WHERE (contact_name LIKE '%$query%' OR contact_title LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' OR contact_mobile LIKE '%$phone_query%') AND contacts.company_id = $session_company_id ORDER BY contact_id DESC LIMIT 5"); $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts LEFT JOIN clients ON client_id = contact_client_id WHERE (contact_name LIKE '%$query%' OR contact_title LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' OR contact_mobile LIKE '%$phone_query%') AND contacts.company_id = $session_company_id ORDER BY contact_id DESC LIMIT 5");
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5");
$sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5"); $sql_products = mysqli_query($mysqli, "SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
$sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5"); $sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5");
$sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') AND tickets.company_id = $session_company_id ORDER BY ticket_id DESC LIMIT 5"); $sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') AND tickets.company_id = $session_company_id ORDER BY ticket_id DESC LIMIT 5");
$sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5"); $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
$q = htmlentities($_GET['query']); $q = htmlentities($_GET['query']);
?> ?>

8
guest_download_file.php
View File

@ -3,12 +3,12 @@
require_once("config.php"); require_once("config.php");
require_once("functions.php"); require_once("functions.php");
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli,getIP()))); $ip = trim(strip_tags(mysqli_real_escape_string($mysqli, getIP())));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT'])); $user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
if (isset($_GET['id']) && isset($_GET['key'])) { if (isset($_GET['id']) && isset($_GET['key'])) {
$item_id = intval($_GET['id']); $item_id = intval($_GET['id']);
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['key']))); $item_key = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['key'])));
$sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
@ -62,6 +62,6 @@ if (isset($_GET['id']) && isset($_GET['key'])) {
mysqli_query($mysqli, "UPDATE shared_items SET item_views = '$new_item_views' WHERE item_id = '$item_id'"); mysqli_query($mysqli, "UPDATE shared_items SET item_views = '$new_item_views' WHERE item_id = '$item_id'");
// Logging // Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Downloaded shared file $file_name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Downloaded shared file $file_name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
} }

16
guest_pay_invoice_stripe.php
View File

@ -275,10 +275,18 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
$subject = "Payment Received - Invoice $invoice_prefix$invoice_number"; $subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone"; $body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_invoice_from_email, $config_invoice_from_name, $config_smtp_host,
$contact_email, $contact_name, $config_smtp_username,
$subject, $body $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
); );
// Email Logging // Email Logging

16
guest_post.php
View File

@ -9,15 +9,15 @@ if (isset($_GET['accept_quote'], $_GET['company_id'], $_GET['url_key'])) {
$quote_id = intval($_GET['accept_quote']); $quote_id = intval($_GET['accept_quote']);
$company_id = intval($_GET['company_id']); $company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']); $url_key = mysqli_real_escape_string($mysqli, $_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND company_id = $company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND company_id = $company_id");
if (mysqli_num_rows($sql) == 1) { if (mysqli_num_rows($sql) == 1) {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Accepted' WHERE quote_id = $quote_id"); mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Accepted' WHERE quote_id = $quote_id");
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Accepted', history_description = 'Client accepted Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Accepted', history_description = 'Client accepted Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
$_SESSION['alert_message'] = "Quote Accepted"; $_SESSION['alert_message'] = "Quote Accepted";
@ -32,15 +32,15 @@ if (isset($_GET['decline_quote'], $_GET['company_id'], $_GET['url_key'])) {
$quote_id = intval($_GET['decline_quote']); $quote_id = intval($_GET['decline_quote']);
$company_id = intval($_GET['company_id']); $company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']); $url_key = mysqli_real_escape_string($mysqli, $_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND quote_url_key = '$url_key' AND company_id = $company_id"); $sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND quote_url_key = '$url_key' AND company_id = $company_id");
if (mysqli_num_rows($sql) == 1) { if (mysqli_num_rows($sql) == 1) {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Declined' WHERE quote_id = $quote_id"); mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Declined' WHERE quote_id = $quote_id");
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
$_SESSION['alert_type'] = "danger"; $_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Quote Declined"; $_SESSION['alert_message'] = "Quote Declined";

6
guest_view_item.php
View File

@ -18,7 +18,7 @@ if (!isset($_GET['id']) || !isset($_GET['key'])) {
} }
$item_id = intval($_GET['id']); $item_id = intval($_GET['id']);
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['key']))); $item_key = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['key'])));
$sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
@ -77,7 +77,7 @@ if ($item_type == "Document") {
// Logging // Logging
$name = mysqli_real_escape_string($mysqli, $doc_title); $name = mysqli_real_escape_string($mysqli, $doc_title);
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
} elseif ($item_type == "File") { } elseif ($item_type == "File") {
$file_sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id' LIMIT 1"); $file_sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id' LIMIT 1");
@ -142,7 +142,7 @@ if ($item_type == "Document") {
// Logging // Logging
$name = mysqli_real_escape_string($mysqli, $login_name); $name = mysqli_real_escape_string($mysqli, $login_name);
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
} }

10
guest_view_quote.php
View File

@ -79,15 +79,15 @@ $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
//Update status to Viewed only if invoice_status = "Sent" //Update status to Viewed only if invoice_status = "Sent"
if ($quote_status == 'Sent') { if ($quote_status == 'Sent') {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id"); mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id");
} }
//Mark viewed in history //Mark viewed in history
mysqli_query($mysqli,"INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Viewed") { if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Viewed") {
$client_name_escaped = mysqli_escape_string($mysqli, $row['client_name']); $client_name_escaped = mysqli_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
} }
?> ?>
@ -159,7 +159,7 @@ if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Vie
</div> </div>
</div> </div>
<?php $sql_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?> <?php $sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?>
<div class="row mb-4"> <div class="row mb-4">
<div class="col-md-12"> <div class="col-md-12">
@ -390,7 +390,7 @@ if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Vie
$total_tax = 0; $total_tax = 0;
$sub_total = 0; $sub_total = 0;
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC");
while ($row = mysqli_fetch_array($sql_invoice_items)) { while ($row = mysqli_fetch_array($sql_invoice_items)) {
$item_name = $row['item_name']; $item_name = $row['item_name'];

88
inc_all_client.php
View File

@ -9,9 +9,9 @@ require_once("top_nav.php");
if (isset($_GET['client_id'])) { if (isset($_GET['client_id'])) {
$client_id = intval($_GET['client_id']); $client_id = intval($_GET['client_id']);
$sql = mysqli_query($mysqli,"UPDATE clients SET client_accessed_at = NOW() WHERE client_id = $client_id AND company_id = $session_company_id"); $sql = mysqli_query($mysqli, "UPDATE clients SET client_accessed_at = NOW() WHERE client_id = $client_id AND company_id = $session_company_id");
$sql = mysqli_query($mysqli,"SELECT * FROM clients $sql = mysqli_query($mysqli, "SELECT * FROM clients
LEFT JOIN locations ON primary_location = location_id AND location_archived_at IS NULL LEFT JOIN locations ON primary_location = location_id AND location_archived_at IS NULL
LEFT JOIN contacts ON primary_contact = contact_id AND contact_archived_at IS NULL LEFT JOIN contacts ON primary_contact = contact_id AND contact_archived_at IS NULL
WHERE client_id = $client_id WHERE client_id = $client_id
@ -56,7 +56,7 @@ if (isset($_GET['client_id'])) {
$client_tag_name_display_array = array(); $client_tag_name_display_array = array();
$client_tag_id_array = array(); $client_tag_id_array = array();
$sql_client_tags = mysqli_query($mysqli,"SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id"); $sql_client_tags = mysqli_query($mysqli, "SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
while ($row = mysqli_fetch_array($sql_client_tags)) { while ($row = mysqli_fetch_array($sql_client_tags)) {
$client_tag_id = $row['tag_id']; $client_tag_id = $row['tag_id'];
@ -73,12 +73,12 @@ if (isset($_GET['client_id'])) {
$client_tags_display = "<i class='fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2'></i> " . implode('', $client_tag_name_display_array); $client_tags_display = "<i class='fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2'></i> " . implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice //Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'"); $sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$row = mysqli_fetch_array($sql_invoice_amounts); $row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = $row['invoice_amounts']; $invoice_amounts = $row['invoice_amounts'];
$sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id"); $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$row = mysqli_fetch_array($sql_amount_paid); $row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = $row['amount_paid']; $amount_paid = $row['amount_paid'];
@ -86,13 +86,13 @@ if (isset($_GET['client_id'])) {
$balance = $invoice_amounts - $amount_paid; $balance = $invoice_amounts - $amount_paid;
//Get Monthly Recurring Total //Get Monthly Recurring Total
$sql_recurring_monthly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id"); $sql_recurring_monthly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_monthly_total); $row = mysqli_fetch_array($sql_recurring_monthly_total);
$recurring_monthly_total = $row['recurring_monthly_total']; $recurring_monthly_total = $row['recurring_monthly_total'];
//Get Yearly Recurring Total //Get Yearly Recurring Total
$sql_recurring_yearly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id"); $sql_recurring_yearly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_yearly_total); $row = mysqli_fetch_array($sql_recurring_yearly_total);
$recurring_yearly_total = $row['recurring_yearly_total'] / 12; $recurring_yearly_total = $row['recurring_yearly_total'] / 12;
@ -101,91 +101,93 @@ if (isset($_GET['client_id'])) {
//Badge Counts //Badge Counts
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id"));
$num_contacts = $row['num']; $num_contacts = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id"));
$num_locations = $row['num']; $num_locations = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id"));
$num_assets = $row['num']; $num_assets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status != 'Closed' AND ticket_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status != 'Closed' AND ticket_client_id = $client_id"));
$num_active_tickets = $row['num']; $num_active_tickets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status = 'Closed' AND ticket_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status = 'Closed' AND ticket_client_id = $client_id"));
$num_closed_tickets = $row['num']; $num_closed_tickets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services WHERE service_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services WHERE service_client_id = $client_id"));
$num_services = $row['num']; $num_services = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0"));
$num_vendors = $row['num']; $num_vendors = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins WHERE login_archived_at IS NULL AND login_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('login_id') AS num FROM logins WHERE login_archived_at IS NULL AND login_client_id = $client_id"));
$num_logins = $row['num']; $num_logins = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id"));
$num_networks = $row['num']; $num_networks = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains WHERE domain_archived_at IS NULL AND domain_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains WHERE domain_archived_at IS NULL AND domain_client_id = $client_id"));
$num_domains = $row['num']; $num_domains = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates WHERE certificate_archived_at IS NULL AND certificate_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates WHERE certificate_archived_at IS NULL AND certificate_client_id = $client_id"));
$num_certificates = $row['num']; $num_certificates = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_archived_at IS NULL AND software_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_archived_at IS NULL AND software_client_id = $client_id"));
$num_software = $row['num']; $num_software = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Partial') AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Partial') AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_open = $row['num']; $num_invoices_open = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_draft = $row['num']; $num_invoices_draft = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_sent = $row['num']; $num_invoices_sent = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_viewed = $row['num']; $num_invoices_viewed = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_partial = $row['num']; $num_invoices_partial = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Paid' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Paid' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_paid = $row['num']; $num_invoices_paid = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_archived_at IS NULL AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices = $row['num']; $num_invoices = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes WHERE quote_archived_at IS NULL AND quote_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('quote_id') AS num FROM quotes WHERE quote_archived_at IS NULL AND quote_client_id = $client_id"));
$num_quotes = $row['num']; $num_quotes = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring WHERE recurring_archived_at IS NULL AND recurring_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM recurring WHERE recurring_archived_at IS NULL AND recurring_client_id = $client_id"));
$num_recurring = $row['num']; $num_recurring = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('payment_id') AS num FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id"));
$num_payments = $row['num']; $num_payments = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files WHERE file_archived_at IS NULL AND file_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('file_id') AS num FROM files WHERE file_archived_at IS NULL AND file_client_id = $client_id"));
$num_files = $row['num']; $num_files = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_archived_at IS NULL AND document_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_archived_at IS NULL AND document_client_id = $client_id"));
$num_documents = $row['num']; $num_documents = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events WHERE event_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events WHERE event_client_id = $client_id"));
$num_events = $row['num']; $num_events = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips WHERE trip_archived_at IS NULL AND trip_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('trip_id') AS num FROM trips WHERE trip_archived_at IS NULL AND trip_client_id = $client_id"));
$num_trips = $row['num']; $num_trips = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items WHERE item_client_id = $client_id")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('item_id') AS num FROM shared_items WHERE item_client_id = $client_id"));
$num_shared_links = $row['num']; $num_shared_links = $row['num'];
// Expiring Items // Expiring Items
// Count Domains Expiring within 30 Days // Count Domains Expiring within 30 Days
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains $row = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('domain_id') AS num FROM domains
WHERE domain_client_id = $client_id WHERE domain_client_id = $client_id
AND domain_expire != '0000-00-00' AND domain_expire != '0000-00-00'
AND domain_expire < CURRENT_DATE + INTERVAL 30 DAY AND domain_expire < CURRENT_DATE + INTERVAL 30 DAY
@ -195,7 +197,9 @@ if (isset($_GET['client_id'])) {
$num_domains_expiring = $row['num']; $num_domains_expiring = $row['num'];
// Count Certificates Expiring within 30 Days // Count Certificates Expiring within 30 Days
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates $row = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('certificate_id') AS num FROM certificates
WHERE certificate_client_id = $client_id WHERE certificate_client_id = $client_id
AND certificate_expire != '0000-00-00' AND certificate_expire != '0000-00-00'
AND certificate_expire < CURRENT_DATE + INTERVAL 30 DAY AND certificate_expire < CURRENT_DATE + INTERVAL 30 DAY
@ -205,7 +209,9 @@ if (isset($_GET['client_id'])) {
$num_certs_expiring = $row['num']; $num_certs_expiring = $row['num'];
// Get Asset Warranties Expiring // Get Asset Warranties Expiring
$sql_asset_warranties_expiring = mysqli_query($mysqli,"SELECT * FROM assets $sql_asset_warranties_expiring = mysqli_query(
$mysqli,
"SELECT * FROM assets
WHERE asset_client_id = $client_id WHERE asset_client_id = $client_id
AND asset_warranty_expire != '0000-00-00' AND asset_warranty_expire != '0000-00-00'
AND asset_archived_at IS NULL AND asset_archived_at IS NULL
@ -214,7 +220,9 @@ if (isset($_GET['client_id'])) {
); );
// Get Assets Retiring // Get Assets Retiring
$sql_asset_retire = mysqli_query($mysqli,"SELECT * FROM assets $sql_asset_retire = mysqli_query(
$mysqli,
"SELECT * FROM assets
WHERE asset_client_id = $client_id WHERE asset_client_id = $client_id
AND asset_install_date != '0000-00-00' AND asset_install_date != '0000-00-00'
AND asset_archived_at IS NULL AND asset_archived_at IS NULL
@ -223,7 +231,9 @@ if (isset($_GET['client_id'])) {
); );
// Get Stale Tickets // Get Stale Tickets
$sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets $sql_tickets_stale = mysqli_query(
$mysqli,
"SELECT * FROM tickets
WHERE ticket_client_id = $client_id WHERE ticket_client_id = $client_id
AND ticket_created_at < CURRENT_DATE - INTERVAL 14 DAY AND ticket_created_at < CURRENT_DATE - INTERVAL 14 DAY
AND ticket_status != 'Closed' AND ticket_status != 'Closed'

4
invoice_add_modal.php
View File

@ -24,7 +24,7 @@
<option value="">- Client -</option> <option value="">- Client -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']); $client_name = htmlentities($row['client_name']);
@ -60,7 +60,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id']; $category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']); $category_name = htmlentities($row['category_name']);

2
invoice_edit_modal.php
View File

@ -42,7 +42,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$invoice_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$invoice_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_income_category)) { while ($row = mysqli_fetch_array($sql_income_category)) {
$category_id_select= $row['category_id']; $category_id_select= $row['category_id'];
$category_name_select = htmlentities($row['category_name']); $category_name_select = htmlentities($row['category_name']);

12
invoice_payment_add_modal.php
View File

@ -54,28 +54,28 @@
<option value="">- Account -</option> <option value="">- Account -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$account_id = $row['account_id']; $account_id = $row['account_id'];
$account_name = htmlentities($row['account_name']); $account_name = htmlentities($row['account_name']);
$opening_balance = $row['opening_balance']; $opening_balance = $row['opening_balance'];
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments']; $total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues']; $total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses']; $total_expenses = $row['total_expenses'];
$account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses; $account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?> ?>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><?php echo $account_name; ?> [$<?php echo number_format($account_balance,2); ?>]</option> <option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><?php echo $account_name; ?> [$<?php echo number_format($account_balance, 2); ?>]</option>
<?php <?php
} }
@ -94,7 +94,7 @@
<option value="">- Method of Payment -</option> <option value="">- Method of Payment -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$category_name = htmlentities($row['category_name']); $category_name = htmlentities($row['category_name']);
?> ?>

24
invoices.php
View File

@ -85,39 +85,39 @@ if (isset($_GET['status']) && ($_GET['status']) == 'Draft') {
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
} else { } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM invoices $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id LEFT JOIN clients ON invoice_client_id = client_id

2
item_edit_modal.php
View File

@ -77,7 +77,7 @@
<option value="0">None</option> <option value="0">None</option>
<?php <?php
$taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE (tax_archived_at > '$item_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC"); $taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE (tax_archived_at > '$item_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) { while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id_select = $row['tax_id']; $tax_id_select = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']); $tax_name = htmlentities($row['tax_name']);

30
logs.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_settings.php"); require_once("inc_all_settings.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "log_id"; $sb = "log_id";
} }
@ -22,41 +22,43 @@ if (empty($_GET['canned_date'])) {
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
} else { } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM logs $sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs
LEFT JOIN users ON log_user_id = user_id LEFT JOIN users ON log_user_id = user_id
LEFT JOIN clients ON log_client_id = client_id LEFT JOIN clients ON log_client_id = client_id
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%') WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%')

12
notifications_dismissed.php
View File

@ -3,7 +3,7 @@ require_once("inc_all.php");
//Column Filter //Column Filter
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else { } else {
$sb = "notification_timestamp"; $sb = "notification_timestamp";
} }
@ -16,8 +16,8 @@ if (!isset($_GET['o'])) {
//Date From and Date To Filter //Date From and Date To Filter
if (!empty($_GET['dtf'])) { if (!empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} else { } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
@ -25,9 +25,9 @@ if (!empty($_GET['dtf'])) {
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM notifications $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM notifications
LEFT JOIN users ON notification_dismissed_by = user_id LEFT JOIN users ON notification_dismissed_by = user_id
LEFT JOIN clients ON notification_client_id = client_id LEFT JOIN clients ON notification_client_id = client_id
WHERE (notification_type LIKE '%$q%' OR notification LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%') WHERE (notification_type LIKE '%$q%' OR notification LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%')
@ -39,7 +39,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM notifications
LIMIT $record_from, $record_to LIMIT $record_from, $record_to
"); ");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>

2
pagination.php
View File

@ -58,7 +58,7 @@ if ($total_found_rows > 10) {
} else { } else {
$next_class = "disabled"; $next_class = "disabled";
} }
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i))); $url_query_strings = http_build_query(array_merge($_GET, array('p' => $i)));
$prev_page = $p - 1; $prev_page = $p - 1;
$next_page = $p + 1; $next_page = $p + 1;

38
pagination_head.php
View File

@ -9,32 +9,32 @@
// Paging // Paging
if (isset($_GET['p'])) { if (isset($_GET['p'])) {
$p = intval($_GET['p']); $p = intval($_GET['p']);
$record_from = (($p)-1)*$_SESSION['records_per_page']; $record_from = (($p)-1)*$_SESSION['records_per_page'];
$record_to = $_SESSION['records_per_page']; $record_to = $_SESSION['records_per_page'];
}else{ } else {
$record_from = 0; $record_from = 0;
$record_to = $_SESSION['records_per_page']; $record_to = $_SESSION['records_per_page'];
$p = 1; $p = 1;
} }
// Order // Order
if (isset($_GET['o'])) { if (isset($_GET['o'])) {
if ($_GET['o'] == 'ASC') { if ($_GET['o'] == 'ASC') {
$o = "ASC";
$disp = "DESC";
} else {
$o = "DESC";
$disp = "ASC";
}
} else {
$o = "ASC"; $o = "ASC";
$disp = "DESC"; $disp = "DESC";
}else{
$o = "DESC";
$disp = "ASC";
}
}else{
$o = "ASC";
$disp = "DESC";
} }
// Search // Search
if (isset($_GET['q'])) { if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,trim($_GET['q']))); $q = strip_tags(mysqli_real_escape_string($mysqli, trim($_GET['q'])));
}else{ } else {
$q = ""; $q = "";
} }

319
payments.php
View File

@ -1,186 +1,185 @@
<?php include("inc_all.php"); <?php
require_once("inc_all.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "payment_date"; $sb = "payment_date";
} }
// Reverse default sort // Reverse default sort
if (!isset($_GET['o'])) { if (!isset($_GET['o'])) {
$o = "DESC"; $o = "DESC";
$disp = "ASC"; $disp = "ASC";
} }
if (empty($_GET['canned_date'])) { if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors. //Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00 // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom'; $_GET['canned_date'] = 'custom';
} }
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
}elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
}elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
}elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
}elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
}else{ } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM payments $sql = mysqli_query(
LEFT JOIN invoices ON payment_invoice_id = invoice_id $mysqli,
LEFT JOIN clients ON invoice_client_id = client_id "SELECT SQL_CALC_FOUND_ROWS * FROM payments
LEFT JOIN accounts ON payment_account_id = account_id LEFT JOIN invoices ON payment_invoice_id = invoice_id
WHERE payments.company_id = $session_company_id LEFT JOIN clients ON invoice_client_id = client_id
AND DATE(payment_date) BETWEEN '$dtf' AND '$dtt' LEFT JOIN accounts ON payment_account_id = account_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%' OR payment_reference LIKE '%$q%') WHERE payments.company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to" AND DATE(payment_date) BETWEEN '$dtf' AND '$dtt'
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%' OR payment_reference LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-3"> <div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-credit-card"></i> Payments</h3> <h3 class="card-title"><i class="fa fa-fw fa-credit-card"></i> Payments</h3>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Payments">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
</div> </div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter"> <div class="card-body">
<div class="row"> <form class="mb-4" autocomplete="off">
<div class="col-md-2"> <div class="row">
<div class="form-group"> <div class="col-sm-4">
<label>Canned Date</label> <div class="input-group">
<select class="form-control select2" name="canned_date"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Payments">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option> <div class="input-group-append">
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option> <button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option> <button class="btn btn-primary"><i class="fa fa-search"></i></button>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option> </div>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option> </div>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option> </div>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option> </div>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option> <div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option> <div class="row">
</select> <div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_date&o=<?php echo $disp; ?>">Payment Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Invoice Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Invoice</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_method&o=<?php echo $disp; ?>">Payment Method</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_reference&o=<?php echo $disp; ?>">Reference</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=account_name&o=<?php echo $disp; ?>">Account</a></th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$payment_date = $row['payment_date'];
$payment_method = htmlentities($row['payment_method']);
$payment_amount = floatval($row['payment_amount']);
$payment_currency_code = htmlentities($row['payment_currency_code']);
$payment_reference = htmlentities($row['payment_reference']);
if (empty($payment_reference)) {
$payment_reference_display = "-";
} else {
$payment_reference_display = $payment_reference;
}
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$account_name = htmlentities($row['account_name']);
?>
<tr>
<td><?php echo $payment_date; ?></td>
<td><?php echo $invoice_date; ?></td>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><a href="client_payments.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
<td><?php echo $payment_method; ?></td>
<td><?php echo $payment_reference_display; ?></td>
<td><?php echo $account_name; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</div> </div>
</div> <?php require_once("pagination.php"); ?>
<div class="col-md-2"> </div>
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_date&o=<?php echo $disp; ?>">Payment Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Invoice Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Invoice</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_method&o=<?php echo $disp; ?>">Payment Method</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_reference&o=<?php echo $disp; ?>">Reference</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=account_name&o=<?php echo $disp; ?>">Account</a></th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$payment_date = $row['payment_date'];
$payment_method = htmlentities($row['payment_method']);
$payment_amount = floatval($row['payment_amount']);
$payment_currency_code = htmlentities($row['payment_currency_code']);
$payment_reference = htmlentities($row['payment_reference']);
if (empty($payment_reference)) {
$payment_reference_display = "-";
}else{
$payment_reference_display = $payment_reference;
}
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$account_name = htmlentities($row['account_name']);
?>
<tr>
<td><?php echo $payment_date; ?></td>
<td><?php echo $invoice_date; ?></td>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><a href="client_payments.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
<td><?php echo $payment_method; ?></td>
<td><?php echo $payment_reference_display; ?></td>
<td><?php echo $account_name; ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("footer.php"); ?> <?php require_once("footer.php"); ?>

202
product_add_modal.php
View File

@ -1,106 +1,106 @@
<div class="modal" id="addProductModal" tabindex="-1"> <div class="modal" id="addProductModal" tabindex="-1">
<div class="modal-dialog"> <div class="modal-dialog">
<div class="modal-content bg-dark"> <div class="modal-content bg-dark">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-box"></i> New Product</h5> <h5 class="modal-title"><i class="fa fa-fw fa-box"></i> New Product</h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Product name" required autofocus>
</div> </div>
</div> <form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="form-group">
<label>Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<select class="form-control select2" name="category" required>
<option value="">- Select Category -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row">
<div class="col">
<div class="form-group">
<label>Price <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="number" step="0.01" min="0" class="form-control" name="price" placeholder="Price" required>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_archived_at IS NULL AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Description</label> <label>Name <strong class="text-danger">*</strong></label>
<textarea class="form-control" rows="5" name="description" placeholder="Product description"></textarea> <div class="input-group">
</div> <div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Product name" required autofocus>
</div>
</div>
<div class="form-group">
<label>Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<select class="form-control select2" name="category" required>
<option value="">- Select Category -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row">
<div class="col">
<div class="form-group">
<label>Price <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="number" step="0.01" min="0" class="form-control" name="price" placeholder="Price" required>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE tax_archived_at IS NULL AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Description</label>
<textarea class="form-control" rows="5" name="description" placeholder="Product description"></textarea>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_product" class="btn btn-primary"><storng><i class="fas fa-check"></i> Create</storng></button>
</div>
</form>
</div> </div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_product" class="btn btn-primary"><storng><i class="fas fa-check"></i> Create</storng></button>
</div>
</form>
</div> </div>
</div> </div>
</div>

196
product_edit_modal.php
View File

@ -1,104 +1,104 @@
<div class="modal" id="editProductModal<?php echo $product_id; ?>" tabindex="-1"> <div class="modal" id="editProductModal<?php echo $product_id; ?>" tabindex="-1">
<div class="modal-dialog"> <div class="modal-dialog">
<div class="modal-content bg-dark"> <div class="modal-content bg-dark">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-box"></i> Editing product: <strong><?php echo $product_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-box"></i> Editing product: <strong><?php echo $product_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="product_id" value="<?php echo $product_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
</div>
<input type="text" class="form-control" name="name" value="<?php echo $product_name; ?>" required>
</div> </div>
</div> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="product_id" value="<?php echo $product_id; ?>">
<div class="form-group"> <div class="modal-body bg-white">
<label>Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
</div>
<select class="form-control select2" name="category" required>
<?php
$sql_select = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$product_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql_select)) {
$category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']);
?>
<option <?php if ($category_id == $category_id_select) { echo "selected"; } ?> value="<?php echo $category_id_select; ?>"><?php echo $category_name_select; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row"> <div class="form-group">
<div class="col"> <label>Name <strong class="text-danger">*</strong></label>
<div class="form-group"> <div class="input-group">
<label>Price <strong class="text-danger">*</strong></label> <div class="input-group-prepend">
<div class="input-group"> <span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
<div class="input-group-prepend"> </div>
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span> <input type="text" class="form-control" name="name" value="<?php echo $product_name; ?>" required>
</div> </div>
<input type="number" step="0.01" min="0" class="form-control" name="price" value="<?php echo $product_price; ?>" required> </div>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE (tax_archived_at > '$product_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id_select = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option <?php if ($tax_id_select == $product_tax_id) { echo "selected"; } ?> value="<?php echo $tax_id_select; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Description</label> <label>Category <strong class="text-danger">*</strong></label>
<textarea class="form-control" rows="5" name="description"><?php echo $product_description; ?></textarea> <div class="input-group">
</div> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
</div>
<select class="form-control select2" name="category" required>
<?php
$sql_select = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$product_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql_select)) {
$category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']);
?>
<option <?php if ($category_id == $category_id_select) { echo "selected"; } ?> value="<?php echo $category_id_select; ?>"><?php echo $category_name_select; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row">
<div class="col">
<div class="form-group">
<label>Price <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="number" step="0.01" min="0" class="form-control" name="price" value="<?php echo $product_price; ?>" required>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE (tax_archived_at > '$product_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id_select = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option <?php if ($tax_id_select == $product_tax_id) { echo "selected"; } ?> value="<?php echo $tax_id_select; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Description</label>
<textarea class="form-control" rows="5" name="description"><?php echo $product_description; ?></textarea>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_product" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
</div>
</form>
</div> </div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_product" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
</div>
</form>
</div> </div>
</div> </div>
</div>

191
products.php
View File

@ -1,116 +1,117 @@
<?php include("inc_all.php"); <?php
require_once("inc_all.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "product_name"; $sb = "product_name";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM products LEFT JOIN categories ON product_category_id = category_id $sql = mysqli_query(
WHERE products.company_id = $session_company_id $mysqli,
AND (product_name LIKE '%$q%' OR product_description LIKE '%$q%' OR category_name LIKE '%$q%' OR product_price LIKE '%$q%') "SELECT SQL_CALC_FOUND_ROWS * FROM products LEFT JOIN categories ON product_category_id = category_id
ORDER BY $sb $o LIMIT $record_from, $record_to"); WHERE products.company_id = $session_company_id
AND (product_name LIKE '%$q%' OR product_description LIKE '%$q%' OR category_name LIKE '%$q%' OR product_price LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-box"></i> Products</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-box"></i> Products</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addProductModal"><i class="fas fa-fw fa-plus"></i> New Product</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addProductModal"><i class="fas fa-fw fa-plus"></i> New Product</button>
</div>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Products">
<div class="input-group-append">
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div> </div>
</div>
</div> </div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_description&o=<?php echo $disp; ?>">Description</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_price&o=<?php echo $disp; ?>">Price</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$product_id = $row['product_id'];
$product_name = htmlentities($row['product_name']);
$product_description = htmlentities($row['product_description']);
if (empty($product_description)) {
$product_description_display = "-";
}else{
$product_description_display = "<div style='white-space:pre-line'>$product_description</div>";
}
$product_price = floatval($row['product_price']);
$product_currency_code = htmlentities($row['product_currency_code']);
$product_created_at = $row['product_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
$product_tax_id = $row['product_tax_id'];
?> <div class="card-body">
<tr> <form class="mb-4" autocomplete="off">
<th><a class="text-dark" href="#" data-toggle="modal" data-target="#editProductModal<?php echo $product_id; ?>"><?php echo $product_name; ?></a></th> <div class="row">
<td><?php echo $category_name; ?></td> <div class="col-sm-4">
<td><?php echo $product_description_display; ?></td> <div class="input-group">
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $product_price, $product_currency_code); ?></td> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Products">
<td> <div class="input-group-append">
<div class="dropdown dropleft text-center"> <button class="btn btn-primary"><i class="fa fa-search"></i></button>
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> </div>
<i class="fas fa-ellipsis-h"></i> </div>
</button> </div>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editProductModal<?php echo $product_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_product=<?php echo $product_id; ?>">Delete</a>
</div> </div>
</div> </form>
</td> <hr>
</tr> <div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_description&o=<?php echo $disp; ?>">Description</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=product_price&o=<?php echo $disp; ?>">Price</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
<?php while ($row = mysqli_fetch_array($sql)) {
$product_id = $row['product_id'];
$product_name = htmlentities($row['product_name']);
$product_description = htmlentities($row['product_description']);
if (empty($product_description)) {
$product_description_display = "-";
} else {
$product_description_display = "<div style='white-space:pre-line'>$product_description</div>";
}
$product_price = floatval($row['product_price']);
$product_currency_code = htmlentities($row['product_currency_code']);
$product_created_at = $row['product_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
$product_tax_id = $row['product_tax_id'];
include("product_edit_modal.php"); ?>
<tr>
} <th><a class="text-dark" href="#" data-toggle="modal" data-target="#editProductModal<?php echo $product_id; ?>"><?php echo $product_name; ?></a></th>
<td><?php echo $category_name; ?></td>
?> <td><?php echo $product_description_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $product_price, $product_currency_code); ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editProductModal<?php echo $product_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_product=<?php echo $product_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
</tbody> <?php
</table>
require("product_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php <?php
include("product_add_modal.php");
include("category_quick_add_modal.php");
include("footer.php"); require_once("product_add_modal.php");
require_once("category_quick_add_modal.php");
?> require_once("footer.php");

4
quote_add_modal.php
View File

@ -25,7 +25,7 @@
<option value="">- Client -</option> <option value="">- Client -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']); $client_name = htmlentities($row['client_name']);
@ -59,7 +59,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id']; $category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']); $category_name = htmlentities($row['category_name']);

2
quote_edit_modal.php
View File

@ -32,7 +32,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$quote_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$quote_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_income_category)) { while ($row = mysqli_fetch_array($sql_income_category)) {
$category_id_select = $row['category_id']; $category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']); $category_name_select = htmlentities($row['category_name']);

386
quotes.php
View File

@ -1,60 +1,61 @@
<?php include("inc_all.php"); <?php
require_once("inc_all.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "quote_number"; $sb = "quote_number";
} }
// Reverse default sort // Reverse default sort
if (!isset($_GET['o'])) { if (!isset($_GET['o'])) {
$o = "DESC"; $o = "DESC";
$disp = "ASC"; $disp = "ASC";
} }
if (empty($_GET['canned_date'])) { if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors. //Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00 // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom'; $_GET['canned_date'] = 'custom';
} }
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
}elseif ($_GET['canned_date'] == "today") { } elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "yesterday") { } elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
}elseif ($_GET['canned_date'] == "thisweek") { } elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastweek") { } elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
}elseif ($_GET['canned_date'] == "thismonth") { } elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastmonth") { } elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
}elseif ($_GET['canned_date'] == "thisyear") { } elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastyear") { } elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
}else{ } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM quotes
LEFT JOIN clients ON quote_client_id = client_id LEFT JOIN clients ON quote_client_id = client_id
LEFT JOIN categories ON quote_category_id = category_id LEFT JOIN categories ON quote_category_id = category_id
WHERE quotes.company_id = $session_company_id WHERE quotes.company_id = $session_company_id
@ -62,175 +63,172 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes
AND DATE(quote_date) BETWEEN '$dtf' AND '$dtt' AND DATE(quote_date) BETWEEN '$dtf' AND '$dtt'
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Quotes</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Quotes</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addQuoteModal"><i class="fas fa-fw fa-plus"></i> New Quote</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addQuoteModal"><i class="fas fa-fw fa-plus"></i> New Quote</button>
</div>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Quotes">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div> </div>
</div>
</div> </div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$quote_id = $row['quote_id'];
$quote_prefix = htmlentities($row['quote_prefix']);
$quote_number = htmlentities($row['quote_number']);
$quote_scope = htmlentities($row['quote_scope']);
if (empty($quote_scope)) {
$quote_scope_display = "-";
}else{
$quote_scope_display = $quote_scope;
}
$quote_status = htmlentities($row['quote_status']);
$quote_date = $row['quote_date'];
$quote_amount = floatval($row['quote_amount']);
$quote_currency_code = htmlentities($row['quote_currency_code']);
$quote_created_at = $row['quote_created_at'];
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$client_currency_code = htmlentities($row['client_currency_code']);
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
$client_net_terms = htmlentities($row['client_net_terms']);
if ($client_net_terms == 0) {
$client_net_terms = $config_default_net_terms;
}
if ($quote_status == "Sent") { <div class="card-body">
$quote_badge_color = "warning text-white"; <form class="mb-4" autocomplete="off">
}elseif ($quote_status == "Viewed") { <div class="row">
$quote_badge_color = "primary"; <div class="col-sm-4">
}elseif ($quote_status == "Accepted") { <div class="input-group">
$quote_badge_color = "success"; <input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Quotes">
}elseif ($quote_status == "Declined") { <div class="input-group-append">
$quote_badge_color = "danger"; <button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
}elseif ($quote_status == "Invoiced") { <button class="btn btn-primary"><i class="fa fa-search"></i></button>
$quote_badge_color = "info"; </div>
}else{ </div>
$quote_badge_color = "secondary"; </div>
} </div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=quote_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
?> while ($row = mysqli_fetch_array($sql)) {
$quote_id = $row['quote_id'];
$quote_prefix = htmlentities($row['quote_prefix']);
$quote_number = htmlentities($row['quote_number']);
$quote_scope = htmlentities($row['quote_scope']);
if (empty($quote_scope)) {
$quote_scope_display = "-";
} else {
$quote_scope_display = $quote_scope;
}
$quote_status = htmlentities($row['quote_status']);
$quote_date = $row['quote_date'];
$quote_amount = floatval($row['quote_amount']);
$quote_currency_code = htmlentities($row['quote_currency_code']);
$quote_created_at = $row['quote_created_at'];
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$client_currency_code = htmlentities($row['client_currency_code']);
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
$client_net_terms = htmlentities($row['client_net_terms']);
if ($client_net_terms == 0) {
$client_net_terms = $config_default_net_terms;
}
<tr> if ($quote_status == "Sent") {
<td><a href="quote.php?quote_id=<?php echo $quote_id; ?>"><?php echo "$quote_prefix$quote_number"; ?></a></td> $quote_badge_color = "warning text-white";
<td><?php echo $quote_scope_display; ?></td> } elseif ($quote_status == "Viewed") {
<td><a href="client_quotes.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td> $quote_badge_color = "primary";
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code); ?></td> } elseif ($quote_status == "Accepted") {
<td><?php echo $quote_date; ?></td> $quote_badge_color = "success";
<td><?php echo $category_name; ?></td> } elseif ($quote_status == "Declined") {
<td> $quote_badge_color = "danger";
} elseif ($quote_status == "Invoiced") {
$quote_badge_color = "info";
} else {
$quote_badge_color = "secondary";
}
?>
<tr>
<td><a href="quote.php?quote_id=<?php echo $quote_id; ?>"><?php echo "$quote_prefix$quote_number"; ?></a></td>
<td><?php echo $quote_scope_display; ?></td>
<td><a href="client_quotes.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code); ?></td>
<td><?php echo $quote_date; ?></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $quote_badge_color; ?>"> <span class="p-2 badge badge-<?php echo $quote_badge_color; ?>">
<?php echo $quote_status; ?> <?php echo $quote_status; ?>
</span> </span>
</td> </td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editQuoteModal<?php echo $quote_id; ?>">Edit</a> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editQuoteModal<?php echo $quote_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addQuoteCopyModal<?php echo $quote_id; ?>">Copy</a> <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addQuoteCopyModal<?php echo $quote_id; ?>">Copy</a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<?php if (!empty($config_smtp_host)) { ?> <?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_quote=<?php echo $quote_id; ?>">Send</a> <a class="dropdown-item" href="post.php?email_quote=<?php echo $quote_id; ?>">Send</a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<?php } ?> <?php } ?>
<a class="dropdown-item text-danger" href="post.php?delete_quote=<?php echo $quote_id; ?>">Delete</a> <a class="dropdown-item text-danger" href="post.php?delete_quote=<?php echo $quote_id; ?>">Delete</a>
</div> </div>
</div> </div>
</td> </td>
</tr> </tr>
<?php <?php
include("quote_edit_modal.php");
include("quote_copy_modal.php");
} require("quote_edit_modal.php");
require("quote_copy_modal.php");
?> }
</tbody> ?>
</table>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php <?php
include("quote_add_modal.php");
include("category_quick_add_modal.php");
include("footer.php");
?> require_once("quote_add_modal.php");
require_once("category_quick_add_modal.php");
require_once("footer.php");

7
recurring_invoice.php
View File

@ -1,10 +1,13 @@
<?php require_once("inc_all.php"); <?php
require_once("inc_all.php");
if (isset($_GET['recurring_id'])) { if (isset($_GET['recurring_id'])) {
$recurring_id = intval($_GET['recurring_id']); $recurring_id = intval($_GET['recurring_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM recurring $sql = mysqli_query(
$mysqli,
"SELECT * FROM recurring
LEFT JOIN clients ON recurring_client_id = client_id LEFT JOIN clients ON recurring_client_id = client_id
LEFT JOIN locations ON primary_location = location_id LEFT JOIN locations ON primary_location = location_id
LEFT JOIN contacts ON primary_contact = contact_id LEFT JOIN contacts ON primary_contact = contact_id

4
recurring_invoice_add_modal.php
View File

@ -24,7 +24,7 @@
<option value="">- Client -</option> <option value="">- Client -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']); $client_name = htmlentities($row['client_name']);
@ -75,7 +75,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC"); $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id']; $category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']); $category_name = htmlentities($row['category_name']);

2
recurring_invoice_edit_modal.php
View File

@ -47,7 +47,7 @@
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$recurring_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$recurring_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_income_category)) { while ($row = mysqli_fetch_array($sql_income_category)) {
$category_id_select= $row['category_id']; $category_id_select= $row['category_id'];
$category_name_select = htmlentities($row['category_name']); $category_name_select = htmlentities($row['category_name']);

352
recurring_invoices.php
View File

@ -1,60 +1,61 @@
<?php include("inc_all.php"); <?php
require_once("inc_all.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{ } else {
$sb = "recurring_next_date"; $sb = "recurring_next_date";
} }
if (empty($_GET['canned_date'])) { if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors. //Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00 // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom'; $_GET['canned_date'] = 'custom';
} }
//Date Filter //Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) { if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf'])); $dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt'])); $dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
}elseif ($_GET['canned_date'] == "today") { }elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d'); $dtf = date('Y-m-d');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "yesterday") { }elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday")); $dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday")); $dtt = date('Y-m-d', strtotime("yesterday"));
}elseif ($_GET['canned_date'] == "thisweek") { }elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week")); $dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastweek") { }elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week")); $dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week")); $dtt = date('Y-m-d', strtotime("sunday last week"));
}elseif ($_GET['canned_date'] == "thismonth") { }elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01'); $dtf = date('Y-m-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastmonth") { }elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month")); $dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month")); $dtt = date('Y-m-d', strtotime("last day of last month"));
}elseif ($_GET['canned_date'] == "thisyear") { }elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01'); $dtf = date('Y-01-01');
$dtt = date('Y-m-d'); $dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastyear") { }elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year")); $dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year")); $dtt = date('Y-m-d', strtotime("last day of december last year"));
}else{ } else {
$dtf = "0000-00-00"; $dtf = "0000-00-00";
$dtt = "9999-00-00"; $dtt = "9999-00-00";
} }
if (empty($_GET['canned_date'])) { if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors. //Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00 // $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom'; $_GET['canned_date'] = 'custom';
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM recurring $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM recurring
LEFT JOIN clients ON recurring_client_id = client_id LEFT JOIN clients ON recurring_client_id = client_id
LEFT JOIN categories ON recurring_category_id = category_id LEFT JOIN categories ON recurring_category_id = category_id
WHERE recurring.company_id = $session_company_id WHERE recurring.company_id = $session_company_id
@ -62,162 +63,161 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM recurring
AND DATE(recurring_next_date) BETWEEN '$dtf' AND '$dtt' AND DATE(recurring_next_date) BETWEEN '$dtf' AND '$dtt'
ORDER BY $sb $o LIMIT $record_from, $record_to"); ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-sync-alt"></i> Recurring Invoices</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-sync-alt"></i> Recurring Invoices</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addRecurringModal"><i class="fas fa-fw fa-plus"></i> New Recurring</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addRecurringModal"><i class="fas fa-fw fa-plus"></i> New Recurring</button>
</div>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Recurring Invoices">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div> </div>
</div>
</div> </div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_next_date&o=<?php echo $disp; ?>">Next Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_frequency&o=<?php echo $disp; ?>">Frequency</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_last_sent&o=<?php echo $disp; ?>">Last Sent</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$recurring_id = $row['recurring_id'];
$recurring_prefix = htmlentities($row['recurring_prefix']);
$recurring_number = htmlentities($row['recurring_number']);
$recurring_scope = htmlentities($row['recurring_scope']);
$recurring_frequency = htmlentities($row['recurring_frequency']);
$recurring_status = htmlentities($row['recurring_status']);
$recurring_last_sent = $row['recurring_last_sent'];
if ($recurring_last_sent == 0) {
$recurring_last_sent = "-";
}
$recurring_next_date = $row['recurring_next_date'];
$recurring_amount = floatval($row['recurring_amount']);
$recurring_currency_code = htmlentities($row['recurring_currency_code']);
$recurring_created_at = $row['recurring_created_at'];
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$client_currency_code = htmlentities($row['client_currency_code']);
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
if ($recurring_status == 1) {
$status = "Active";
$status_badge_color = "success";
}else{
$status = "Inactive";
$status_badge_color = "secondary";
}
?> <div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Recurring Invoices">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_next_date&o=<?php echo $disp; ?>">Next Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_frequency&o=<?php echo $disp; ?>">Frequency</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_last_sent&o=<?php echo $disp; ?>">Last Sent</a></th>
<tr> <th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<td><a href="recurring_invoice.php?recurring_id=<?php echo $recurring_id; ?>"><?php echo "$recurring_prefix$recurring_number"; ?></a></td> <th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=recurring_status&o=<?php echo $disp; ?>">Status</a></th>
<td><?php echo $recurring_next_date; ?></td> <th class="text-center">Action</th>
<td><?php echo $recurring_scope; ?></td> </tr>
<td><?php echo ucwords($recurring_frequency); ?>ly</td> </thead>
<td><a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td> <tbody>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $recurring_amount, $recurring_currency_code); ?></td> <?php
<td><?php echo $recurring_last_sent; ?></td>
<td><?php echo $category_name; ?></td> while ($row = mysqli_fetch_array($sql)) {
<td> $recurring_id = $row['recurring_id'];
$recurring_prefix = htmlentities($row['recurring_prefix']);
$recurring_number = htmlentities($row['recurring_number']);
$recurring_scope = htmlentities($row['recurring_scope']);
$recurring_frequency = htmlentities($row['recurring_frequency']);
$recurring_status = htmlentities($row['recurring_status']);
$recurring_last_sent = $row['recurring_last_sent'];
if ($recurring_last_sent == 0) {
$recurring_last_sent = "-";
}
$recurring_next_date = $row['recurring_next_date'];
$recurring_amount = floatval($row['recurring_amount']);
$recurring_currency_code = htmlentities($row['recurring_currency_code']);
$recurring_created_at = $row['recurring_created_at'];
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$client_currency_code = htmlentities($row['client_currency_code']);
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
if ($recurring_status == 1) {
$status = "Active";
$status_badge_color = "success";
} else {
$status = "Inactive";
$status_badge_color = "secondary";
}
?>
<tr>
<td><a href="recurring_invoice.php?recurring_id=<?php echo $recurring_id; ?>"><?php echo "$recurring_prefix$recurring_number"; ?></a></td>
<td><?php echo $recurring_next_date; ?></td>
<td><?php echo $recurring_scope; ?></td>
<td><?php echo ucwords($recurring_frequency); ?>ly</td>
<td><a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $recurring_amount, $recurring_currency_code); ?></td>
<td><?php echo $recurring_last_sent; ?></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $status_badge_color; ?>"> <span class="p-2 badge badge-<?php echo $status_badge_color; ?>">
<?php echo $status; ?> <?php echo $status; ?>
</span> </span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editRecurringModal<?php echo $recurring_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_recurring=<?php echo $recurring_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
include("recurring_invoice_edit_modal.php");
} </td>
?> <td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editRecurringModal<?php echo $recurring_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_recurring=<?php echo $recurring_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
</tbody> <?php
</table> require("recurring_invoice_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php <?php
include("recurring_invoice_add_modal.php");
include("category_quick_add_modal.php");
include("footer.php"); require_once("recurring_invoice_add_modal.php");
require_once("category_quick_add_modal.php");
require_once("footer.php");
?> ?>

12
report_expense_by_vendor.php
View File

@ -1,6 +1,6 @@
<?php <?php
include("inc_all_reports.php"); require_once("inc_all_reports.php");
validateAccountantRole(); validateAccountantRole();
if (isset($_GET['year'])) { if (isset($_GET['year'])) {
@ -9,9 +9,9 @@ if (isset($_GET['year'])) {
$year = date('Y'); $year = date('Y');
} }
$sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC"); $sql_payment_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $session_company_id"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE company_id = $session_company_id");
?> ?>
@ -53,14 +53,12 @@ $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE company_id = $s
$vendor_id = $row['vendor_id']; $vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']); $vendor_name = htmlentities($row['vendor_name']);
$sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS amount_paid FROM expenses WHERE YEAR(expense_date) = $year AND expense_vendor_id = $vendor_id"); $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS amount_paid FROM expenses WHERE YEAR(expense_date) = $year AND expense_vendor_id = $vendor_id");
$row = mysqli_fetch_array($sql_amount_paid); $row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = floatval($row['amount_paid']); $amount_paid = floatval($row['amount_paid']);
if ($amount_paid > 599) { if ($amount_paid > 599) { ?>
?>
<tr> <tr>
<td><?php echo $vendor_name; ?></td> <td><?php echo $vendor_name; ?></td>

10
report_expense_summary.php
View File

@ -9,9 +9,9 @@ if (isset($_GET['year'])) {
$year = date('Y'); $year = date('Y');
} }
$sql_expense_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE expense_category_id > 0 AND company_id = $session_company_id ORDER BY expense_year DESC"); $sql_expense_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(expense_date) AS expense_year FROM expenses WHERE expense_category_id > 0 AND company_id = $session_company_id ORDER BY expense_year DESC");
$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC"); $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
?> ?>
@ -75,7 +75,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
$total_expense_for_all_months = 0; $total_expense_for_all_months = 0;
for($month = 1; $month<=12; $month++) { for($month = 1; $month<=12; $month++) {
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_amount_for_month FROM expenses WHERE expense_category_id = $category_id AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS expense_amount_for_month FROM expenses WHERE expense_category_id = $category_id AND YEAR(expense_date) = $year AND MONTH(expense_date) = $month");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$expense_amount_for_month = $row['expense_amount_for_month']; $expense_amount_for_month = $row['expense_amount_for_month'];
$total_expense_for_all_months = $expense_amount_for_month + $total_expense_for_all_months; $total_expense_for_all_months = $expense_amount_for_month + $total_expense_for_all_months;
@ -104,7 +104,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
<?php <?php
for($month = 1; $month<=12; $month++) { for($month = 1; $month<=12; $month++) {
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND expense_vendor_id > 0 AND company_id = $session_company_id"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS expense_total_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND expense_vendor_id > 0 AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$expense_total_amount_for_month = $row['expense_total_amount_for_month']; $expense_total_amount_for_month = $row['expense_total_amount_for_month'];
$total_expense_for_all_months = $expense_total_amount_for_month + $total_expense_for_all_months; $total_expense_for_all_months = $expense_total_amount_for_month + $total_expense_for_all_months;
@ -156,7 +156,7 @@ $sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_
$largest_expense_month = 0; $largest_expense_month = 0;
for($month = 1; $month<=12; $month++) { for($month = 1; $month<=12; $month++) {
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS expense_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND expense_vendor_id > 0 AND expenses.company_id = $session_company_id"); $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS expense_amount_for_month FROM expenses WHERE YEAR(expense_date) = $year AND MONTH(expense_date) = $month AND expense_vendor_id > 0 AND expenses.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_expenses); $row = mysqli_fetch_array($sql_expenses);
$expenses_for_month = $row['expense_amount_for_month']; $expenses_for_month = $row['expense_amount_for_month'];

4
report_income_by_client.php
View File

@ -9,9 +9,9 @@ if (isset($_GET['year'])) {
$year = date('Y'); $year = date('Y');
} }
$sql_payment_years = mysqli_query($mysqli,"SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC"); $sql_payment_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(payment_date) AS payment_year FROM payments WHERE company_id = $session_company_id UNION SELECT DISTINCT YEAR(revenue_date) AS payment_year FROM revenues WHERE company_id = $session_company_id ORDER BY payment_year DESC");
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id"); $sql_clients = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id");
?> ?>

12
report_income_summary.php
View File

@ -78,12 +78,12 @@ $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category
for($month = 1; $month<=12; $month++) { for($month = 1; $month<=12; $month++) {
//Payments to Invoices //Payments to Invoices
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_category_id = $category_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_category_id = $category_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$payment_amount_for_month = $row['payment_amount_for_month']; $payment_amount_for_month = $row['payment_amount_for_month'];
//Revenues //Revenues
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id = $category_id AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id = $category_id AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$revenues_amount_for_month = $row['revenue_amount_for_month']; $revenues_amount_for_month = $row['revenue_amount_for_month'];
@ -114,11 +114,11 @@ $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category
<?php <?php
for($month = 1; $month<=12; $month++) { for($month = 1; $month<=12; $month++) {
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS payment_total_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$payment_total_amount_for_month = $row['payment_total_amount_for_month']; $payment_total_amount_for_month = $row['payment_total_amount_for_month'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND revenues.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$revenues_total_amount_for_month = $row['revenue_amount_for_month']; $revenues_total_amount_for_month = $row['revenue_amount_for_month'];
@ -171,11 +171,11 @@ $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category
<?php <?php
for ($month = 1; $month<=12; $month++) { for ($month = 1; $month<=12; $month++) {
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id"); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_payments); $row = mysqli_fetch_array($sql_payments);
$payments_for_month = $row['payment_amount_for_month']; $payments_for_month = $row['payment_amount_for_month'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND company_id = $session_company_id"); $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS revenue_amount_for_month FROM revenues WHERE revenue_category_id > 0 AND YEAR(revenue_date) = $year AND MONTH(revenue_date) = $month AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_revenues); $row = mysqli_fetch_array($sql_revenues);
$revenues_for_month = $row['revenue_amount_for_month']; $revenues_for_month = $row['revenue_amount_for_month'];

Some files were not shown because too many files have changed in this diff Show More