AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor POST handling.

Browse Source 
- Split into admin and user handlers, each admin page gets its own file now
- Enforce role access once for admin POST requests
- Automatically load POST logic for admin-based requests based on the referring page, otherwise automatically load all user request logic
- Add support for using custom POST handlers
This commit is contained in:
Marcus Hill
2024-09-29 19:02:28 +01:00
parent 635b1f903a
commit 6363d265ca
127 changed files with 1888 additions and 1901 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
post/admin/admin_settings_notification.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
if (isset($_POST['edit_notification_settings'])) {
validateCSRFToken($_POST['csrf_token']);
$config_enable_cron = intval($_POST['config_enable_cron']);
$config_cron_key = sanitizeInput($_POST['config_cron_key']);
$config_enable_alert_domain_expire = intval($_POST['config_enable_alert_domain_expire']);
$config_send_invoice_reminders = intval($_POST['config_send_invoice_reminders']);
$config_recurring_auto_send_invoice = intval($_POST['config_recurring_auto_send_invoice']);
$config_ticket_client_general_notifications = intval($_POST['config_ticket_client_general_notifications']);
mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_recurring_auto_send_invoice = $config_recurring_auto_send_invoice, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire, config_ticket_client_general_notifications = $config_ticket_client_general_notifications WHERE company_id = 1");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified notification settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Notification Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['generate_cron_key'])) {
$key = randomString(32);
mysqli_query($mysqli,"UPDATE settings SET config_cron_key = '$key' WHERE company_id = 1");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name regenerated cron key', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Cron key regenerated!";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}