AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove Relations on document when deleted or archived, added Short description field to summerize document changes or summerize a document, add header to Document Details showing Title, Date Created, Prepared by

Browse Source
This commit is contained in:
johnnyq
2023-09-24 22:29:48 -04:00
parent 26196a18e7
commit 6af002122a
6 changed files with 89 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
post/document.php
View File

@@ -10,6 +10,7 @@ if (isset($_POST['add_document'])) {
$client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $_POST['content']));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
@@ -17,7 +18,7 @@ if (isset($_POST['add_document'])) {
$folder = intval($_POST['folder']);
// Document add query
$add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_client_id = $client_id");
$add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = $session_user_id, document_client_id = $client_id");
$document_id = mysqli_insert_id($mysqli);
// Update field document_parent to be the same id as document ID as this is the only version of the document.
@@ -38,12 +39,13 @@ if (isset($_POST['add_document_template'])) {
$client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $_POST['content']));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
// Document add query
$add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw', document_template = 1, document_folder_id = 0, document_client_id = 0");
$add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 1, document_folder_id = 0, document_created_by = $session_user_id, document_client_id = 0");
$document_id = mysqli_insert_id($mysqli);
// Logging
@@ -63,6 +65,7 @@ if (isset($_POST['add_document_from_template'])) {
// GET POST Data
$client_id = intval($_POST['client_id']);
$document_name = sanitizeInput($_POST['name']);
$document_description = sanitizeInput($_POST['description']);
$document_template_id = intval($_POST['document_template_id']);
$folder = intval($_POST['folder']);
@@ -76,7 +79,7 @@ if (isset($_POST['add_document_from_template'])) {
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $row['document_content']));
// Document add query
mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$document_name', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_client_id = $client_id");
mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$document_name', document_description = '$document_description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = $session_user_id, document_client_id = $client_id");
$document_id = mysqli_insert_id($mysqli);
@@ -94,16 +97,18 @@ if (isset($_POST['edit_document'])) {
validateTechRole();
$document_id = intval($_POST['document_id']);
$document_created_by = intval($_POST['created_by']);
$document_parent = intval($_POST['document_parent']);
$client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $_POST['content']));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
$folder = intval($_POST['folder']);
// Document add query
mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_client_id = $client_id");
mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = $document_created_by, document_updated_by = $session_user_id, document_client_id = $client_id");
$new_document_id = mysqli_insert_id($mysqli);
@@ -371,12 +376,13 @@ if (isset($_POST['edit_document_template'])) {
$document_id = intval($_POST['document_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $_POST['content']));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
// Document edit query
mysqli_query($mysqli,"UPDATE documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw' WHERE document_id = $document_id");
mysqli_query($mysqli,"UPDATE documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw' WHERE document_id = $document_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document Template', log_action = 'Modify', log_description = '$session_name modified document template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $document_id");
@@ -402,6 +408,22 @@ if (isset($_GET['archive_document'])) {
mysqli_query($mysqli,"UPDATE documents SET document_archived_at = NOW() WHERE document_id = $document_id");
// Remove Associations
// File Association
mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
// Contact Associations
mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
// Asset Associations
mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
// Software Associations
mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
// Vendor Associations
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Archive', log_description = '$session_name archived document $document_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $document_id");
@@ -420,6 +442,22 @@ if (isset($_GET['delete_document'])) {
mysqli_query($mysqli,"DELETE FROM documents WHERE document_id = $document_id");
// Remove Associations
// File Association
mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
// Contact Associations
mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
// Asset Associations
mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
// Software Associations
mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
// Vendor Associations
mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Delete', log_description = '$document_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");